Not only do corporate treasurers have to ensure water tight controls in all their operations and risk management, they have to prove it by having full records of what has been carried out and why. Compliance with Sarbanes-Oxley and the accounting regulations from the International Accounting Standards Board is a major commitment for all corporate treasury departments. Corporate Control Framework
The first step in ensuring control is to set up a corporate control framework which will include:
- the roles and responsibilities, and decision-making authority for the board of directors, the finance/treasury sub-committee, the finance director, treasurer, treasury advisory committee and the treasury team
- definition of the roles and responsibilities when cash and treasury management is carried out in subsidiaries or operating units
- authority levels for all treasury functions
- specification of the management information that will be provided for each level of management.
- description of the critical internal treasury controls
- statement of how the performance of the corporate treasury department will be measured and audited
- details of who is responsible for approving and reviewing the control framework.
Treasury governance control frameworks provide the platform for full and complete control of the corporate treasury department's operations, but they also have to prove compliance with a range of different regulations and standards.
To satisfy the regulators' corporate treasury departments need to provide full process and data audit trails. This requires full electronic disclosure of all relevant documents, including all electronic files, details of financial transactions, e-mails, phone text and instant messages held within the corporate treasury department's systems and databases. This requires:
- development of policies on what data is to be kept and what can be destroyed
- adoption of these data-management policies in all departments and units
- development of standardised procedures to respond to enquiries from the regulators.
There is a wide range of systems and services that enable companies to manage their compliance in spreadsheets and other systems plus electronic data tracking systems searching e-mail and other databases across the organisation including the ERP systems and the corporate treasury department's cash and treasury management systems to ensure compliance throughout the whole company.
From time-to-time the company's board may ask for an internal audit of the treasury department and their activities so that they can be sure that they are properly controlled and effectively managed. The audit needs to examine:
- the department's mission, objectives and strategies complement and enhance the company's business and financial objectives
- the appropriate organisation and procedures are in place
- treasury department's decision-making is rigorous and effectively managed
- risk management identifies the full implications and impacts of the financial risks facing the company and are controlled as directed by the board
- the management information systems provide the required information in a timely manner to ensure all processes, risks and exposures can be carried out effectively.
The audit also needs to cover the corporate treasury department's governance infrastructure, and policy and strategy.