Article

Considerations for Internal Audit in light of UK SOX

Understanding the UK Corporate Governance Code

March 2021

As the UK continues on the journey of reforming corporate governance, companies and auditors are facing even tougher new obligations that will re-shape the approach to financial controls.

Overview

In their reviews of financial reporting and the effectiveness and quality of audit reform, both Sir John Kingman and Sir Donald Brydon have called for better internal controls over financial reporting. These recommendations reflect a wider, global sentiment from society that stronger internal control environments are needed to prevent material fraud and unexpected company failures.

We provide a reminder of current UK requirements and discuss how to navigate change, looking at Kingman’s and Brydon’s recommendations. A white paper from BEIS is due this spring on the recommendations from these reviews and we discuss what this means.
 

Next steps

As the prospect of UK SOX grows ever more certain, it is important that internal audit is proactive and prepared. We provide a four-step process, a useful framework against which to conduct a gap analysis. These steps are implicit in current UK Corporate Governance requirements, although few apply them in practice, and are likely to be the foundation of any new regulatory framework with regard to ICFR. In addition to a gap analysis, internal audit should recommend that management scale the likely compliance task by completing preliminary steps.
 

Looking ahead

With a form of UK SOX expected in 2023/24, many businesses today believe to be somewhat ready, but with significant improvement required to achieve full compliance. It is vital that organisations are ready to consider their controls, so not to be adversely impacted in the future and be required to plug any gaps with improvised solutions, to the detriment of the whole control environment. The time for action is now.

Did you find this useful?