Credit Unions – Internal Auditor vs Compliance Officer Roles

Credit-Union-logo-PMS-300x204The new Credit Union Act has introduced a number of concepts and roles that are new to Credit Unions.  Board members have had to familiarise themselves with a host of new terms and role descriptions which are difficult to understand and easy to confuse.

This article will set out the key differences between the roles of Internal Audit (IA) and Compliance Officer (CO).

While there may be a temptation to see both roles as being very similar and possibly capable of being carried out by the same individual, the roles of Internal Auditor and Compliance Officer are, in fact, mutually exclusive.

The Credit Union Act requires that the Compliance Officer role be subject to oversight by the Internal Auditor function.  Such oversight is obviously compromised if the same individual fulfils both roles.

Both functions are part of the suite of tools available to Directors to oversee the operation of the Credit Union by management.  Boards will have to rely upon the findings of these tools in assessing the performance of management and the risks the Credit Union faces.

For this reason it is vital that the Board select suitable individuals to fulfil these functions.  The Board needs to be satisfied that these individuals are sufficiently competent and experienced to identify and bring to their attention any issues in the Credit Union of which they should be aware.

It is important that Credit Unions and their Boards gain an understanding of these separate roles in order to avoid unrealistic expectations of the outputs that can be achieved. It is also important that Credit Union Boards have sufficient knowledge to recognise when these functions are not operating effectively.

The Differences

INTERNAL AUDITOR

COMPLIANCE OFFICER

  • Must be independent of any other role in the credit union to enable unrestricted evaluation of management activities and personnel.
  • Work undertaken is risk based but ultimately directed by Board or Audit Committee and includes review of:
    • effectiveness and efficiency of operations;
    • reliability of management reports;
    • compliance with relevant laws and regulations;
    • assessment of the adequacy of procedures for safeguarding of Credit Union assets.
  • Qualitative in nature/requires expression of judgement.
  • Identifies weaknesses in systems and controls that may lead to instances of non-compliance (with statutory and regulatory requirements on the Credit Union’s own internal policies and procedures)
  • Generally outsourced
  • Reports to Audit Committee/Board
  • Focused on process efficiencies
  • Makes recommendations for improvement to Credit Union systems and procedures, internal controls, risk management and governance processes with the aim of enhancing the Credit Union’s control environment and reducing inefficiencies
  • Value-added activity
  • No management or operational responsibilities
  • May also have another role in the Credit Union.
  • Directed mainly by legislation, rules and guidance notes issued by Central Bank and Codes of Practice and is concentrated on compliance with laws, regulations, guidance notes and codes of best practice.
  • Quantitative in nature/findings of fact.
  • Identifies instances of non-compliance (with statutory and regulatory requirements).
  • Generally internal appointment with third party professional assistance
  • Reports to the Board but is subject to oversight by IA
  • Not necessarily focused on efficiency
  • Makes recommendations to ensure compliance with statutory and regulatory requirements.
  • Compliance focused activity
  • CO may have management or operational responsibilities

Conclusion

While the differences between both these functions may be subtle it is important that Credit Unions should not look upon these new functions merely as a further cost burden to be borne reluctantly.  They should rather be seen as supports, available to the Board to assist them in carrying out their duties and responsibilities to the members.

Contact

Tony Cooney
Internal Audit Partner
T: 01 6790800
E: tony.cooney@crowleysdfk.ie

Credit Unions - Internal Auditor vs. Compliance Officer Roles - Image Download a PDF of this article