INTERNAL AUDITING CAN INCREASE CORPORATE GOVERNANCE COMPLIANCE
Corporate governance has been recognised as an indispensable factor in ensuring sound financial reporting and deterring misappropriations of capital in an organisation. It is comprised of four cornerstones – the external auditor, the audit committee, management and the internal audit function.
The growth in recognition of the role of internal audit function in corporate governance has raised it to a professional status, by emphasising the benefits of independent judgment and objectivity in reporting. Internal auditing serves as a monitoring device and the organisational security enforcer, becoming an integral component of corporate governance.
The Institute of Internal Auditors South Africa (IIA SA) defines internal auditing, as ‘An independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
KING IV SIMPLIFIES KING III
King IV came into effect on 1 April 2017, building on the previous reports first issued in 1994, and now defines corporate governance, as ‘the exercise of ethical and effective leadership by the governing body’. King III, published in 2009, was complex to administer and did not foresee the technological advances, the increased need for online transparency, long term resource sustainability and information security that are now part of the corporate structure.
King IV reduced good corporate governance down to 17 simplified principles, each supplemented with various recommended practices, with set timelines, reports and committees, to make it easier for large and small companies to implement the principles within daily business. Importantly, it requires organisations to report how principles are applied within organisations, which challenges companies to address the real, deeper measures of sound governance by putting ‘governance policy’ into ‘governance practice’. It focuses on the outcomes of good governance, rather than stipulating a checklist of behaviours that must be followed.
FOUR GOVERNANCE OUTCOMES
To make the application simpler to grasp, King IV clearly differentiates between the long-term Outcomes, the ethical Principles and the recommended Practices. Each of the identified good governance outcomes in King IV is driven by various leadership responsibilities.
The four good governance outcomes relate to whether or not the organisation demonstrates effective control; performs well; adopts an ethical culture; and is legitimate. The legitimacy of an organisation is the most critical outcome of good governance and is dependent on its reputation, as well as the trust stakeholders place in it.
KING IV ON INTERNAL AUDIT
The King IV report covers internal audit and its relationship to the governing body in some detail.
The governing body should assume responsibility for internal audit by setting the direction for the internal audit arrangements needed to provide objective, relevant assurance that contributes to the effectiveness of governance, risk management and control processes.
The governing body should monitor on an ongoing basis that internal audit follows an approved risk-based internal audit plan; and reviews the organisational risk profile regularly and proposes adaptions to the internal audit plan accordingly.
The governing body should ensure that internal audit provides an overall statement annually, as to the effectiveness of the organisation’s governance, risk management and control processes.
Internal audit, as part of the third line of assurance, remains pivotal to corporate governance. Internal audit is well placed to complete the assurance reality check. It can assess the quality of assurance provided and the relevance to the management or governance committee. Internal audit could be the key to preventing corruption and fraud in private and public organisations.
ROOT OF ETHICS LIES IN MORAL OBLIGATION
Commenting on the IIA SA’s Corporate Governance Index 2018, which reflected a 9.6% drop in ethics, the CEO, Dr Claudelle von Eck, said, “Ethics has enjoyed more attention in recent times than ever before, as it should, given the increasing complexities and ethical dilemmas we have to deal with. The significant drop in sentiment in this dimension is therefore very worrying for me. Ethics should not be an occasional ad hoc conversation that only surfaces in response to what is reported in the media. An ethical culture is core to long-terms sustainability, which in turn is core to the leaders’ fiduciary duty.”
Business ethics derive their foundation from moral obligations or duties, such as treating customers and employees fairly, guaranteeing products and services are safe and effective, keeping promises and commitments and abiding by the law.
This behaviour can be seen as an ethical culture from which all other actions stem and it is internal auditors that have to step up and take their role in promoting such an ethical culture in all South African organisations.