Our current views

ECIIA-Our-Current-Views-header
  • Internal audit’s central role in the future of corporate reporting NEW
    July 2016

    Internal audit has a central role to play in the future of corporate reporting as an adviser on, and a builder and consolidator of the reporting process itself, according to the ECIIA’s response to a consultation on the issue by the Federation of European Accountants (FEE).

    “Internal audit adds value to corporate reporting by providing an informed and independent review on processes, risks and controls,” ECIIA President Henrik Stein said in the confederation’s formal response to FEE.

    In the future, developing integrated thinking would be critical if organisations were to be able to present a coherent and comprehensive picture of their long-term strategy and performance, he said. This would require the creation of cross-functional teams, which would include all key areas within the organisation.

    He said organisations needed to adopt clear and unambiguous assurance models to report effectively.

    “It is necessary for internal and external assurance providers to form a common view on issues of relevance, materiality, accuracy and completeness,” he said. “Combined assurance is needed to achieve an informed view on whether reports are fair and balanced and also to improve efficiency.”

    FEE has been consulting on how to evolve corporate reporting in a way that will keep pace with the developing economic reality and address the needs of a wider stakeholder audience.

    To read ECIIA’s response, click here.

    To visit FEE’s page on corporate reporting, click here.

    More communication needed between internal audit and regulators
    May 2016

    Regulators should require regular, structured and ongoing dialogue between the competent authorities supervising insurers and the internal auditors working in them, the ECIIA has said in response to recent consultation by EIOPA (European Insurance and Occupational Pensions Authority).

    That is because internal audit is well-placed to provide an independent opinion about the internal controls, risk management and governance of the companies concerned. Almost 8 out of 10 auditors in Europe say they follow the three Lines of Defense Model at some level, which enables them to provide objective assurance to their organisations.

    “While internal audit’s main line of accountability is to the Audit Committee, it also shares information with the statutory auditors and the regulators,” ECIIA President Henrik Stein said. “Clear and effective communication between all these parties is vital in order to avoid duplication, or gaps, in the overall assurance picture,” he added.

    Stein said he would welcome the opportunity to meet with senior EIOPA officials to discuss in more detail the role of internal audit in this area.

    Read the ECIIA’s response here.

    Tags: EIOPA, Regulation
    Governance gap in Europe’s cyber laws
    March 2016

    Europe’s current legislation on cybersecurity does not include robust corporate governance processes to help businesses manage cyber risks across their operations, ECIIA says.

    ECIIA calls on the European Commission (EC) to develop legislation and guidance frameworks to promote integrated, cross-departmental approaches to manage cyber risks, in its response to the body’s recent consultation exercise. It says a wide range of partners within organisations need to co-ordinate their efforts in this area including compliance, finance, human resources, internal audit, IT and legal functions.

    “There is a real gap in this area that needs to be plugged,” Henrik Stein, ECIIA President, says. “Without joined up thinking and action on cyber security, businesses are at greater risk than they should be.”

    He says that senior management should track and report on the business impact of cyber threats and all risk management activity. “For its part, internal audit evaluates the effectiveness of cyber threat risk management and reports to the audit committee and board on these issues,” he adds.

    ECIIA recognises that organisations that operate in multiple jurisdictions face additional problems because reporting requirements remain unharmonised. It says there is a case for developing global best practice and standards to help corporations monitor their global reporting on cyber security and risk effectively.

    The ECIIA’s response also comments on the most pressing current cybersecurity risks and those that it believes will become more prominent over the coming five years. Read the full response here.

     

    ECIIA conference 2016 – early bird discount
    February 2016

    Secure your place and an early bird discount a ECIIA’s European Conference on Governance, Risk and Control 2016 – Navigating in rough waters.

    The conference will take place between 6th and 7th October 2016 at Stockholm’s Waterfront Congress Centre. There will be 4 plenary sessions and over 50 parallel sessions covering a wide range of topics. A full schedule will be available soon.

    Click here to secure your early bird price today.

    Tags: conference
    EBA clarifies internal audit’s position as third line of defence
    February 2016

    The European Banking Authority (EBA) has adopted important clarifications suggested by ECIIA over the role and position of internal audit in the governance structure of companies looking to adopt sound remuneration policies.

