Kroll has broad experience in delivering localized and cross-jurisdictional regulatory-focused internal audits for a range of firm types across the financial services industry. This work has supported firms to mitigate against regulatory risk and meet their regulatory requirements.
Developing a Multi-Jurisdiction Regulatory Internal Audit Framework
Building a regulatory internal audit framework for a business operating in multiple jurisdictions requires a combination of deep regulatory knowledge and practical, global experience. Our client, a large corporate services provider with offices in Europe, Asia and the Caribbean, needed an internal audit framework to implement a third line of defense across the group.
Kroll’s first step was to identify and assess the key regulatory risks for each region before feeding them into an audit plan. Working with the company's group head of internal audit, the Kroll team developed a detailed and risk-based audit framework that included internal audit policies and procedures, guidance notes, reporting templates, quality checklists and escalation and reporting protocols.
Kroll presented the plan to our client’s audit committee so that the framework and delivery of regulatory audits could be handed over to the company’s internal audit function. To support this handover, we provided ongoing training to the internal audit team, including onsite workshops.
Project Outcomes
As a result of Kroll’s work:
- The firm was supplied with an audit framework and has now been rolled out to execute regulatory and non-regulatory internal audits.
- Through the execution of these internal audit reviews, the firm is proactively identifying and mitigating regulatory risk.
- These internal audit findings have led to group-wide initiatives to enhance systems and controls.