Responsible for the provision of an independent, objective and impartial assurance and advisory service in accordance with the Code of Ethics and the Standards of the International Professional Practices Framework.
The Audit Manager contributes to the effectiveness and efficiency of governance, risk management, and internal control processes of the Bank's NY Branch.
The Audit Manager will produce a risk-based annual audit plan taking the local regulatory requirements into account (Bank Secrecy Act - BCA, Office of Foreign Assets Control - OFAC etc.) as well as requests from the Group Audit Committee and Branch Senior Management. The scope of Audit NY covers amongst others, in particular Compliance, the Risk Asset Review, Trade Finance, and Treasury, Operations, Risk Management, Financial Reporting and IT. Continued monitoring of regulatory developments and emerging risks including cybersecurity and fraud related risks. It is critical to maintain good relations with the Office of the Comptroller of the Currency, the OCC.
1.The main responsibility is the execution of the annual audit plan and reporting of issues to the relevant stakeholders. The role entails the audit planning, audit fieldwork, audit reporting & closing as well as continued monitoring and issue follow-up. Group Audit utilizes the audit software Nasdaq / BWise for documentation and issue tracking.
2. Reporting Relationships (draw organisation chart):
The Audit Manager reports directly and functionally to the Head of Internal Audit US Branch who reports to the Group Head of Internal Audit with an administrative reporting line is to the local General Manager of the Branch. There are no local reports.
3. Dimensions of role (i.e. budgets managed, number of staff):
Financial (Revenue, Expansés, Budgets etc.) Non-Financial (size of team, geographical coverage, time horizon of main decisions, etc.)
Group Audit is a cost center. The Auditor has no discretionary budgetary responsibilities.
• There are no local reports. The functional reporting line is to the Relationship Manager of Group Audit.
• The audit plan, Terms of reference and reports are reviewed and approved by the Relationship Manager.
4. Principal Responsibilities, Accountabilities and Deliverables of Role:
1. Prepare a risk based audit plan to cover the entire auditable entities of the branch.
2. Deliver all audit assignments of the agreed plan for the year. Including Terms of reference, Audit field work, Audit reports and documentation.
3. Follow all Group audit’s established audit guidelines, documentation standards including Quality Assurance.
4. Provide to federal regulators all audit related requested items during their annual examination of the branch.
5. In details the audit assignments will cover the following activities;
Evaluating the extent of compliance with established policies, procedures, control guidelines and generally accepted accounting Principles and Banking Practices in order to provide reassurance about the quality of Bank's New York’s operating standards.
Reviewing and assessing the adequacy of Risk Management practices in New York to ensure that all relevant risks are adequately addressed so that Group Audit can be reassured that there will be no unpleasant surprises arising from poor risk management practices.
Performing the independent testing of the branch’s BSA/AML Compliance program to adequately satisfy the statutory and regulatory Federal requirements. This to be achieved by reviewing the policies and procedures of the branch relating to BSA/AML Compliance, OFAC regulations, Foreign Account Tax Compliance Act (FATCA) and other compliance applicable to the branch business activities.
Reviewing accuracy, timeliness and adequacy of financial reporting to Head Office and to local and regulatory authorities. Ensuring the integrity of reports submitted to Head Office and thereby avoiding misstatements in Bank’s published financials.
Assessing and reporting on the branch’s internal controls relating to IT systems, processes, project implementations, services and business continuity management and cyber security.
6. The audit functions will include:
Consolidating audit findings and conclusions into accurate, objective and comprehensive comments so that Senior Management can be apprised of the quality of risk management.
Tracking of the corrective actions of outstanding audit issues to ensure that all exceptions are satisfactorily resolved in timely manner.
Providing assistance in special investigations when requested by the Relationship Manager or Group Audit Committee.
Maintaining up to date audit programs for all areas of the branch.
Ensuring proper documentation of audit working papers through to the standards required by the regulators.
Coordinating all audit activities with Head Office Group Audit via the Relationship Manager for New York.
5. Risk, Compliance & Business Continuity:
At all times, act with due care, skill and diligence to ensure compliance with Bank’s audit charter and methodology, risk culture, policies and procedures, Code of Conduct and Values.
Ensure a climate of openness, transparency and accountability for compliance with external regulations and internal risk policies and procedures, where issues are raised and escalated, as appropriate and required, in a timely manner.
Ensure that stakeholders and reports are educated on risk and compliance matters, and that all employees in reporting line complete mandatory training to schedule.
Ensure that policies and procedures for your area(s) of responsibility are clearly documented, stored in an accessible manner, and kept up to date.
Participate in exercises to rehearse the banks response to an emergency situation (i.e. evacuation exercises and Business Continuity tests)
6. Job Context (Circumstances & environment surrounding the job):
Should have in-depth and up-to-date knowledge of a broad range of products (in particular Trade Finance, Loans, Asset Quality reviews and Treasury), systems, accounting and regulatory guidelines so that he/she can converse intelligently with staff and respective department heads. These include complex trade finance transactions and syndicated loans, corporate lending, Treasury and marketable securities. There is a need to be fully aware of laws and banking regulations of the USA particularly those relating to BSA/AML, OFAC and other Compliance.
Discussions on audit comments are usually carried out with Department Heads and General Managers. Therefore, personal communication skills should be highly developed so that Management can be persuaded to accept and implement the recommendations.
The Audit Manager will be reporting to the Relationship Manager, Group Audit Department at the Bank's Head Office.
Auditor will often have to operate ‘outside the box’. Where new products / procedures and / or systems are encountered the Auditor must use his knowledge and experience to identify key issues and controls seeking support from the Relationship Manager at Group Audit staff where necessary.
The auditor, time to time will act in an advisory capacity by attending various Committees of the branch. (Risk Management Committee, IT steering committee, Security committee, Business continuity committee etc.)
• Audit process (Risk based audit planning, Scoping, create and execute audit programs, testing approach including sampling, collecting evidence, analyzing results, reporting the findings, etc)
• In-depth understanding of Financial products and systems
• BSA/AML, OFAC and other Regulations.
• IT systems, services and controls.
• Cyber security exposure and understanding.
• Business continuity management
• Operational risk management
- Certifications Master in Finance, Business or other Numerate Discipline. Alternatively an accredited accounting or business qualification (Qualification from the Institute of Internal Auditors, the IIA).
At least 10 years of Banking experience with specialization in one or more of the following disciplines: US Regulatory Compliance, Trade Finance operations, Loan administration, Settlements, Treasury including Derivatives and pricing, Securities, Financial and regulatory Reporting, Operational Risk management, IT Operations and systems.