Applies to: Health Check
What is control testing?
The term control testing refers to the process that auditors perform to test the design and operational effectiveness of key elements of the client’s internal control system. In terms of the AML/CFT Health Check, the controls testing has been designed to test key elements of an AML/CFT program by applying rigorous checks based on four main components, which are:
Design effectiveness involves evaluating whether an internal control is suitably designed to prevent or detect material issues on a timely basis. Controls will not be designed effectively if there are missing controls, or if implemented controls do not meet the appropriate control objective.
Design effectiveness has two elements to be assessed:
- Present – Being present implies a given component or principle exists within the design and implementation of an entity’s system of internal control
- Fit for purpose – Being fit for purpose implies that the control is well equipped or well suited for its role or purpose.
Performance involves evaluating whether the control has been implemented and assessing whether it is operating effectively.
Performance has two elements to be assessed:
- Implemented – Implies the control was operationally deployed and continues to exist as a control
- Operating effectively – means the the control is performing well within the organisation.
We have hundreds of control tests in our library
We have a comprehensive control testing library with hundreds of pre-defined control tests across a broad range of categories that can be selected and appended to each compliance obligation.
Each control test is assigned within one of the following control test groups:
Adding control tests to the existing library is quick and easy. Simply add in a control test description and the suggested documentary evidence/steps to be followed to perform the control test and it is added permanently to the library for future selection.
You can even create your own control test groups
You can even create your own control test groups and add underlying control tests associated with that group by clicking Add New in the control test group column, enter a name for the new control test group and start adding the control test description.
Appending control tests to the AML/CFT Health Check assessment
To add control tests to the AML/CFT Health Check, simply select the appropriate control test(s) from the control test library by browsing the control tests underneath each control test group, selecting the tick box next to the control test(s) that you want to assess and click the Add selected control test(s) button which will append these into the AML/CFT Health Check against the obligation that is being assessed.
Don’t worry if you can’t find a suitable control test, in our library as you can easily add your own to suit your specific requirements.
Performing controls testing
Once the control tests have been selected and appended to the AML/CFT Health Check, the audit team will be asked to complete the following information which is designed to provide context around the control tests that are to be performed, including:
- Control test purpose – define the purpose of the control test
- Control test objectives – define the objectives for performing the control test from a pre-defined selection or create your own
- Control test scope / steps – define the scope of the test and/or the steps that will be followed to perform the test
- Control test evidence – define any documentary evidence that will be examined when performing the control test
- Control test level – define the level at which the control test is being performed, for example group-wide, regional, local or other.
Following the above descriptions will be a summary of the control tests that have been appended into the AML/CFT Health Check, which displays in the collapsed view (e.g. a summary of the control test description and the design / performance rating assessment).