Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
2019 Compliance Testing Plan for RBs (2).pptx
1. Compliance Testing
• To test and monitor compliance with established laws, rules,
regulations, prescribed practices, internal policies and procedures.
• To recommend corrective action plans to manage existing, emerging
and residual risk.
2. Compliance Testing Process
I. Compliance Testing Plan
II. Compliance Test: Results, Recommendations and Action Plan
III. Monitoring of Corrective Action Plan
3. I. Compliance Testing Plan
1. Determine the scope of the Compliance Testing which shall include,
but not limited to, the following:
Results of compliance risk assessment
Corporation’s mandate, goals and objectives
Management’s compliance testing expectations
2. Accomplish the Compliance Test Matrix which shall include the
frequency, strategy and duration of testing based on the assessment of
the identified risk.
3. Provide a copy of the approved Compliance Testing Plan to the Audit
Committee.
4. II. Compliance Testing
• Conduct actual compliance testing.
• Document the results of compliance testing.
• Assess the results of compliance testing, identifying the responsibility
and reason for the deficiencies (cause), and determining the
materiality of the weakness on the functioning of the operation
(effect).
5. II. Compliance Testing
• Review the results and recommendations with the concerned
department and/or branch before finalization of the report. The
concerned department/branch shall develop corrective action plan
taking into consideration:
Compliance Testing Results and Recommendations
Applicable existing policies and guidelines
Officer/Employee Responsible
Target Completion Date
• Furnish the Audit Committee a copy of the final Compliance Testing
Results Matrix with the Recommendations and Action Plan
6. III. Monitoring of Action Plans
• Monitor/follow-up with the concerned branch and/or department on
the completion status of the Corrective Action Plan. The Compliance
Officer shall generate an Action Plan Monitoring Report on a
quarterly basis based on the Target Completion Date.
• Results shall be concluded as follows:
Complied – Compliance Action Plan has been fully executed
Partially Complied/In Process – The Compliance Action Plan has been partly
implemented; breaches were noted in some aspects
Not Complied – Compliance Action Plan has not been executed
7. III. Monitoring of Action Plans
• Submit a copy of the draft Action Plan Monitoring Report to the
concerned branch and/or department and discuss significant issues
that remain unresolved after the target completion date. Reports may
include recommendations for potential improvements and
acknowledge satisfactory performance and corrective action.
• Submit final Action Plan Monitoring Report to the Audit Committee
which shall include the satisfactory performance and state the
favorable result/s of Corrective Action Plan.
• The Audit Committee shall escalate any significant inaction to the
recommendations to the Board for appropriate resolution.
8. Branch Risk Assessment
Criteria
Financial Impact
Risk Management
Resultsof Last Testing
minor monetary impact
with RM and strong implementation
Satisfactory/Excellent
Low
Moderate
significant monetary impact
no RM strategy
Poor
High
moderate monetary impact
w/ RM but weak implementation
Lessthan Satisfactory
Head Office Lamut A. Lista Diadi Villaverde
Financial Impact High High Moderate Moderate Moderate
Risk Management Moderate Moderate Moderate Moderate Moderate
Compliance Risk * High Low Moderate Moderate Low
Order of Test Priority 1 4 2 3 5
9. Result of Last Testing
Demerit Points Equivalent
Demerit Points
Equivalent
Lamut 7/31/2018 26 Satisfactory 11/8/2018 24 Satisfactory
Diadi 9/3/2018 39 Less thanSatisfactory 11/28/2018 31 Less thanSatisfactory
Villaverde 9/21/2018 29 Satisfactory 12/26/2018 26 Satisfactory
HeadOffice 10/31/2018 68 Poor 2/7/2019 55(old)+ 6(new) Poor
AlfonsoLista 11/13/2018 46 Poor 2/27/2019 31 Less thanSatisfactory
Branch/Office/
Department
DateofRegular
Compliance
Testing
Risk Rating*
Dateof
Monitoring/
Follow-up
Re-assessedRisk Rating
10. Demerit Point System
Level of Risk Demerit Point(s)
Low 1
Moderate 2
High 3
Demerit Points Compliance Equivalent
1-20 Excellent/Very Satisfactory
21-30 Satisfactory
31-40 Less Than Satisfactory
Over 40 Poor
11. Risk Appetite vs. Actual
As perTypeofRisk Bank's Appetite HeadOffice Lamut AlfonsoLista Diadi Villaverde
Credit Moderate High Moderate High High High
Liquidity Low Moderate Low Moderate Low Low
Operations Moderate High Moderate High Moderate Moderate
Strategy Low Moderate Moderate Low Moderate Moderate
Compliance Moderate High High Moderate High Low
Reputational Low Low Low Low Low Low
13. Business Process Risk Assessment
•By Impact
Risk Rating Classification of
Offense
Sanctions
High Serious Criminal and/or
administrative
sanctions
Monetary Penalties
Moderate Less Serious Criminal and/or
administrative
sanctions
Monetary Penalties
Low Minor Monetary Penalties
14. Serious Offense – This refers to unsafe and unsound practice. An unsafe and unsound practice
is one in which there has been some conduct, whether act or omission, which is contrary to
accepted standards of prudent company operation and may result to the exposure of the
company and its stakeholders to abnormal risk or loss.
Less Serious Offense – These include major acts of omissions defined as company/individual’s
failure to comply with the requirements of laws, rules and regulations,
provisions/Circulars/Memorandum as well as directives/instructions having material impact on
Company’s solvency, liquidity or profitability and/or those violations classified as major
offenses under the Report of Examination, except those classified as unsafe and unsound.
Minor Offense – These include acts or omissions which are procedural in nature, can be
corrected immediately and do not have material impact on the solvency, liquidity and
profitability of the company. All other acts of omissions that cannot be classified under the
major offenses/violations will be classified under this category.
15. Business Process Risk Assessment
•By Risk
Management
Effectiveness
Risk Rating Effectiveness Category
High Ineffective, no risk management
strategy in place
Medium/Moderate With RM strategy but weak
implementation
Low Highly effective risk
management strategy
16. Risk Assessment - Sample
Applicable Law, Rulesand Regulation Impact
RM
Effectiveness
Risk Level
Data Priv ac y Ac t High High High
Corporate Gov ernanc e High M oderate High
AM LA: Cov ered T
ransac tion Reporting M oderate M oderate M oderate
T
RAIN Law : Corporate Inc ome T
ax M oderate Low M oderate
DOLE: Oc c upational Safety and Health Low Low Low
Capital Adequac y High Low M oderate
17. Business Process Risk Assessment
Credit Risk
Head Office Alfonso Lista Diadi Lamut Villaverde
High High High High High
High High High High High
High Moderate Moderate Moderate Moderate
High High High High High
High High Moderate Moderate High
Moderate High Moderate Moderate High
Moderate Low Low Low Moderate
Low Low Low Low Low
High High High High High
Moderate Moderate Low Moderate Low
ROPA Administration
Clean-Up Policy
Mandatory allocations: MSME
DOSRI/ Fringe Benefit Loans
Applicable Law , Rule and Regulations
Mandatory Allocations: Agri-Agra
Adequate Dislosure
Credit Underw riting and Loan Packaging
Loan Classification
SBL/ Large Exposures/ Credit Concentration
Asset Quality/ Loan Loss Provisioning
18. Business Process Risk Assessment
Operational/Liquidity/Strategic
Head Office Alfonso Lista Diadi Lam ut Villaverde
High High High High High
High
Moderate Low Low Moderate Low
Low Low Low Low Low
High Moderate Moderate Moderate Moderate
Low Low Low Low Low
Low Low Low Low Low
High High High High High
Moderate Moderate Moderate Moderate Moderate
High High High High High
Moderate High High High Moderate
Low Low Low Low Low
Strategic Planning
Applicable Law , Rule and Regulations
LOC/ ROE Im plem entation
Capital Adequacy
Organizational Structure/ Staffing
Succession Planning
Financial Consum er Protection
Lease Contracts
Contracts for Outsourced Services
CASA Adm inistration
Liquidity and Cash Managem ent
Business Continuity, Security and IT
Anti-Money Laundering
19. Business Process Risk Assessment
Compliance Risk
Head Office Alfonso Lista Diadi Lamut Villaverde
High High High High High
High High High High High
High Low Low Low Low
High High High High High
High High High High High
Moderate Moderate Moderate Moderate Moderate
Moderate Moderate Moderate Moderate Moderate
DOLECompliance
SSSPhilhealth Pag-ibig
Applicable Law, Rule and Regulations
BSP Compliance
BIRCompliance
SEC Compliance
PDIC Compliance
CIC Compliance
20. Annex A
Type of Risk: Credit
Risk Classification High
Test Frequency Monthly
Affected Process
Risk
Rating
Nature of Compliance
Testing Strategy
Duration
COMPLIANCE TEST MATRIX
Regulatory Body/Rule or Regulation,
Title and Date of Law
21. Testing Strategies
Compliance testing of a business process may use a combination or all
of the following strategies:
1. Document Review
2. Interview
3. Stress Testing
4. Observation
5. Simulation/process walk-through
25. Annex D
CORRECTIVE ACTION PLAN MONITORING
Department/Branch Corrective Action Plan
Officer
Responsible
Target
Completion
Date
Resolved
(Y/N)
Status Compliance Officer's Remarks
Concurred by:
Branch/Dept Head
Approved by:
President
Signature
Date
Prepared by:
Compliance Officer
26. COMPLIANCETESTING MONITORING MATRIX Annex E
Unresolved Compliance Issues
Applicable Law , Rule and Regulations
Branch/
Department
Date of
Testing
Risk
Rating
Results of Last
Testing
Date of
Follow -up
Testing
Re-
Assessed
Risk
Rating
Action Plan-BOD