sensitive position mandatory leave

Click here to load reader

Upload: elizabeth-baker-jd-crcmp

Post on 21-Mar-2017

37 views

Category:

Law


2 download

TRANSCRIPT

Required Absence GuidanceSensitive Position - Leave

Employees in sensitive positions must be absent from their duties for a minimum of two consecutive weeks to enhance the viability of a sound internal control environment by avoiding fraud and embezzlement which most often occurs under the continual presence of a perpetrator.

Guidance from the FDIC, OCC, Federal Reserve pursuant to federal laws:12 CFR 30 Safety and Soundness12 CFR 363 Annual Independent Audits and Reporting Requirements15 USC 78m, Securities Exchange Act of 1934One of the Basic Tenets of Internal Control

Institute a comprehensive system of internal controls (policies, procedures, processes) to safeguard assets and capital and to mitigate reputational and legal risks.Make a critical assessment of significant high risk areas and sensitive positions by considering all employees especially those with authority or ability to influence authority to Execute transactions,Signing authority, and orAccess to books and records Establish a policy and procedure for Sensitive Position Leave for every high risk employee and activity.During the 2 week mandatory absence, provide for independent monitoring of the transactions or activities the absent employee was responsible for initiating or processing.Smaller financial institutions should require alternative duties for every sensitive position employee for a two week period (e.g. rotational assignment) in lieu of sensitive leave or absence.Daily work should be assigned to & processed by another employee who is independent e.g. not subject to the supervision of the absent employee. During the sensitive leave or rotational assignment, absent employee should not be allowed Access to electronic access to systems or records orAccess to or from other employeesCompany should audit compliance with the policies and procedures including the required physical absence, electronic absence, and ongoing work processing by an independent employee.Summary of Guidance from Regulators: