The Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry provided drama and headlines, but the recommendations in the Final Report on improving culture and risk conduct should be a warning bell for the public sector.
Many of the revelations from the Royal Commission were based on, not surprisingly, internal audit reports.
"There are numerous examples of governance failures arising from evidence presented to the Royal Commission. The lesson for the public sector is a more thorough examination of the 'governance eco-systems' in which, for example, internal auditors operate in," Mr Peter Jones, chief executive officer of The Institute of Internal Auditors-Australia, said.
"The public sector should analyse the role audit committees play, and how they can highlight misconduct."
A recent global survey conducted by The Institute of Internal Auditors Research Foundation found that worldwide one in four internal auditors work in the public sector.
The survey also found that 86 per cent of respondents say they use some or all of the International Standards for the Professional Practice of Internal Auditing (The Standards).
This advertising feature was sponsored by the following business. Click the link to learn more:
But in the Asia-Pacific region only 43 per cent use The Standards.
Mr Jones said internal audit practitioners are currently hampered because there is no consistency in legislation, regulations and guidance documents at the Commonwealth, State, or at local government level with regards to the internal audit function and Standards.
"The failure by governments to recommend The Standards, as the only applicable set of internal audit Standards in Australia, was inexcusable," he said. "Public Sector internal auditors are effectively working with one hand tied behind their back."
The Royal Commission also highlighted that while the misconduct can be attributed to 'greed' and cultural factors, there also is the question of why the audit committees did not flag these issues, and if they did, why they were not acted upon by the directors?
"Modern internal audit functions can play a far more important role and provides assurance on new and emerging risks such as cyber security, culture, and data analytics," Mr Jones added.
"Internal auditors must also have the resources and the degree of independence required, which ensures they have a direct reporting line to the audit committee, together with unfettered access to information to effectively perform their role.
"Internal audit is the key to more robust governance and that can only be good news for politicians, department heads, audit committee members, public servants and taxpayers."
Visit the The Institute of Internal Auditors-Australia website at iia.org.au