(1) The trustees of a scheme or trust RAC shall establish and maintain an effective internal audit function which shall comply with this section.
(2) The internal audit function referred to in subsection (1) shall include an evaluation of the adequacy and effectiveness of the internal control system and other elements of systems of governance including, where relevant, outsourced activities.
(3) Where the person carrying out the internal audit key function provides a report or makes a recommendation to the trustees of a scheme or trust RAC, the trustees shall have regard to that report or recommendation.
(4) The scope and detail of the internal audit function shall be proportionate to -
(a) the size and internal organisation of the scheme or trust RAC, and
(b) the size, nature, scale and complexity of the activities of the scheme or the trust RAC.