Internal Controls Over Compliance

Building Client Confidence 

Client confidence is crucial to maintaining long-term working relationships, and delivering financial reporting with accuracy, reliability, and integrity is key to instilling this confidence. While working on financial statements and contending with multiple compliance requirements, broker-dealers need to provide their clients with transparent and trustworthy financial reporting. 

Internal Controls Over Financial Reporting (ICFR) compliance is one regulation that broker-dealers must contend with. ICFR involves implementing procedures and controls to mitigate the risk of material financial misstatement. Some broker-dealers must contend with compliance with ICFR for Sarbanes-Oxley and Internal Control Over Compliance (ICOC). ICOC intends to focus on broker-dealers’ oversight of custody arrangements and the protection of customer assets. It reasonably assures that the information on reports and filings like 15c3-1 and 15c3-3 is complete and accurate. ICOC also states that non-compliance with Security Exchange Act of 1934 Rules 15c3-1, 15c3-3, or 17a-13, or any rule of the designated examining authority of the broker-dealer that requires account statements to be sent to the customers of the broker-dealers, will be prevented or detected on a timely basis. 

Annual Compliance 

Broker-dealers must prepare financial reports annually, as well as a compliance report or an exemption report. The broker-dealer will prepare and file a compliance report if they did not claim an exemption from Exchange Act Rule 15c3-3 (Custody Rule); otherwise, they will file an exemption report. The compliance report includes statements as to whether the organization has internal controls over compliance for Rules 15c3-1, 15c3-3, Exchange Act Rule 17a-13, and applicable designated examining authority rules, and if the organization includes a discussion of material weaknesses if identified. Broker-dealers are required to engage an independent public accountant to audit the annual financial, compliance, and/or exemption report. 

Mitigate Risk and Confirm Compliance with an Internal Audit 

How can an internal audit assist? Like ICFR, an internal audit can have a vital role in the development and ongoing monitoring of an ICOC framework. Projects may include, but are not limited to, the following:

1. Consulting (readiness and implementation) 
2. Internal control design assessment 
3. ICOC policy development or review 
4. Internal control effectiveness assessment 
5. ICOC continuous monitoring  

An internal audit can give management an independent and objective assessment of the ICOC framework prior to the independent annual audit. The information an internal audit will share can improve operations and give insight to management on the effectiveness and compliance of the ICOC framework. If the audit identifies issues or process improvements, management can take the necessary steps to address any underlying issues prior to the annual audit. An effective internal audit department or third-party service provider can be an asset to management in mitigating risk and complying with ICOC. 

Schedule an Internal Audit Today 

Are you a broker-dealer who needs help assessing the compliance effectiveness of your annual reports? If you are ready to schedule an internal audit, contact us today to discuss how we can support you as your independent public accountants.