Bookshop > Trading and Capital-Markets Activities Manual > This page

Trading and Capital-Markets Activities Manual

Trading Activities: Operations and System Risk (Back-Office Operations) 
Source: Federal Reserve System 
(The complete Activities Manual (pdf format) can be downloaded from the Federal Reserve's web site)

Operational risks managed outside of the dealing room are potentially more costly than those managed inside the dealing room. While the function of dealers in the front office is primarily to transact and manage positions, the processing of transactions, recording of contracts in the accounting system, and reconciliations and procedures required to avoid errors are functions that must take place outside the dealing room. In conducting these functions, the back office provides the necessary checks to prevent unauthorized trading. 

Back office, for the purposes of this manual, may represent a single department or multiple units (such as financial control, risk management, accounting, or securities custody), depending on the organizational structure of the financial institution. Some institutions have combined some of the responsibilities usually found in the back office into a middle-office function, which is also independent of dealing activities. 

Close cooperation must exist between the dealing room and the back office to prevent costly mistakes. An understanding of each role and function is important. While their priorities are different, both functions work toward the same goal of proper processing, control, and recording of contracts, which is essential to the success of a trading department. 

The back office serves several vital functions. It records and confirms trades transacted by the front office and provides the internal control mechanism of segregation of duties. The checks and balances provided by the back-office function help management supervise the trading activities conducted by the front office. A properly functioning back office will help ensure the integrity of the financial institution and minimize operations, settlement, and legal risks. 

Segregation of front- and back-office duties minimizes legal violations, such as fraud or embezzlement, or violation of regulations. Operational integrity is maintained through the independent processing of trades, trade confirmations, and settlements. The goal is to avoid potentially costly mistakes such as incorrectly recorded or unrecorded contracts. The back office also is responsible for the reconcilement of positions and broker statements and may monitor broker relationships with the financial institution. The back-office staff provides an independent assessment of price quotes used for the revaluation process that leads to the maintenance of the subsidiary ledgers and the general ledger. Another crucial function of the back office is accepting or releasing securities, commodities, and payments on trades, as well as identifying possible mistakes. Clearly, trading personnel need to be separate from control of receipts, disbursements, and custody functions to minimize the potential for manipulation. Regulatory reports and management accounting may also be the responsibility of the back office. 

Management responsibilities performed by the back office vary by institution. The evaluation of transaction exposure against established market, liquidity, or credit limits may be performed by back-office staff or by a separate risk-management function, independent of front office traders and marketers. Risk-management reporting may also be performed by back-office staff. Legal documentation, while initiated by internal or external counsel, may be followed up (chased) by back-office staff. 

The links between front- and back-office operations may range from totally manual to fully computerized systems in which the functions are directly linked. The complexity of linking systems should be related to the volume and complexity of capital-markets and trading activities undertaken. Manual operations are subject to error. However, management should not have a false sense of security with automated systems. Changes in programming codes installed through the maintenance process, new financial structures, and improper use of software may lead to computational and processing errors. Regardless of the operational process in place, the back-office functions should be subject to comprehensive audit. 

Operational risk is the risk that deficiencies in information systems or internal controls will result in unexpected loss. Although operational risk is difficult to quantify, it can be evaluated by examining a series of plausible worst-case or what-if scenarios, such as a power loss, doubling of transaction volume, or a mistake found in the pricing software. It can also be assessed through periodic reviews of procedures, data processing systems, contingency plans, and other operating practices. These reviews may help reduce the likelihood of errors and breakdown in controls, improve the control of risk and the effectiveness of the limit system, and prevent unsound marketing practices and premature adoption of new products or lines of business. Considering the extent that capital-markets activities rely on computerized systems, financial institutions should have plans that take into account potential problems with their normal processing procedures. 

Financial institutions should also ensure that trades that are consummated orally are con-firmed as soon as possible. Oral transactions conducted via telephone should be recorded and subsequently supported by written or printed documents. Examiners should ensure that the institution monitors the consistency between the terms of transactions as they were orally agreed on and as they were subsequently confirmed. 

Examiners should also consider the extent to which financial institutions evaluate and control operating risks through the use of internal audits, stress testing, contingency planning, and other managerial and analytical techniques. Financial institutions should have approved policies that specify documentation requirements for capital-markets activities as well as formal procedures for saving and safeguarding important documents. All policies and procedures should be consistent with legal requirements and internal policies.

