Internal Audit under the new Companies Act 2013 – Opportunity or Responsibility for the Internal Auditor?
Since Internal Audit has been given statutory recognition (under Section 138 of the Act), and has been made mandatory for certain categories of organizations, for the first time, it significantly expands audit opportunities. Certain other related provisions in the Act, enhance the scope of such audits, and place greater responsibility on the Internal Auditor, which I wish to highlight in this article.
Significant among such requirements is the definition / explanation to the term “Internal Financial Controls” which means Policies and Procedures adopted by the organization, for ensuring “Orderly and Efficient “conduct of business.
The key words are “Orderly and Efficient”. Through these words, Internal Financial Controls are getting extended to cover Operational areas. Even Sarbanes Oxley Act in the US, which emphasized on Internal Controls, confined it to areas in Financial Reporting, and did not specifically extend them to operational areas.
Internal Financial Controls, as specified in the Act include
a. Adherence to Company’s Policies
b. Safeguarding of its assets
c. Prevention and detection of fraud and errors
d. Accuracy and completeness of accounting records and
e. Timely preparation of reliable financial information.
Here, I wish to elaborate on “Orderly and Efficient” conduct of business.
Internal Audit always focused on Internal Controls. With the new definition of Internal Financial Controls, it gets extended to certain areas, which Internal Auditor might not be looking at specifically, unless it was a part of the Internal Audit Plan.
The word “Orderly” prompts the Internal Auditor to see “Governance” aspects like the Organization Chart, Roles and Responsibilities of key personnel, and Delegation of Authority which helps in decision making at appropriate levels.
The word “Efficient” refers to efficiencies in operations, like input / output relationship in achieving good operating results. This calls for the Internal Auditor gaining insight into all the important business processes of the organization, instead of confining to the processes in his / her internal Audit Plan as mandated by the Audit Committee.
I do not hesitate to add here that the Internal Auditor should prepare himself / herself through proper Business Process orientation, before taking up the audits. For more articles from me, please see my blog at www.operationstomoney.com
Thank you for your attention
Tulasi S Sastri
FCA, CISA