Information
-
Document No.
-
Audit Title
-
Client / Site
-
Conducted on
-
Prepared by
Follow-Up Items
-
Is our compliance plan up to date?<br>Our written compliance plan should reflect the systems established for compliance by the business. This should include plans for training, audit, and other activities in this table. The compliance plan could also specify who is responsible for monitoring each item.
-
Notes:
Licensing
-
Is our licence appropriate to our business activities?
-
Have we complied with all conditions on our licence?
-
Is our compliance plan up to date?<br><br>Our written compliance plan should reflect<br>the systems established for compliance by<br>the business. This should include plans for<br>training, audit, and other activities in this table. The compliance plan could also specify who is responsible for monitoring each item.
-
Does the compliance plan correctly name our fit and proper people?
-
Do we undertake any activities for which an Australian Financial Services Licence (AFSL) is required?
-
Do we comply with any relevant state specific laws, for example:<br>• QLD, ACT, NSW, and Vic interest rate<br>cap<br>• ACT commission caps
After 1 July 2012, licence number stated in:
-
Responsible lending disclosure documents
-
Printed advertisements that relate to the provision of regulated credit (but if the advertisement mentions more than one licensee, then only one licence number need be quoted)
-
Documents required to be created, produced, given or published by a provision of the NCCP
-
Documents lodged with ASIC that relate to the provision of regulated credit.
-
Ensure ACN displayed on all company documents. ABN must be displayed on tax invoices.
Procedures
-
Adequate human resources?
-
Procedures to comply with responsible lending – not make unsuitable loans – as necessary?<br>Do we have:<br>• a credit policy<br>• a system of recording and storing our assessments?
-
Procedures to comply with disclosure requirements (credit guide, credit quote, credit proposal document, copy credit assessments)?
-
Do we comply with ‘door to door sales’ legislation?
-
Are our AML / CTF procedures appropriate?
Financial
-
Financial resources - review at least quarterly ?
-
Financial records maintained and retained?
PI Insurance
-
Ours ?
-
Credit representatives ?
-
People we do business with?
Credit representatives:
-
Credit representatives:<br>• properly appointed?<br>Have our credit representatives indemnified us for civil and criminal penalties arising from their conduct?
-
Mortgage brokers have a minimum of Cert IV in financial service (finance / mortgage broking)?
Monotoring
-
Human resources and a risk management plan maintained, including appropriate occupational health and safety review.
-
Breach register maintained?
-
Monitoring and reporting on all representatives (i.e. internal and external credit representatives
-
Outsource service suppliers suitable?
-
Outsource service suppliers’ contracts effective?
ASIC Reporting of
-
Appointment of credit representatives
-
Change to credit representatives
-
Trust account statement within three months of the end of each financial year when applicable.
-
Annual compliance certificate within 45 days of each anniversary of the grant of licence?
IDR scheme
-
Strategies to identify and avoid conflicts of<br>interest?<br>A register of any identified conflicts is maintained, showing how they have been addressed.
-
Review our written IDR procedures annually
-
Month of next review?
-
If Other , which month?
-
Maintain register of disputes, how dealt with, and results?
-
Details of our IDR and EDR scheme made available to customers?
-
If yes how?
EDR membership :
-
EDR membership :<br>• ours<br>• all credit representatives (employees and directors or corporate credit representatives can be covered by their company’s EDR membership)?
-
Do we have a process for ensuring we only deal with licensees or credit representatives in relation to credit activities?<br>Review their licence/appointment at least annually.
-
What month is the next review?
-
If Other , which month?
Training
-
Training register maintained:<br>• ongoing (CPD)
New Emplyees
-
Training register maintained:<br>• induction
-
Do we do background checks before hiring key people and review those checks from time to time?<br>Checks include:<br>• educational qualifications
-
Do we do background checks before hiring key people and review those checks from time to time?<br>Checks include:<br>• previous employers
-
Do we do background checks before hiring key people and review those checks from time to time?<br>Checks include:<br>• police check (not more than 12 months old)
-
Do we do background checks before hiring key people and review those checks from time to time?<br>Checks<br>• bankruptcy check (not more than 12 months old or a statutory declaration for overseas people)
-
Do we do background checks before hiring key people and review those checks from time to time?<br>Checks include:<br>• credit history report (not more than 3 months old)
Retention of records
-
Retention of records (other than financial) for 7 years?
IT
-
Adequate IT resourcers?
-
IT System back up procedures covering: how often are back-ups completed?
-
who monitors and controls the back-up process?
-
How is physical security maintained?
- Soft Copy in Portable Hard Drives
- Soft Copy In Hard Drive and Backed up to Portable Hard Drive
- Hard Copy
-
What are the contingency plans to address major IT issues?
- Soft Copy in Portable Hard Drives
- Soft Copy In Hard Drive and Backed up to Portable Hard Drive
- Hard Copy
Refers
-
Register of referrers maintained.<br>Check that specified statements are made at the time of first contact with borrowers whose contacts details have been passed to us by referrers.
Audit
-
Annual trust account audit (if we hold any trust money).
Privacy Act:
-
Rules for retaining information
-
Rules for release of information
-
Privacy consent for our own use
-
Is privacy policy up to date?
-
Privacy policy available for customers?
Advertising
-
Ensure comparison rate disclosure in advertisements?
Documents
-
Ensure no unfair contract terms in our documents
-
Do our loan documents comply with the NCC, including:<br>• business purpose declaration<br>• joint borrower election<br>• loan and security documents<br>• default notices and procedures
Codes of practice
-
Compliance with the Codes of Practice:<br>• MFAA
-
Compliance with the Codes of Practice:<br>• FBAA
-
Compliance with the Codes of Practice:<br>• ABA ( Australian Bankers' Association )
-
Compliance with the Codes of Practice:<br>• EFT Code of Conduct
-
Compliance with the Codes of Practice:<br>• eMarketing Code of Practice and SPAM Act
-
Compliance with the Codes of Practice:<br>• others
-
Add signature