Keeping up and complying with the ever-changing regulatory environment is a challenge for most organizations. A recent article in Internal Auditor
shows that internal auditors can help their companies stay in compliance despite the rapid pace of emerging regulations and increased governmental enforcement.
• Internal audit should have a role in strategy and policy-making
• Auditors need to be familiar with current regulations with which their organizations must comply, and
• The corporate compliance function must fully collaborate with internal audit.
Jackson points out that it is important for companies to recognize that internal audit and compliance are fundamentally separate functions. Internal audit’s role is to ensure the compliance process works to identify new regulations, monitors the processes in place, distributes the information, and trains staff, not to perform these functions itself. Internal audit’s role is to collaborate with compliance, often providing a consultant role as new projects or initiatives are addressed.
Often, the compliance and audit roles overlap. However, Jackson says that the internal audit should expand its role to understanding the regulatory risk facing the organization and assessing the impact of noncompliance such as penalties or fines. Using this knowledge, internal audit is able to recommend strategies that will reduce the risk of noncompliance, including the implementation of processes that address regulators’ common concerns.