A company’s Compliance Management System (CMS) is the foundation of its compliance program and a key element reviewed by regulators. A sound and effective compliance management system provides the guidance and framework for how an institution:
While the formality and complexity of compliance management systems will vary greatly among institutions, the board of directors and management are expected to have a system in place to effectively manage its compliance risk consistent with its size and product mix.
An effective compliance management system commonly has four interdependent control components:
When all four control components are strong and well-coordinated, a supervised entity should be successful at managing its compliance responsibilities and risks.
CrossCheck’s experienced compliance experts will review your existing program and will work with management to provide recommendations for a comprehensive and practical program commensurate with the size, risk and operations of the company.
Prior to the start of our engagement, we will submit an information request list to management of items that will enable us to determine the extent of documentation currently in existence for each of four components included in this engagement. We will also conduct various management interviews as well as substantive testing as appropriate to ensure we have sufficient information to assess the institution’s CMS and make any appropriate recommendations for improvement.
Additional consulting services can be provided as needed to enhance procedures and policies, assist with remediation efforts for any specific compliance issues identified, and provide training and information about existing and changing compliance requirements, etc.