Internal Audit from Regulatory Bodies Perspective

Transcription

1 Internal Audit from Regulatory Bodies Perspective November 27 th, 2014 LACPA Congress Beirut, Lebanon Naji Fayad MBA, CA, CIA, CISA, CCSA, CRMA Governor Institute of Internal Auditors in Lebanon Audit Committee Chairperson Arabia Insurance Cooperative Company (KSA)

2 Agenda Importance of CG to Regulators CG and IA In the Arab World IA Changing Role (Pre and Post 2008 Crisis) Audit Committee Focus IA, RM and Compliance (working together) IA Recent Developments

3 Importance of Corporate Governance to Regulators Corporate Governance (CG) codes around the Globe (UK, USA, Australia, EU, Arab World) CG as the system by which companies are directed and controlled. The purpose of CG is to facilitate effective and prudent management that can deliver the long-term success of any company Audit Committee and Internal Audit (IA) as indispensable pillars of CG. Regulators objectives (Micro and Macro-prudential) Micro: Factors that affect the stability of individual institutions. Macro: Factors that affect the stability of the financial system as a whole. Stewardship of management and compliance with regulations is expected IA expected role in ensuring stewardship and compliance

4 Corporate Governance Codes in the Arab World Codes of Corporate Governance: KSA (SAMA, CMA) Bahrain (CBB) Lebanon Jordan Need for more regulations to enhance IA role in the private and public sector. Making IA a mandatory function in public companies and financial institutions Legislations to set up IA in the public sector

5 IA as a Cornerstone for Corporate Governance

6 Aftermath of 2008 Crisis A stream of corporate failures and disasters, mainly due to ineffective risk management and control. The spotlight was mainly on the managers of risk and the attitude of senior executives to the assessment and management of risk. However, it was not long before the spotlight moved toward the assurers of the effectiveness of risk management, and whether those assurers were in any way culpable.

7 IIA Changing Role In the US, in recent years, many industries have seen increased regulation as policymakers attempt to prevent problems that have been perceived to have led to the recent global financial crisis. Emerging regulatory responsibilities are adding to internal audit s workload (USA and abroad) With the increased pressure from regulators, many internal audit groups were called on, out of necessity, to provide compliance support. This resulted in a significant shift in internal audit focus to financial reporting activities and away from operational audits, and, by extension, away from some of the most significant risks.

8 IIA Changing Role Internal stakeholders are increasingly demanding Board Audit Committee, CEO, other Governance and Control Committees External stakeholders are also seeking to place greater reliance on the work of IA (Regulators, External Auditors & Third Parties). Banking: Basel Committee guidance on Corporate Governance Insurance: Solvency II, 3 Pillars framework FASB Proposed standard, Using the Work of Internal Auditors. Proposed guidance in final form as Statement of Auditing Standard (SAS) 128. Biggest challenge facing the profession of internal auditing is whether the unique scope and contribution of internal audit was clearly defined, understood, and actually needed. Need to reinforce IA role as an assurance provider on internal control, governance and risk management.

9 Internal Audit Role

10 IIA Changing Role New challenge facing CAEs demonstrate that their assurance propositions have integrity and can withstand scrutiny. Internal audit departments are in the middle of "an evolutionary transition" facing great opportunity and challenges. Traditional Role Control function Inspection Fraud Assurance Provider Today Evolving Role Strategic Thinker Grasp of Business Risks Motivator Arbitrator Team Builder Unquestionable Ethics and Integrity Flexible Boardroom presence Practical Strong Leadership skills Innovative Disciplined

11 Audit Committee Focus Oversee the IA function Enhance the Independence and Objectivity of IA Shield the IA from any undue pressure from Management Need for IA to be truly independent from Management IA as Ethics champion Reporting considerations

12 The need to leverage the work of all Control and Governance functions, including Compliance, Risk Management, and Audit Stretching knowledge base blackspots, eg, IT, security, etc Implementing Basel and Walker recommendations Reporting issues IA, RM and Compliance working together Auditees may be suffering from process assessment fatigue Tried and trusted techniques of the past: involvement during planning, joint reviews, regular meetings Control functions need to speak the same language Move towards using a common platform/technology Shared data to leverage testing and continuous monitoring

13 IA Recent Developments IIA standards have changed tremendously over the years Changes necessitated by the ever changing Internal Audit Universe and Landscape Every two years a new version of IPPF is released New Developments 2014 (IPPF Exposure Draft, IA New Definition, Relationship with other governance disciplines, Future direction of IA)

14 The Institute of Internal Auditors (IIA Global) THANK YOU 2013 Global Footprint 187,436 members 190 countries 109 Institutes (+ US, Canada, Caribbean) 603 full and part-time staff November 20 th, 2014 Thomson Reuter GRC Summit Banque du Liban Beirut Lebanon Naji Fayad MBA, CA, CIA, CISA, CCSA, CRMA Governor Institute of Internal Auditors in Lebanon Audit Committee Chairperson Arabia Insurance Cooperative Company (KSA)