AN improved internal audit code is “vital’ to developing the City’s risk management, former shadow chancellor Ed Balls has said.
Speaking at the Chartered Institute of Internal Auditors’ annual conference, Balls gave his support to an independent review of the code for effective internal audit.
The former Labour MP said, “Government, regulators and the financial services sector have equal parts to play in ensuring that the risks taken in the pre-credit crunch era are not repeated.
“Reviewing the code for effective internal audit in the financial services sector is a vital part of that work. By involving a broad range of key stakeholders in the sector in examining the City’s risk management, we can ensure that internal audit is a central role in improving governance.”
The institute launched a consultation exercise to gather views, including an online survey, and evidence on the impact of its internal audit code; the state of internal audit across the sector; and what more needs to be done to improve standards of performance.
The code, published in July 2013, after the 2008 global financial crisis, was prompted by an analysis of its causes and by governance, risk management and control failures including LIBOR and rogue trader scandals. The institute created the code, with the strong support of the Bank of England, to provide a way for boards and regulators can assess the effectiveness of their internal audit functions.
Balls added: “The mistakes in the handling of risk pre-2007 were primarily caused by a lack of understanding on the part of regulators, the government and senior executive and non-executive board members over what the real risks to the sector and within individual firms looked like. That kind of knowledge can only come from better regulation, cultural change, effective internal audit and closer co-operation between all stakeholders in financial services.”
The institute’s 2015 research showed that the code had a positive initial impact. 96% had unrestricted scope; 72% reported to the audit committee chair; 84% attended executive committee meetings; and 92% had a policy to commission an external quality assessment at least every five years.
The review committee, chaired by Mike Ashley, includes senior executives and non-executives from banking, insurance and asset management. The Bank of England/Prudential Regulation Authority, the Financial Conduct Authority and the Financial Reporting Council will all participate in the work of the committee.
Mike Ashley, chair of Barclays audit committee, said, “The code has undoubtedly had a positive effect of internal audit across the sector, and has improved dialogue between internal audit and audit committee chairs. But we want to gather firmer and wider evidence of its impact, and also views on any areas where the code might usefully be amended or expanded.”
The independent committee members are, Tom Deane, audit director of TescoBank, Pam Kaur, group managing director and group head of audit HSBC holdings, Brendan Nelson, chair of the audit committee RBS, James Turner, director of group finance at Prudential and Julia Wilson, chair of the audit committee, Legal and General and group finance director at 3i.
Dr Ian Peters, chief executive of the Chartered Institute of Internal Auditors added, “We want to address the bigger question, how best to support further improvement in the standards of internal audit across the financial services industry. Increasing standards is particularly important at a time when boards need to harness internal auditors to ensure their organisations’ ethics and culture.”
The committee will review responses with a view to reporting back with its conclusions and recommendations in the first part of 2017.
The second largest improvement in ‘significant’ levels of financial distress since the EU Referendum was in professional services, found research from Begbies Traynor
Two new audit partners have been appointed at the firm BDO in its audit practice following continued growth and investment
Investment in people, tech and businesses impacts on EY's profit per partner figure
If businesses do not take cyber security seriously in their business planning regulators may do it for them, the ICAEW has warned