CTRL Chapter 6 Internal controls and assurance

Note for Chapter 6

An authorised firm’s internal control and assurance framework is made up of the policies, processes, tasks, behaviours and other aspects of its organisation that, taken together:

• enable the firm to respond appropriately to business, operational, financial, compliance and other risks, and so facilitate its effective operation
• safeguard the firm’s assets and ensure that its liabilities are identified and managed
• ensure the quality of the firm’s internal and external reporting (which requires proper records and processes that generate a flow of timely, relevant and reliable information from internal and external sources)
• ensure that the firm complies with applicable laws and regulations and with its internal policies.


Derived from QFCRA RM/2020-4 (as from 1st July 2021)