Using regulatory change as an opportunity to strengthen and rationalise internal controls

As UK regulators plan an Internal Controls and Governance directive, similar to the US Sarbanes-Oxley section 404 rules, this major insurer seized the opportunity to achieve its long-term ambition: creating a single library for its financial and non-financial controls spanning more than 200 core processes. This would significantly improve the company’s risk and control environment, while preparing for the new regulations. To achieve its goal, the insurer needed a new control framework and a new library.

We assembled a specialist team to deliver sustainable change

We built a team with deep industry expertise in delivering internal controls environments. First, we evaluated the existing controls landscape and identified enhancements to the framework. Then, we completed a short pilot exercise to pinpoint key controls using a representative sample of processes. This showed how we’d identify, assess and consolidate the diverse controls into a single library. Once we agreed the approach and deliverables with the client, we rolled them out across the remaining processes.

We adopted a partnership approach, working closely with the client’s internal teams, helping to transfer knowledge efficiently.

We achieved more than just regulatory compliance

Our team of specialists went far beyond ticking regulatory checkboxes. The insurer has transformed the way it manages risk, thanks to our enhanced control framework. We’ve also improved the efficiency of control assurance by using our ‘control gateway’ approach, exceeding the client’s expectations.

Most importantly, we’ve given employees the knowledge and capabilities they need to manage internal controls effectively and independently for years to come.

Find out how we help our clients in Financial Services