    In particular, EBA has said in the final draft of its Guidelines on sound remuneration policies that internal audit should form an independent third line of defence reporting directly to the board so that it can audit the activities of the other control functions.

    “We are pleased that EBA has taken our views on board and clarified this important issue,” Henrik Stein, ECIIA President, says. “Reinforcing our members’ role as the independent, third line of defence provides organisations with the confidence that they can rely on the work of internal audit when it comes to assessing the effectiveness of their remuneration policies.”

    EBA also clarified the involvement of control functions in assessing the risk profile of organisations and how the control functions should be remunerated, which also drew upon ECIIA’s.

    The EBA’s guidelines set out the governance process for implementing sound remuneration policies across the EU and clarify the process for identifying those categories of staff to whom the specific remuneration provisions of the Capital Requirements Directive (CRD IV) apply, including the so called bonus cap.

    See ECIIA’s recommendations in full.

     

  • European Corporate Governance Magazine

    Previous Editions
    ECIIA Newsletter June 2015 cover Issue (28/2015)

    The new banking supervision regime in Europe is pushing a new revolution in internal audit practice, according to a feature in the latest issue of the ECIIA’s magazine European Governance. Since the introduction of the Single Supervisory Mechanism in late 2014, internal auditors have had to adopt their working methods across a whole range of business processes as banks gear up to meet the supervisor’s new approach.

    Also, read a special report on internal audit’s role in helping organisations get to grips with the European Union’s non-financial reporting initiative and much more.

    READ NOW ECIIA Newsletter Oct 2014 Issue (27/2014)

    Intrusive, tough and fair?: Key parts of Europe’s new regulatory regime for banks come into effect in November this year. Members of the ECIIA’s banking committee share their concerns and hopes about the system.

    Inside: Driving for transparency, ECIIA launches banking group, ECIIA signed a new agreement with EUROSAI, internal audit needs to be independent under Solvency II, new ECIIA board members, affiliates advocacy news and much more

    READ NOW Magazine cover image - spring 2014 Issue (26/2014)

    Interview: “No thanks” to more reform. MEP Ashley Fox wants a moratorium on corporate governance reform until the recent slew of new rules and regulations have bedded in

    Inside: New guidelines from the Global Reporting Initiative herald a small revolution in sustainability management, European Parliament approves audit reform, more protection needed for internal audit whistleblowers and much more

    READ NOW Internal auditors gathered in Vienna to discuss how the European Union's corporate governance reforms could reshape their role and purpose Issue (25/2013)

    Designs for the Future: Internal auditors gathered in Vienna this October to discuss how the European Union’s corporate governance reforms could reshape their role and purpose.

    Nathalie Berger on strengthening the audit committee, report on future of corporate governance, ECIIA enhances visibility, internal and external auditing defined and much more

    READ NOW ECIIA European Corporate Governance magazine, Spring 2013 Issue (24/2013)

    Devil in the detail: Solvency II could provide insurers with sounder balance sheets and better corporate governance regimes. Hans-Joachim Büsselberg tells Arthur Piper how the ECIIA is adding the detail that could help make the directive a success.

    White Noise: Despite the din of competing views over the future of data privacy in the European Union, new legislation aimed at bringing the rules into the internet age are moving forward.

    READ NOW ECIIA corporate governance newsletter October 2013 Issue (23/2012)

    Getting governance right: As the next wave of European governance is set to emerge, delegates at the ECIIA’s annual conference asked whether enough attention had been paid to ethical behaviour, as Arthur Piper reports.

    Fixing external audit: Europe’s external auditors are facing radical reform. The quality of their work needs to improve, but any change must benefit companies, says Kay Swinburne, the MEP with a key role in shaping the governance agenda.

    READ NOW ECIIA European Corporate Governance magazine, Spring 2012 Issue (22/2012)

    Remixing regulation: Banking supervisors want internal audit to play a more central role within bank regulation, as Arthur Piper reports.

    Helping directors to improve: Board directors across Europe are keen to know more about corporate governance and assurance, the head of Ecoda tells Neil Baker.

    READ NOW ECIIA European Corporate Governance magazine, Autumn 2011 Issue (21/2011)

    This issue’s special report – Lessons in Governance – focuses on the ongoing debate on corporate governance within the EU, and takes a look at the European Commission’s most recent Green Paper.

    The issue also welcomes new members to the ECIIA’s Corporate Governance Citizen Programme and invites you to join. Through Citizens comes progress.