 INTERNAL CONTROLS 

Management is responsible for minimizing the risks inherent in executing financial contracts. Policies and procedures should be established covering organizational structure, segregation of duties, operating and accounting system controls, and comprehensive management reporting. Formal written procedures should be in place for purchases and sales, processing, accounting, clearance, and safekeeping activities relating to financial contracts transactions. In general, these procedures should be designed to ensure that all financial contracts are properly recorded and that senior management is aware of the exposure and gains or losses resulting from these activities. Desirable controls include- 

  • written documentation indicating the range of permissible products, trading authorities, and permissible counterparties; 
  • written position limits for each type of contract or risk type established by the board of directors; 
  • a market-risk-management system to monitor the organization's exposure to market risk, and written procedures for authorizing trades and excesses of those limits; 
  • a credit-risk-management system to monitor the organization's exposure with customers and broker-dealers; 
  • separation of duties and supervision to ensure that persons executing transactions are not involved in approving the accounting methodology or entries (Persons executing transactions should not have authority to sign incoming or outgoing confirmations or contracts, reconcile records, clear transactions, or control the disbursement of margin payments.); 
  • a clearly defined flow of order tickets and confirmations (The flow of order tickets and confirmations should be designed to verify accuracy and enable reconciliations throughout the system and to enable the reconcilement of traders' position reports to those positions maintained by an operating unit.); 
  • procedures for promptly resolving failures to receive or deliver securities on the date securities are settled; 
  • procedures for someone other than the person who executed the contract to resolve customer complaints; 
  • procedures for verifying brokers' reports of margin deposits and contract positions and for reconciling such reports to records; and 
  • guidelines for the appropriate behavior of dealing and control staff and for the selection and training of competent personnel to follow written policies and guidelines. 

TICKET FLOW 

Once a transaction has been initiated by the front office, the primary responsibility for processing trades rests with various back-office personnel. Back-office staff process all payments and delivery or receipt of securities, commodities, and written contracts. Additionally, the back office is responsible for verifying the amounts and direction of payments which are made under a range of netting agreements. 

After sending the trade tickets to the back office, the traders are removed from the rest of the processing, except to check their daily positions against the records developed separately by the back office and to verify any periodic reports it prepared. After receipt of the trade ticket from the front office, back-office personnel verify the accuracy of the trade ticket, and any missing information is obtained and recorded. A confirming communication will be sent to the counterparty, who, in turn, will respond with an acceptance communication. The acceptance communication will either confirm the trade or identify discrepancies for resolution. The trade is then ready to be processed. 

Trade processing involves entering the trade agreement on the correct form or into an automated system. When the front office has already performed this function, verification of transaction data should be performed. The copy of the trade agreement to be sent to the counterparty is once more checked against the original ticket, and the trade agreement is transmitted. 

Other copies of the trade agreement will be used for all bookkeeping entries and settlement during the life of the agreement. For instance, all contingent liability, general ledger, and sub-ledger entries will be supported by copies of the trade agreement, with the relevant entry highlighted on the copy. Likewise, at maturity of an agreement, payment or receipt orders will be initiated by the relevant trade-agreement copies. 

After the trades are recorded on the institution's books, they will be periodically re-valued. Over time, trades will mature or be sold, unwound, exercised, or expire as worthless, depending on circumstances and instruments. Subsequently, these transactions will be removed from the books of the institution, and related deferred accounts will pass through the accounting cycle. 

Financial institutions active in global markets may permit some traders to transact business after normal business hours. This activity should be well defined in the institution's policies and procedures manual, in which trading instruments should be listed and possible counterparties defined. Supervisory responsibility of after hours and off-premises trading and the authorities for traders should be delineated. 

A policy should be in place for off-market transactions, and the organization should review trading activity to determine if off-market rates are used. Justification for off-market transactions should be registered in a log by the back office. Frequent use of off-market rates may reflect the extension of credit to a counterparty and should be the subject of further examiner inquiry. 

Examiners should determine whether systems and processes enable audit and control staff to adequately monitor dealing activity. Time stamping transactions at the time of execution will enable an institution to validate intraday dealing prices and reconstruct trading activity. Moreover, time-stamp sequences of the trade tickets should closely, if not exactly, match the serial order for a particular trader or dealer. 

It is appropriate to evaluate whether an institution's automated systems provide adequate support for its dealing and processing functions. Systems that have increased dealing volumes should be examined for downtime, capacity constraints, and error rates for transaction throughput. Further, institutions that deal in complex derivative products should have automated systems commensurate with the analytical and processing tasks required.

