Risk management, internal audit functions need to collaborate more

Source: the Sundaily

There is a need for collaboration between risk management and internal audit functions to upscale internal auditor's competency in various risk areas and to equip them with more technical competencies through more comprehensive training programmes, according to a joint survey by KPMG and the Institute of Bankers Malaysia (IBBM) on banking institutions.

Findings from the survey titled "Internal Audit Matters: Risk Management" support the current view that there are concerns and key gaps that both functions, risk management and internal audit, are not complementing each other's role in the banking institution.

"Training and skill development approach must be reviewed to ensure that theoretical basis is complemented with secondment to relevant departments such as risk management function or the business units," said KPMG internal audit partner Lee Min On in a statement today.

"With adequate level of risk management knowledge, internal auditors are able to scope out their audit plan and perform reviews more effectively."

In October 2012, IBBM partnered KPMG to do an industry-wide survey to assess the readiness of internal audit function on risk management related issues in Malaysian banking institutions.

The survey looked into the expectations of both the chief internal auditor and chief risk officer in relation to risk management issues, the capabilities expected from internal audit of the banks regarding these risk management issues, and the support which can be provided by the risk management unit of the banks in this respect.

It is aimed at the industry platform involving all Malaysian banking institutions, both local and foreign.

"(The survey) highlights the need to better prepare internal auditors to meet the expectations of risk management function," said KPMG Management and Risk Consulting Sdn Bhd executive director Eckart Koerner.

"This is very crucial as nowadays internal auditors' job scope go beyond merely ensuring the organisation's compliance to internal policies as well as external guidelines and statutory requirements, but they are also expected to equip themselves with the appropriate skills to face the new challenges which the risk management function is exposed to," he added.