Minimum requirements for the design of the internal audit

The minimum requirements for the structure of the internal audit (MaIR) were published on January 17, 2000 by the predecessor authority of the Federal Financial Supervisory Authority (BaFin), the Federal Banking Supervisory Office (BaKred). As of December 20, 2005, the regulatory standards for internal auditing were transferred almost unchanged to the minimum requirements for risk management (MaRisk).

The standards to be observed by all German credit institutions should help to improve the quality of the audit work. According to Section 25a (1) of the KWG , every institution has to set up an appropriate and effective risk management system, which also includes the implementation of a functional internal audit. In the MaIR, the postulate of independence was given a particularly high priority as a central requirement for a functional audit. The internal audit can only make a meaningful check if it is not directly responsible for the areas to be audited or for the economic results of these areas. The other requirements related e.g. B. on the audit reports, audit planning and the information rights of the audit towards the other areas in the institute.

The contents of the MaIR are mainly in the modules AT 4.4 and BT 2 of the MaRisk.

literature

• Federal Banking Supervisory Office, Minimum Requirements for the Design of Internal Auditing, Circular 1/2000 of January 17, 2000.
• Federal Financial Supervisory Authority, Minimum Requirements for Risk Management, Circular 5/2007 of October 30, 2007.

Please note the information on legal issues!