Internal Audit Financial Services Code of Practice
Guidance on effective internal audit in the financial services sector
Since its first publication in July 2013, the Financial Services Code has played a pivotal role in raising the professional bar across internal audit in the financial services sector.
This latest (third) edition of the Code only contains minor changes to the previous edition we published in 2017. The main reason for revising the Code is because in January 2020, building on the success of the Financial Services Code, we published our ‘Internal Audit Code of Practice: Guidance on effective internal audit in the private and third sectors’. Following the publication of the new Code there was a need to revise and republish the Financial Services Code, to harmonise the two Codes where it is appropriate. Although the Financial Services Code still contains provisions specific to internal audit operating in the financial services sector.
Our Internal Audit Financial Services Code of Practice aims to enhance the overall effectiveness of internal audit, and its impact, within organisations operating in the financial services sector in the UK and Ireland.
Its recommendations can be regarded as a benchmark of good practice against which organisations can assess their internal audit function.
The Code is principles based and written in the context of a company operating within the UK and Ireland regulated financial services sector. The Code should be applied proportionately, and therefore smaller organisations should apply the principles on which the Code is based in light of their size, risk profile and internal organisation and the nature, scope and complexity of their operations.
Download the full Internal Audit Financial Services Code of Practice
Read a summary of the changes to the Code
Who is it for?
The Code applies to organisations operating in the financial services sector, all of whom should have an internal audit function and audit committee of non-executive directors. This Code contains provisions which are specific to the financial services sector.
Internal audit functions outside the financial services sector and within the private and third sectors should follow our ‘Internal Audit Code of Practice: guidance for effective internal audit in the private and third sectors’.
Whilst it may prove useful for internal audit in the public sector, it is not drafted with the public sector specifically in mind and public sector internal audit functions should continue to follow the Public Sector Internal Audit Standards.
Related content
Technical guidance
This series of guidance pulls together further information and resources to help you implement the revised Financial Services Code.
Annual governance, risk and control assessments
Auditing new product development
Bank’s capital and liquidity – auditing ICAAP and ILAAP
Risk assessments and prioritisation of internal audit work
Associated publications
Stepping up: reassessing the impact and implementation of the Financial services Code
Building effective internal audit
Embedding effective internal audit in the financial services sector
