Internal Audit Services

Each Investment Firm, taking into an account the nature, scale and complexity of its business activities, as well as the nature and the range of its investment services and activities, shall establish and maintain an internal audit function through the appointment of a qualified and experienced Internal Auditor.

The principal objective of the Internal Auditor shall be to provide assistance to the Senior Management, as well as to the Board of a Company, so that it may efficiently practice its responsibilities.

The Internal Auditor shall review and evaluate the adequacy and effectiveness of audited company’s systems of internal controls and the quality of operating performance when compared with established standards on an ongoing basis. The recommendations that the Internal Auditor makes to the Senior Management and the Board regarding the internal controls and the management of the various risks that are associated with the operations, aim to secure a controlled environment of an audited company.

 

The Internal Auditor shall be separated and independent of the other functions and activities of a company and shall bear the responsibility to:

(a)   establish, implement and maintain an audit plan to examine and evaluate the adequacy and effectiveness of a company’s systems, internal control mechanisms and arrangements

(b)  issue recommendations based on the result carried out in accordance with point (a)

(c)   verify compliance with the recommendations of point (b)

(d)  provide timely, accurate and relevant reporting in relation to internal audit matters to the Management Body of a Company, at least annually.

 

The main scope of the Internal Auditor’s position shall be the evaluation of the adequacy and effectiveness of a financial filrm’s internal control systems, as well as the prevention and administration of risk connected to its operation so as to ensure:

  • a firms’s legitimate operation
  • the safeguarding of the procedures and guidelines set by the management of a company
  • the security of the company’s assets
  • the undertaking of timely remedial action in order to prevent or combat actions, which might put a company’s operation at risk.

 

Types of Internal Audit

Financial Information Audit

The purpose of financial information audits shall be to confirm the accuracy and objectivity of the information that appears on the financial statements of a Company (balance sheet, profit and loss, etc), in the management accounts and the regulatory filings with CySEC (capital adequacy ratio, etc).

Operations Audit

These shall be inseparable from the Financial Audits. Their purposes include:

  • estimating compliance of a company’s personnel to the instructions of the Board and the prescriptions of legal framework
  • confirming the effectiveness, efficiency and suitability of the operating procedures inspecting the organizational structure, the accompanying operation procedures and the operational policies, paying particular attention to how the profitability is affected.

Information System Audit

The purpose of these audits shall be the assessment of the reliability of the information systems with respect to the following:

  • the accuracy and completeness of data and reports
  • the prompt production of data and reports
  • the controlled access rights to the databases, software and to the computer rooms by authorized persons
  • the continuous and unhindered operation of information systems
  • the record keeping of data.
  • effectiveness and efficiency of internal control, risk management and governance systems and process in the context of both current and potential future risks;
  • reliability, effectiveness and integrity of management information systems and processes (including relevance, accuracy, completeness, availability, confidentiality and comprehensiveness of data);
  • monitoring of compliance with laws and regulations, including any requirements from CySEC and other supervisors, where relevant (with emphasis whether the Regulated Entity is acting with integrity in its dealing with all clients and in its interaction with relevant markets); and
  • safeguarding of assets.

 

The Internal Auditor shall exercise its functions regularly, at least annually. Suspicious transactions shall alert the auditor to decide of the work to be performed. Client complaints or grievances shall alert the Internal Auditor to investigate the matter.

The Internal Auditor shall have an open, constructive and co-operative relationship with CySEC which supports sharing of information relevant to carrying out their respective responsibilities. The disclosure in good faith to CySEC does not constitute a breach of any contractual or legal restriction on disclosure of information and does not involve such person in liability of any kind.

An investment firm shall either appoint a qualified and experienced individual with sufficiently good repute (i.e. integrity, morals and credibility), as a full-time Internal Auditor of a company, or outsource the Internal Audit function to reputable and qualified firm such as T.F.S. Tailored Fin Serve Ltd.  Contact us to get more information about duties and principal task of the Internal Auditor which can be performed by our company.