1 Framework of Internal / Concurrent Audit for Insurance Companies
One of the major functions of an insurance company is investment of funds and with the ever growing fund size of insurers™ investments, safeguarding and protection of the investments has acquired enormous significance. IRDA, the regulator of insurance industry, has put in a tight framework for regulating this all-important function of insurers. As the investment department of insurance companies manages investments of insurance companies comprising of both Shareholders and Policyholders funds, it is essential that a periodic review be carried out through Internal Audit (or) Concurrent Audit in order to ensure ˜safety™ of Policyholders™ funds and support a good quality Investment portfolio towards ˜Solvency Margin™. Towards achieving such objectives, IRDA notified the IRDA (Investment) Regulations, 2000 on 16th Aug, 2000 in the Gazette of India and, to keep pace with the dynamics of the economic landscape of the Nation as well as the insurance industry, periodically amended these Regulations in 2001, 2002, 2004, 2008 and the latest in Feb, 2013. The regulations, as amended, holistically cover:
1. Proactive and dynamic investment management.
2. Synchronous and asynchronous interfaces with other domains (Accounting and Actuarial).
3. Real-time and integrated IT System Management and Security management.
An effective management is a three stage process of Measurement, Monitoring and Management. Mere measurement will not amount to monitoring. Similarly, mere monitoring does not mean management. Hence, proactive and dynamic investment management system envisages monitoring the Investment Operations to assist in management™s decision making and measurement to support monitoring. Thus, it is further two stages beyond measurement i.e. purposeful monitoring and effective management.
Synchronous and asynchronous interfacing of investment domain with other domains is essential not only for the present system but also because it is flexible enough to incorporate future changes in regulation for both investment and other domains. Also, real-time and integrated IT systems and security management are essential to ensure data integrity, audit trail at data entry points, review of system with due monitoring and reporting on the compliance aspects etc.
2. Internal/Concurrent Audit
(a) Internal / Concurrent Audit of investment functions of an insurer is essentially part of management process to ensure effective controls and in short, a comprehensive compliance check mechanism. Such audits should, by reporting on the controls and processes, passively aid the investment departments to ensure that the transactions / decisions are within the policy parameters laid down by the Investment Committee formed by the Board, and are in compliance with the terms and conditions for exercise of delegated authority and do not violate the guidelines of IRDA and the Insurance Act. The Audit is expected to cover all the transactions, recorded during the period covered in the Audit Report.
(b) The internal / concurrent audit requirement flows from the Investment Regulations. IRDA has issued guidelines through its Circular No. INV/CIR/023/2009-10 dated 4th Aug, 2009 directing all insurers having Assets Under Management (AUM) (both Shareholders™ Funds and Policyholders™ funds taken together) not over Rs. 1000 Crores to have the investment functions audited on a Quarterly basis through internal audit (either through internal sources or by appointing an external firm of Chartered Accountants) and those insurers having AUM over Rs. 1000 Crores to have the investment functions audited on a Quarterly basis through concurrent audit by appointing an external firm of Chartered Accountants. The appointment of the auditor will be done by the Audit Committee of the Board. The internal audit requirement will get converted to Concurrent Audit requirement from the quarter following the quarter in which the AUM exceeds Rs. 1000 Crores for the first time. An insurer who gets covered under Concurrent Audit for the first time, will continue to have the Investment functions concurrently audited, even if the AUM falls subsequently below Rs.1,000 Crores. The scope remains unchanged whether it is done through Internal Source or through an external Chartered Accountant firm. If the Audit of Investment Operations, as per the AUM criteria, fall under Internal Audit, and if the Internal Auditor is an Framework of Internal/Concurrent Audit for Insurance Companies employee of the Insurer, the Internal Auditor shall be a Chartered Accountant. While the scope of the audit is detailed in the following chapter, the Technical Guide provides comprehensive Check List, which is as good as a functional Audit Programme for an Auditor.
(c) The Auditor appointed shall report to the Audit Committee of the Board, taking into consideration the responses of the Investment Committee (IC).
(d) Compliance to Implementation of Investment Risk Management Systems & Process, as committed by the Insurers™ Board shall be confirmed by the Internal/Concurrent Auditor for its implementation. Also, the Audit is expected to confirm that the Audit Committee™s Recommendations, along with the implementation details of the previous Quarter, are placed before the Insurer™s Board, and are a part of its Agenda.
Read More: The full document is available for download