What is a legal compliance audit?

Legal has something to do with the laws of a country. According to Collins English Dictionary Reference Edition, the word ‘legal’ means (1) established by or permitted by law; lawful (2) of or relating to law (3) relating to or characteristic of lawyers.

From the definition above, we shall use the word legal in the second sense. The same dictionary defines the word ‘audit’ as follows: (1) an official inspection of business accounts conducted by an independent qualified accountant (2) any thoroughgoing assessment or review (3) to examine (business accounts) officially.

Black’s Law Dictionary Eighth Edition defines a compliance audit as “an audit conducted by a regulatory agency, an organisation, or a third party to assess compliance with one or more sets of laws and regulations.

Thus, we can define a legal compliance audit as “a thoroughgoing assessment or review of an organisation’s processes, policies, documents, records, practices and acts to assess compliance with one or more sets of laws and regulations to which the organisation is subject.”

What stands out from the definition of a legal compliance audit?

A legal audit is systematic, objective, impartial and evidence-based.

• A legal compliance audit is systematic because it follows a fixed plan and is efficient and organised.
• It is objective and impartial because it relates to facts rather than thoughts, feelings, or bias; it does not favour one side.
• Lastly, a legal audit is evidence-based because the auditor’s findings must be supported or grounded in tangible evidence. The audit evidence could include internal documents, policies, procedures, logs, emails, and contracts. An auditor uses this evidence to assess how well an organisation adheres to the laws, regulations, policies, standards, and systems. The evidence will either support an organisation’s claim of being compliant or disapprove of this claim.

What are the objects of a legal compliance audit?

The aim or purpose of a legal compliance audit is to assess whether or not an organisation is complying with the Constitution, statutory laws, international laws & regulations as applicable to it and internal rules and policies of the organisation. Thus, the objectives of a legal audit can broadly be summarised as:

• Prevention (legal risk management)-one will often find in the public or private sector that the reason for the downfall of organisations can easily be traced to some form of non-compliance with laws, regulations, policies or best practices. It is, therefore, important for any organisation keen on minimising legal risk to undertake a legal compliance audit to prevent infringement of laws, regulations or policies that may impact the performance of an organisation.
• Fault-finding. A legal compliance audit may uncover intentional or unintentional deficiencies. An organisation must comply with many ever-changing laws, regulations, or policies.
• Punishment—Certain laws, regulations, or policies have a penalty attached where there is no compliance. Non-compliance could also be an offence with a penalty attached.

Fault-finding and punishment are, however, not the main objectives of a legal compliance audit; the main aim is:

• To assess the overall effectiveness of an organisation’s compliance practices;
• To ensure, at all times, the organisation complies with the spirit and letter of the Constitution;
• To ensure that an organisation’s policies, institutional framework, and administrative procedures effectively support the implementation of the Constitution;
• To ensure that laws, rules, regulations, codes and standards which apply to the organisation are identified, documented and observed; and
• To improve an organisation’s efficiency in the business environment.

Is there a legal basis for a legal compliance audit?

• Unlike a financial audit, which is anchored in Article 229 (4) of the Constitution, section 68 (2) (k) of the Public Finance Management Act, section 14 of the Public Audit Act, section 14 (3) of the States Corporations Act and section 709 (1) of the Companies Act, legal compliance audits are not an express requirement under the laws of Kenya.
• However, the Code of Governance for State Corporations (Mwongozo 2015), which applies to everyone in State Corporations in Kenya-that is, every board member, employee and contract staff, requires under clause 8.4 (a) that a comprehensive and independent legal audit be carried out at least once every two (2) years.
• Mwongozo was issued as a Regulation under section 30 of the State Corporations Act under an Executive Order (Executive Order No. 7 of 2015) by the Former President of the Republic of Kenya, Hon. Uhuru Kenyatta. Section 30 of the State Corporations Act provides, “The President may make regulations generally for the better carrying into effect of the provisions of this Act, and the powers conferred by this section may be assigned by…. the Constitution.”
• The Capital Markets Authority, under the powers granted under section 11 (3) (v) of the Capital Markets Act (Cap. 485A), issued the Code of Corporate Governance Practices for Issuers of Securities to the Public, 2015. Clause 2.10 of this Code requires a listed company’s board to subject the company to a legal audit.
• A legal compliance audit is based on local/regional/international laws and regulations, business-related frameworks and regulations, and an organisation’s policies, procedures, and processes.

