TraceRiskFinancial Reporting

Financial Reporting

Risk Inventory

Risk Inventory is a “fourth” dimension of risk that provides insight into embedded elements of risk that are not specifically covered by a Key Risk Indicator. Subtle risks are inventoried in this way so that they can be studied orthographically. What does that mean? Orthographic representations of risk are from made from the front view (Subjects), the top view (Silos), the end view (COSO), and, from the inside out ( which is ‘Risk Inventory’). Examples of risk inventory are Product Development Risk, Customer Relations Risk, Training & Backup Risk and Denial of Service Risk.

Deposit Accounts

Use Case for Assessing Risk on Deposit Accounts

Why assess the risk? Deposits are funds that customers place with the bank and that the bank is obligated to repay on demand or after a specific period of time or after the expiration of some required notice period (e.g. certificate of deposit). Deposits are the primary funding source for most banks and, as a result, have a significant effect on the bank’s liquidity. Errors and omissions and fraudulent alteration of the amount or account number to which funds are to be deposited could result in a loss to the bank. Additionally, uncollected overdrafts, returned items, kiting and other check schemes and frauds can result in losses on deposit accounts.

Who should assess the risks? Chief Operating Officer, Chief Financial Officer, BSA Officer, Compliance Officer

How to assess the risk: Rate the KRIs to determine if a threat would successfully exploit a vulnerability and to justify expenditures to implement countermeasures to protect the bank’s assets or reputation. Use the “Focus Risk Assessment” tool for in-depth analysis of risks and mitigation techniques.


TraceRisk Demo Button

COSO Integrated Framework – SOX 404 & FDICIA 112

Use Case COSO Integrated Framework – SOX 404 & FDICIA 112

Use Case: The New COSO Integrated Framework is an important development as it facilitates efforts by banks to develop cost-effective systems of internal control to achieve business objectives and sustain and improve performance. The new version is the predominant method for reporting on the effectiveness of internal control over financial reporting by public companies as required by Section 404 of the Sarbanes-Oxley Act.

Who Should Assess the Risk? Chief Administrative Officer, Chief Operating Officer, Chief Financial Officer, Internal Auditor

TraceRisk Demo Button