Main Menu

President's message

July 2016

Combined Assurance Approach on Effectiveness of Internal Controls
A recent review was commissioned by the Singapore Exchange (SGX) to examine the annual reports of 545 mainboard listed companies for fiscal year between July 1, 2014 to June 30, 2015 with the intent of using the results to help companies improve their disclosures and overall governance standards. One of the key observations was that while 95 per cent of the companies indicated that an internal audit (IA) function exists, only 53 per cent disclosed the effectiveness of internal controls. 
Internal control as defined by the COSO framework is a process, effected by an entity's board of directors, management and other personnel. It is designed to provide reasonable assurance regarding the achievement of objectives relating to effectiveness and efficiency of operations; reliability of financial reporting and compliance with applicable laws and regulations. 
To assess the effectiveness of internal controls, it is important to apply the combined assurance framework. The assurance should be provided collectively by the board, senior management and other internal assurance providers supporting management are risk management, internal control and compliance functions. However, based on the IIA Research Foundation’s Global IA Common Body of Knowledge (CBOK) 2015 Practitioner Survey, it was noted that globally, only 59% of respondents were aware of combined assurance , and in East Asia and Pacific, the percentage was 50%. 
IA as an independent function that reports to the audit committee plays an important role in facilitating or coordinating the combined assurance framework. 
At the same time, it is also important for organisations to be aware that internal control is not a panacea that provides complete assurance. It can only provide “reasonable assurance” due to inherent limitations in all internal control systems e.g. the human frailty in making business decisions, circumvention of internal controls by the collusion of two or more people and management override of internal controls.
Yours Sincerely
Tan Boon Yen

June 2016

Anti-Money Laundering (AML) Reviews

In the recent news of BSI Bank being asked by MAS to shut down its merchant bank operation in Singapore, we are reminded that with the growing global terrorists and organized crime threats and regulatory requirements, breaches of Anti-Money Laundering (AML) rules should be taken seriously as it could result in fines, criminal charges and also removal of the bank’s license to operate. 

Banks are required to establish AML programmes that include Know Your Customer (KYC) procedures to prevent banks from being used for money laundering activities. In Singapore, there are AML Laws and Regulations that requires banks operating in Singapore to establish robust procedures that would not only detect but also deter the flow of illicit funds through the local financial system. Failures in the governance or lapses in AML controls would expose the banks to reputational, operational and compliance risks. 
In the assessment of AML risks, it is important for compliance and internal audit functions to assess not only policies, systems and processes but also the people and other intangible aspects of the organisation. The organisational culture and tone at the top influences the level of control consciousness of people within the organisation. It is necessary to evaluate management’s philosophy and operating style and commitment level to integrity and ethical behavior. It is necessary to get a good understanding of the internal and external operating environment that could have an impact on senior management’s approach in taking business risks, meeting budgets, profit and other financial and operating goals. 
To keep up with the escalating concerns and regulatory pressures, Internal Audit departments should work closely with their stakeholders to review the robustness of the organisation’s AML programme and monitoring compliance.  It is also important to review the organisation’s governance structure to ensure that there is a clear commitment from the top and independent channels to report unethical practices or violations.
Yours Sincerely
Tan Boon Yen


May 2016

May is International Internal Audit Awareness Month
May is International Internal Audit Awareness Month and it is a great opportunity to promote the value of internal audit to our customers, executive management, board of directors and other stakeholders. For example, organisations can hold lunch-and-learn sessions with staff at all levels of the organisation to share what is the purpose of internal audit, how it is an integral part of the organization and also, very importantly, the value proposition of internal audit to the stakeholders.  The IIA Singapore (IIAS) has been invited to attend such an event organised by one of the Internal Audit Department in Singapore and the expected turnout is 150! 
It is important for internal audit (IA) functions to share their broader role and how the organisation as a whole, can tap on IA capabilities and resource, not only in strengthening of internal controls and governance, but also to provide objective assessments and insights into their businesses and operations. IA also focuses on alignment of business, operations and goals. Good collaborative efforts with management, business and operating teams pave the way for continuous review and improvements of performance, operations, processes and systems. Internal auditors of today are no longer accountants by training. Rather, they are from diverse backgrounds and skill sets such as business and industry specific knowledge, IT and data mining and analytics. They have a broader focus that includes risk management, operational efficiencies and effectiveness and compliance management, and are important business advisors and change catalysts. 
In celebration of the International Internal Audit Awareness Month, IIAS has organised an interesting evening talk cum networking event (find out more or register here) on 26 May 2016 where internal auditors can bring their auditees/clients, CEOs, CFOs, AC members, etc, to join them for the evening, mingle and enjoy the food & drinks.  
Do not miss the unique opportunity to interact with your IA stakeholders and do mark your calendars and sent them an invite soon!!
Yours Sincerely
Tan Boon Yen

