Who Will Watch the Watchers? The Case for Internal Audit
29 January 2018 by Daryl Tunningley
“Quis custodiet ipsos custodes?” wrote the Roman satirist Juvenal around the turn of the 2nd century, raising questions of the capability of those in authority to discharge their duties responsibly. It’s a question that for the almost two thousand years since, civilisations have grappled with, resulting in the notion of auditing – to ensure that others can see that responsibilities are being met, as they should be.
Auditing and compliance are terms that every business has had to embrace more fully over many years, with ever-stronger obligations in areas of employment law, health and safety and day-to-day environmental standards. Beyond those more mainstream areas, a company like CSG, operating within a tightly-regulated arena such as waste processing and hazardous chemicals, you can imagine the sheer volume of regulation (and the consequences of getting it wrong) can be mind-boggling.
Of course, as a large, reputable company with many years’ experience in the field, this isn’t quite as daunting as it sounds – very many systems, processes and job roles have evolved over time to enable the management of the multitude of technical and bureaucratic requirements required of us. For the last ten years, though, we’ve felt it necessary to create our own extra layer of applying checks and balances, in order better to understand the way we continue to work within a constantly-changing regulatory landscape and, of course, to minimise risk.
That layer is the IAG, our Internal Audit Group, a committee of several Senior Managers and Directors who meet every two months and report to the CSG Board on all areas where compliance with regulations is a necessary requirement. Central to that mission is CSG’s Permitting & Compliance Manager Antony Gerken.
“The IAG came about as a result of our drive to gain ISO accreditation”, Antony explains. “From that initial requirement, it was clear that best practice involved learning from mishaps made by other people – to prevent issues from happening, rather than cure those that have happened.”
It is a sign of CSG’s stability and competence that most of the matters the IAG oversees are generally delegated back to the team directly involved – it means the IAG’s principal role is an advisory one, where consultation from within CSG is sought and given.
“The very existence of the group is a means to encouraging the culture of every part of the company to continually accept and work better within our regulatory parameters”, adds Antony. “We’ve found that simply by raising the internal profile of the IAG within CSG, all the external audits we are regularly subjected to have become much smoother.”
The ‘box-ticking’ nature of ensuring compliance, especially with the more technical, seemingly less urgent areas of ‘red tape’, like Financial Compliance, gives the impression that this is very dry area of operation, suited to diligent bureaucrats with little need to apply ‘real-world’ understanding of the rules, like the Vogons of Douglas Adams’ “Hitch-hikers’ Guide to the Galaxy” – but that rather harsh stereotype falls down when you hear why it’s of interest to the IAG.
“Financial compliance sounds dull but it can often be the opposite: for example, one of our chief requirements is to be seen always to be working within the auspices of anti-bribery and anti-[money]-laundering laws”, Antony explains before adding, with a knowing nod, “which is especially important a consideration in certain other countries”, neatly making the point that, where compliance is required, the very nature of the exercise is to guard against problems and abuses that the rest of us, naively, would barely consider.
There are another advantages to all this watching. On a very basic level, having a broad range of experienced professionals to assess operational processes, bringing their collective experience to bear, means the remit goes beyond mere compliance. Inevitably, it leads to suggestions that make processes quicker or easier and therefore more efficient. Many times, real efficiency savings have occurred simply because a process has been more effectively scrutinised.
There’s also the secondary benefit of being better able to deal with upcoming rule changes from bodies such as the Environmental Agency, which is this: being seen to be better able to predict and respond to rules that affect the industry makes CSG stand out from its competitors. In other words, just being known to be more diligent is its own virtue, offering us a commercial advantage.
The nature of auditing is about understanding the fine detail, the micro-level of day-to-day matters but there’s one macro-level looming uncertainty that threatens to change so many areas of compliance that it’s already occupying much of the IAG’s thoughts – the expected impact of Britain’s impending exit from the European Union. It threatens to be a subject so wide-ranging, it will undoubtedly require its own blogpost, possibly several, and it’s still an area that offers so many unanswered questions.
Juvenal’s words are most commonly associated with the need to apply visibility to those in power. In order for the IAG’s questions about compliance in the world after Brexit to become answered, we’ll all have to watch a different set of watchers…