Академический Документы
Профессиональный Документы
Культура Документы
Centre of Excellence
Next-gen internal
controls and compliance
organisation
For private circulation only Risk Advisory
Risk and Controls Centre of Excellence
Introduction
The current global environment is Given the cost pressure, increased
characterised by change, uncertainty, scrutiny from regulators, and an
and disruptive innovation. These unpredictable business environment,
changes are fundamentally transforming organisations are considering a Risk and
organisations and affecting the world of Controls Centre of Excellence (RCCoE) to
Internal Controls (ICs). centralise and support risk management
activities while optimising cost.
3
Risk and Controls Centre of Excellence
Governance
L1 and uniform
BOTs Control
L2 view on risks
monitoring Self-assessment (CSA)
and controls
L2
Cyber security
L2
Regulatory/Internal L3
Third party L1 Compliances
risk management L2
Legend First line of Defense Second line of Defense Third line of Defense
4
Risk and Controls Centre of Excellence
5
Risk and Controls Centre of Excellence
Change management
6
Risk and Controls Centre of Excellence
•• Establishes a centralised operating model to formalise risk and control practices across
functions, and define control ownership
•• Creates a single source of truth, drives standardisation, and helps replicate best practices
across the globe
•• Uses tools and technology to facilitate the creation of advanced dashboards for near
real-time reporting on control health and remediation status, and move swiftly from data-
Enhances control to-insights-to-action.
environment, •• Improves control effectiveness as automation decreases errors and helps maintain a
ownership, and better audit trail
oversight
•• Builds capability to extend the scope and review larger sample sizes through analytics,
thereby improves control effectiveness at no additional cost
7
Risk and Controls Centre of Excellence
80%
Estimated Cost Reduction
60%
40%
20%
Timeframe
Transformation levers
Legend Classic cost levers Optimality drivers Digital accelerators
Up to 20% savings Up to 20% savings Up to 30% savings
8
Risk and Controls Centre of Excellence
Conclusion
While the finance and accounting run, and operate phase. A well-designed
functions, and IT organisations have and focused RCCoE addresses a wide-
been using a centralised operating risk universe and provides a holistic
model over the years, IC organisations view of the global controls posture. It
are now more actively adopting this improves governance while optimizing
set-up. cost and resources. It transforms risk
management practices and internal
The approach to set-up a RCCoE will controls organisations thereby
include a assess, design, implement, driving impact.
9
Risk and Controls Centre of Excellence
Contacts
Rohit Mahajan
President, Risk Advisory
rmahajan@deloitte.com
Deepa Seshadri
Partner
deseshadri@deloitte.com
Gaurav Shukla
Partner
shuklagaurav@deloitte.com
Johar Batterywala
Partner
jobatterywala@deloitte.com
10
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK
private company limited by guarantee (“DTTL”), its network of member firms,
and their related entities. DTTL and each of its member firms are legally
separate and independent entities. DTTL (also referred to as “Deloitte Global”)
does not provide services to clients. Please see www.deloitte.com/about for a
more detailed description of DTTL and its member firms.
No entity in the Deloitte Network shall be responsible for any loss whatsoever
sustained by any person or entity by reason of access to, use of or reliance on,
this material. By using this material or any information contained in it, the user
accepts this entire notice and terms of use.