Related provisions for CREDS 2.2.50
1 - 18 of 18 items.
The purposes of an internal audit are:(1) to ensure that the policies and procedures of the credit union are followed;(2) to provide the governing body5 with a continuous appraisal of the overall effectiveness of the control systems, including proposed changes;(3) to recommend improvements where desirable or necessary;(4) to determine whether the internal controls established by the governing body5 are being maintained properly and operated as laid down in the policy, and comply
The internal audit work programme should include items such as:(1) verification of cash (counting and reconciliation) without prior notification;(2) bank reconciliation (checking records against bank statements);(3) verification of passbooks or account statements;(4) checking for compliance with policies and procedures;(5) checking for compliance with relevant Acts, secondary legislation and rules;(6) checking minutes and reports of the governing body5 and other sub-committees
The key elements of a satisfactory system of internal audit include the following:(1) Terms of reference. These should be specified with precision and include, amongst other things, scope and objectives of the audit committee and the internal audit function (see CREDS 2.2.11G), access to records, powers to obtain information and explanations for officers, and reporting requirements. These should be approved by the governing body5. (2) Risk analysis. Key risks in each area of the
[deleted] [Editor’s note: The text of this provision has been moved to SYSC 24.2.6R]6
In carrying out their risk governance responsibilities, a firm'sgoverning body and governing body risk committee should have regard to any relevant advice from its audit committee or internal audit function concerning the effectiveness of its current control framework. In addition, they should remain alert to the possible need for expert advice and support on any risk issue, taking action to ensure that they receive such advice and support as may be necessary to meet their responsibilities
1For a full-scope UK AIFM, the requirement to have an employee responsible for reporting to the governing body of the firm or the audit committee for matters in SUP 10A.8.1R (2) and SUP 10A.8.1R (3) is derived from the AIFMD level 2 regulation, which imposes obligations on such firms to have a permanent risk management function and, where appropriate and proportionate for their business, an internal audit function.
A UK recognised body's arrangements for internal and external audit will be an important part of its systems and controls. In assessing the adequacy of these arrangements, the FCA3 may have regard to: 3(1) the size, composition and terms of reference of any audit committee of the UK recognised body'sgoverning body;(2) the frequency and scope of external audit; (3) the provision and scope of internal audit; (4) the staffing and resources of the UK recognised body's internal audit