Statutory guidance

OISC Premises Audit Online Presentation (Text Version)

The prospect of an audit can be daunting but we hope that this presentation will give you the information you need to make your audit positive and constructive.



OISC Premises Audit Online Presentation

1. Introduction

Welcome to the Premises Audit presentation from the Office of the Immigration Services Commissioner.

The Commissioner has a statutory duty to promote good practice by those who provide immigration advice or services. As part of the regulatory function, the Commissioner ensures that registered advisers are, and remain, both fit and competent and that they comply with the Code of Standards and Guidance on Competence.

One of the ways to do this is through the premises audit process.

We are aware that the prospect of an audit can be daunting but most advisers find the process a very productive one and we hope that this presentation will give you the information and tools you need to alleviate any concerns you may have.

2. Aims

The aim of this presentation is to offer an overview and guidance on the OISC’s premises audit process to assist advisers and organisations to:

  • Remain fit and competent
  • Comply with the OISC Code of Standards and Guidance on Competence
  • Act in the best interests of their clients

3. Objectives

This presentation covers four principal areas:

  1. The premises audit process
  2. Pre-audit preparation
  3. How to get the most out of your audit, and
  4. Follow-up actions after the audit

4. The Purpose of the Premises Audit

An OISC audit is a transparent process that enables us to assess whether the policies and procedures submitted by your organisation during registration, are operating effectively.

It enables the audit caseworker to assess the competence of the advice being given to clients and the effective management of their cases. The caseworker can offer you advice and guidance on best practice should your organisation experience difficulties in how your policies are working in practice.

An audit will provide you with an opportunity to meet an OISC caseworker face to face, so that you can discuss any issues and queries you may have regarding your compliance with the regulatory scheme as well as a discussion on how your business is running.  

5. Who Is Audited?

In each business year the OISC will select registered organisations to audit and these will be chosen for a variety of reasons, for example:

Newly registered organisations that perhaps had some difficulties at the application stage and may need additional assistance.

Organisations that had complaints or concerns raised with the OISC during the previous business year  Organisations that have undergone changes in management, structure or areas of work or where the organisation’s registration level has increased  Organisations that were previously audited and are implementing improvements suggested by the caseworker  Organisations that have staff working under supervision or have large numbers of advisers working at different locations ; or  Dip sampling of organisations where there are no current issues or concerns

6. When Does an Audit Take Place?

An audit takes place when the OISC deems it appropriate for the organisation and when an OISC caseworker is available.

If you are selected to be audited, the OISC will contact you 3 to 4 weeks prior to the planned date to confirm the arrangements and to make initial enquires about how many open and closed cases you have.

You will then receive written confirmation of the date and time, as well as the name of the caseworker or caseworkers who will attend. However, it may not be the compliance caseworker that you normally speak to who undertakes the audit.

7. Getting the most out of your Audit

For most organisations the premises audit is a positive experience and for many it will be the first time they meet their compliance caseworker, or any caseworker from the OISC.

The Commissioner understands that newly registered organisations may not be working in full compliance with the regulatory scheme at the onset. The first audit is an opportunity to review policies and procedures to see how they are working in practice and to ensure changes are implemented in order to comply with the Code of Standards.

The audit caseworker, whether they are your usual caseworker or not, will be able to provide you with advice and guidance around regulatory compliance and refer you to material that will assist you and your business.

It should not be necessary for you to spend a great deal of time preparing for your audit, the purpose is to see how things are operating on a day to day basis so we want to see your organisation as it truly is.

Where possible, please ensure that all of your authorised advisers are available on the day, it is likely that for much of the day they will be able to continue with normal work, but it is useful if they are available to discuss their cases at some point in the day.   ###8. Pre Audit Preparation

The audit confirmation letter sets out what will happen on the day. It explains that the audit will cover two main areas:

  1. assessment of your competence in the delivery of immigration advice or services through reviewing your open and closed case files, and
  2. an assessment of your organisation’s policies and procedures and how they are working in practice

It is important that a full and accurate client list of both open and closed matters is sent to the audit caseworker at least 3 days in advance of the audit. This list should reflect cases that you have dealt with since your last audit or from your registration date if you have never been audited.

