Jeremy De Zilva

THE VALUE OF INTERNAL AUDIT

Delving into the critical role of internal auditing in the banking sector

Main goals of a bank’s internal audits

Ensure independent oversight for the enhancement of internal controls, risk management and governance – and to protect a bank’s reputation.

Outcome

Internal audits enhance stakeholder confidence in a bank’s operations and financial reporting.

Code of conduct

Internal auditors should act with integrity and possess professional competencies.

Concerns for auditors

Maintaining independence and ethics.

Modus operandi

Stay unbiased and avoid favouritism when revising business processes, controls and financial data.

What to avoid

Steer clear of situations that may cloud your judgement and avoid close connections with areas being audited.

Independence

One should not have a stake or financial interest in the organisation being audited.

Frequency of internal audits

From six to 36 months of audit cycles based on a risk assessment.

Auditor opportunities

You can learn most things about an organisation within a short period.

Professional requirement

Maintaining a high standard of integrity.

Risk-based bank audits

They provide management with insights into aligning risk management processes with organisational objectives through governance and controls.

Internal and external banking audits

An internal audit will review the business processes and risks of a bank; an external audit will consider financial statements and comment.

Role of compliance in a bank’s internal audits

Value propositions in the internal audit process are assurance, insight and objectivity.

These value propositions entail

Assurance – governance, risk and controls; insight – assessments, catalysts and analyses; and objectivity – integrity, accountability and independence.

Importance of segregation of duties 

Segregation of duties is an essential part of a control activity where two or more persons are required to execute a transaction.

Types of audits in banking

Thematic, spot reviews, compliance audits on operational areas and information systems auditing.

Bank data security and privacy protection

Confidential data is protected by tools such as data loss prevention (DLP), which enables management to classify and monitor business critical data.

Insights into business

Internal auditors have the skills and expertise to assess processes and under­stand how things fit together in a business.

Auditors at work

They evaluate problems with an open mind and have the discipline to make suitable recommendations.

IT audits’ scope in the sector

The risks in this area over the next 12 months or so include cybersecurity, data privacy and compliance.

Further scope if any

There is also data governance; and third party, vendor and IT talent management.

Areas for improvement

Internal auditors will have to develop their capacities with a variety of skills to foray into unchartered territory.

Improving governance and controls

Internal auditors interact frequently with an organisation’s stakeholders and have the expertise to help management challenge the status quo through innovation.

End result

To achieve sustainable growth that’s critical to the long-term survival of an organisation.

Independence and objectivity of internal auditors

Internal auditors should create a value chain without compromising their independence.

Banking changes through internal audits

Internal auditors of banks now have a heightened focus on managing cybersecurity threats and implementing protective measures.

Its impact

An internal audit should be a unifying force across the organisation and be adapted to meet emerging trends in audits.

Must-have skills for those entering the profession

Analytical and critical thinking, good communication skills, business acumen, ethical conduct, adaptability and a curious mind.

Innovation and tech impact on auditing

Maintaining high vigilance over risks that organisations may face and adapt­ing to multidimensional threat grids.

Further scope if any

Investing in upskilling internal audit staff, and utilising analytical tools in the auditing process.

Vision for Sri Lanka’s internal auditors

Be a trusted adviser or insight generator – and always be relevant as this creates an excellent value chain for any organisation.

Mantra for success

Be passionate about your job and self-disciplined; and have the courage to be unbiased, ethical and principled.

– Compiled by Dona Senara
Jeremy De Zilva is the Deputy General Manager – Internal Audit at Pan Asia Bank.