Published on: May 21, 2025

INTERNAL AUDIT MECHANISMS

INTERNAL AUDIT MECHANISMS

NEWS – SEBI Issues Guidelines on Internal Audit Mechanisms for Market Infrastructure Institutions (MIIs)

OBJECTIVE OF THE GUIDELINES

  • Strengthen governance at MIIs such as stock exchanges, clearing corporations, and depositories.
  • Enhance operational efficiency, transparency, and accountability.
  • Reinforce adherence to laws, regulations, and risk management standards.

KEY GUIDELINES FOR INTERNAL AUDIT

Importance of Internal Audit

  • Helps identify, assess, and mitigate risks affecting:
    • Operations
    • Efficiency
    • Financial stability
  • Ensures compliance with:
    • Laws and regulations
    • SEBI circulars and guidelines
    • Industry standards

Frequency and Coverage

  • Internal audits must be conducted at least once per financial year.
  • Coverage includes all functions under three verticals:
    • Vertical 1: Critical operations
    • Vertical 2: Regulatory compliance, risk management, investor grievances
    • Vertical 3: Other areas such as business development

APPOINTMENT AND ROLE OF INTERNAL AUDITORS

Appointment Policy

  • Auditors must be from independent audit firms.
  • MIIs must establish a clear policy for appointing auditors.
    • Policy approval required from both:
  • The Audit Committee
  • The Governing Board

Audit Reporting

  • Internal auditor will report only to the Audit Committee.
  • Audit scope must be approved by the Audit Committee.
  • Terms of reference should be standardised in consultation with the Industry Standards Forum of MIIs (ISF).

REPORTING AND FOLLOW-UP PROCESS

Observation Handling

  • Observations by auditors must be sent to relevant Heads of Departments (HoDs) for comments.
  • Final report must include:
    • All observations
    • HoD comments
    • Rationale for any dropped or closed issues
  • Audit committee may consult statutory committees if needed.

Audit Briefings

  • Internal auditor must brief the Audit Committee twice a year:
    • Within 60 days of end of September and March
    • Briefings must occur without management to maintain objectivity.

AUDIT COMMITTEE RESPONSIBILITIES AND COMPOSITION

Functions of the Audit Committee

  • Approval of related party transactions
  • Scrutiny of financial statements
  • Evaluation of:
    • Internal financial controls
    • Risk management systems

Composition Rules

  • No executive director, including the Managing Director (MD), can be a member.
  • Auditors and Key Management Personnel (KMPs):
    • May attend meetings for discussions
    • Do not have voting rights
  • KMPs and MD can attend by invitation of the Chairman but also cannot vote.

ADDITIONAL PROVISIONS

Cooling-off Period Removal

  • SEBI eliminated the cooling-off period for Public Interest Directors transitioning between MIIs.

Implementation Timeline

  • The guidelines will take effect 90 days after the issuance of the circular.