Prior to the audit, the OISC will request information from the Home Office on the applications you and your organisation have submitted, and this will be cross-checked against the list you have provided. Any anomalies will be discussed with you during the audit.

9. Client List

Your client list should include the following information:

  • The name of client and your reference numbers
  • The level of work carried out
  • The type of case
  • The date of opening of the file (and closing, if relevant)
  • The outcome of the case (if closed), and
  • The name of the adviser dealing with the case (where there is more than one adviser within the organisation).

No other preparation is required as the audit is a snap shot of how your business is operating and should be a reflection of a normal working day.

10. The Day of the Audit

The caseworker will aim to arrive at your premises by 10am or at a time otherwise agreed. Should there be any delays in their journey, they will call to notify you of their delay and estimated time of arrival.

Audits normally last one day and may sometimes finish after 4pm if you have a large number of files or several advisers. They may also finish before this time if the caseworker feels they have seen sufficient examples of your work. The caseworker may take a break for lunch during the day and will return all files during this period to ensure they are not left unattended.

It is important that reasonable access is permitted to the OISC to conduct the audit and if this is not granted, we cannot verify that your organisation remains fit and competent.

You do not have to be present during for the whole of the day. The caseworker will only need to access your case files and can feedback to you their findings at the end of the day, or if this is not possible, via telephone or e-mail.

If you are ill, or an emergency arises and you will not be available on the day, please e-mail or telephone your audit caseworker as soon as possible. You may be asked to submit supporting evidence with this request.

Instead of cancelling the audit in such a situation, we ask that you arrange for a colleague to be available to meet the caseworker and provide the requested files so that the audit can go ahead.

11. The Start of the Audit

On arrival, the caseworker will explain the structure of the day, what they will be looking at and when they will need to speak to you or other members of staff. This will be followed by a general discussion on your organisation’s operation and business, and any complaints or other concerns that may have been received. You will then have the opportunity to ask questions on any issues you have regarding your regulation.

The caseworker may ask about your policies and procedures and how these are working in practice. For example, they may discuss your Annual Accounts or your financial recording policy and procedures to assess if you are recording fees in compliance with our requirements.

It is important to be able to demonstrate to your caseworker how client money is received and recorded on the case file and then progressed from the client account to your business account.

If the caseworker is unable to see your full client files or your accounts during the day they may ask that copies are sent to them after the audit. In these cases they may be unable to provide their full feedback at the closing meeting as these documents will need to be taken into consideration. If these documents are not sent, a follow-up audit will be arranged.

12. File Review

A substantial part of the day will be taken up with a review of your case files. The caseworker will provide you with a list of case files to be made available and these will be a selection across levels, categories of advice and advisers, if applicable.

So as to ensure minimum disruption to your business and to enable you to carry on working, we ask that, if possible, a separate room is made available for the caseworker.

During the audit you are free to undertake your day-to-day duties. However, the caseworker may seek clarification of the work on certain files. If there is an adviser working under supervision in accordance with an agreed supervision plan, their files will also be reviewed to ensure that the agreed supervision arrangements are working in practice and that supervisees are working to their correct level.

It is likely that you will be asked to provide your accounting records, including invoices, receipts and bank statements so these can be reviewed alongside the casefiles.

13. Case Files

We cannot over emphasize the importance of you retaining full and accurate records of all dealings with your clients and third parties in relation to the client’s case.

The Codes require advisers to keep a full record of dealings with clients through attendance notes, copies of all applications made, and copies of all supporting documentation. These records must be maintained in a manner that allows someone reading the file to follow the progress of the matter, in chronological order. For example if you pass your file to another representative, to a colleague or back to the client.

The absence of attendance notes raises questions as to an adviser’s fitness and competence. If we cannot see what you discussed with your client or cannot see what they have raised with you, then it is hard to confirm if the advice or action you took on their behalf was correct.

14. Policies and Procedures

Please ensure you have the policies and procedures available that were requested in the audit confirmation letter, particularly the financial documents and the client and business account statements. If these are with an accountant or bookkeeper, ask that they be returned for the day of the audit. The caseworker will need to undertake a financial review of client fees and any disbursements.

15. CPD Plan and Record

Your continuing professional development Plan and Record should also be available for review, together with supporting evidence, as well as those of your other advisers.

