The UK regulators, PRA and FCA both see control over outsourcing as a key part of operational resilience. As a result many Internal Auditors are now more routinely including Outsourcing as part of their audit plans but they need some help in understanding the regulatory regime to conduct their audit.
This Guide brings together best practice, relevant regulations and, roles and responsibilities in a practical framework that you can use to carry out your own audit of Outsourcing in house without have to co-source or go external.
The guide explains the relevant standards that apply to Internal Auditors of financial services firms such as the ISO and of course the FS Code. It also takes you through and explains both the PRA and the FCA rules about outsourcing including the FCA and PRA Consultation Papers on Operational Resilience, although it does not presume those are made rules as regulated firms will be complying with today’s standards.
When implementing any regulation a certain tolerance has to be set for regulatory risk. In this Guide that regulatory risk tolerance is set for businesses wanting to show they are taking outsourcing seriously and doing the right thing in their firm based on real regulatory and compliance advisory experience of what other firms are actually doing as best practice, and what both the PRA and FCA have said they expect.
The Guide covers:
- Internal Audit standards
- What is, and is not, outsourcing
- Operational resilience
- Regulatory expectations
- Planning your outsourcing internal audit
- The fieldwork
- The report itself
- Follow up
- The current rules and guidance
- A list of documents to sample and questions to ask
The How to Guide is written succinctly and has the crispness expected in wholesale firms whilst getting to the point. The main document is 12 pages long, as it carefully covers all of the rules and regulations applicable to outsourcing. The three-page list of documents to sample and questions to ask is included as an annex so easy to use day to day.
The guide avoids use of regulatory jargon and legal terminology, but includes definitions of the key terms used when referring to outsourcing.
The Guide enables you to apply your own firm's branding and inhouse terminology as it has in plain background and black and white.
We also provide Outsourcing training slides as a digital download that supports use of this guide.
Outsourcing: A Guide for Internal Audit
This file is in Word 97-2003 (*.doc) format. It is also available from our store in Microsoft Word (*.docx) format.