Audit & Risk

Interview with Lord Smith of Kelvin

Internal auditors are in a unique position to become the canary in the mineshaft of corporate culture, according to Lord Smith of Kelvin. Alice Hoey asks him to tell us more.

in Features.

Article Image

Photograph by Paul Stuart

I have had the opportunity and privilege to consider internal audit closely and shape how it fits into the big picture of corporate governance. Since I developed the Smith Guidance for audit committees in 2002 after the Enron scandal, internal auditing has come a long way. It’s now part of the fabric of any substantial organisation and one of several prongs of assurance. Management attitudes to internal auditing are also changing, while audit committees’ communications and relationships with internal audit tea.

But there’s still work to do by internal auditors to get under the skin of a business – to understand leadership behaviour and the cultural issues and incentives that drive its operations and strategy. These are the things that really matter. 

Enron marked a big bend in the road, for internal auditing, external auditing and corporate governance. Political and regulatory action followed and strengthened the role of the internal audit, while organisations got to grips with embedding its importance. 

The financial crisis was a moment of similar significance for internal auditing and has led to more soul-searching among professionals than at any time I can remember in my career. It has offered a great platform for internal auditing to develop again, increasing its reach into big-picture risk areas. If the opportunity is grasped, the profession’s status as a trusted adviser will continue to grow. This will strengthen the already robust link between audit committees and internal auditors.

Question everything
It’s important to understand that corporate failures aren’t caused by fraud or inadequate controls. These might exacerbate a bad situation or deal the killer blow, but they don’t put companies out of business. The real cause of corporate failures is unwelcome behaviour in the leadership culture – greed, hubris, bullying and obfuscation, leading to fantasy growth plans and decisions taken for all the wrong reasons. As the saying goes, the fish rots from the head down. 

A good audit committee, therefore, must understand not only operations, strategy and transactions, but also what underlies them, who’s driving them and how this is being done. They must get to grips with the culture of the business. We may not be able to stop another crisis, but that must be the ambition. When the good times roll, it’s hard to stay focused on the “what if?” questions, but internal audit should be the natural home for this attitude. Internal auditors need to be sceptics as well as providing assurance that risks are adequately identified and assessed. 

You are in the business all year round, so who better to form an objective view of the economic purpose of business transactions, and not only the controls surrounding them? Internal auditors should deliberately seek out the unmanaged risks, ask the “what if?” questions and be able to describe the economic reality of the products and services of the business. This is where the big post-crisis opportunity lies. To understand what you’re auditing, you need high-quality people with access to the right information, involvement in the right discussions and the licence to operate in a way that supports objectivity. 

Management teams should include internal auditing in strategy discussions and the product development process so that they can see the big picture and appreciate what assurance is needed. And internal auditors must understand the risk appetite, the overall quality of corporate governance and the financial leverage of the business.

The next generation
Internal auditing is perhaps the most important pillar in effective corporate governance and risk management. It has a unique position and can cover much broader risk areas than any external audit could. 

Although paid by the organisation that it’s scrutinising, the internal audit team occupies the no-man’s land between the management team and the non-executive directors. It’s the permanent bridge, in the case of a listed company, between what’s happening in the business and the representatives of the company’s owners. This role requires a balanced approach and real bravery. 

Looking back over a decade, I’m immensely proud of how internal auditing has developed. The quality of people choosing to enter the profession; the interaction of audit committees with internal auditing teams; and the growth in the status and value of internal auditing in businesses are reassuring signs. But, in order to move to the next level, we need more attention on behaviour and culture. That needn’t be at the expense of process, but we all know that ticking boxes in the run-up to 2008 didn’t help the banks. We need to move incrementally towards a clear understanding of the underlying motivations that drive projects and transactions. 

That’s where the non-executives really look to the internal auditing team. They need that objectivity and integrity. You can read the committee papers, understand the operations and strategic intent, and see the bubbles going up and down against the risks. But a good audit committee must develop a feel for how it’s all being delivered. If the financial crisis doesn’t provide a platform for the profession to broaden its focus, I don’t know what will.  

For information about the 2003 Smith Guidance, visit the website.

>> IN PROFILE
Robert Haldane Smith, Baron Smith of Kelvin, started his career in accounting before holding positions in a range of financial institutions, including RBS, Deutsche Asset Management, Bank of Scotland, the Financial Services Authority and the Institute of Chartered Accountants of Scotland. 

Currently chairman of the Weir Group and Scottish and Southern Energy, Smith has been a chairman or non-executive director of a number of large public companies over the past decade. It is in this capacity that he has gained a perspective on the considerable importance of internal auditing. 

In 2003, Lord Smith developed the Smith Guidance, which has since been incorporated in guidance issued under the UK’s corporate governance code. The guidance was revised in 2008 and 2010 to be implemented from April 2011. Its guiding philosophy is that the personal qualities of the members of the audit committee are more important than their financial or technical expertise.

In recognition of Smith’s long-standing work as a champion of the internal auditing profession, the Chartered Institute of Internal Auditors awarded him an honorary fellowship in November 2010.  

“There’s still work to do by internal auditors to get under the skin of a business – to truly understand the behaviour of its leadership”

The IIA: find out more

Visit the main IIA site

Jobs

Auditor

Post Number: FSA02
Grade: 7- SO2 Salary: £23,166 - £29,854
Hours: 37 per week

Audit Manager

£38,789 - £42,474 pa
37 hpw, permanent.

Senior Internal Auditor

Sector: Not For Profit
Salary: £41,000 (raising to £46,000 after probation)
Location: London
Job Ref: SD/148943

Careers advice

Destination designation

The Chartered IIA is keen to work with organisations that want to ensure all their internal auditors have the right skills to succeed in today’s industry. One of these is Citigroup, which recently launched a training scheme accredited by the institute and put 20 senior internal auditors through the Chartered by Experience route to achieve CMIIA. So what does this look like in practice?
Words: Ruth Prickett

Gold standard – the value of recognition

Being chartered demonstrates your skills and competence and gives you influence within both your organisation and the wider profession. All dedicated internal auditors should aspire to it, writes Ian Peters, chief executive of the IIA.

Chartered by Experience

There is a new route to becoming a chartered internal auditor: Chartered by Experience.

Training & Development

CPE: Solid foundations

Continuing professional education is an important tool for developing your skills, progressing through your career and ensuring that the qualification and the profession are respected. The Chartered IIA’s CPE requirements will be changing in April to bring them into line with those of IIA Global. So what do you need to know to stay ahead?
Words: Ruth Prickett

Destination designation

The Chartered IIA is keen to work with organisations that want to ensure all their internal auditors have the right skills to succeed in today’s industry. One of these is Citigroup, which recently launched a training scheme accredited by the institute and put 20 senior internal auditors through the Chartered by Experience route to achieve CMIIA. So what does this look like in practice?
Words: Ruth Prickett

Gold standard – the value of recognition

Being chartered demonstrates your skills and competence and gives you influence within both your organisation and the wider profession. All dedicated internal auditors should aspire to it, writes Ian Peters, chief executive of the IIA.

Tools

You asked us

Our technical helpline provides valuable advice to members on a host of professional issues. Here are some of the questions you’ve recently asked.

Early warning systems

New regulatory demands for whistleblowing – or “speak up” – policies are raising the bar on best practice. Internal auditors need to take note.
Words: Alexander Glebovskiy

CPE: Solid foundations

Continuing professional education is an important tool for developing your skills, progressing through your career and ensuring that the qualification and the profession are respected. The Chartered IIA’s CPE requirements will be changing in April to bring them into line with those of IIA Global. So what do you need to know to stay ahead?
Words: Ruth Prickett