ABN AMRO is one of the world’s leading banks. The retail part of the Bank is the largest in the Netherlands and is served by more than 550 branches and 80 plus advisory offices based throughout the country providing a range of products and services for personal customers.

Business Challenges

• Each regional Business Unit (BU) within the Bank is responsible for achieving SOX compliance in accordance with guidance and plans set out by the Group SOX office in the Bank
• The IT function of BU Netherlands initiated a SOX programme to ensure all SOX-relevant applications have effective SOX controls in place
• For the longer term, a key challenge is to ensure SOX controls are embedded into business-as-usual activities

Solutions

• To provide a rapid start-up to the programme we tailored our Sarbanes-Oxley approach to the specific needs of the client
• In an initial three week period we defined the approach and plan, including the development of client specific templates for assessment and gap analysis, and developed plans for the Netherlands BU
• We fulfilled the project management role in driving forward the work to define local SOX controls, worked with the business to determine SOX in-scope applications, carried out the Test of Design for each application control, and assisted Group Audit and external auditors in their Test of Effectiveness assessment
• To ensure SOX sustainability, we implemented continuous monitoring for key SOX controls to ensure these become part of the day-to-day activities
• In total we assessed around 50 key finanical reporting applications, which are hosted in the Netherlands.
• Carried out a knowledge transfer exercise in which we trained and transferred SOX knowledge to internal staff

Benefits

• The Test of Design for BU NL was completed, and a remediation plan produced for any gaps identified
• The internal team is now fully trained to manage the on-going SOX compliance work