Abridged RBA Audit Department Charter

Purpose

The Reserve Bank of Australia (Bank) Audit Department (Audit) is an independent assurance function that aims to examine and evaluate Bank activities by providing risk-based and objective assurance and advisory services to the Reserve Bank Board (through the Audit and Risk Committee) and senior management. Audit provides advice to management on governance, risk management, controls, and provides culture insights. Audit governs itself by adherence to mandatory elements of the Institute of Internal Auditors' Global Internal Audit Standards and Topical Requirements.

The purpose of the charter is to establish the role, authority, responsibilities, and scope of Audit.

Mandate

The Bank’s Audit and Risk Committee grants Audit the mandate to provide the Audit and Risk Committee and senior management with objective assurance, advice, insight, and foresight over the Bank’s operations and projects. Audit’s authority is created by its direct reporting relationship to the Audit and Risk Committee, allowing for unrestricted access. In carrying out its duties and responsibilities, the Audit and Risk Committee has authorised Audit to:

  • Have full, free, and unrestricted access to the Bank’s activities, data, records, information, physical property, and personnel within a reasonable period of making the request
  • Allocate resources, set frequencies, select subjects, determine scopes of work, apply techniques, assessment tools, and issue communications to accomplish Audit’s objectives
  • Obtain assistance from management and other specialised services from within or outside the Bank to deliver internal audit services

Audit staff are accountable for confidentiality and safeguarding records, documents and information accessed. Audit will consult with management on a regular basis.

Independence and Objectivity

The Head of Audit and staff members should not undertake any duties or engage in any activity that could potentially compromise their independence and objectivity. The Head of Audit will ensure that Audit remains free of conditions that threaten its ability to carry out its activity in an unbiased manner. Audit will maintain an unbiased mindset, ensuring engagements are conducted objectively, work quality is upheld, and professional judgment is not influenced or subordinated, either in fact or appearance.

The Head of Audit confirms annually to the Audit and Risk Committee the independence of Audit and should independence or objectivity be impaired, discloses the details to the Chair of the Audit Committee and the Deputy Governor.

The Head of Audit directly reports to the Audit and Risk Committee and administratively (for example, day to day operations) to the Deputy Governor, who is also the Deputy Chair of the Governance Board. The Head of Audit has direct access to the Governor.

Responsibilities

Audit aims to achieve its principal objective by undertaking a risk-based audit program that includes:

  • Reviewing processes and systems to provide assurance and assess compliance with key internal and external requirements (includes but not limited to policies, procedures, laws and regulations) that could have a significant impact on operations
  • Providing assurance that risk exposures relating to the Bank’s governance, operations and information systems are correctly evaluated, including:
    • reliability and integrity of financial and operational information
    • safeguarding of assets
  • Evaluating the effectiveness, and contribute to the improvement of the Bank’s risk management framework and process
  • Evaluating the design and effectiveness of first and second line assurance and risk management activities
  • Directly conducting or supporting investigations related to confidential matters or fraud by initiating, leading and managing investigations
  • Exercising audit rights over service providers
  • Assisting in the prevention and detection of fraud by reviewing and evaluating the adequacy and effectiveness of internal control systems in relation to fraud risk in the Bank’s operations, considering management awareness and reviewing the Bank’s culture insights
  • Reviewing the efficiency, effectiveness and economy of the Bank’s operations and identifying opportunities to improve performance
  • Conducting periodic milestones and deep dive reviews (as required) of projects and change management initiatives to assess the effectiveness of project risk management practices, identify emerging risks affecting project delivery throughout the lifecycle, and evaluate whether the projects are on track to achieve their intended business objectives.
  • Providing real-time assurance during critical project phases (initiation, planning, execution, monitoring, and closure) to ensure the project objectives are being met and risks are effectively managed
  • Assessing the Bank’s culture on topics that carry risk for the Bank through culture reviews and root cause analysis of engagement findings.
  • Assessing risks relating to the achievement of the Bank’s strategic objectives are appropriately identified and managed

Audit also:

  • Shares information across the Bank on better practices and lessons learned from its engagements
  • Provides internal audit services to Note Printing Australia Ltd
  • Provides assurance to external parties, such as the annual Banknote Distribution Framework compliance reports
  • Performs special investigations and ad-hoc reviews as requested by Bank management or the Audit and Risk Committee.

Audit’s approach is to observe, listen, analyse, test, be objective, report honestly and constructively, offer impartial advice, and balance the significance of risk against the cost of control.

Approval

This is an abridged version of Audit’s Charter. The full Audit Department Charter was reviewed and endorsed by the Audit Committee on 5 November 2024.