Article 51 | Delegated Regulation 2017/392

Article 51 - Audit methods

Article 51

Audit methods

1. The internal audit function of a CSD shall ensure the following:

(a)

establish, implement and maintain an all-encompassing audit plan to examine and evaluate the adequacy and effectiveness of the CSD's systems, risk-management processes, internal control mechanisms, remuneration policies, governance arrangements, activities and operations, including outsourced activities;

(b)	review and report the audit plan to the competent authority at least annually;

(c)	establish a comprehensive risk-based audit;

(d)	issue recommendations based on the result of work carried out in accordance with point (a) and verify compliance with those recommendations;

(e)	report internal audit matters to the management body;

(f)	be independent from the senior management and report directly to the management body;

(g)	ensure that special audits may be performed at short notice on an event-driven basis.

2. Where the CSD belongs to a group, the internal audit function may be carried out at group level provided that the following requirements are complied with:

(a)	it is separate and independent from other functions and activities of the group;

(b)	it has a direct reporting line to the management body of the CSD;

(c)	the arrangement concerning the operation of the internal audit function does not prevent the exercise of supervisory and oversight functions, including on-site access to acquire any relevant information needed to fulfil those functions.

3. The CSD shall assess the internal audit function.

Internal audit assessments shall include an on-going monitoring of the performance of the internal audit activity and periodic reviews performed through self-assessment carried out by the audit committee or by other persons within the CSD or the group with sufficient knowledge of internal audit practices.

An external assessment of the internal audit function shall be conducted by a qualified and independent assessor from outside the CSD and its group structure at least once every five years.

4. A CSD's operations, risk-management processes, internal control mechanisms and records shall be subject to regular internal or external audits.

The frequency of the audits shall be determined on the basis of a documented risk assessment. Audits referred to in the first subparagraph shall be carried out at least every two years.

5. A CSD's financial statement shall be prepared on an annual basis and be audited by statutory auditors or audit firms approved in accordance with Directive 2006/43/EC.

Recitals

CHAPTER I - GENERAL PROVISIONS (Article 1)

CHAPTER II - DETERMINATION OF THE MOST RELEVANT CURRENCIES AND PRACTICAL ARRANGEMENTS FOR THE CONSULTATION OF THE RELEVANT COMPETENT AUTHORITIES (Article 2-3)

CHAPTER III - AUTHORISATION OF CSDs (Article 4-38)

CHAPTER IV - PARTICIPATION OF CSDs IN CERTAIN ENTITIES (Article 39)

CHAPTER V - REVIEW AND EVALUATION (Article 40-45)

CHAPTER VI - RECOGNITION OF A THIRD-COUNTRY CSD (Article 46)

CHAPTER VII - RISK MONITORING TOOLS (Article 47-52)Article 47 - Risk monitoring tools of CSDs Q&AGL Article 48 - Risk monitoring committees Q&A Article 49 - Responsibilities of key personnel in respect to the risks Q&A Article 50 - Conflicts of interest Q&AGL Article 51 - Audit methods Article 52 - Sharing audit findings with the user committee

CHAPTER VIII - RECORD-KEEPING (Article 53-58)

CHAPTER IX - RECONCILIATION MEASURES (Article 59-65)

CHAPTER X - OPERATIONAL RISKS (Article 66-80)

CHAPTER XI - INVESTMENT POLICY (Article 81-83)

CHAPTER XII - CSD LINKS (Article 84-87)

CHAPTER XIII - ACCESS TO A CSD (Article 88-90)

CHAPTER XIV - AUTHORISATION TO PROVIDE BANKING TYPE OF ANCILLARY SERVICES (Article 91-94)

CHAPTER XV - FINAL PROVISIONS (Article 95-96)

ANNEX I ANNEX II ANNEX III

Metadata

Related documents

Article 51 - Audit methods

Table of contents