|
Paul,
Thanks for the clarification and information regarding audit
access in a banking environment. The original question posed by Bill Galatioto
is "what do you do to assure yourself that no improprieties are taking place,
save for a bounced check or deposited item returned?"
When
you say that certain new regs all and require this type of activity on any
account - employee or otherwise, are you saying that auditors now
have unrestricted access? Do you have the
specific citations from these "acts" as well as a Web site link for other
subscribers?
-----Original Message-----
From: Hugenberg III, Paul
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 22, 2002 3:08
PM
To: 'Kaplan, Jim'; 'BILL GALATIOTO';
[EMAIL PROTECTED]
Subject: RE: Employee
Monitoring
Jim:
In
the banking environment, the employee account info is not normally restricted
from auditor views. In fact, some 'best-practice' audit programs
includes steps to review accounts of associates who work in sensitive
areas. An HR policy provides the umbrella of 'fiscal responsibility' and
monitoring acitivies. A subpeana is not necessary for
any internal account. However, personal account info that is
external to the bank deposit/loan account would require more legal
finesse. As always, a reasoned support would be necessary of course [
e.g. NSF, kiting, lifestyle clues, audit...].
My
question in return would be the 'legal' aspect that you have brought in.
Certain new regs [US Patriot, Sarbanes-Oxley] as well as older regs [OFAC,
BSA, Reg O] allow and require this type of activity on any account - employee
or otherwise. Would the concern be with the precedent set by the
reaction to certain activity [discrimination, bias] rather than the actual
viewing of the info?
Your thoughts...
Paul Hugenberg
Bank Regional Audit Manager/IT Audit Officer
Bill,
I
am curious as to how an auditor would gain access to personal savings and
checking accounts? In my experience this is not something that a financial
auditor would do except in the case of a fraud investigation. IMO this is an
area where subpoena power would be needed to access personal financial
information and it would only pertain to situations where you had proper
cause to investigate.
But assuming from your email address that you are a
bank auditor, I guess the question is whether bank auditors would or should
have unrestricted access to employee bank accounts within their own
financial institution? Audit
common sense would suggest
that you would still need a good reason to review
employee personal accounts.
-----Original Message-----
From: BILL GALATIOTO
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 22, 2002
1:52 PM
To: [EMAIL PROTECTED]
Subject:
Employee Monitoring
I am reaching out to those in the financial auditing community. Does
anyone out there conduct reviews of employees accounts (savings, checking
etc.) including monitoring their account activity. To the extent that
employee's activity does come up your radar, what do you do to assure
yourself that no improprieties are taking place, save for a bounced check
or deposited item returned. Any information received is greatly
appreciated and will be held in strictest
confidence.
|