TRADE TRANSACTIONS 

Confirmations 

Whenever trading transactions are agreed upon, a confirmation is sent to the counterparty to the agreement. A confirmation is the record of the terms of a transaction sent out by each party, before the actual settlement of the transaction itself. The confirmation contains the exact details of the transaction and thus serves legal, practical, and antifraud purposes. The confirmation can be generated manually or automatically by an on-line computer trading system. 

The back office should initiate, follow up, and control counterparty confirmations. Usually, an incoming confirmation from the counterparty can be compared with a copy of the outgoing confirmation. If an incoming confirmation is not expected or if the transaction is carried out with commercial customers and individuals, it is wise to send confirmations in duplicate and request a return copy signed or authenticated by the other party. 

When a financial institution deals in faster paced markets, such as foreign exchange, or in instruments which have very short settlement periods, trade validation may be performed through taped telephone conversations before the exchange, with corroboration of a written or electronically dispatched confirmation. The use of taped phone conversations can help reduce the number and size of discrepancies and is a useful complement to (as opposed to a substitute for) the process of sending out and verifying confirmations. At a minimum, institutions should retain the past 90 days of taped phone conversations, but this time frame may need to be expanded depending on the volume and term of instruments traded. It is poor practice to rely solely on telephone verifications because of their ineffectiveness in litigation in some jurisdictions. Additionally, certain jurisdictions only recognize physical confirmations. 

An institution dealing in global markets should ensure the adequacy of its confirmations through legal study of the regulations specific to the foreign locales of its counterparties. In all trading markets, the confirmation should provide a final safeguard against dealing errors or fraud. 

All confirmations should be sent to the attention of a department at the counterparty institution which is independent of the trading room. Incoming information should be compared in detail with the outgoing confirmation, and any discrepancies should be carefully appraised. If the discrepancy is significant, it should be investigated independently. If the discrepancy is small, a copy of the confirmation may be given to the trader for clarification with the counterparty, since the trader will probably have daily contact with the other party. Most importantly, the department should follow up on all these discrepancies and ensure that new confirmations are obtained for any agreed-on changes in terms. 

A strictly controlled confirmation process helps to prevent fraudulent trades. For example, in a fraudulent deal, a trader could enter into a contract, mail out the original of a confirmation, and then destroy all copies. This technique would enable a trader to build up positions without the knowledge of the financial institution's management. If the incoming confirmation is directed to the trader, it could be destroyed as well, and nobody would ever know about the position. The trader, when closing this position, would make up a ticket for the originally destroyed contract and pass it on together with the offsetting contract so that the position is square again. Receipt and verification of the incoming confirmation by an independent department would immediately uncover this type of fraudulent activity. An additional protection is the use of serially numbered manifold forms for confirmations, with an exact accounting of and comprehensive explanation for any forms not used. 

Settlement Process 

After an outright or contingent purchase or sale has been made, the transaction must be cleared and settled through back-office interaction with the clearing agent. On the date of settlement (value date), payments or instruments are exchanged and general-ledger entries are updated. Depending on the nature of the deal, currency instruments will be received, paid, or both. The process of paying and receiving must be handled carefully because errors can be extremely costly. When all the proper information is recorded, contracts are placed in ''dead files.'' 

Settlement is completed when the buyer (or the buyer's agent) has received the securities or products, and the seller has been paid. Brokers may assign these tasks to a separate organization, such as a clearinghouse, but remain responsible to their customers for ensuring that the transactions are handled properly. They are also responsible for maintaining accurate accounting records. 

Examiners should review the various methods of settlement for the range of products covered and note any exceptions to commonly accepted practices. Unsettled items should be monitored closely by the institution. The handling of problems is always a delicate matter, especially when the cost is considerable. Anything more than a routine situation should be brought to the attention of the chief dealer and a senior officer in the back office. Further action should be handled by management. 

Losses may be incurred if a counterparty fails to make delivery. In some cases, the clearinghouse and broker may be liable for any problems that occur in completing the transaction. Settlement risk should be controlled through the continuous monitoring of movement of the institution's money and securities and by the establishment of counterparty limits by the credit department. A maximum settlement-risk limit should be established for each counterparty. 

