Skip to content
 

Regulators stress sound internal audit policies

Federal banking regulators recently released a policy statement reminding bank boards of directors that they must have a means of assessing the effectiveness of their institutions' internal controls, and that this internal audit function must be appropriate to the size and scope of an institution's business.

The agency described the elements of a robust internal audit program as:

  • The reporting lines for internal audit activity "should be such that information directors receive is impartial and not unduly influenced by management."

  • Internal audit management and staff should have the expertise to make the evaluations and judgments required of them. Institutions are encouraged to compare their own internal audit provisions against professional standards.

  • Frequency and extent of internal audit review and testing should be consistent with the nature, complexity, and risk of the institution's on-and off-balance sheet activities. Directors should approve the scope of internal auditors' work to ensure that important areas are covered.

  • Directors need to promote forthright discussion of audit issues and critical examination of problems, so they remain informed about the status and resolution of internal audit issues.

The policy statement also addresses the outsourcing of internal audit services.

The "Interagency Policy Statement on the Internal Audit Function and its Outsourcing" is available at the Federal Reserve Board's web site at
http://www.federalreserve.gov/boarddocs/SRLETTERS/1997/SR9735.HTM.

Copyright © 1998 Bank Operations Bulletin. Originally appeared in Bank Operations Bulletin, February 1998.

First published on 02/01/1998

Filed under: 
Compliance
Operations
Filed under compliance as: 
Audit
Federal Reserve
Regulators
Filed under operations as: 
Directors
FRB
Operations
Statement
Outsourcing

Report a problem with this page

Search Topics