Related provisions for CREDS 2.2.23
1 - 4 of 4 items.
SYSC 4.1.1 R requires every firm, including a credit union, to have robust governance arrangements, which include a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks it is or might be exposed to, and internal control mechanisms, including sound administrative and accounting procedures and effective control and safeguard arrangements for information processing
A credit union’s systems and controls should be proportionate to the nature, scale and complexity of the activities it undertakes. For instance, a 5small credit union5 will not usually 5be expected to have the same systems and controls as a large one, and a credit union offering only basic savings accounts and loans will not be expected to have the same systems and controls as one offering a wider range of services or more complicated products5.
CREDS 2.2.8 R requires a credit union's system of control to be fully documented. The documentation helps the governing body5 to assess if systems are maintained and controls are operating effectively. It also helps those reviewing the systems to verify that the controls in place are those that have been authorised, and that they are adequate for their purpose.
(1) The governing body5 should decide what form this documentation should take, but the governing body5 should have in mind the following points.(a) Documents should be comprehensive: they should cover all material aspects of the operations of the credit union.(b) Documents should be integrated: separate elements of the system should be cross-referred so that the system can be viewed as a whole.(c) Documents should identify risks and the controls established to manage those risks.
The purposes of an internal audit are:(1) to ensure that the policies and procedures of the credit union are followed;(2) to provide the governing body5 with a continuous appraisal of the overall effectiveness of the control systems, including proposed changes;(3) to recommend improvements where desirable or necessary;(4) to determine whether the internal controls established by the governing body5 are being maintained properly and operated as laid down in the policy, and comply
The internal audit function (see CREDS 2.2.11G) should develop an audit plan, covering all aspects of the credit union's business. The audit plan should identify the scope and frequency of work to be carried out in each area. Areas identified as higher risk should be covered more frequently. However, over a set timeframe (likely to be one year) all areas should be covered. Care should be taken to avoid obvious patterns in assessing the different areas of the credit union's business,
ModuleRelevance to Credit UnionsThe Principles for Businesses (PRIN)The Principles for Businesses (PRIN) set out 3high-level requirements 3imposed by the FCA3. They provide a general statement of regulatory requirements. The Principles apply to all9credit unions. In applying the Principles to credit unions, the FCA3 will be mindful of proportionality. In practice, the implications are likely to vary according to the size and complexity 3of the credit union.99999Senior Management