Internal audit is mandatory for many companies operating in the financial sector.
In addition to credit institutions and insurance companies, internal audit is also mandatory for:
- Creditors and credit intermediaries
- Payment institutions and electronic money institutions
- Fund managers
Information of the internal auditor must be submitted already upon application for the activity license from FSA, the functioning and procedures of internal audit activity must be described in the internal rules and policies.
As the internal auditor cannot perform tasks that cause or may cause a conflict of interest within the company, it is not possible to create a position where one employee would be both the internal auditor and act in other areas of management decision-making. Therefore, the company has essentially two options - either to hire an internal auditor or to outsource the service.
The main topics for internal audits in financial sector are:
- the compliance of creditworthiness assessment procedures, their implementation in practice and effectiveness
- compliance with anti-money laundering (AML), counter-terrorist financing (CTF) and know your customer (KYC) procedures in accordance with the law and guidelines, their implementation in practice and effectiveness, including analysis of due diligence measures, risk assessment and risk appetite
- auditing of other processes related to the granting or intermediation of credit, fund management, payment service provision
- information security and personal data protection audits
- compliance audit of financial services advertising
- outsourcing or relying on someone else's activities
- personnel management and remuneration
In addition, as internal auditors, we can advise on assessing the risks of the organization, describing the activities of the internal audit function in internal rules, etc.