control, and governance
Update Q&A Extended
A Win-win Partnership
Internal audit and compliance can work together to streamline processes and avoid duplication of efforts, says Mike Roemer, former head of internal audit and newly appointed head of compliance for Barclays.
How concerned should the chief compliance officer be about reputational risk?
Whether we are head of internal audit, chief compliance officer, or a front-line staff member, we all need to work collectively to ensure that the right values and behaviors form part of our personal and corporate DNA to mitigate reputational risk. This means applying integrity and judgment in everything we do, and thinking about our customers, clients, shareholders, and communities in everyday decisions. I see the respected second line of defense function as compliance checking, challenging the business, and being the conscience of the company.
What is internal audit’s compliance role?
Compliance — as well as other functions such as risk management, legal, and finance — is an essential part of an organization’s corporate governance structure and second line of defense. As the third line of defense, internal audit should be independent of these functions. However, greater collaboration and knowledge sharing will help all parties drive improvements to the control environment. This could ultimately lead to a combined assurance approach which, if well coordinated, can streamline reporting, avoid duplication of effort, and reduce overall assurance costs.
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.