As per resolution No. (72) of 2015 regarding the Issuance of the Executive Regulations of Law No. (7) of 2010 concerning the Establishment of Capital Markets Authority and Regulations of Securities Activity, as amended.
Module Seven, Article 7-2-2, The Capital Market Authority mandated licensed companies for custodian activity to provide CMA with an annual report issued by an independent external audit firm on the Licensed Person. In particular, the report shall include the following:
- Evidence of the availability of the necessary IT systems, which enable the Custodian to perform their tasks in a manner that is commensurate with the nature and volume of the work they carry out, and in line with IT systems adopted by the clearing agency and the exchange.
- Statements of the clients’ assets: IT shall include the arrangements required for ensuring compliance with the provisions of Article (3-2) of the said Module.
Agreed Upon Procedures is a type of engagement in which the auditor carries out agreed-upon procedures in advance. The auditor has agreed with designated parties to carry out specific procedures and submit the findings in this engagement. Similarly, the engagement often involves three parties: the client, the auditor, and another third party.
Auditors do not conduct an examination or review as they would in an audit or review engagement under agreed-upon procedures. As a result, methods and findings should be the format of the reporting. For instance, “we found no exceptions as a result of the procedures” or “we found no difference as a result of the procedures” could be stated in the report of agreed-upon procedures. But it should never state “nothing has come to our attention” or “in our opinion.”
When your Company needs information that has been independently verified and reported, we at Allinial Global – Sulaiman Al Bassam and Partners can assist. Some of the scenarios we handle include inspecting documents or transactions for particular features, having certain information verified by third parties, or comparing data to predetermined standards. Whether the goal is to give precise information and negative assurance to users inside your company or to third parties, there are many scenarios where agreed–upon procedures are acceptable.
