IFRS 9 and the internal controls environment: the challenges for internal auditors

See all Articles


Sometimes, there are changes to financial reporting standards that only affect the accountants’ world. But there are other times when an accountancy change also means changes for the rest of us! In the case of IFRS 9 “Financial Instruments”, internal auditors are faced with particular challenges.  

IFRS 9 “Financial Instruments” became obligatory for EU entities starting from 1 January 2018. The new standard is referred to as a revolution in accounting for financial instruments and indeed, it is the biggest change since 2005, when International Financial Reporting Standards became mandatory in the European Union. Taken the magnitude of changes introduced by IFRS 9 compared to the previously effective IAS 39, particularly in the area of the impairment of financial assets, transition to the new standard was a substantial effort for entities – both in organisational and financial terms.  

That is why in most institutions implementation processes started as early as in 2016 and lasted several months. Now, more than half a year after the initial application date, accounting and finance personnel in banks, financial institutions and other entities impacted by IFRS 9 are already familiar with the principles and requirements of the new standard. 

IFRS 9 as an interdisciplinary project

The new rules on reporting on financial instruments align also with institutions’ risk management and business processes. This is because IFRS 9 aims to reflect the actual business reality and risk management activities of entities in relation to financial instruments in financial reporting. This actual business reality, as we know, is in fact an on-going process, at all times adjusted to the strategy of an entity on one hand, and to the economic and regulatory environment on the other.

Similarly, the application of IFRS 9 is also a continuous process, requiring fine-tuning and adjusting of the applied models and methodologies, to ensure that accounting judgements reliably reflect the economic reality. Some examples of this alignment in practice: 

  • The impairment of financial assets, where the standard explicitly requires entities to include current forward-looking forecasts and supporting information in modelling expected credit losses, 
  • The classification of financial assets, which primarily depends on the assessment of the business model within which an entity manages its investments, 
  • Hedge accounting, where re-balancing of hedges is required along with fluctuating hedge ratios. 

Overall, the result of IFRS 9 will be that a company can better report its risk strategy. As ever with IFRS, the application of IFRS 9 to a significant extent relies on the application of judgement, which should be well grounded in the controls environment of an entity. 

Challenge or opportunity for internal controls?

Application of IFRS 9 requires a great degree of judgement and this is a significant impediment for internal auditors in a financial institution. For example, big banks will typically apply more sophisticated modelling methodologies than small credit institutions, in order to fulfil the same requirement of IFRS 9 related to the estimation of future expected losses. As a result, implementations will differ across institutions. 

Assessment then of the quality of IFRS 9 implementation will require from internal audit teams not only profound knowledge of the standard as such, but also the ability to put the standard’s requirement in the context of the institution and its risk management environment. 

In fact, in 2018 and the following years, investigating the implementation and the effects of IFRS 9 on institutions, will feature at the top of the agenda of all banks’ internal control functions as well as of other entities extensively using financial instruments in their operations. 

To properly tackle that task, it is crucial that members of the internal audit team demonstrate a broad understanding of the principles of IFRS 9, in particular in the areas where the effects of implementation are largely dependent on modelling and judgement. 

Want to learn more? At GnosisLearning we have developed a 2-day workshop designed for internal auditors in banks and financial institutions, during which our trainers put particular emphasis on tangent points between the requirements of the standard and control processes in a business organisation. Request an agenda for this course, which can be delivered in-house online or in the classroom.

Sign up to our newsletter for more such articles on the hottest topics in Financial Reporting and Management.


There are currently no comments, be the first to post one!

Post Comment

Name (required)

Email (required)


Enter the code shown above:





Resource Centre

Search through our database of FREE business English resources on a variety of office and writing skills.


Follow GnosisLearning: