TESTIMONIAL
Matters concerning evaluation of the creditworthiness of consumers have returned to the focus during the last year. Discussions revolve around consumers’ increased loan burden and share of loans in default; there is lobbying for additional support from the establishment of a positive credit registry, and the Financial Inspectorate has started getting tougher with fines on market participants who don’t abide by the rules.
In addition to credit institutions and insurance companies, internal audit is also mandatory for:
- creditors and credit intermediaries
- payment institutions and electronic money institutions
- fund managers
Information of the internal auditor must be submitted already upon application for the activity license from FSA, the functioning and procedures of internal audit activity must be described in the internal rules and policies.
As the internal auditor cannot perform tasks that cause or may cause a conflict of interest within the company, it is not possible to create a position where one employee would be both the internal auditor and act in other areas of management decision-making. Therefore, the company has essentially two options - either to hire an internal auditor or to outsource the service.
The main topics for internal audits in financial sector are:
- the compliance of creditworthiness assessment procedures, their implementation in practice and effectiveness
- compliance with anti-money laundering (AML), counter-terrorist financing (CTF) and know your customer (KYC) procedures in accordance with the law and guidelines, their implementation in practice and effectiveness, including analysis of due diligence measures, risk assessment and risk appetite
- auditing of other processes related to the granting or intermediation of credit, fund management, payment service provision
- information security and personal data protection audits
- compliance audit of financial services advertising
- outsourcing or relying on someone else's activities
- personnel management and remuneration
In addition, as internal auditors, we can advise on assessing the risks of the organization, describing the activities of the internal audit function in internal rules, etc.
![Placet raamiga]()
TESTIMONIAL
"Thanks to the observations, we were able to discuss several possible solutions in our team, and the audit will definitely help us to further develop new solutions. It was very pleasant and smooth to work with Grant Thornton Baltic's internal auditors. The whole process went really smoothly."
Kadri Erm
Placet Group OÜ
Head of Legal and Compliance
Client stories
December 2023
Primero Finance: our choice of internal auditor ticks all the boxes
Internal auditor services
“Our partnership with Grant Thornton Baltic’s internal auditors started in 2016 and it’s clear we hit the nail on the head with our selection,” says CEO of Primero Finance OÜ, Marti Küttis.
January 2023
An outside set of eyes gives additional assurance
Internal audits in ESTO AS
ESTO Group, a credit provider founded in 2017 that expended to Latvia and Lithuania in 2021, went the outsourcing route and partnered with Grant Thornton Baltic for internal audit services.
January 2023
For the e-Governance Academy, an internal auditor is seen as a good colleague
Internal audits at E-Governance Academy
Each year, the eGA’s large-scale projects that are supported by various financing sources around the world mean it has to comply with legal acts on the organization’s activity as well as follow internal procedures both in project management and financial accounting.
January 2023
Internal auditors help keep companies trustworthy
Internal audits at Hüpoteeklaen AS
With more than 30 employees, Hüpoteeklaen AS is a credit provider operating in Estonia since 2009, issuing real estate secure loans to individuals and companies.
February 2023
For Estateguru, having an internal auditor is a sign of quality
Internal audits at Estateguru
Founded in 2013, Estateguru OÜ combined these two qualities when it launched a platform for quick and flexible capital secured by real estate for small businesses and real estate-secured investing opportunities for investors.
May 2023
Erasmus+: we highly value the cooperation of the internal auditors
Internal audits for Estonian National Agency for the Erasmus+ and European Solidarity Corps
For two consecutive years, Grant Thornton Baltic’s business risk and internal audit team served as the independent auditor of the programmes of the Estonian National Agency for the Erasmus+ and European Solidarity Corps.
Which companies operating in the financial sector in Estonia must have an internal auditor?
What are the requirements for the qualification and activities of the internal auditor?
The financial sector can be divided into four main groups:
- banking and credit
- insurance
- payment services
- investment
These, in turn, are divided into subgroups, each of which is subject to a different law and statutory requirements for the internal audit function. In addition, the provision of internal audit services is regulated by the Auditors Activities Act, which defines who may engage in the professional activities of an internal auditor.
In addition to the professional qualifications, the internal auditor is also required to have an impeccable business reputation, the knowledge, skills, experience and education necessary to perform the duties of an internal auditor, and professional suitability. The internal auditor may not perform any other duties which give or may give rise to a conflict of interests.
In addition to special laws mentioned in the table above, the requirements for internal auditors are also regulated by the Auditors Activities Act, according to which the internal auditor must be objective and competent in his or her professional activities, maintain professional secrecy, act with due diligence, act in accordance with the internal auditor's profession and meet the internal auditor's professional standards.
Do you have any questions?
Related Insights
Read more articles
Business Risk Services
IT tools for analysing consumers’ financial solvency – additional support or a source of doubt?
Internal audit
Which financial sector companies are required to conduct an internal audit?
Those operating in the financial sector are bound by various laws along with requirements for internal audit arising from those laws. In addition, the Auditors Activities Act governs the provision of internal audit service, defining who is allowed to be engaged in the professional activities of an internal auditor.
|
3 min read
|
23 Aug 2024
Internal audit
Frequently asked questions for internal auditors
In their work, internal auditors often come across a situation where clients want to have an internal audit done in their organization, but since they have no previous contact with an internal audit service, they have a number of questions.
|
7 min read
|
24 May 2024
Contact us!
If you have similar challenges and questions, please contact our specialists.
Internal audit obligation in financial sector companies
Market participants |
Regulatory law |
Necessity of internal audit |
Requirements to the head of the internal audit unit / internal auditor |
Banking and credit |
|
|
|
|
Credit institutions (banks) |
Credit Institutions Act, § 59 |
Mandatory |
Certified Internal Auditor |
|
Creditors |
Creditors and Credit Intermediaries Act, § 45 |
Mandatory |
No specific professional level is required |
|
Credit intermediaries |
Creditors and Credit Intermediaries Act, § 45 |
Mandatory |
No specific professional level is required |
Insurance |
|
|
|
|
Insurance companies |
Insurance Activities Act, § 103 |
Mandatory |
Certified Internal Auditor |
Payment Services |
|
|
|
|
Payment institutions |
Payment Institutions and E-money Institutions Act, § 51 |
Mandatory |
Certified Internal Auditor |
|
e-money institutions |
Payment Institutions and E-money Institutions Act, § 51 |
Mandatory |
Certified Internal Auditor |
Investment |
|
|
|
|
Fund managers |
Investment Funds Act, § 349 |
Mandatory if necessary and proportionate |
Certified Internal Auditor |
|
Investment firms |
Securities Market Act, § 832 |
Mandatory if necessary and proportionate |
Certified Internal Auditor |