Internal Auditing

In the days following the collapse of Lehman Brothers and Bear Stearns, the one thing financial examiners
seemed to agree on was that the cause was, at least in part, a failure to implement or respond to proper
internal auditing practices. Although what's come to light reveals a much more complex and systemic series
of failures, it's clear that if the basic tenets of internal auditing had been put into practice and internal
controls respected, the firms would not have exposed themselves to such unreasonable risk.
The Institute of Internal Auditors (IIA) is the foremost international professional association for internal
auditing. The IIA's globally accepted definition of internal auditing states that:

"Internal auditing is an independent, objective assurance and consulting activity designed

to add value and improve an organization's operations. It helps an organization
accomplish its objectives by bringing a systematic, disciplined approach to evaluate and
improve the effectiveness of risk management, control, and governance processes."
In simplest terms, the duties of an internal auditor are to:

 Objectively review an organization's business processes

 Evaluate the efficacy of risk management procedures that are currently in place
 Protect against fraud and theft of the organization's assets
 Ensure that the organization is complying with relevant laws and statutes
 Make recommendations on how to improve internal controls and governance processes

Auditing Statutes
Although several major congressional acts become law following the 1929 stock market crash - the
Securities Act of 1933, The Trust Indenture Act of 1939, The Investment Company Act of 1940, and The
Investment Advisers Act of 1940 - there are two that have come to define the role of internal auditing within
a legal framework: the Securities Exchange Act of 1934 and the Sarbanes-Oxley Act of 2002. More recently,
the Dodd-Frank Wall Street Reform and Consumer Protection Act has specifically targeted practices within
the financial service sector.
The Dodd-Frank Wall Street Reform and Consumer Protection Act was signed into law in 2010 and is
currently being implemented. It seeks to stabilize the U.S. economy by improving transparency and
accountability within the financial service sector. It's objective is to prevent the possibility of an undue
financial burden being placed on taxpayers by ending bailouts and doing away with the 'too big to fail'
mentality. The implementation of this act into law saw the creation of two new federal oversight agencies:
The Financial Stability Oversight Council and The Office of Financial Research. As this sweeping legislative
reform is being put into effect, internal auditors are paying close attention to how this will affect the work
they perform.