Auditing Culture – A New Perspective
The UK Code of IIA Practice (which comes into force in January next year) requires all internal audit functions to engage with organizational culture. But what does this practical involve. Risk Audit has produced an article which seeks to treat culture, or “behavioral risk”, like any other risk. The article explains how one can look for controls and how one can test these controls from a design and operating effectiveness perspective.
A methodology that any internal audit function can apply. Want to know more? Please read the article or book a place on our Audit of Culture course or book a call with one of our specialists.
IOD Publishes Post Office Report
The Institute of Directors has published a report reflecting on the lessons one can take from the Horizon scandal that saw many sub-postmasters wrongly accused of fraud. Mandatory reading for everybody interested in corporate governance.
The governance failures included a passive board, lack of critical scrutiny, and management’s dismissive attitude toward complaints about the system’s reliability. Directors failed to challenge groupthink or lift the lid on the dysfunctional culture within the organisation, prioritizing financial interests over accountability.
Phase 6 of the ongoing Public Inquiry sheds light on these failures and offers crucial lessons for the audit and governance community. It reveals the dangers of over-relying on legal counsel, ignoring red flags, and neglecting IT oversight. A recurring theme was the board’s failure to ensure proper information flow and question management narratives. The Institute of Directors (IoD) calls for professionalizing the role of directors through mandatory training, enhanced accountability, and increased IT literacy, reinforcing that ethical governance is essential to prevent similar crises
Call for Stronger ESMA
Verena Ross, chair of the European Securities and Markets Authority, has called for greater powers to centrally supervise the EU’s securities markets. She argues that such a change would help strengthen the EU’s capital markets. At the moment, ESMA only supervises credit rating agencies, benchmark administrators and non-EU clearing houses. Ross wants cross-border issuers and central counterparties and all clearing mechanisms to be covered. She acknowledges that the transition from fragmented national oversight will take time.
New PWC Grade
PwC will introduce a new “managing director’ title as a hiring and retention tool. The UK firm is looking for ways of incentivizing senior staff without making them equity partners. The firm already has 1,036 equity partners, the highest amongst the Big Four, and is keen not to add to this number given cost constraints.
FCA Issues Poor Customer Treatment Fine
The UK’s Financial Conduct Authority has fined Volkswagen Finance £5.4 million for failing to treat customers in distress properly. The firm has also agreed to compensate 110,000 customers to the tune of £21.5 million. The regulator explains how the firm took cars away with little thought as to the consequences. In many cases, it did not consider reasonable forbearance. In one case, it took a car away in spite of the fact the client had tried to take their own life the previous week. This case will be included in our Regulatory Update webinar on Thursday 5th December.