Effective internal audit is key to successful business operations and organization-wide compliance. But what does it actually mean to organizations operating in the Financial Services sector?
Does it simply mean: “do everything you can to minimize the risk” and “implement best controls possible to make it happen”? Generally speaking, internal audit enables auditors to engage in independent, objective assurance and consulting activity which contributes to overall success in achieving company’s objectives through disciplined and integrated approach.
But internal audit for banks, credit unions, insurance companies and accountancy companies is not only about just the approach itself. It’s also about the continuous improvement plan for any business to protect its reputation and offer best service possible.
In their report, Effective Internal Audit in the Financial Services Sector, Committee on Internal Audit Guidance for Financial Services published a list of recommendations for said sector and how they relate to the Global Institute of Internal Auditors’ (The IIA) International Standards for the Professional Practice of Internal Auditing. The recommendations were made to the Chartered Institute by an Independent Committee that included (but not limited to) board of directors, internal audit professionals and observers from the UK financial services regulators, such as the Financial Conduct Authority and the Prudential Regulation Authority.
Based on the mandatory elements of the IIA’s International Professional Practices Framework (IPPF), the recommendations comprise of a definition of internal auditing, code of ethics and International Standards for the Professional Practice of Internal Auditing (Standards).
Read more on latest IPPF changes in our article: “Updated Professional Practices Framework encourages fresh ideology for internal auditors”
4 recommendations of the Independent Committee (source: “Effective Internal Audit in the Financial Services Sector”):
- The scope of internal audit should be unrestricted so that internal auditors are able to assess the management of any risk in any part of the business;
- Internal audit should assess whether the organization's processes and actions are in line with its values, ethics, risk appetite and other policies;
- In order to maximize its independence and objectivity, the primary reporting line of internal audit should be to the chair of the audit committee;
- Internal audit should be adequately resourced, skilled and quality assured.
Roger Marshall, Chairman at Financial Reporting Council (FRC) said:
A key aim of this new code is to encourage boards to ensure internal auditors have a wide view across the range of risks within their organizations. The code also gives guidance to enable internal audit to exert greater influence in ensuring that those risks are managed effectively, across the whole financial services sector.