BackRich TextPrint

You need the Flash plugin.

Download Macromedia Flash Player



  • HC-6.5 Internal Audit

    • HC-6.5.1

      Bahraini insurance licensees must establish an internal audit function to monitor the adequacy of their systems and controls.

      Amended: October 2014
      January 2011

    • HC-6.5.2

      The internal audit function should be independent of the senior management, reporting to the Audit committee.

      January 2011

    • HC-6.5.3

      The CBB considers it best practice for captive insurers to fall within the remit of the internal audit functions of their groups and be subject to periodic review, although no formal arrangements for internal audit cover captive insurers.

      January 2011

    • HC-6.5.4

      Part or all of the internal audit function may be outsourced, or provided at group level, subject to the requirements of Section RM-7.6. Amongst other things, these require licensees to retain responsibility for their internal audit programme, and that appropriate safeguards are built into the outsourcing contract. Furthermore, a licensee cannot outsource its internal audit function to its external auditor (with limited exceptions). Prior approval from the CBB is required for significant outsourcing arrangements, including all outsourcing of internal audit. A licensee's head of internal audit is a controlled function and requires CBB approval prior to being appointed (see Section AU-1.2).

      January 2011

    • HC-6.5.5

      Internal audit functions must have terms of reference that clearly indicate:

      (a) The scope and frequency of audits;
      (b) Reporting lines; and
      (c) The review and approval process applied to audits.
      January 2011

    • HC-6.5.6

      Paragraph HC-6.5.5 applies irrespective of whether the internal audit function is outsourced. Where it is outsourced, the CBB would expect to see these matters addressed in the contract with the outsourcing provider.

      January 2011

    • HC-6.5.7

      Internal audit functions must report directly to the Audit committee or, where none exists, to the Board. They must have unrestricted access to all the appropriate records of the insurance licensee. They must have open and regular access to the Audit Committee, the Board, the Chief Executive, and the licensee's external auditor.

      January 2011

    • HC-6.5.8

      Internal audit functions must have adequate staff levels with appropriate skills and knowledge, such that they can act as an effective challenge to the business. Where the function is not outsourced, the head of the function should be a senior and experienced employee. Internal audit functions must not perform other activities that compromise their independence.

      January 2011

    • HC-6.5.9

      The CBB would expect to see in place a formal audit plan that:

      (a) Is reviewed and approved at least annually by the Audit Committee or, where none exists, the Board;
      (b) Is risk-based, with an appropriate scoring system; and
      (c) Covers all material areas of a licensee's operations over a reasonable timescale, including (where relevant) the process by which a licensee obtains professional actuarial expertise to develop and verify its pricing and reserving policies.
      January 2011

    • HC-6.5.10

      Internal Audit reports should also be:

      (a) Clear and prioritised, with action points directed towards identified individuals;
      (b) Timely; and
      (c) Distributed to the Audit Committee or Board and appropriate senior management.
      January 2011

    • HC-6.5.11

      Insurance licensees should also have processes in place to deal with recommendations raised by internal audit to ensure that they are:

      (a) Dealt with in a timely fashion;
      (b) Monitored until they are settled; and
      (c) Raised with senior management if they have not been adequately dealt with.
      January 2011

    • HC-6.5.12

      The internal auditor is considered as a head of function (see Paragraph AU-1.2.11) and is subject to CBB prior approval for the approved person occupying this controlled function as outlined in Section AU-1.2.

      January 2011

Back to top