Standard on Internal Audit (SIA-150)- Compliance with laws & regulations

Article on Internal Auditor’s Responsibility as per latest exposure draft – Standard on Internal Audit (SIA)- 150-‘Compliance with laws and regulations’

The Institute of Chartered Accountants of India (ICAI) has recently issued exposure draft on Standard of Internal Audit (SIA)- 150- ‘Compliance with laws and Regulations’. Here in this article we would briefly understand the Internal Auditor’s Responsibility with regard to Compliance with Laws and Regulations.

RESPONSIBILITY OF INTERNAL AUDITOR:

1.1 The nature and extent of internal audit procedures to be conducted in the area of compliance is dependent on the framework in place and the maturity of the processes. Where management has implemented a formal compliance framework, and unless specifically excluded from the audit scope (or technically not feasible), the Internal Auditor shall plan and perform internal audit procedures to evaluate the design, implementation and operating effectiveness of such framework so as to provide independent assurance to management and to those charged with governance. (For details refer Para 2.1)

1.2 Where no formal compliance framework exists, the Internal Auditor shall design and conduct audit procedures with a view to highlight any exposures arising from weak or absent compliance activities and processes, make recommendations to implement and strengthen those processes and thereby, improve compliance. (For details refer Para 2.2)

1.3 Where the independent assurance requires the issuance of an audit opinion over the design, implementation and operating effectiveness over compliance, this shall be undertaken in line with the requirements of SIA 110, “Nature of Assurance”, especially with regard to the need to have a formal compliance framework in place, which shall form the basis of such an assurance (For details refer Para 2.3).

1.4 While the primary objective of an internal audit is to strengthen the system and process of compliance, there may be instances where the Internal Auditor is asked to undertake compliance audit assignments with the primary objective of identifying any instances of non-compliances. In such situations, and where no formal compliance framework is in place, the Internal Auditor may not be able to provide a written opinion in line with requirements of SIA 110 “Nature of Assurance”. Never-the-less a Summary of Findings may be possible, listing any instances of non-compliance identified as a result of the internal audit procedures undertaken. These findings shall be reported along with the following:

  • the scope, listing all the specific laws and regulations tested;
  • audit procedures performed, sample selected, and population covered;
  • summary of the work performed; and
  • limitations, if any, on the responsibilities assumed by the internal Auditor, such as inherent limitations in sample selection, or that a court of law is the ultimate authority in establishing legal interpretation of non-compliance, etc.

1.5 The Internal Auditor shall not assume any responsibility to manage or operate the compliance framework (e.g., to act in the capacity of a chief compliance officer, to take ownership of the compliance tracking system, etc.) or to take compliance related decisions (e.g., to accept the risk of non-compliance). Neither is it the responsibility of the Internal Auditor to execute or resolve compliance related risks (e.g., engaging directly with regulators, etc.).

EXPLAINATIONS

2.1 Where there is a formal compliance framework in place, the work of the Internal Auditor shall be directed to ensure that:

  • The framework designed is consistent with the best-in-class and globally recognised.
  • The organization has implemented various mechanism, such as:

(i) Issued compliance policies and implemented supporting procedures;

(ii) Set the right “tone at the top” with supporting messages/ activities;

(iii) Designed compliance structure, appointed compliance officers and assigned each compliance to a specific “compliance owners”;

(iv) Identified all laws and regulations applicable to the entity , assessed risk assessed , and embedded them into the relevant processes;

(v) Regularly conduct training programs for compliance officers and owners;

(vi) Implemented robust compliance systems, deploying technology (where possible), to monitor their progress and track their status, to document timely completion with relevant proofs and artefacts and to support timely escalations in case of slippages;

 (vii) Continuously tracks performance against compliance targets and goals with sufficient reviews and oversight mechanisms

(viii) Established timely communication and periodic reporting systems and protocols, including issuance of self-assessment and compliance certificates.

  • The compliance system and processes in place are operating in an effective and efficient manner.

