Follow TopicFollow Contributor Share Feedback
New Internal Audit Code Aims to Strengthen Governance in UK and Ireland

New Internal Audit Code Aims to Strengthen Governance in UK and Ireland

by Starling Insights

Starling Insights Editorial Board

Sep 17, 2024

Observations

The Chartered Institute of Internal Auditors (Chartered IIA) has launched an enhanced Internal Audit Code of Practice, supported by the Institute of Chartered Accountants in England and Wales (ICAEW), aiming to improve corporate governance and address emerging risks across the UK and Ireland.

"As organisations confront an increasingly uncertain and dynamic risk landscape," said Anne Kiem OBE, Chief Executive of the Chartered IIA, “the new Internal Audit Code of Practice offers a crucial framework that will enhance the role of internal audit in advising and providing assurance to boards and senior management over their organisation's risks, controls and corporate governance processes.”

The new code expands the role of internal audit in assessing the capital and liquidity risks stemming from poor customer treatment. It also seeks to enhance reporting, calling upon firms to conduct broad culture audits and to include a summary of the activities and effectiveness of the internal audit function in their annual reports. Additionally, the code urges internal auditors to address emerging risks posed by such areas as environmental sustainability, social issues, financial crime, and technology risks.

In recent years, many internal auditors have seen their roles expand to include functions which would traditionally belong to risk and/or compliance. The updated code warns that this threatens internal auditors' independence. “Internal audit is there to support the board and the audit committee in particular, to assess risks and ensure those risks are being adequately managed by the organisation, and that the auditing of internal processes can be done without interference from management," said Peter van Veen, the ICAEW's Director of Corporate Governance and Stewardship. “But it’s very hard to do that if they are also responsible for second-line functions such as compliance, investigations or cyber security. Internal audit should never be put in a position where it has to mark its own homework.”

Join The Discussion

See something that doesn't look quite right?

We strive to provide high quality and accurate content at all times. With that said, we realize that sometimes links break, new information becomes available, or there is something that you feel we may have missed.

If you see something that you think we should be aware of, we would love to hear from you. Feel free to drop us a note below and leave your name and contact info if you'd like to hear back from us.

Thank you for being a key part of the Starling Insights community!