Integrated Report 2020

INTEGRATED REPORT 2020 CIM FINANCIAL SERVICES LTD Corporate Governance Report 4. INTERNAL AUDIT FUNCTION Governance and structure During the year under review. the Internal Audit Function of Cim Finance Ltd (“CFL”), performed audit engagements for Cim Financial Services Ltd (CFSL) in terms of the Service Level Agreement approved by the Audit Committee of CFL and the Risk Management and Audit Committee (“RMAC”) of CFSL. The main role of the function is to provide an independent, objective assurance and consulting activity designed to add value and improve the company’s operations. The Internal Audit Function is independent of Executive Management and functionally reports to the RMAC and Audit Committee on a quarterly basis. The Head of Internal Audit presents audit reports to the RMAC and Audit Committee, and discusses key issues contained therein. The Head of Internal Audit has a direct reporting line to the Chairperson of the Audit Committee and RMAC. He has regular meetings with the respective Chairperson thereby further establishing Internal Audit’s independence. The RMAC and the Audit Committee approve the Risk-Based Internal Audit combined plan, ensure adequate resources are available to deliver on the plan and evaluate the effectiveness of the Internal Audit Function. Moreover, in the performance of their duties, the Internal Audit Function has unrestricted access to all documents, key personnel and Management staff. There was no limitation of scope placed on the internal auditors in conducting the audits. Internal audits are carried out in accordance with the Standards for the Professional Practice of Internal Auditing issued by the Institute of Internal Auditors (IIA). Internal audit staff also abide by the Code of Ethics established by the IIA and by Cim Finance Ltd. In terms of structure, the Internal Audit Function was segregated into two units, namely Risk Based and Consulting units. The Risk Based unit performed assurance engagements in line with the definition of the IIA as well as IT audit engagements. The Consulting unit performed engagements that do not fall within the Risk Based unit scope such as Investigations, Independent reviews, etc. Both units use a risk based approach when building up the Internal Audit Plan for the year.The structure, organisation and qualifications of the key members of the Internal Audit team are listed on the Company’s website. During the year under review, the Internal Audit team carried out 1 internal audit assignment for CFSL. At the level of CFL, 23 audit assignments were completed and consisted of risk base, IT, consulting and investigation. Independence and objectivity The Internal Audit Function confirms that independence and objectivity were maintained throughout the year by ensuring the following: • There was no interference by any element in the company, including matters of audit selection, scope, procedures, frequency, timing, or report content. • Internal audit staffhavenodirect operational responsibility or authority over any of the activities audited and hence do not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair judgment. Internal audit staff also refrained from reviewing specific operations for which they were previously responsible; made proper disclosures if independence or objectivity was impaired, or if there was any conflict of interest; have not accepted anything that may impair or be presumed to impair their professional judgment; and were aware of the threat of over-familiarity. Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. 5. EXTERNAL AUDIT The external auditors of the Company and the Group are BDO & Co (“BDO”) who were appointed as external auditors in replacement of Ernst and Young at the Annual Meeting of Shareholders held on 10 July 2020. The selection and appointment of BDO as auditors was carried out following a tender issued by the RMAC in November 2019. Following responses received, four external audit firms were shortlisted and presented their proposals before the RMAC, after which BDO was recommended for appointment as external auditors. The RMAC discusses critical policies and external audit issues with BDO as and when necessary, and meets them at least once a year without management being present. 54