Context:
The Securities and Exchange Board of India (SEBI) is planning to tighten and standardise internal audit processes at market infrastructure institutions (MIIs). This move follows findings that significant audit observations were missed by internal auditors during SEBI inspections.
Key Proposed Changes by SEBI
Strengthened Internal Audit Mechanism
- Internal auditors’ observations must be:
- Sent to heads of departments (HODs) for their comments.
- Shared with the audit committee.
- HODs will be required to respond within a timeline set by the audit committee.
Mandating Audit Committee Independence
- Managing Directors (MDs) may potentially be barred from being part of audit committees.
- Only key managerial personnel (KMPs) can attend audit committee meetings with prior approval from the committee chairman.
- Aim: Ensure independence and objectivity in the audit process.
Exclusive Submission of Internal Audit Reports
- Internal audit reports will be submitted only to the audit committee, further insulating them from management influence.
- SEBI is expected to release a consultation paper soon for wider industry feedback.
Standardising Internal Audit Framework
Comprehensive Coverage Required
- Internal audits must cover all functions and activities of MIIs, including:
- Critical operations
- Regulatory compliance
- Risk management
- Investor grievance redressal
- Business development
Industry-Wide Standardisation
- Terms of reference for internal audits will be standardised across MIIs through consultation with the industry standards forum of MIIs.
Final Reporting Process
- After incorporating department heads’ comments, the final internal audit report must be presented to the audit committee for review and action.
Objective
- SEBI’s overarching goal is to enable MIIs to:
- Strengthen risk management frameworks
- Improve internal control mechanisms
- Enhance governance processes
- Adopt a systematic and disciplined approach to internal evaluation and accountability.
