The Privatisation and Corporatisation Board (PCB) has instructed state-owned companies to strengthen their internal audit and risk management functions.

The decision was taken at the PCB’s 30th meeting held on November 10 and applies to state-owned companies and commercial government institutions. The board has directed companies to ensure that a risk management function is in place, either as a separate unit or within the internal audit department. Companies without such a function have been instructed to establish one as soon as possible.

The PCB has also asked companies to assess staffing needs for internal audit and risk management and to ensure an adequate number of qualified employees. Firms have been instructed to share procurement reports related to internal audits, as well as quarterly financial reports and supporting documents, with both the board and their internal audit units.

In addition, companies have been told to rename their Audit Committees as “Audit and Risk Committees” in line with regulations, unless a separate risk committee has been approved for larger companies. The PCB has further instructed companies to conduct annual compliance reviews and submit internal audit reports to their boards, while putting mechanisms in place to improve operations.

All required changes must be completed by the end of next month, according to the PCB.