Back Custom print Link Text Only Rich Text Print

  • HC-6.4 HC-6.4 Internal Audit

    • HC-6.4.1

      Licensees must consider establishing an internal audit function commensurate with the size, complexity and nature of its business to monitor the adequacy of their systems and controls.

      October 2019

    • HC-6.4.2

      The internal audit function must be independent of the senior management, reporting either to the Board or its Audit committee. The internal audit function must not be combined with any other function.

      October 2019

    • HC-6.4.3

      Where licensees outsource part or all of their internal audit function, the outsourcing arrangements must provide for an adequate level of scrutiny of the licensees. A licensee cannot outsource its internal audit function to its external auditor.

      October 2019

    • HC-6.4.4

      Prior approval from the CBB is required for material outsourcing arrangements, including all outsourcing of internal audit. Note that in all such cases, the licensee retains ultimate responsibility for the adequacy of its outsourcing function, and is required to identify the person within the licensee responsible for internal audit: this person should be an approved person (see Section AU-1.2).

      October 2019

    • HC-6.4.5

      Internal audit functions must have terms of reference that clearly indicate:

      (a) The scope and frequency of audits;
      (b) Reporting lines; and
      (c) The review and approval process applied to audits.
      October 2019

    • HC-6.4.6

      Internal audit function must report directly to the Board/Audit committee. They must have unrestricted access to all the appropriate records of the licensees. They must have open and regular access to the Audit Committee, the Board, the Chief Executive, and the licensees' external auditor.

      October 2019