The Chartered Institute of Internal Auditors (IIA) has issued a draft code for internal audits in banks and financial services expected to provide UK financial services firms with sector specific benchmarks to assess the effectiveness of the internal audit function.

The draft seeks to address complaints from regulators over the failure of internal audits to spot scandals, such as the recent Libor rigging.

The draft code reflects guidance issued by the Basel Committee and the US Federal Reserve Bank, but also takes into account the UK corporate governance system and of the size and complexity of financial institutions in the UK.

The draft code recommends internal auditors should not be barred from assessing the management of any risk in any part of the business, and they should report to the chairman of the board of directors, as opposed to the chief executive, to ensure independence.

It also reasserts the primary role of an internal audit is to protect the assets, reputation and sustainability of an organisation, and as such should assess whether the organisation’s process and actions are in line with its values, ethics, risk appetite and policies.

Furthermore the draft code said internal audits should be adequately resources, skilled and quality assured.

The code was developed by a committee established by the IIA, with representation and observers from leading banks, insurers, the Financial Services Authority and the Bank of England.

IIA’s Banking Internal Audit Committee chairman Roger Marshall said the code is an "important contribution to strengthening internal audit’s role in improving the management of risk, in response to the financial crisis and more recent examples of failure to exercise proper control".

Deadline to comment on the draft code is 12 April.


Related link

Chartered Institute of Internal Auditors