Internal auditors release exposure draft for internal audit guidance for the financial services sector

March 31 2020: The Institute of Internal Auditors – Australia (IIA-Australia) today released an exposure draft “Internal Audit Better Practice Guide for Financial Services: Principles and Recommendations”, recommending guidance for the industry following recommendations from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry.

IIA-Australia CEO Peter Jones said a committee was established in late 2019 made up of ten senior banking, superannuation, insurance and finance industry professionals to address the governance issues raised by the Royal Commission.

He said the main aim of the committee was to develop an internal audit guide suitable for use by the financial services sector. The committee is chaired by Sandra Birkensleigh, a non-executive director.

The committee has a number of observers including representatives from APRA and ASIC,” he said.

The committee met in September, October and December 2019, and recently in January, and in March 2020 to finalise the exposure draft.

“The important governance role that internal audit performs needs to be raised and reporting lines must be direct to the Chair of the Audit Committee and CEO,” he said.

Mr. Jones said IIA-Australia also reviewed the lessons from the banking scandals in the UK in 2013, and the report by the UK Parliamentary Standards Commission.

“In response, the UK Charted Institute of Internal Auditors issued its first edition of ‘Effective Internal Audit in the Financial Services Sector’, in what they describe as a “Code” in 2013, and revised it in 2017”.

He said a survey of the effectiveness of the “Code” was undertaken in 2015, and found that on balance internal audit budgets, staff numbers, seniority levels, and levels of training all increased.

There was also improved reporting lines for heads of internal audit to Audit Committee Chairs and a secondary reporting line to CEO’s.

“From our point of view, the UK ‘Code’ mainly focused on banking, but does provide a model to follow”.

“We have to acknowledge our internal guide will apply to all of the financial services sector, which has its own unique aspects,” he said.

The guide sets out what is expected of the internal audit function so boards, audit committees and regulators’ expectations can be met.

He said the internal audit guide outlines activities that should be conducted in a manner consistent with the International Professional Practices Framework (IPPF), including Core principles for the Professional Practice of Internal Auditing, the Definition of Internal Auditing, the Code of Ethics and The International Standard for the Professional Practice of Internal Auditing (Standards).

The guide will also complement the ASX Corporate Governance Council Principles and Recommendations (4th edition).

Mr. Jones said the Institute will undertake a widespread consultation process with the financial services sector over April and May with the final internal audit guide set for release mid-year.
“The internal audit guide will improve governance practices across the industry, and we anticipate boards, internal auditors and senior management will adopt these best practices for the benefit of customers, stakeholders and shareholders” he said.

To obtain a copy of the Financial Services Principles and Recommendations go to Internal Audit Better Practice Guide for Financial Services in Australia