• PDF / 306,530 Bytes
• 30 Pages / 439.37 x 666.142 pts Page_size
• 58 Downloads / 176 Views

DOWNLOAD

REPORT

Risk based internal auditing within Greek banks: a case study approach Andreas G. Koutoupis Æ Anastasios Tsamis

Published online: 1 October 2008
Springer Science+Business Media, LLC. 2008

Abstract Internal Audit functions within Greek banks are imposed both by the Greek law for publicly listed enterprises (Law 3016/17.5.2002), as well as by the Bank of Greece (Bank of Greece Governor’s Act. Number 2577/9-3-2006). Based on the traditional approach of internal audit within Greek Banks, an inspection of branches and credit on a tick and check (compliance) basis was conducted. Recent research (Koutoupis and Tsamis, Fourth European Academic Conference on Internal Audit and Corporate Governance. Cass Business School, London, United Kingdom, 2006) comes to a conclusion that this approach does not result in adequate coverage of risks. In addition, new international regulations and best practices such as basel committee on banking supervision requirements, COSO enterprise risk management (ERM) suggested framework, as well as The Institute of internal auditors standards for professional practice of internal auditing (standards) were in most cases partially or fully ignored by the vast majority of Greek banks. However, minimum requirements regarding the operation of internal audit functions have been set up by the Bank of Greece, which in most cases are followed by the Greek banks, as well as periodically assessed by the above banking regulator. Risk based internal audit (RBIA) was an unknown concept for the vast majority of publicly listed and non-listed Greek enterprises until very recently. Only Greek subsidiaries of US and UK enterprises were aware of the RBIA audit concept (including big foreign banks which operate in Greece as subsidiaries), as they were periodically audited by group audit functions as an immediate result of relevant risk assessments. Also, the majority of Greek publicly listed enterprises use the audit cycle approach in developing their long term (3 year) and annual audit plans, which means that they A. G. Koutoupis (&)
A. Tsamis Department of Public Administration, Auditing & Taxation Sector, Panteion University of Social and Political Sciences, 268 Kifisias st., Chalandri, Athens, Greece e-mail: [email protected] A. Tsamis e-mail: [email protected]

123

102

A. G. Koutoupis, A. Tsamis

audit specific business cycles and activities within a predefined time interval (1–3 years). Audit planning is based on the head’s of internal audit and internal auditors experience without formal application of risk assessment and audit planning techniques. All Greek banks that participated in the corporate governance and internal auditing survey (Koutoupis, Third European Academic Conference on Internal Audit and Corporate Governance, 2005) stated that they follow a risk-based audit approach and develop risk based audit plans; however the vast majority of them could not prove it through a clearly documented risk assessment and riskbased audit plan. Sarbanes–Oxley Act (2002) directed National Bank

Recommend Documents

Internal Control and Internal Auditing Definitions

182 74 17MB

The Model Design of Coal Enterprises Internal Control Auditing Based on Risk Management

182 88 202KB

Capital and risk in Italian banks: A simultaneous equation approach

175 56 173KB

Implementing and Auditing the Internal Control System

160 97 1MB

The Greek Case

167 3 3MB

Hammertoes A Case-Based Approach

172 64 32MB

Quality of Internal Auditing in the Public Sector Perspectives from

143 43 4MB

Auditing, Assurance Services, and Forensics A Comprehensive Approach

160 74 4MB

Risk Preparedness in Sperm Banks

98 6 294KB

PET-CT A Case-Based Approach

150 97 27MB

Genitourinary Imaging A Case Based Approach

155 27 29MB

Reactive Attachment Disorder A Case-Based Approach

169 47 715KB