Audit commitee and audit oversight

Best practice manadates that the audit committee consists only of independent directors.

So internal compliance can’t join the audit commitee as well?

you don’t want your internal compliance dept running the audit committee.

The auditors are independent: not under management’s control. You’d like an audit committee that is similarly not under management’s control; hence: independent.

Audit Committee consists of directors, whereas internal compliance (or internal audit) are part of management.

In practice, however, you would have your Chief Compliance/Audit (or sometimes Risk) Officer report to (but not be a part of) the Audit Committee (this depends on the industry, but in banking/finance, this is typical). And they should always have some number of sessions that are the independent directors alone. Audit Committee will often have oversight responsibilities for regulatory compliance, so this might be where your confusion seeps in.

Bottom line is that best practice (and in some cases legally required in the US), you have to have an independent audit committee with at least one member who is designated as an Audit Committee Financial Expert.