Foreign Payments 

Two control steps are involved when making foreign payments. The first step is internal; each payment should be carefully checked with the corresponding contract to ensure the accuracy of the amount, date, and delivery instructions. The second is checking with the dealer responsible for the currency involved to ensure that cash-flow figures for the delivery date, excluding nostro balances, agree with the net of all contracts maEagle Tradersg on that day. 

If the financial institution uses more than one financial institution abroad for the payment or receipt of a currency, the back office must ensure that the flow of funds does not leave one account in overdraft while another account has excessive balances; this check will avoid unnecessary overdraft charges. The final check of flows of foreign funds is made through the reconciliation of the foreign account. This is always a retrospective reconciliation because of the delays in receiving the statement of account. Some extra actions that can help prevent problems abroad or resolve them more quickly are (1) sending details of expected receipts to the counterparty or correspondent with a request to advise if funds are not received, (2) asking the correspondent financial institution to advise immediately if the account is in overdraft or if balances are above a certain level, and (3) establishing a contact person in the correspondent bank to be notified if problems arise. 

Delivery versus payment. Many foreign securities and U.S. Treasury securities are settled on a delivery-versus-payment basis, under which counterparties are assured that delivery of a security from the seller to the buyer will be completed if, and only if, the buyer pays the seller. 

Reconciliations 

The back office should perform timely reconciliations in conformity with the policies and procedures of the institution. The minimum appropriate frequency for reconciliation will be linked to the volume and complexity of the transactions at the financial institution. The individual responsible for performing the reconcilement of accounts should be independent of the person responsible for the input of transaction data. 

Reconciliations should determine positions held by the front office, as well as provide an audit trail detailing reclassified accounts for regulatory reporting. Typical reports to be reconciled include trader position sheets to the general ledger, general ledger to regulatory reports, broker statements to the general ledger, and the income statement. 

DISCREPANCIES AND DISPUTED TRADES 

Any discrepancy in trading transactions must be brought immediately to the attention of the appropriate operations manager. All discrepancies should be entered into a log, which should be reviewed regularly by a senior operations officer. The log should contain the key financial terms of the transaction, indicate the disputed items, and summarize the resolution. The counterparty should receive notice of the final disposition of the trade, and an adequate audit trail of that notice should be on file in the back office. The institution should have clear and documented policies and procedures regarding the resolution of disputed trades with counterparties. 

Brokers' Commissions and Fees 

Brokers charge a commission or fee for each transaction they perform. The commission should not be included in the price of the transaction, and it should be billed separately by the brokers. Checking the commissions, initiating the payments, and reviewing brokers' statements are other functions of the back office. To ensure the integrity of fees and commissions, brokers' points arrangements and other trader-negotiated solutions to trade disputes should be avoided. 

REVALUATION 

Revaluation is the process by which financial institutions update or ''mark to market'' the value of their trading-product portfolios. Guidelines for the formal revaluation should be delineated in written policies and procedures. Weak policies and procedures increase the potential for fraud and raise doubt about the integrity of trading profits and a firm's ability to evaluate risk. A common deficiency of revaluation procedures is the improper segregation of duties between traders and control personnel, including a disproportionate dependence on trader input and the lack of independent verification of pricing parameters. In addition, the use of inconsistent pricing assumptions and methodologies between the trading desk and back office can lead to incorrect financial reporting and evaluations of market risk. 

The determination of current market value is both an intraday activity performed by traders to monitor their position as well as a daily activity performed by control staff to determine the impact on earnings. Discrepancies between trader input and independent market rates should be resolved and documented. Procedures should be established for maintaining a discrepancy log containing the reason for the discrepancy and the profit-and-loss impact. Significant discrepancies should be reported to senior management. 

Sufficient information regarding the periodic revaluation and resolution of discrepancies should be documented and maintained. In addition, any adjustments to the general ledger due to changes in revaluation estimates should be clearly recorded and reported to management. 

The revaluation process is transparent for securities, futures, and other instruments that are traded on organized exchanges. Published prices from exchanges provide an objective check against the price provided by traders, although liquidity considerations make evaluating quoted prices more complex. A secondary comfort level for exchange-traded products is the margin call in which a position is evaluated at the posted end-of-day price. Prices of actively traded over-the-counter (OTC) products available from electronic wire services provide a similar check against trader prices for these products. 

