You are the manager of internal audit for a large North America-based financial institution. One day your

Question:

You are the manager of internal audit for a large North America-based financial institution. One day your staff report to you that they have discovered an error in the amount of interest paid to a significant number of depositors. Your institution has overpaid several million dollars of interest as a result of an error that was made during the maintenance of a program. The error was not discovered before the program was released again into production.

You call an urgent meeting to discuss this finding with your institution's president, controller, vice president (information systems), and vice president (customer relations). The five of you canvass the actions you must now take. One possibility is to try to recover the interest from the customers' accounts. The vice president (customer relations) believes this action is fraught with problems, however. Because the overpayment occurred several weeks ago, he points out that some customers might have "spent the interest" already. He also argues that substantial damage to customer goodwill might occur if the interest is now deducted from customer accounts. Moreover, he is concerned about how he will deal with customer inquiries and complaints that are likely to arise. He is certain that some customers will dispute the deduction, and some might even take legal action.

The president is concerned about how the error will affect the share price of the financial institution if it becomes public knowledge. The competence of the whole management team will come under scrutiny. He considers what information he must also provide to the Board of Directors and the external auditors.

The vice president (information systems) contemplates the actions she must now undertake to prevent such an error occurring again. She believed that the procedures used to test programs before they were released into production were highly reliable. Clearly, some breakdown has occurred. She wonders whether she must now establish a quality-assurance group to prevent a major software error occurring again.

The meeting is adjourned so everyone can give the matter further consideration. For your part, you begin to wonder whether you might use CIS as a concurrent auditing technique to detect material errors and irregularities that could occur in deposits, loans, and investments application systems. A significant exposure for your financial institution is that it offers a wide range of products and services. For example, many kinds of fixed deposit accounts and investment accounts exist, and many different types of loans are offered to customers in an effort to tailor the loans to their circumstances and needs. Your institution also offers various equity trusts, property trusts, and combined equity-property trusts in which customers can invest. Transactions associated with these products and services can lead to some complex calculations-for example, those associated with penalties that customers incur if they withdraw monies early from fixed deposit accounts, and those associated with the payout values of loans if customers decide to pay off a loan early.

On the one hand, you feel that CIS might be fairly straightforward to implement. Your institution uses a database management system to maintain its database, and all application systems use the database management system to gain access to and maintain the database. Indeed, the integrated nature of the customer database is considered to be one of your institution's major competitive advantages because it allows a very high level of customer service to be provided. On the other hand, you recognize that the development, implementation, operation, and maintenance costs associated with replicating all interest receipts or payments via CIS is prohibitive. You wonder what calculations should be the focus of your efforts if you were to implement CIS.

Required: Assume you decide to implement CIS for a trial period of a year. You decide to limit its use, however, to three types of interest payment that your financial institution makes to customers. What types would you choose? Briefly explain why you would choose these types. Would you have CIS simulate every instance of each of the three interest payment types? Why or why not? Briefly explain the approach you would use.

Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Related Book For  book-img-for-question
Question Posted: