Everything I am aware of, I am in control of… Beirut, 09/09/09 Serge Andezian, CISA, LACPA Senior Internal Auditor, IT Auditor [email protected]
Everything I am aware of, I am in control of…
Beirut, 09/09/09Serge Andezian, CISA, LACPA
Senior Internal Auditor, IT [email protected]
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
2
Who am I?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
3
Who am I?
Serge A. Andezian is a Senior Internal Auditor / IT Auditor
working at Bank of Beirut s.a.l.
www.bankofbeirut.com.lb
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
4
Who am I?
He holds Masters Degree in Business Administration from
the Lebanese American University LAU, Beirut with
Audit specialization
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
5
Who am I?
He is member of:
The Institute of Internal Auditors IIA
Information Systems Audit & Control Association ISACA
andLebanese Association of Certified
Public Accountants LACPA
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
6
Who are you?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
7
The financial crisis is forcing companies to make tough decisions!!
There is a risk that we might need to lay off Moussa
Who are you?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
8
Why I am here?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
9
Regulations:
Abandon Hope all ye who enter
here >
Why I am here?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
10
What's the importance of Regulations?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
11
Why are you into Regulations?
Why are you into regulations?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
12
1- Objectives of Banking Regulation
1. Prudential (protect depositors)
2. Systemic risk reduction
3. Avoid misuse of banks
4. Protect banking confidentiality
5. Credit allocation
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
13
2 - Principles of Banking Regulation
1. Minimum requirements
2. Supervisory review
3. Market discipline
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
14
3 - Instruments and requirements
1. Capital requirements
2. Reserve requirements
3. Corporate governance
4. Credit rating requirements…
Everything I am aware of, I am in control of…
Break
Wednesday, September 16, 2009
15
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
16
Case Study- Morti Bianche
”
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
17
4 - Compliance Risk
Compliance Risk is --
“…the risk of regulatory sanctions, financial loss, or damage to reputation and franchise value that arises when a banking organization fails to comply with laws, regulations, or the standards or codes of conduct of self-regulatory organizations applicable to the banking organization’s business activities and functions”
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
18
4.1 - Components of Compliance Risk
Regulatory Risk
Operational Risk
Legal Risk
Reputational Risk
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
19
4.2 - Control Your Compliance Risks
•Identify, manage, monitor, and control your Risk
•Effectiveness of controls in place to mitigate Risk
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
20
5 – Lessons Learned
What made Lebanon avoid the eye of the Storm ?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
21
1. Policies & Prudential Measures set by BDL
2. Effective role of the Supervisory Authority
5 – Lessons Learned (Reasons)
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
22
Investments in real estate
•Banks are prohibited from investment in real estate except to acquire their premises (BDL Circular Nov. 1999)
•Real estate acquired in settlement of bad loans should be liquidated within max 2 years (CMC Art. 154; BDL Circular Dec. 2000)
5.1 – Policies & Prudential Measures
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
23
Investments in loans
•Loans against financial instruments (BDL Circular October 1998)
•Limited to 50%of the portfolio•Margin call at 25%decline in the value of portfolio
•Real Estate loans (BDL Circular July 2008)
•Limited to 60%of real estate value
5.1 – Policies & Prudential Measures (cont’d )
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
24
Adoption of Basel II
•In April 1st 2006, BDL decided to adopt Basel II(Standardized Approach) effective 1/1/2008
•Capital Adequacy Ratio (CAR) Basel II is around 12% today
5.1 – Policies & Prudential Measures (cont’d )
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
25
•BCC off site supervision carried out on a monthly basis monitoring of financial statements
• BCC on site supervision extends beyond review & assessment of banks internal systems, policies & procedures & review credit files
5.2 – Role of Supervisory Authorities
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
26
This ensured:
5.2 – Role of Supervisory Authorities
• Early capture of new risks
•Adequate provisioning levels
•Proper safe lending & sound investment
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
27
What Happens If Compliance Risk Is Not Effectively Managed?
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
28
6 – Cost of non-compliance
•In 2004 the Bank of America lost unencryptedtapeswith account information on 1.2 million US federalemployee credit cards, including 60 US senators. Thetapes went missing during shipment to a remote site.
•April 2005: Details of 3500 Australian customers from18 banks, including names and account numbers, lost on a USB stick by a representative of the Australian High Tech Crime Centre during transit to aninternational meeting on computer crime.
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
29
6 – Cost of non-compliance (cont’d)
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
30
Q & A
Everything I am aware of, I am in control of… Wednesday, September 16, 2009
31
Thank You