The aim of Internal Audit (IA) is to provide assurance that the company operates in accordance with its policies and procedures, meets its goals and maintains compliance with licensing, regulatory and statutory obligations. Setting up the IA function is mandatory in many, if not all, regulated industries around the world.
Kyte are able to provide knowledge and expertise in the following specific IA areas as well as other more generic audits, such as operational audits, compliance audits, etc:
- Governance, Risk and Control (GRC)
- Fraud Management
- AML/KYC Compliance
- GDPR Compliance
- Information Security
- IT and Technical Setup (Systems)
- Player Protection in Online Gambling (Responsible Gaming)
In line with the rapidly changing environment, in performing our work we are aiming to add value to the business instead of focusing on mere conformance.
Benefits of Outsourcing
As most of the regulated industries allow the IA function to be outsourced, there is an array of choices of how it can be arranged. It does not have to be fully in-house or fully outsourced. There are options such as partial outsourcing and co-sourcing.
Outsourcing of internal audit provides various advantages, for example:
- it might be too expensive and impractical to maintain a full in-house IA function in certain circumstances,
- an external provider can fill in gaps such as temporary shortage of IA staff, tight deadlines, coverage of remote locations and language requirements, specialized knowledge and technical expertise,
- quicker start-up of the function, out-of-the box tool,
- thoroughly tested audit techniques and methodologies,
- better way to maintain objectivity and independence of internal auditors,
- accumulating best industry practices and anticipating emerging industry risks,
- continuous training provided to auditors in various disciplines,
- management concentrates on improvements and implementing audit recommendations.
Scope of Services
The services provided by Kyte can range from simply establishing the IA function itself till complete coverage of IA activities. Examples of co-sourced arrangements are:
Kyte is also fully capable of providing additional training to client’s employees in the above-mentioned areas of expertise.
How Does it Work
To establish the IA activity and assure that has sufficient authority to fulfil its duties, the internal audit activity’s Charter is to be approved by the board of directors and senior management.
Subsequently, the IA function yearly submits to senior management and the board a risk-based annual IA plan for review and approval. The Plan includes the list and relevant timeline of auditable areas during the year based on priorities and assessed risks.
IA function then performs IA engagements in accordance with the approved plan.