However, with less actively traded products, especially exotic OTC-traded derivatives and options, the revaluation process is more complex. The pricing of illiquid instruments has a greater potential for error or abuse because valuation is more subjective. For example, options that are tailored for customer requirements may have no two-way market, yet still must be evaluated at current market value. While various pricing models exist, all depend on critical assumptions and estimates used to calculate the probable price. Errors can arise from incorrect estimates or manipulation of variables and assumptions. One particular vulnerability concerns the observed volatility of options. See section 2010.1, ''Market Risk,'' for a discussion of problems that can arise with measuring volatilities. 

The mark-to-market methodology for risk management may be calculated on the same basis as the controller's income-recognition method. Some financial institutions use equivalency formulas that convert gross exposures to standard measures based on the price sensitivity of benchmark securities. In this regard, the revaluation process serves as a starting point for risk assessment of capital-markets products. The assessment of exposures by risk management, however, should never be less conservative than assessment by actual market levels. 

ACCOUNTING 

The recording of outstanding transactions allows verification of dealer positions, risk control, and recording of profit and loss. Each institution should follow guidelines established by industry practice or the applicable governing bodies, including- 

  • generally accepted accounting principles (GAAP) 
  • regulatory accepted principles (RAP) 
  • Federal Reserve Board policy statements 
  • Federal Financial Institutions Examination Council statements 

For further discussion, see sections 2120.1, ''Accounting,'' and 2130.1, ''Regulatory Reporting.''

 MANAGEMENT INFORMATION REPORTS 

Management information reports are prepared by the back office and trader-support areas to enable management and trading personnel to assess the trading position, risk positions, profit and loss, operational efficiency, settlement costs, and volume monitoring of the institution. For further discussion, see section 2040.1, ''Management Information Systems.'' 

DOCUMENTATION AND RECORDKEEPING 

Accurate recording of transactions by back office personnel is crucial to minimizing the risk of loss from contractual disputes. Poor documentation can lead to unenforceable transactions. Similarly, poor recordkeeping can render audit trails ineffective, and can result in a qualified or adverse opinion by the public accountant, a violation of Federal Reserve Board policy, or loss due to fraud. 

An institution should keep confirmations summarizing the specific terms of each trade. Additionally, master agreements should be kept on premises or a copy should be available locally for examiner reference. For further discussion on master agreements, see section 2070.1, ''Legal Risk.'' 

AUDITS 

The scope and frequency of an institution's audit program should be designed to review its internal control procedures and verify that controls are, in fact, being followed. Any weaknesses in internal control procedures should be reported to management, along with recommendations for corrective action. 

Audits of capital-markets and trading products provide an indication of the internal control weaknesses of the financial institution. The audit function should have a risk-assessment map of the capital-markets and trading function that identifies important risk points for the institution. For back-office operations, the risk assessment may highlight manual processes, complex automated computations, independent revaluation, key reconciliations, approval processes, and required investigations or staff inquiries. Examiners should review a sample of internal auditors' work papers and findings to determine their adequacy. The institution's management should review responses to internal audit findings. Appropriate follow-up by auditors should be in evidence to ensure that deficiencies are, in fact, remedied. Assuming that examiners are comfortable with the quality of an internal audit, they should use audit findings from internal and external auditors as a starting point to evaluate the internal controls of the institution. 

SOUND PRACTICES FOR BACK-OFFICE OPERATIONS 

Capital-markets and trading operations vary significantly among financial institutions, depending on the size of the trading operation, trading and management expertise, organizational structure, sophistication of computer systems, institution's focus and strategy, historical and expected income, past problems and losses, risks, and types and sophistication of the trading products and activities. As a result, practices, policies, and procedures expected in one institution may not be necessary in another. The adequacy of internal controls requires sound judgment on the part of the examiner. The following is a list of sound back-office operations to check for. 

