ECIIA: Internal audit’s independence must be clearly defined under Solvency II

08 September 2014

According to the ECIIA, internal audit must be unambiguously independent if it is to play an effective role under Europe’s new regulatory regime for insurers known as Solvency II.

Guidelines issued on the implementation of Solvency II by the EIOPA demand explicit segregation of responsibility between the different governance functions, which ECIIA welcomes. But the consultation document in which these responsibilities are set out needs to be more specific about how the independence of internal audit is to be achieved.

“One of the main tasks of internal audit is to audit the system of governance,” the ECIIA says in its response EIOPA’s consultation paper on the subject. “This includes auditing other key functions such as risk management, compliance and the actuarial function and, therefore, internal audit has to be kept separate from these functions.”

It says that key to internal audit’s independence are its relationship with the audit committee – which must be direct and confidential, where necessary – and the right to audit any part of the insurance business without limitation or influence from management. Internal audit should also report functionally to the board and operationally to the organisation’s chief executive officer, it says.

EIOPA has issued five sets of draft guidelines and an impact assessment relating to large areas of pillars 1 and 2 of the new regime, which is expected to come into force in 2016. Elements covered by the drafts include use of internal models, system of governance and own risks and solvency assessment (ORSA), supervisory review processes and methodology for equivalence assessments.

Although non-binding, EIOPA’s guidelines are intended to ensure common, uniform and consistent application of the new regime by national supervisors and affected financial institutions.

Blog


© ECIIA