Treasury operational risk
Are the controls in check?
Financial scandals have been highlighted in the media to great effect. No-one wants to be the next headline.
Legislators and financial authorities have created a raft of standards and regulations to address a number of previous concerns. This may be connected with listing requirements in a particular market (Sarbanes Oxley) or sector-related regulation such as the FSA regulation of the UK banking sector.
Even those listed companies not burdened by regulation nevertheless have experienced an increase in governance and reporting requirements for all operational aspects of the business. Derivative transactions and the potential losses continue to focus attention on Treasury operations.
We are increasingly being asked by audit committees, heads of internal audit and Treasurers to review and benchmark controls over their treasury operations. There are broadly two key categories of these reviews:
- protection of company assets
- financial reporting (internal and external).
The unusually high risk nature and size of derivative transactions entered into by treasury dealers requires specialised controls designed to mitigate the risk of loss from a ‘bad trade’. These controls revolve principally around the deal capture and accounting processes.
The design effectiveness of these ‘operational controls’ greatly affect both the security and efficiency of the treasury department. Many companies have successfully automated large elements of the control processes to minimise the impact on operations.
More than just looking at internal reporting; the governance of treasury operations commences with the Board setting policy in line with their appetite for risk. Without the right level of focus, the value from these controls, which are ultimately to protect the assets of the company, may not be realised.
Internal reporting of treasury operations is a key element of any control framework. Is key information being lost in a mountain of detail, or omitted completely? Are the reports user-friendly, and who understands them?
IFRS/FAS reporting requirements have placed additional burdens on many companies, and increased the focus on the disclosure of derivatives and of treasury activities. The reporting standard IFRS 7 adds the additional requirement of incorporating internal risk reporting into external disclosures. Is your company comfortable to disclose to the markets how you measure your risk?