April 2016

Productivity and Innovation
The Singapore Budget 2016 focuses on economic transformation and building a caring and resilient society and sees the launch of a new $4.5 billion “Industry Transformation Programme”. The budget seeks to help enterprises scale and internationalize, automate to build capacity, encourage innovation and provide a broad range of support to small, medium size enterprises (SMEs). The government sees that all business, large or small, have to compete on productivity and innovation.
How can we align IA efforts in help to improve productivity in organizations? Productivity encompasses both effectiveness and efficiency. Firstly, IA functions themselves must look at how they can improve efficiency and effectiveness of IA processes. With the advent of technology and big data, IA has to leverage on audit tools and technology to perform audits effectively and efficiently. In its assurance role, IA function should also consider what is important to help their organizations to improve productivity. IA should capitalize on its knowledge of the organization, the people, functions, systems and processes, to provide recommendations to improve effectiveness and efficiency of operations. In assessing the adequacy of controls, IA should also consider what are cost-effective controls better balance both effectiveness and efficiency.
The IIA Singapore’s 2016 Public Sector Internal Audit Conference will be held at Marina Bay Sands, Sands Expo and Convention Centre this week i.e. April 21 & 22. The conference covers topics ranging from Cyber Security, Innovation, Fraud to Data Analytics with panel discussions on “How IA can be innovative to enhance and protect organisational value?” and “How can IA stay relevant in the changing world?” The panel session will provide insights on leading practices in IA, views on innovation and how it relates to IA, the barriers to innovation and the staff qualities to facilitate innovation. We look forward to another fruitful conference and look forward to seeing you there.
Yours Sincerely
Tan Boon Yen

March 2016

Proposed Changes to Internal Audit Standards
The Institute of Internal Auditors (IIA) has announced proposed changes to its International Standards for the Professional Practice of Internal Auditing (“Standards”) on 1 February 2016. An online survey for you to comment during a 90-day exposure period, ending on April 30. 
The International Professional Practices Framework (IPPF) mandatory guidance is subject to review at least once in every three years. This review will incorporate the new mandatory guidance i.e. the Core Principles. With the continuous and rapid changes in our business environment, the demands on internal audit have correspondingly increased. 
The proposed changes also incorporates new Standards that address the need for CAE’s to take on roles extending beyond internal auditing. There is a need to address situations where objectivity may be impaired when assurance projects are subsequently undertaken for the same areas that internal audit undertaken a consulting role. Other than providing clarity on some requirements in the existing standards, the proposed enhancements also include the alignment of existing Standards with the new set of Core Principles that was incorporated into the IPPF last year, the Quality Assessment and Improvement Program and the communication between CAE, the board, and senior management.
Do participate in the review as your feedback is important to ensure that the proposed Standards sufficiently support the demands of the profession, its practitioners, and your stakeholders. Inputs submitted will be reviewed and considered before final revisions are approved in the third quarter of 2016. The revised Standards will become effective on 1 January 2017. IIA Singapore will be conducting a lunch time talk on 29 March 2016 to provide an overview on the proposed changes. Do save the date to attend.
Yours Sincerely
Tan Boon Yen


February 2016

Building Collaborative Relationships
As the Lunar Year of the Monkey swings its way into our lives, let us all have a year filled with an abundance of joy, prosperity and good luck!! The IIA Singapore (IIAS) turns 40 this year and we look forward to kick off our 40th anniversary with our annual Lunar New Year Lo-Hei luncheon on 19 February 2016.
With the uncertainties and slow down in many economies, businesses need to be agile to effectively manage the risks and seek opportunities in a more challenging climate. For Internal Audit (IA) to effectively discharge its responsibilities in evaluating and improving the effectiveness of risk management, control and governance processes, it needs to work closely with its stakeholders to better align it focus and anticipate emerging risks. Recognizing the importance of this, IIAS plans to organise various events that also involve the IA stakeholders e.g. the Audit Committee (AC) and senior management, to provide a forum for interaction. Frequent and open communications with stakeholders are necessary not only for IA to better understand their expectations, but also for IA to “market” its capabilities and initiatives and share valuable insights so that stakeholders better appreciate the value of IA. To quote a couple of points made at the 2015 Asia Internal Audit Leadership Programme (jointly organised by the Singapore Accountancy Commission and IIAS) which aptly describes the need for IA to build collaborative relationships - a) “IA can exercise influence though they do not hold formal authority” and b) “Influence trumps authority. Exercise a firm but moderating influence so as to bring people along with the plan while ensuring the plan is feasible and practical”.
Let us all work towards building and managing effective stakeholder relationships. I would like to wish all a smooth sailing 2016 despite the ups and downs that we should take in our stride.
Yours Sincerely
Tan Boon Yen


