Internal Audit Engagements

Having strong internal control systems is also a great way to secure growth and scalability

 

What is an internal audit?

An internal audit is an independent review of the internal control factions of an organisation by a regulated audit and assurance firm.

 

Are you required to have an internal audit?

If you are licensed by the Cyprus Securities and Exchange Commission (CySEC) or by the Central Bank of Cyprus then you are required to have an internal audit on an annual basis. The internal audit function must be outsourced to a regulated audit and assurance firm.

 

Internal audit is also a very good practice undertaken by larger organisations usually which have more than 100 employees in Cyprus as it provides extra assurance or it pinpoints specific weaknesses of their internal control functions.

---

What does it entail?

The internal audit is a process of gathering data and information from the organisation and assessing their compliance with local regulations such as its compliance with CySEC, VAT, Tax Employment Law.

It is also a testing function of the organisations internal control functions.

Once the audit is completed the Company will submit the findings to its regulator.

 

Can you assist us?

CYAUSE Audit Services has more than 20 years of experience in the field servicing Cyprus Investment Firms and Funds licensed by the local regulator. Our frequent collaboration with CySEC ensures that we are always proactive to new regulations, local and EU developments which are factors in the design and implementation of our audit work.

---

Detail explanation of the Audit Procedure:

A. The process

1. Assignment to the Audit Firm

2. Design of the Internal Audit

3. Execution / Testing

4. Provision of Internal Audit Report

5. Submission of the Report to the Regulator

6. The board assigns to an Audit and Assurance Firm this Internal Audit Engagement.

7. The Internal Auditor Designs the Internal Audit based on the requirements of the Regulator or the Client.

8. The internal audit usually takes 5 - 8 working days to be completed and includes several visits at clients premises and the examination of a significant amount of paperwork, discussions with management and visits onsite and offsite.

9. At the end of the fieldwork, once all clarifications and assertions are collected the internal auditor issues the internal audit report.

       10. The Internal Audit Report contains an extensive checklist of the areas mentioned above together with the Findings of the Internal Auditor. For each finding the client (the organisation) is required to respond for the weakness or deficiency identified.

 

A. Areas Examined by the Internal Auditors

a) Department procedures.

b) Execution of department procedures.

d) Sales, purchase cycle

e) Receipts and Payments Cycle

f) 3rd Party- Agreements

g) Infrastructure

1. Security access through the organisation and computerised software.
2. Fixed assets register nicely organised and updated; how, by who, what is the policy.
3. Logs - shipping logs, dispatch logs, sick leave locks, annual leave, orders, consignment goods any many more. Who keeps track, how, is it sufficient.
4. Website and IT Systems assessed and scrutinised (assistance by experts usually obtained).
5. Personnel and Infrastructure (who does what, why, how, objectives, achievements, change needed, does it work).
6. Back Office Operations and Systems (set up, structure assessed, controls, systems, operations, objectives met, targets met)

 

h) Compliance matters

1. With regulations affecting your company; if for instance you are an investment firm we would assess whether you comply with MIFID II requirements and relevant provisions and requirements such as the preparation of Capital Adequacy Reports, ICAAP Reporting, Handling Clients Own Funds, Internal Audit Engagement, to mention a few.

2. With Tax - Assessment of Tax and VAT return preparation and Company submissions to the authorities

3. With GDPR Regulation

4. Payroll and Employee remuneration and company obligations

5. Insurance required by the Cyprus Republic

6. Health & Safety

7. Any other compliance laws, regulation or directive applicable to the specific business.

h) Statutory Compliance

1. Review of board and directorships
2. Review of committees and how they operate
3. Authorised bank signatories; who actually signs, are protocols followed
4. Submissions to regulators; for instance Investment Firms must submit on a monthly, quarterly and annual basis a plethora of reports and workings to CySEC.

i)  Accounting Matters

1. Review of Companies Trial Balance and Detailed Ledgers

2. Review of the processing of accounting records

3. Review of the reconciliations with banks, creditors, debtors statements

4. Own funds preparation and reconciliation by investment firms

5. Review and assertion of compliance of statutory submissions of tax forms, audited financial statements, issuance of payslips

 

j)  Additional Testing

Internal audit engagements are designed on the risk profile of the organisation and aim to cover the weaknesses or risk areas of the entire organisation. As a result each internal audit engagement is different depending on the entity type, size and operations. To cover all risk areas the internal auditors are required to carefully plan  and come up with specific tests against each risk.

For more information and assistance for internal audit engagements, contact our expert team at CYAUSE Audit Services.

---

CYAUSE AUDIT SERVICES

About Us

CYAUSE Audit Services Ltd is performing Statutory compliance services to Cyprus Investment Firms and Funds on a continuous basis in its capacity as an external adviser. Such services include compliance advisory work,  external or internal audit functions as well as the provision of ongoing accounting, payroll and tax support.

Whether an investment firm regulated by the Cyprus Securities and Exchange Commissions (CySEC) or a Fund we can perform compliance services and ad hoc engagements tailored to your needs.

CYAUSE Audit Services is an Audit & Assurance firm with offices in Nicosia and Limassol. During 2015 we have been awarded by I.C.P.A.C and the A.C.C.A (local and international association of Chartered Certified Accountants) for the Quality of our Audit Services and our Office's Procedures.

Being a Truly International Audit & Assurance firm, we have associates from all over the world and we are constantly looking for new associates to expand our network further. At present, CYAUSE Audit Services operates internationally as Accace Circle, a co-created business community of like-minded BPO providers and advisors who deliver outstanding services with elevated customer experience.

Our network covers almost 40 jurisdictions with over 2,000 professionals, it supports more than 10,000 customers, mostly mid-size and international Fortune 500 companies from various sectors, and processes at least 170,000 payslips globally.

CYAUSE Audit Services Ltd is also a member of the 3E Accounting Network, an international accounting network which originates from Hong Kong and has more than 80 members from all over the world.

Contact Us

If you would like us to assist you with your investment firm or fund please contact us at kt@cyprusaccountants.com.cy or call us at +357 22 336 321.

Learn More about Cyprus Corporate Environment

Information about CYAUSE Audit Services and the Cyprus Corporate & Tax System can be obtained from our Website or our YouTube channel which provides valuable information about the Corporate & Tax Environment of Cyprus.