Financial institutions are facing an ever increasing level of supervisory scrutiny, triggered by a wave of new regulatory and supervisory requirements that have been published over the past years. The bar has been raised and many institutions are in a constant process to live-up to these new expectations.

KPMG observed that in recent years, next to the typical attention that 1st and 2nd line of defense attract, there is an increased attention towards the functioning of the 3rd line of defense. We observe that Internal Audit Functions are required to go beyond the “traditional” audits that are typically more process and governance oriented and to also be able to challenges more intrinsic complexities. Supervisors challenge Internal Audit Functions directly through targeted on-site investigations, or as part of a broader on-site investigation. For instance, during the Targeted Review of Internal Models exercise, the ECB ruled that more than one third of all institutions lacked sufficient challenge by Internal Audit.

Main challenges observed in the market

  • Living up to regulatory expectations – expectations are not fully transparent and institutions struggle to strike the right balance between quality and cost.
  • Building up sufficient knowledge and expertise within the team – given the broad scope of Internal Audit divisions, especially medium to small sized banks don’t have the possibility to have dedicated specialist covering the entire audit scope.

Areas with high level of complexity

  • Internal Rating Based Approach Audits

Internal audit is expected to review the Rating Systems on an annual basis and is expected to provide its opinion should an institution submit a Material Model Change. Due to the inherent complexity of IRB models stemming from the vast amount of regulatory requirements and the  technical nature of the topic, institutions try to balance the lack of qualified resources while still achieving a sufficient level of challenge. Many of these arguments are true for IFRS 9 as well.

  • Interest Rate Risk in the Banking Book (IRRBB) audits

IRRBB is a fundamental topic within the Treasury domain. Current negative and flat interest rate environment calls to question the basis over which IRRBB models have been historically built and forces institutions to seek a higher level of optimization for common treasury operations (e.g. funding/liquidity management, FTP scheme and pricing, hedging strategy) to keep ensuring business profitability, including institutionalized expert opinions. Internal audit is the par example function to oversee a correct and compliant execution.

  • Liquidity Risk audits

Recent economic developments, aggravated by COVID-19 pandemic, have resulted in high market volatility, liquidity tightening and increase in liquidity spreads which is jointly challenging institutions when it comes to defining their funding strategy, setting internal limits, managing liquidity buffers and regulatory ratios (i.e. LCR and NSFR), defining stress test scenarios, reporting liquidity positions and implementing contingency funding plans.

Increasing demand for Subject Matter Experts

We see an increasing demand for providing subject matter expert support to Internal Audit teams. Institutions are looking for support throughout all the stages of the audit, starting from the definition of the scope, support during the fieldwork phase and during the reporting phase.

Why KPMG?

KPMG has assisted various financial institutions in the past, both providing specific trainings on particular fields of expertise as well as hands-on support with the audit field-work.

We have access to a large pool of experts to assemble readily available teams combining both the knowledge on the internal audit approach and controls and the required subject matter expertise. We can leverage our international experience to offer flexible solutions depending on your particular needs, helping you to successfully perform such internal inspections with the adequate quality and ensuring that you meet all regulatory expectations.