January 2016

Upcoming Public Sector IA (PSIA) Conference
The Deputy Prime Minister, Mr. Tharman, spoke at the Public Service Leadership Dinner, highlighting several priorities for the Public Sector. One of it was to develop pools of expertise to meet emerging and complex challenges and another priority – to strengthen a culture of lifelong learning among public officers. 
It will be useful to note that the IIA Global Internal Audit Competency Framework (“The Framework”) has defined the competencies needed for internal auditors to meet the requirements of the International Professional Practices Framework (IPPF)® for the success of the internal audit profession. The Framework provides a structured guide, enabling the identification, evaluation, and development of those competencies in individual internal auditors. It covers 10 core competencies within 6 categories i.e. Improvement and Innovation, Internal Audit Delivery, Personal Skills, Technical Expertise, Internal Audit Management and Professional Ethics. 
The IIA Singapore (IIAS) will continue to provide platforms for the sharing of ideas and expertise, and to develop the skills of internal auditors through education and professional development. The 2016 PSIA Conference is themed, “New Horizon for Public Sector: Governance, Risk, Internal Control”. In an increasingly complex and dynamic environment, IA needs to keep pace with the external and internal environments, understand the strategic directions and changes in the public sector landscape to effectively discharge its responsibilities to provide assurance that public resources are managed responsibly and effectively. 
IIAS will be inviting close to 20 leading practitioners and experts to share their knowledge, experience, best practices and current issues and development at the 2016 PSIA conference on 21-22 April, Marina Bay Sands, Sands Expo & Convention Center. We look forward to another fruitful conference and look forward to seeing you there.
Wishing all a great year ahead and also a Happy and Prosperous Lunar New Year!!
Yours Sincerely
Tan Boon Yen


December 2015

Looking Forward To An Exciting 2016
It is the time of the year when we reflect on the achievements and make resolutions for the new year. It is also a time when we unwind a little, after all, everyone has earned a well deserved break to enjoy the festive cheer and holidays.
2016 will be a significant year for The Institute of Internal Auditors Singapore (IIAS) as the Singapore chapter will be 40 years old. There will be activities and events held throughout the year to celebrate our anniversary with our members, collaborating partners and institutes and the larger community.  It is a time to celebrate our achievements and commemorate the efforts of all that made the IIAS journey worthwhile and beneficial to the IA professionals, its stakeholders and the business community. Incidentally, The Institute of Internal Auditors (IIA) in the US will also be celebrating its 75th anniversary next year. 2016 will be an exciting year for all of us!
In conjunction with the 40th anniversary celebrations, IIAS will be hosting the Asian Confederation Institute of Internal Auditors (ACIIA) Conference in November 2016.  ACIIA is a confederation of seventeen IIA affiliates in the Asia Pacific region that aims to provide dynamic leadership for the IA profession by coordinating the development, enhancement and promotion of the IA profession in the Asian Region. Do look out for activities and programmes in the IA Awareness month which is in May 2016. IIAS will continue to work with various collaborating partners to organize seminars, talks and training programmes that addresses not only the needs of IA practitioners but also very importantly, our stakeholders e.g. the Audit Committee and the C-Suites. Together with our collaborating partners, we will continue to organize leadership programmes and conferences, tailored to meet the needs of IA leaders. 
We look forward to an exciting year ahead working towards greater progress with the profession and advancing the value of IA to our organizations.
Wishing all a blessed Christmas and New Year!
Yours Sincerely
Tan Boon Yen

