In our experience from carrying out risk and control assurance work across the insurance sector we are seeing a growing recognition among broking firms of the importance of effective governance, risk management and internal control. There are a number of reasons for this but foremost, effective governance, risk management and internal controls helps firms to run their business better.
The extension of the Senior Managers and Certification Regime (SM&CR) to broking firms later this year also demonstrates the FCA’s desire for firms to ‘raise the bar’ in these areas. We see a wide variation in the extent to which firms have established and implemented effective frameworks or functions for managing risk and for providing assurance on the effectiveness of internal controls (ie internal audit).
This Good Practice Guide summarises what these functions should look like within a three lines of defence model with some examples of good practice. Whilst it highlights good practice, doing something is better than nothing, so firms should carefully consider how they can implement good practice in a way that is appropriate and proportionate.
We hope this provides some useful guidance and demonstrates the benefits that risk management and internal audit can bring to your firm.