Sarbanes-Oxley mandates improving risk management and making operations more effective and efficient
Does your construction lending department manage its construction loan activities using spreadsheets? Has your bank unintentionally over-funded any construction loans? Has it been a while since you assessed the effectiveness and efficiency of your construction loan administration?
As a board member, audit committee member, or member of the internal audit group, if you answered “yes” to any of these questions, are you feeling uneasy? Well, you should be.
By now, everyone in banking considers Sarbanes-Oxley to be old news. After all, it’s been around since 2002, and virtually every bank has beefed up its internal audit capabilities to bring the bank into SOX compliance. What is not so obvious is that Sarbanes-Oxley standards also require that the bank’s internal audit activity evaluate and contribute to the improvement of the organization’s risk management, control, and governance processes. And, internal audit activities must be designed to provide reasonable assurance regarding the “effectiveness and efficiency of operations”.