16. Closing Meeting

When the review of your files has been completed, the caseworker will meet with you to provide feedback on their findings, whether the cases have been managed in line with the Codes and Guidance on Competence and that your policies and procedures are being adhered to.

They will also discuss any training you have undertaken and your compliance with CPD, as well as any training needs that have been identified through the audit.

You will be given the opportunity to clarify any issues found during the audit. It is vital that you fully understand where there are areas for improvement and how you can correct them. The caseworker will also highlight areas where you have dealt with a client case particularly well.

We will provide you with an Identified Issues Report setting out the findings and whether there are any action points for you to take.

17. Ask Questions

If you have any questions about the audit, ask the caseworker.

If there are any issues you are unhappy with, or you believe that the caseworker’s findings are incorrect, then explain why you believe this to be the case. For example, if a document from a file is missing or the caseworker has not fully understood the events that have taken place, speak up.

You will have the opportunity to do this during the file reviews and at the closing meeting. However, all records should be available from the beginning of the audit inspection in order to ensure the caseworkers final report is accurate.

18. Audit Structure

We have described a typical audit but the structure of the day may vary and it would not be necessary to cover all the points detailed so far.

For example:

If your organisation is undergoing a follow-up audit and your caseworker is specifically there to check on points previously raised If you have had a complaint that has triggered the audit, or If the business has undergone changes with new staff or new owners

Alternatively, if you have a large number of clients or open client files, two caseworkers may attend. In this situation, one may begin file reviews immediately while the other conducts the introductory meeting and looks first at your policies and procedures.

19. After the Audit

The OISC aims to write to you within 10 working days of the audit taking place to provide you with a summary of findings. If there were no issues of concern raised by the audit then we will write to confirm this is the case. However, most organisations will receive an Identified Issues Report to accompany the summary of findings.

The IIR will set out our findings and identify where there have been breaches of the Code of Standards or poor practice. It will also direct you to what we require you to do to remedy those breaches and implement good practice.

You may be asked to submit your comments in relation to any breach found or provide further information to the caseworker or amend a document. You may be asked to confirm that you will take action to ensure compliance in a particular area in the future.

The Report will also detail any other matters that were discussed during the day and any further points of clarification.

20. Response to the IIR

You are expected to respond to the IIR within 10 working days together with any information or documentation requested. However, if it is not possible to take a specified action within that time frame you will be given an extended deadline for that specific action.

When you reply, it is helpful if you use headings and respond to each action point separately and in turn. This will help you to ensure that everything has been considered and for us to be clear on which points you are addressing. Remember, this response is your undertaking for the future.

If training needs have been identified, you will need to send evidence to the caseworker when it has been completed.

21. Addressing Identified Issues

For most organisations, the audit is an opportunity for improvement and the caseworker will be able to provide advice and answer questions or concerns you may have on the suggestions made.

However, depending on the nature and number of non-compliance issues detailed in the IIR, the Caseworker may arrange a follow-up audit in order to ensure that the identified issues have been addressed. There is usually a period of at least 6 months before a follow up audit is arranged.

If deemed appropriate, a condition may be placed on your continued registration approval letter which addresses the areas of non-compliance raised during your audit.

Where the caseworker has not been able to verify an adviser’s competence at a particular Level or has concerns about the advice given, or where there are inadequate or no attendance notes, the adviser may be invited to re-sit a competence assessment.

If, following the audit, the Commissioner is not satisfied that the organisation is fit and competent to provide immigration advice and services, he may issue a report which does not request any specific remedial action, but rather gives you the opportunity to comment on his findings. Your comments will be taken into account when the Commissioner considers what action to take. If, after full consideration, a decision is made to cancel your registration you will have the right to appeal this decision to an independent Tribunal.

22. Adviser Feedback

Following your audit, you will be invited to complete an online survey. Your feedback is important to the OISC and we welcome comments in relation to how we can continue to improve and be more effective in how we audit.

23. Outcomes

Now that we have come to the end of this presentation, you should be aware of:

  • The premise audit process
  • Pre-audit preparation
  • How to get the most out of your audit, and
  • Follow-up actions after the audit
Published 20 September 2019