    READ NOW ECIIA European Corporate Governance magazine, Spring 2011 Issue (20/2011)

    The Spring 2011 edition of European Governance looks at how the ECIIA is helping to drive change in corporate governance in the public sector. Its new agreement with the external audit body EUROSAI provides much needed clarity on how an effective internal control framework can contribute to improved performance in government across Europe.

    In addition, the magazine looks at how reform in the financial sector is likely to strengthen governance practice and improve regulation in the wake of the global economic crisis.

    READ NOW
    LATEST ISSUE
    ECIIA Newsletter Oct 2015 cover In this issue (29/2015):

    Greater regulation and pressure from businesses to thrive after a protracted period of low-to-no growth has put internal auditors under the spotlight: a special report from ECIIA’s annual conference in Paris, September 2015.

    And Digital Europe: how Europe is facing increased regulation just at the time when many companies are preparing for greater investment in digital services and cybersecurity. Plus the usual news, views and more

     

    READ NOW
  • Publications

    Internal audit’s central role in the future of corporate reporting NEW
    July 2016

    Internal audit has a central role to play in the future of corporate reporting as an adviser on, and a builder and consolidator of the reporting process itself, according to the ECIIA’s response to a consultation on the issue by the Federation of European Accountants (FEE).

    “Internal audit adds value to corporate reporting by providing an informed and independent review on processes, risks and controls,” ECIIA President Henrik Stein said in the confederation’s formal response to FEE.

    In the future, developing integrated thinking would be critical if organisations were to be able to present a coherent and comprehensive picture of their long-term strategy and performance, he said. This would require the creation of cross-functional teams, which would include all key areas within the organisation.

    He said organisations needed to adopt clear and unambiguous assurance models to report effectively.

    “It is necessary for internal and external assurance providers to form a common view on issues of relevance, materiality, accuracy and completeness,” he said. “Combined assurance is needed to achieve an informed view on whether reports are fair and balanced and also to improve efficiency.”

    FEE has been consulting on how to evolve corporate reporting in a way that will keep pace with the developing economic reality and address the needs of a wider stakeholder audience.

    To read ECIIA’s response, click here.

    To visit FEE’s page on corporate reporting, click here.

    More communication needed between internal audit and regulators
    May 2016

    Regulators should require regular, structured and ongoing dialogue between the competent authorities supervising insurers and the internal auditors working in them, the ECIIA has said in response to recent consultation by EIOPA (European Insurance and Occupational Pensions Authority).

    That is because internal audit is well-placed to provide an independent opinion about the internal controls, risk management and governance of the companies concerned. Almost 8 out of 10 auditors in Europe say they follow the three Lines of Defense Model at some level, which enables them to provide objective assurance to their organisations.

    “While internal audit’s main line of accountability is to the Audit Committee, it also shares information with the statutory auditors and the regulators,” ECIIA President Henrik Stein said. “Clear and effective communication between all these parties is vital in order to avoid duplication, or gaps, in the overall assurance picture,” he added.

    Stein said he would welcome the opportunity to meet with senior EIOPA officials to discuss in more detail the role of internal audit in this area.

    Read the ECIIA’s response here.

    Tags: EIOPA, Regulation
    Governance gap in Europe’s cyber laws
    March 2016

    Europe’s current legislation on cybersecurity does not include robust corporate governance processes to help businesses manage cyber risks across their operations, ECIIA says.

    ECIIA calls on the European Commission (EC) to develop legislation and guidance frameworks to promote integrated, cross-departmental approaches to manage cyber risks, in its response to the body’s recent consultation exercise. It says a wide range of partners within organisations need to co-ordinate their efforts in this area including compliance, finance, human resources, internal audit, IT and legal functions.

    “There is a real gap in this area that needs to be plugged,” Henrik Stein, ECIIA President, says. “Without joined up thinking and action on cyber security, businesses are at greater risk than they should be.”

    He says that senior management should track and report on the business impact of cyber threats and all risk management activity. “For its part, internal audit evaluates the effectiveness of cyber threat risk management and reports to the audit committee and board on these issues,” he adds.

    ECIIA recognises that organisations that operate in multiple jurisdictions face additional problems because reporting requirements remain unharmonised. It says there is a case for developing global best practice and standards to help corporations monitor their global reporting on cyber security and risk effectively.