2.2 Where management has not implemented any formal compliance framework, the Internal Auditor will conduct audit procedures over various compliance related activities which may be present, such as,

  • Provide strategy, leadership and direction on compliances;
  • Establish a culture of compliance throughout the organisation;
  • Provide an organisation structure for assigning compliance resources and defining their responsibilities;
  • Capture and maintain a comprehensive database of all compliance requirements;
  • Encourage risk-based time prioritization and effective completion of all compliance requirements;
  • Ensure expertise and competence in the area of compliances;
  • Exercise continuous monitoring and oversight on compliance completion; and
  • Periodic communication of compliance matters and formal reporting of compliance status to management and those charged with governance.

These activities may be supported by certain enabling systems and processes (similar to those indicated under Para 2.1, above) and which may be recommended as desirable actions to be undertaken to establish a formal framework.

2.3. In situations where a written assurance report is being issued, the Internal Auditor shall consider the following (as a basis for his opinion):

  • The linkage of the compliance framework with other frameworks like the Risk, Governance, Fraud, or Information Technology frameworks which may exist.
  • The process in place for self-assessment and certification from compliance owners as part of a continuous system of compliance.

Tags: ,
Kindly Refer to Privacy Policy & Complete Terms of Use and Disclaimer.

Author Bio

Name: Rishi Singh
Qualification: CA in Job / Business
Company: N/A
Location: Kolkata, West Bengal, IN
Member Since: 13 Jan 2018 | Total Posts: 3
View Full Profile

My Published Posts

Audit areas for audit of Quality of Packing Bags for Cement Packing
Audit Check Points to Review Gate Control over Inward Movement of Inventory in a Manufacturing Unit
View More Published Posts

Join Taxguru’s Network for Latest updates on Income Tax, GST, Company Law, Corporate Laws and other related subjects.

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Whatsapp

taxguru on whatsapp GROUP LINK

Join us on Telegram

taxguru on telegram GROUP LINK

Review us on Google

More Under CA, CS, CMA

GST Audit – Types, Objective, Applicability
Listed Companies need not send hard copies of annual report till 31.12.2022
Bank of Baroda invites RFP for Concurrent Auditors Appointment
Model Portfolios and Research Analysts
Observations of candidates on question papers of CA exam May 2022

Leave a Comment

Your email address will not be published. Required fields are marked *

Latest Posts

  1. Join our Courses on GST, Customs, Excel & Income Tax at 40% Discount
  2. IBC Update: Cancellation of Sale of Corporate debtor to auction purchaser
  3. GST and Breach of public trust by agents of collection
  4. Invoices Not Reflecting In GSTR 2B for April 2022
  5. Import Export Code (IEC)- Meaning, Benefits, Registration, FAQs
  6. Critical analysis of new reassessment provisions, SC decision & CBDT Instruction
  7. GSTN clarification on Incomplete GSTR-2B for April 2022
  8. Controversy surrounding allowability of Cess as expenditure
  9. GST Audit – Types, Objective, Applicability
  10. Provisions for doubtful debt amounts to application of income for charitable purpose 
  11. Know everything about Form 10BD and Form 10BE
View All Latest Posts

Popular Posts

  1. Join our Courses on GST, Customs, Excel & Income Tax at 40% Discount
  2. Bank of Baroda invites RFP for Concurrent Auditors Appointment
  3. GST Returns Scrutiny Manual
  4. GSTN clarification on Incomplete GSTR-2B for April 2022
  5. Compulsory Income Tax Scrutiny criteria/Guideline for FY 2022-23
  6. Statement of Donation (Form 10BD) & Certificate of Donation (Form 10BE)
View All Popular Posts

Featured Posts

  1. GSTN clarification on Incomplete GSTR-2B for April 2022
  2. Bank of Baroda invites RFP for Concurrent Auditors Appointment
  3. ITC reversal for Credit Notes in GSTR-3B – What if Net ITC is reported directly in GSTR-3B
  4. Update all pending UDINs at e-filing portal immediately: ICAI
  5. Unit of Accommodation is ‘Hostel Seat’ not Hostel Room – AAAR
View All Featured Posts

Search Posts by Date

May 2022
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031