November 2015

Journey towards IA Excellence
The Internal Audit Excellence Award ("IAEA") was presented at the Securities Investors' Association (Singapore) Investors' Choice Awards dinner on 16 October 2015. The IAEA honours and recognises public-listed companies that have put in place an effective internal audit function to enhance corporate governance, risk management and internal controls.  IIA Singapore congratulates this year's award winner SMRT Corporation Ltd and the runners-up i.e. Frasers Centrepoint Limited and Keppel Corporation Limited. Also, congratulations to Ms. Tan Eng Hwa, General Manager, Group Internal Audit, Keppel Corporation Limited, who is the Special Recognition Award Recipient. The excellent standards and achievements set by the award winners serve as a beacon for the internal audit profession to aspire to.
At this time of the year, Internal Audit (IA) functions will be reviewing and  updating their  IA  plan for 2016.  It is important to seek inputs of stakeholders e.g.  the Audit Committee, senior and operating management as well  as  compliance  and risk management units to understand the short and longer term businesses  strategies  and objectives, given the challenging times  ahead for most businesses and to better address the emerging risks that will impact organization. IA's efforts need to be clearly aligned to help organizations succeed in managing risks as it pursues new business goals and initiatives.
At the IIA Singapore's Global Leadership Summit and Annual Conference themed  "Agents  of  Change, Pillars of Control" last month, there were interesting discussions  and  insights  not only from IA practitioners but also from IA stakeholders e.g. the Audit Committee Chairs or Members, CEOs and CFOs. Useful inputs, ideas and view points were gathered during the conference and I am  sure it will spur many IA practitioners to venture beyond the norms to transform and  progress  to being strategic advisors and value add partners to their organizations.
Some of the key takeaways are:
a) Internal auditors need to be good communicators and must be able to establish  rapport  and  gain  the  trust  of  their stakeholders, namely the Audit Committee and senior management. Auditors need to connect  with  the  business  people, build strong relationships with business leaders in order to better understand their expectations, business issues and strategies. Communications would also include sharing valuable insights acquired by IA across the organization to address silos and improve coordination  across the organization. 
b) IA  needs to understand the real world business and commercial issues  and look at internal controls with the bigger business agenda in mind. Some organizations put internal auditors on immersion programs that include short term secondments to business or operating units. IA efforts should be aligned with business strategy and provide both  assurance  and advisory support to the board and senior management in the effective business strategy implementation.
c) Internal auditors need to continually adapt, keep up with and leverage  on technology, internal and environment changes and demands to remain relevant and add value to organizations. The CAE of DBS shared how the internal audit in DBS IA has evolved to adopting continuous and predictive auditing. The CAE of Ayala Corporation in the Philippines shared how they have geared up to be a business enabler and partner.
As we plan our strategies and focus of IA for the coming year(s), it is important  to plan and build up resources which include competencies and skill sets, engaging external  specialists  and  other enablers to improve the effectiveness  and  efficiency of IA operations. The journey towards IA excellence requires Internal Auditors to continually develop and invest in  themselves  through  learning  and  development, certification and qualification, networking and relationship building at different platforms e.g. conferences,   volunteering  in  IIA  institutes  and committees,  research and education and advocacy activities to promote the value of IA profession.  On this note, it is IIA Singapore's mission to  lead the IA profession and advance its value to organizations and we will  continue  to  provide the platforms through seminars and conferences, the  IIA  Academy as well as participate and provide support in research and promote the importance of IA function to its stakeholders.
Yours Sincerely
Tan Boon Yen


October 2015

Agents of Change, Pillars of Control
The  2015  Global  IA  Leadership Summit & Annual Conference with the theme "Agents of Change, Pillars of Control" will be held this week from 14 to 16 October 2015 at the Marina Mandarin Hotel.
The inaugural Global Internal Audit Leadership Summit on 14 October 2015 is organized  together  with Singapore Accountancy Commission as our strategic partner. One  of  the  main  objectives  of  the  summit  is to create a collaborative environment for internal audit professionals and stakeholders to share their knowledge and experiences and also to develop new ideas to bring  internal  audit to the next level. The views of IA stakeholders i.e. the Audit Committee  and members of the C-Suites, will be sought on IA as change agents as they keep watch over the organization's pillars of control in  the increasingly challenging and complex business and regulatory environment. Various IA leaders will share valuable insights on the strategies of building an IA function to transform internal auditing into a well-recognized, value-adding activity to all stakeholders.
The Leadership Summit will be followed by a 2-day Annual  Conference with an excellent line up of both local and global speakers as well as practitioners in their fields of expertise. The speakers will share insights based on their experiences  in areas such as leading IA practices, ERM, procurement, fraud investigation, data  analytics,  fighting  corruption, cyber security and sustainability reporting.  Participants will also hear from the panelists who represent different IA stakeholder groups, their views and expectations of IA and how we can bridge the gaps.
Through this conference, IIA Singapore also hopes to create open communication  channels  between IA and its stakeholders; generate awareness of  the  unique  perspectives that IA has on an entity-wide basis at all levels; and the capabilities IA has to synergize, coordinate and offer more insightful, practical and effective advice.
Do join us at our Global Leadership Summit and Annual Conference this week to learn, share, exchange ideas and experiences and network with one another. Looking forward to catching up with all at the conference and another fruitful conference!
Yours Sincerely
Tan Boon Yen