Baringa Blogs

FRC CASS Assurance Standard – what have we learnt so far

The new Financial Reporting Council (FRC) Client Asset Assurance Standard presents Auditors and CASS firms with further challenges, as the task of documenting CASS compliance continues to balloon at an ever increasing rate.

The fact that you’re reading this blog suggests you share my interest in, or even love of, CASS.  Despite having this in common, each of us will also have invested time in building up a detailed knowledge of our very different organisations. For example, you are likely one of few people who know about all of the products and services offered by your firm (and its branches).
 
Having the knowledge is one thing, but how do you best demonstrate this? And how do you best demonstrate that you know all of the CASS requirements triggered and that you’re capable of exercising control over compliance?
 
Firms will have already prepared, or will be preparing what seems like a mountain of process maps together with what appears to have become the obligatory set of 1000 line plus Excel spreadsheets defining the relevant rules, inherent risks and mapping them to potentially 100s of controls. Others are also undertaking detailed exercises to define the complete list of their firms’ products and services, the associated legal agreements and mapping out their CASS impact.
 
The key point that is often overlooked is that the standard actually places requirements on the auditor, not the investment firm. For now at least, interpretation over approach differs slightly from auditor to auditor, so what are the options for firms looking to turn a paper exercise into something that at least returns some of the investment they are making?

  • All the early information that we have is indicating a more controls-based approach to audits with greater reliance on controls testing. The good news is that high quality control documentation and regular testing of controls will help auditors and keep the increase in cost of your CASS Audit down
  • Traceability between documentation is key and can help reduce your CASS risk. A suite of cross-referenced documents can be used to provide assurance over completeness of coverage, ensure testing is well focused and enable comparisons across business lines. Rationalising by priority and in-scope CASS rules also ensures auditors are able to effectively navigate the organisation during audit season
  • Many small and large firms will have to produce and maintain CASS documentation without an army of CASS staff. Some Client Asset Oversight Officers (CAOOs) are using this to their advantage, through demanding more formal ownership and updating of documentation and controls through the business lines, increasing accountability for their CASS responsibilities, thus allowing more time for the CAOO to focus on improving quality.  

Opinion and approach continues to be formed through the usual forums and industry associations on both sides of the audit fence. As the FRC saga progresses over the coming months, it will be critical for firms stay connected and keep one eye on their peers – reacting to key industry learnings could be essential in avoiding an adverse audit report and the remediation activities that would likely follow.

Back to March 2017

Comments(1)

  1. Chris Potter

    17/03/2017 17:15:50

    Hi Daniel, a very informative article and a subject I am paying close attention too. I am interested to participate in any peer group discussions in this area.
    Kind Regards, Chris


Leave comment

 Security code