Is the internal audit department of a public company required to be under the Board of Directors? How often must the internal audit department submit internal audit results reports to the State Securities Commission? Through today’s article, let’s learn more about this issue with Pham Consult!
Is the internal audit department of a public company required to be under the Board of Directors?
Internal audit is regulated in Clause 1, Article 5 of Circular 99/2020/TT-BTC as follows:
Internal audit
1. A fund management company is a public company or a public fund manager, a public securities investment company must establish an internal audit department. The internal audit department belongs to the Board of Directors or Board of Members or company owners.
…
Accordingly, the Internal Audit Department of a public company is not required to be directly under the Board of Directors according to the above regulations.
What principles does the internal audit department of a public company operate on?
The internal audit department of a public company operates based on the principles specified in Clause 3, Article 5 of Circular 99/2020/TT-BTC, specifically including:
(i) Independence: the internal audit department and its operations are independent of other departments and operations of the fund management company, and are not under the management of the fund management company’s Executive Board. . Internal audit department employees are not allowed to concurrently work in other departments of the fund management company;
(ii) Objectivity: internal audit must be objective, fair, without prejudice, without influence, without interference when performing its tasks;
(iii) Honesty: internal audit work must be performed honestly, carefully and responsibly;
(iv) Coordination: the internal audit department has full, unrestricted access to the company’s information and documents.
Members of the Executive Board and all employees of the fund management company are responsible for coordinating and providing fully, promptly, honestly and accurately all relevant information and documents, as required by the Ministry. internal audit department.
Departments within the company are responsible for notifying the internal audit department when detecting weaknesses, shortcomings, violations, risks or major losses of the company’s or customers’ assets;
(v) Confidentiality: the internal audit department and internal audit department staff are responsible for protecting the confidentiality of information obtained during the audit process, except when providing information at the request of the agency. competent state management agency.
How often must the internal audit department submit internal audit results reports to the State Securities Commission?
According to Clause 7, Article 5 of Circular 99/2020/TT-BTC, it is stipulated that the Internal Audit Department must submit annual internal audit results reports promptly to the Board of Directors or Board of Members or owners. company owners and the State Securities Commission.
The internal audit report must clearly state the evaluation opinions and conclusions of the internal audit department and the basis for providing audit opinions; Explanatory opinions of audit subjects; corrective measures, handling of violations and improvement.
Thus, the law only stipulates that the Internal Audit Department of a public company must annually submit a report on internal audit results to the State Securities Commission without specifying how often.
Note: According to Clause 2 of Circular 99/2020/TT-BTC, the Internal Audit Department has the following responsibilities:
(i) Inspect and evaluate the organizational structure, corporate governance activities, operating activities, and coordination of each department and each working position to prevent conflicts of interest and protect rights of cutomer;
(ii) Check and evaluate the completeness, effectiveness, efficiency, and level of compliance with the provisions of law and the provisions of the company’s Charter; internal control system; Internal policies and procedures, including rules of professional ethics, business processes, risk management processes and systems, information technology systems, accounting, reporting processes and systems reporting, information disclosure, procedures for receiving and handling denunciations and complaints from customers and other internal regulations;
(iii) Check validity, legality, honesty, level of caution, compliance with business processes and risk management;
(iv) Carry out operational audits according to the annual internal audit plan. The annual internal audit plan must be approved by the Board of Directors or the Board of Members or the company owner before implementation. The annual internal audit plan must ensure the following principles:
– Internal audit is performed annually and unexpectedly;
– Activities, processes, and departments must be assessed for risk according to the company’s internal regulations. Activities, processes, and departments with high levels of risk are focused on resources, prioritized for auditing first, and audited at least once a year;
– The annual audit plan must be adjusted when there are changes in the risk level of activities, processes, and departments;
(v) Carry out audits of all operations of all departments in the company at least every two years;
(vi) Recommend solutions to improve the effectiveness and efficiency of the company’s operations; Monitor the results of implementing post-audit recommendations approved by the Board of Directors or Council of Members or company owners.
Hope the above information will help your work.
– Activities, processes, and departments must be assessed for risk according to the company’s internal regulations. Activities, processes, and departments with high levels of risk are focused on resources, prioritized for auditing first, and audited at least once a year;
– The annual audit plan must be adjusted when there are changes in the risk level of activities, processes, and departments;
(v) Carry out audits of all operations of all departments in the company at least every two years;
(vi) Recommend solutions to improve the effectiveness and efficiency of the company’s operations; Monitor the results of implementing post-audit recommendations approved by the Board of Directors or Council of Members or company owners.
Hope the above information will help your work.
Comments