Effective internal audit is key to successful business operations and organisation-wide compliance. But what does it actually mean to organisations operating in the Financial Services sector?
Does it simply mean: “do everything you can to minimise the risk” and “implement best controls possible to make it happen”? Generally speaking, internal audit enables auditors to engage in independent, objective assurance and consulting activity which contributes to overall success in achieving company’s objectives through disciplined and integrated approach.
But internal audit for banks, credit unions, insurance companies and accountancy companies is not only about just the approach itself. It’s also about the continuous improvement plan for any business to protect its reputation and offer best service possible.
In their report, Effective Internal Audit in the Financial Services Sector, Committee on Internal Audit Guidance for Financial Services published a list of recommendations for said sector and how they relate to the Global Institute of Internal Auditors’ (The IIA) International Standards for the Professional Practice of Internal Auditing. The recommendations were made to the Chartered Institute by an Independent Committee that included (but not limited to) board of directors, internal audit professionals and observers from the UK financial services regulators, such as the Financial Conduct Authority and the Prudential Regulation Authority.
Based on the mandatory elements of the IIA’s International Professional Practices Framework (IPPF), the recommendations comprise of a definition of internal auditing, code of ethics and International Standards for the Professional Practice of Internal Auditing (Standards).
4 recommendations of the Independent Committee (source: “Effective Internal Audit in the Financial Services Sector”):
- The scope of internal audit should be unrestricted so that internal auditors are able to assess the management of any risk in any part of the business;
- Internal audit should assess whether the organisation's processes and actions are in line with its values, ethics, risk appetite and other policies;
- In order to maximise its independence and objectivity, the primary reporting line of internal audit should be to the chair of the audit committee;
- Internal audit should be adequately resourced, skilled and quality assured.
Roger Marshall, Chairman at Financial Reporting Council (FRC)
said: "A key aim of this new code is to encourage boards to ensure internal auditors have a wide view across the range of risks within their organisations. The code also gives guidance to enable internal audit to exert greater influence in ensuring that those risks are managed effectively, across the whole financial services sector.
"The above recommendations put internal audit at a center stage as a key drive for better risk management in financial services. These areas are key to achieving operational success and protecting the reputation of an organisation. Recent news headlines have been dominated by Deutsche Bank and Trinity National Corp which, as a result of their fraud scandals, faced accounting fines."
Avoid reputation damage and costly fines
Implement independent, objective and comprehensive audit with an integrated risk-based audit optimisation software in Pentana. Pentana brings efficiency and automation to internal audit and supervisory inspection field work, whilst bringing together all aspects of the audit cycle from annual risk based planning in line with COSO-ERM, IIA and other standards, through to action tracking and audit committee reporting.
The application incorporates the ability to conduct operational risk management in line with Basel requirements, control testing and sampling with automated testing through integration with industry standard data analytics tools. Real time reporting and analysis coupled with an intuitive user interface make Pentana a complete, risk based internal audit management solution.
Find out more about Pentana and audit management for the Financial Services sector