BackText onlyPrint

You need the Flash plugin.

Download Macromedia Flash Player

Location: Central Bank of Bahrain Volume 3—Insurance > Part A > High Level Standards > HC High-Level Controls > HC-6 Management Structure > HC-6.5 Internal Audit > HC-6.5.1
  • HC-6.5 Internal Audit

    • HC-6.5.1

      Bahraini insurance licenseesG must establish an internal audit function to monitor the adequacy of their systems and controls.

      Amended: October 2014
      January 2011

    • HC-6.5.2

      The internal audit function should be independent of the senior managementG , reporting to the Audit committee.

      January 2011

    • HC-6.5.3

      The CBB considers it best practice for captive insurersG to fall within the remit of the internal audit functions of their groups and be subject to periodic review, although no formal arrangements for internal audit cover captive insurersG .

      January 2011

    • HC-6.5.4

      Part or all of the internal audit function may be outsourcedG , or provided at group level, subject to the requirements of Section RM-7.6. Amongst other things, these require licensees to retain responsibility for their internal audit programme, and that appropriate safeguards are built into the outsourcing contract. Furthermore, a licensee cannot outsourceG its internal audit function to its external auditorG (with limited exceptions). Prior approval from the CBB is required for significant outsourcingG arrangements, including all outsourcingG of internal audit. A licensee's head of internal audit is a controlled functionG and requires CBB approval prior to being appointed (see Section AU-1.2).

      January 2011

    • HC-6.5.5

      Internal audit functions must have terms of reference that clearly indicate:

      (a) The scope and frequency of audits;
      (b) Reporting lines; and
      (c) The review and approval process applied to audits.
      January 2011

    • HC-6.5.6

      Paragraph HC-6.5.5 applies irrespective of whether the internal audit function is outsourced. Where it is outsourcedG , the CBB would expect to see these matters addressed in the contract with the outsourcing providerG .

      January 2011

    • HC-6.5.7

      Internal audit functions must report directly to the Audit committee or, where none exists, to the Board. They must have unrestricted access to all the appropriate records of the insurance licenseeG . They must have open and regular access to the Audit Committee, the Board, the Chief ExecutiveG , and the licensee's external auditorG .

      January 2011

    • HC-6.5.8

      Internal audit functions must have adequate staff levels with appropriate skills and knowledge, such that they can act as an effective challenge to the business. Where the function is not outsourced, the head of the functionG should be a senior and experienced employeeG . Internal audit functions must not perform other activities that compromise their independence.

      January 2011

    • HC-6.5.9

      The CBB would expect to see in place a formal audit plan that:

      (a) Is reviewed and approved at least annually by the Audit Committee or, where none exists, the Board;
      (b) Is risk-based, with an appropriate scoring system; and
      (c) Covers all material areas of a licensee's operations over a reasonable timescale, including (where relevant) the process by which a licensee obtains professional actuarial expertise to develop and verify its pricing and reserving policies.
      January 2011

    • HC-6.5.10

      Internal Audit reports should also be:

      (a) Clear and prioritised, with action points directed towards identified individuals;
      (b) Timely; and
      (c) Distributed to the Audit Committee or Board and appropriate senior managementG .
      January 2011

    • HC-6.5.11

      Insurance licenseesG should also have processes in place to deal with recommendations raised by internal audit to ensure that they are:

      (a) Dealt with in a timely fashion;
      (b) Monitored until they are settled; and
      (c) Raised with senior management if they have not been adequately dealt with.
      January 2011

    • HC-6.5.12

      The internal auditor is considered as a head of functionG (see Paragraph AU-1.2.11) and is subject to CBB prior approval for the approved personG occupying this controlled functionG as outlined in Section AU-1.2.

      January 2011

Back to top