IPT audit assurance: branch visits
Visits to branches should be planned using risk-based assessment.
Some branches have little autonomy and there is close central control over their activities. The accounting system is usually standardised. Revenue risks generally arise out of people in the branch avoiding the controls set up and monitored by head office. However, there may be fundamental systems weaknesses; and visits should be made in order to establish the effectiveness of the insurer’s own internal control procedures.
Insurance companies are dynamic organisations, periodically changing their corporate structure by taking over other insurers or divesting parts of their business. Managing the audit assurance programme for insurers with branches is a team effort. There is no advantage in keeping information to yourself; sharing information with other teams maximises the effectiveness of the team.