    The ECIIA’s response also comments on the most pressing current cybersecurity risks and those that it believes will become more prominent over the coming five years. Read the full response here.

     

    ECIIA conference 2016 – early bird discount
    February 2016

    Secure your place and an early bird discount a ECIIA’s European Conference on Governance, Risk and Control 2016 – Navigating in rough waters.

    The conference will take place between 6th and 7th October 2016 at Stockholm’s Waterfront Congress Centre. There will be 4 plenary sessions and over 50 parallel sessions covering a wide range of topics. A full schedule will be available soon.

    Click here to secure your early bird price today.

    Tags: conference
    EBA clarifies internal audit’s position as third line of defence
    February 2016

    The European Banking Authority (EBA) has adopted important clarifications suggested by ECIIA over the role and position of internal audit in the governance structure of companies looking to adopt sound remuneration policies.

    In particular, EBA has said in the final draft of its Guidelines on sound remuneration policies that internal audit should form an independent third line of defence reporting directly to the board so that it can audit the activities of the other control functions.

    “We are pleased that EBA has taken our views on board and clarified this important issue,” Henrik Stein, ECIIA President, says. “Reinforcing our members’ role as the independent, third line of defence provides organisations with the confidence that they can rely on the work of internal audit when it comes to assessing the effectiveness of their remuneration policies.”

    EBA also clarified the involvement of control functions in assessing the risk profile of organisations and how the control functions should be remunerated, which also drew upon ECIIA’s.

    The EBA’s guidelines set out the governance process for implementing sound remuneration policies across the EU and clarify the process for identifying those categories of staff to whom the specific remuneration provisions of the Capital Requirements Directive (CRD IV) apply, including the so called bonus cap.

    See ECIIA’s recommendations in full.

     

  • ECIIA Activity Report 2015, September 2015

    Audit and risk committees: news from EU legislation and best practices, October 2014

    ECIIA Activity Report 2014, September 2014

    ECIIA and EUROSAI: Coordination and cooperation between supreme audit institutions and internal auditors in the public sector, May 2014

    Improving cooperation between internal and external audit, November 2013

    ECIIA activity report 2013, October 2013

    The future of European governance: key views from key people, October 2013

    Guidance on the role of internal audit under Solvency II, June 2013

    ECIIA and ECODA: Making the most of the internal audit function: Recommendations for directors and board committees, December 2012

    Corporate governance codes on internal audit, June 2012

    Corporate governance insight: Reinforcing audit committee oversight over global assurance and internal audit, May 2012

    ECIIA and FERMA: Guidance on EU 8th company law directive, art 41, part 1, December 2011

    ECIIA and FERMA: Guidance on EU 8th company law directive, art 41, part 2, December 2011

    Insight and Oversight: Guidance for audit committees on governance oversight, October 2011

  • Responses to consultation

    Internal audit’s central role in the future of corporate reporting NEW
    July 2016

    Internal audit has a central role to play in the future of corporate reporting as an adviser on, and a builder and consolidator of the reporting process itself, according to the ECIIA’s response to a consultation on the issue by the Federation of European Accountants (FEE).

    “Internal audit adds value to corporate reporting by providing an informed and independent review on processes, risks and controls,” ECIIA President Henrik Stein said in the confederation’s formal response to FEE.

    In the future, developing integrated thinking would be critical if organisations were to be able to present a coherent and comprehensive picture of their long-term strategy and performance, he said. This would require the creation of cross-functional teams, which would include all key areas within the organisation.

    He said organisations needed to adopt clear and unambiguous assurance models to report effectively.

    “It is necessary for internal and external assurance providers to form a common view on issues of relevance, materiality, accuracy and completeness,” he said. “Combined assurance is needed to achieve an informed view on whether reports are fair and balanced and also to improve efficiency.”

    FEE has been consulting on how to evolve corporate reporting in a way that will keep pace with the developing economic reality and address the needs of a wider stakeholder audience.

    To read ECIIA’s response, click here.

    To visit FEE’s page on corporate reporting, click here.

    More communication needed between internal audit and regulators
    May 2016

    Regulators should require regular, structured and ongoing dialogue between the competent authorities supervising insurers and the internal auditors working in them, the ECIIA has said in response to recent consultation by EIOPA (European Insurance and Occupational Pensions Authority).

