Utah Administrative Code
Topic - Insurance
Title R590 - Administration
Rule R590-254 - Annual Financial Reporting Rule
Section R590-254-15 - Internal Audit Function Requirements

Universal Citation: UT Admin Code R 590-254-15

Current through Bulletin 2024-06, March 15, 2024

(1) An insurer is exempt from the requirements of this section if:

(a) the insurer has annual direct written and unaffiliated assumed premium, including international direct and assumed premium but excluding premiums reinsured with the Federal Crop Insurance Corporation and Federal Flood Program, of less than $500,000,000; and

(b) if the insurer is a member of a group of insurers, the group has annual direct written and unaffiliated assumed premium, including international direct and assumed premium but excluding premiums reinsured with the Federal Crop Insurance Corporation and Federal Flood Program, of less than $1,000,000,000.

(2)

(a) The insurer or group of insurers shall establish an internal audit function providing independent, objective, and reasonable assurance to the audit committee and insurer management regarding the insurer's governance, risk management, and internal controls.

(b) The assurance required by Subsection (2)(a) shall be provided by:
(i) performing general and specific audits, reviews, and tests; and

(ii) employing other techniques deemed necessary to:
(A) protect assets;

(B) evaluate control, effectiveness, and efficiency; and

(C) evaluate compliance with policies and regulations.

(3) The internal audit function shall be organizationally independent.

(4) The internal audit function may not defer ultimate judgment on audit matters to others.

(5) An individual shall be appointed to head the internal audit function with direct and unrestricted access to the board of directors.

(6) Nothing in Section R590-254-15 precludes dual-reporting relationships.

(7) The head of the internal audit function shall report to the audit committee at least annually on:

(a) the periodic audit plan;

(b) factors that may adversely impact the internal audit function's independence or effectiveness;

(c) material findings from completed audits; and

(d) the appropriateness of corrective actions implemented by management as a result of audit findings.

(8) If an insurer is a member of an insurance holding company system or is included in a group of insurers, the insurer may satisfy the internal audit function requirements set forth in Section R590-254-15 at:

(a) the ultimate controlling parent level;

(b) an intermediate holding company level; or

(c) the individual legal entity level.

Disclaimer: These regulations may not be the most recent version. Utah may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.