What are compliance obligations, and where do they arise from?

According to ISO 14001:2015, compliance obligations are legal requirements that an organisation must comply with in addition to any other requirements it has to or chooses to comply with. Compliance obligations can arise from mandatory requirements, such as applicable laws and regulations, or voluntary commitments, such as organisational and industry standards, contractual relationships, and codes of practice.

Organisations have various legal duties (obligations) with which they should comply. These legal duties may vary depending on the organisation’s nature, i.e., whether it is a public or private entity.

Why should an organisation carry out a legal compliance audit?

Does your organisation want:

• How can one stay current with the ever-changing legal terrain, including the Constitution, statutory laws, amendments and repeals of laws, new enactments that affect legal rights and obligations, and court decisions?
• To keep up with advances worldwide (best practices)?
• To maximise its productivity?
• To align with new business prospects, e.g., endeavour to develop a new product or service and ascertain the legal requirements?
• To do away with outdated systems, standards & procedures?
• An in-depth examination of the legal and regulatory environment to be conscious of its obligations.
• To update its registration records, licences or other requirements conforming to the laws?
• To identify weaknesses in its internal policies and procedures, standards & systems to take steps to redress them.
• To pre-empt litigious proceedings and save on the related legal expenses? To avoid criminal prosecution of its management and senior staff?

If your answer to all or some of the questions above is ‘YES’, then you know ‘WHY’ your organisation should conduct a legal compliance audit.

Who carries out a legal compliance audit?

A legal compliance audit can be internal or independent. An organisation’s personnel conduct an internal audit, while an independent audit is carried out by an outsider or a person not connected with the organisation being audited.

What is required of the auditor?

When conducting a legal compliance audit, the auditor examines and interrogates an organisation’s policies, operations, practices, activities, and documents to determine whether it complies with existing laws, regulations, and policies.

Ultimately, the auditor will seek to:

• Identify what an organisation is required to comply with;
• Examine what the organisation is doing/does;
• Identify the legal risks of non-compliance
• Review laws, regulations and policies; and
• Propose reforms/make improvement recommendations to the organisation.

Remote Legal Auditing Lawyers in Kenya

Our lawyers work remotely, which not only helps to reduce costs but also provides us with the flexibility to engage with businesses from anywhere in the world. Rayness Analytica has years of experience in remote engagements, supporting onboarding and managing thousands of remote relationships.

For Inquiries:

Visit our Contact Us page or email us directly at rna@raynessanalytica.com.

FAQs

Frequently Asked Questions about Legal Auditing in Kenya

What is a legal compliance audit?

A legal compliance audit is a thorough assessment of an organization’s processes, policies, documents, records, practices, and acts to evaluate compliance with relevant laws and regulations.

What are the key characteristics of a legal compliance audit?

A legal compliance audit is systematic, objective, impartial, and evidence-based, relying on a fixed plan, factual assessment, and supporting tangible evidence.

What are the main objectives of conducting a legal compliance audit?

The primary objectives include preventing legal risks, uncovering deficiencies, ensuring compliance with laws and policies, enhancing the effectiveness of compliance practices, and improving organizational efficiency.

Is there a legal requirement to conduct a legal compliance audit in Kenya?

While not explicitly mandated by law, regulations like Mwongozo for State Corporations and the Capital Markets Authority’s code recommend or require biennial legal audits for certain organizations.

Who is responsible for carrying out a legal compliance audit and what are their roles?

The audit can be conducted internally by organization personnel or externally by independent professionals; the auditor examines policies, practices, and documents to identify compliance levels and propose improvements.

 

Need Additional Services?

• Legal Services in Kenya: Connect with top-rated Kenyan attorneys.
• Freelance Services: Find world-class freelancers for any project—fully remote, fully verified.

Other Services:

Choose your service. See the price upfront. Work with real experts.
From contracts and finance services to analytics and law practice—get started instantly.

Order Now: https://raynessanalytica.com/order-now/