    That is because internal audit is well-placed to provide an independent opinion about the internal controls, risk management and governance of the companies concerned. Almost 8 out of 10 auditors in Europe say they follow the three Lines of Defense Model at some level, which enables them to provide objective assurance to their organisations.

    “While internal audit’s main line of accountability is to the Audit Committee, it also shares information with the statutory auditors and the regulators,” ECIIA President Henrik Stein said. “Clear and effective communication between all these parties is vital in order to avoid duplication, or gaps, in the overall assurance picture,” he added.

    Stein said he would welcome the opportunity to meet with senior EIOPA officials to discuss in more detail the role of internal audit in this area.

    Read the ECIIA’s response here.

    Tags: EIOPA, Regulation
    Governance gap in Europe’s cyber laws
    March 2016

    Europe’s current legislation on cybersecurity does not include robust corporate governance processes to help businesses manage cyber risks across their operations, ECIIA says.

    ECIIA calls on the European Commission (EC) to develop legislation and guidance frameworks to promote integrated, cross-departmental approaches to manage cyber risks, in its response to the body’s recent consultation exercise. It says a wide range of partners within organisations need to co-ordinate their efforts in this area including compliance, finance, human resources, internal audit, IT and legal functions.

    “There is a real gap in this area that needs to be plugged,” Henrik Stein, ECIIA President, says. “Without joined up thinking and action on cyber security, businesses are at greater risk than they should be.”

    He says that senior management should track and report on the business impact of cyber threats and all risk management activity. “For its part, internal audit evaluates the effectiveness of cyber threat risk management and reports to the audit committee and board on these issues,” he adds.

    ECIIA recognises that organisations that operate in multiple jurisdictions face additional problems because reporting requirements remain unharmonised. It says there is a case for developing global best practice and standards to help corporations monitor their global reporting on cyber security and risk effectively.

    The ECIIA’s response also comments on the most pressing current cybersecurity risks and those that it believes will become more prominent over the coming five years. Read the full response here.

     

    EBA clarifies internal audit’s position as third line of defence
    February 2016

    The European Banking Authority (EBA) has adopted important clarifications suggested by ECIIA over the role and position of internal audit in the governance structure of companies looking to adopt sound remuneration policies.

    In particular, EBA has said in the final draft of its Guidelines on sound remuneration policies that internal audit should form an independent third line of defence reporting directly to the board so that it can audit the activities of the other control functions.

    “We are pleased that EBA has taken our views on board and clarified this important issue,” Henrik Stein, ECIIA President, says. “Reinforcing our members’ role as the independent, third line of defence provides organisations with the confidence that they can rely on the work of internal audit when it comes to assessing the effectiveness of their remuneration policies.”

    EBA also clarified the involvement of control functions in assessing the risk profile of organisations and how the control functions should be remunerated, which also drew upon ECIIA’s.

    The EBA’s guidelines set out the governance process for implementing sound remuneration policies across the EU and clarify the process for identifying those categories of staff to whom the specific remuneration provisions of the Capital Requirements Directive (CRD IV) apply, including the so called bonus cap.

    See ECIIA’s recommendations in full.

     

    Internal auditors should be included in communication between auditors and supervisors
    January 2016

    Internal auditors should be included in the communication process over the scope of work to be undertaken by the statutory auditors and supervisors of credit institutions, the ECIIA has told the European Banking Authority.

    In a written response to the EBA’s consultation on how auditors and supervisors could exchange information better – EBA/CP/2015/17  – ECIIA says: “Communication between competent authorities and statutory auditors, as deemed prudent at any phase of the supervisory or audit processes, may be enhanced by the inclusion of the internal auditors of the credit institution.”

    Since both statutory auditors and supervisors may rely on the work of internal audit, speaking with the function would help provide greater confidence about the activities of internal audit and help to focus work on those areas that most need it.

    ECIIA also says better clarification is needed between the 2nd and 3rd lines of defence by the document.

    It also recommends that the quality of internal audit functions at credit institutions be assessed against how well they comply with International Professional Practices Framework 

    To read the full response, click here.

     

Our current viewsEuropean Corporate Governance MagazinePublicationsPublications index
Responses to consultation   
Theme author: Web developer Front End Developer Wordpress developer Web developer Front End Developer Wordpress developer Notariusz Szczecin