  • Every organization should have comprehensive policies and procedures in place that describe the full range of capital-markets and trading activities performed. These documents, typically organized into manuals, should at a minimum include front- and backoffice operations; reconciliation guidelines and frequency; revaluation guidelines; accounting guidelines; descriptions of accounts; broker policies; a code of ethics; and the risk-measurement and risk-management methods, including the limit structure. 
  • For every institution, existing policies and procedures should ensure the segregation of duties between trading, control, and payment functions. 
  • The revaluation of positions may be conducted by traders to monitor positions, by controllers to record periodic profit and loss, and by risk managers who seek to estimate risk under various market conditions. The frequency of revaluation should be driven by the level of an institution's trading activity. Trading operations with high levels of activity should perform daily revaluation. Every institution should conduct revaluation for profit and loss at least monthly; the accounting revaluation should apply rates and prices from sources independent of trader input. 
  • The organization should have an efficient confirmation-matching process that is fully independent from the dealing function. Documentation should be completed and exchanged as close to completion of a transaction as possible. 
  • Computer hardware and software applications must have the capacity to accommodate the current and projected level of trading activity. Appropriate disaster-recovery plans should be tested regularly. 
  • Auditors should review trade integrity and monitoring on a schedule that conforms with the institution's appropriate operational-risk designation. 
  • Every institution should have a methodology to identify and justify any off-market transactions. 
  • A clear institutional policy should exist concerning personal trading. If permitted at all, procedures should be established to avoid even the appearance of conflicts of interest. 
  • Every institution should ensure that the management of after-hours and off-premises trading, if permitted at all, is well documented so that transactions are not omitted from the automated blotter or the bank's records. 
  • Every institution should ensure that staff is both aware of and complies with internal policies governing the trader-broker relationship. 
  • Every institution that uses brokers should monitor the patterns of broker usage, be alert to possible undue concentrations of business, and review the short list of approved brokers at least annually. 
  • Every institution that uses brokers should establish a firm policy to minimize name substitutions of brokered transactions. All transactions should be clearly designated as switches, and relevant credit authorities should be involved. 
  • Every institution that uses brokers for foreign exchange transactions should establish a clear statement forbidding lending or borrowing broker's points as a method to resolve discrepancies. 
  • Every organization should have explicit compensation policies to resolve disputed trades for all traded products. Under no circumstances should soft-dollar or off-the-books compensation be permitted for dispute resolution. 
  • Every institution should have ''know-your-customer'' policies, which should be understood and acknowledged by trading and sales staff. 
  • In organizations that have customers who trade on margin, procedures for collateral valuation and segregated custody accounts should be established. 
  • The designated compliance officer should perform a review of trading practices annually. In institutions with a high level of activity, interim reviews may be warranted. 

Operations and Systems Risk 
(Back-Office Operations) 

Examination Objectives 

1. To determine whether the policies, procedures, practices, and internal systems and controls for back-office operations are adequate and effective for the range of capital-markets products used by the financial institution. 

2. To determine whether trade-processing personnel are operating in conformance with established policies and procedures. 

3. To determine whether the financial institution adequately segregates the duties of personnel engaged in the front office from those involved in the back-office control function (operations, revaluation, accounting, risk management, and financial reporting). 

4. To evaluate the adequacy of supervision of the trade-processing operation. 

5. To evaluate the sophistication and capability of computer systems and software for the operation and control function. 

6. To assess the adequacy of confirmation procedures. 

7. To assess the adequacy of settlement procedures. 

8. To evaluate the adequacy and timeliness of the reconciliation procedures of outstanding trades, positions, and earnings with the front office and the general ledger. 

9. To evaluate the process for resolving discrepancies. 

10. To evaluate the process for resolving disputed trades with customers and brokers. 

11. To determine the reasonableness of brokers' fees and commissions. 

12. To evaluate the effectiveness of and controls on the revaluation process. 

13. To review the accounting treatment, reporting, and control of deals for adherence to generally accepted accounting principles and the institution's internal chart of accounts and procedures. 

14. To review adherence to regulatory reporting instructions. 

15. To evaluate the adequacy of management information reporting systems on trading activities. 

16. To evaluate the adequacy of documentation and other requirements necessary to accurately record trading activity, such as signed agreements, dealer tickets, and confirmations. 

17. To evaluate the adequacy of audits of capital-markets and trading activities. 

18. To recommend corrective action when policies, procedures, practices, internal controls, or management information systems are found to be deficient, or when violations of laws, rulings, or regulations have been noted. 

Operations and Systems Risk 
(Back-Office Operations) 

Examination Procedures 

These procedures represent a list of processes and activities that may be reviewed during a full-scope examination. The examiner-in-charge will establish the general scope of examination and work with the examination staff to tailor specific areas for review as circumstances warrant. As part of this process, the examiner reviewing a function or product will analyze and evaluate internal-audit comments and previous examination work-papers to assist in designing the scope of examination. In addition, after a general review of a particular area to be examined, the examiner should use these procedures, to the extent they are applicable, for further guidance. Ultimately, it is the seasoned judgment of the examiner and the examiner-in-charge as to which procedures are warranted in examining any particular activity. 

Continue to GENERAL PROCEDURES 

Back to Activities Manual Index