Internal Risk Management
Internal control is the process, effected by a company's Board of Directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the effectiveness and efficiency of operations, the reliability of financial reporting and compliance with applicable laws, regulations, and internal policies. Internal controls are the policies and procedures established and implemented alone, or in concert with other policies or procedures, to manage and control a particular risk or business activity, or combination of risks or business activities, to which the company is exposed or in which it is engaged.
To address the risk a separate Internal Control Department has been set up. The Audit Committee of the Board of Directors supervises the internal control, audit and compliance functions. Internal Audit Department-1 & 2 are conducting regular audit of all branches, Surprise & Item Audit of selected branches. All departments of head office are being audited phase to phase under Performance Audit and these departments are part of the internal control mechanism. Besides, the Bank has been ensuring stock audit and credit audit of large borrower accounts by professional audit firms to further strengthen the credit administration.
Risk-based Internal Audit System has already been established in the Bank and gradually all the branches will be subject to such audit. Adequate measures have also been taken to work under the computerized environment. The Audit Committee of the Board of Directors has accorded the approval of conducting System Audit. Now all the branches and offices are subject to IT based System Audit/EDP/IS to mitigate risks associated with computerization. Concurrence Audit Cell has been set up in 10 Corporate Branches along with Local Office. Two separate Fraud & Crime Prevention Units under Internal Audit Department-1 & 2 have also been set up. IS Audit of Data Centre (including Disaster Recovery Site) by a competent external IS Audit firm, has also been put in place. Internal Control & Compliance Guidelines, Formation of Audit Committee of Board of Directors & TOR of Audit Committee are already been implemented. MANCOM has been formed and it meets as per guidelines headed by DMD. Instruction Circular No. 3373 dated 03.05.05 regarding implementation of Internal Control and Compliance Risk Management has been circulated and accordingly implementation is going on. All the check lists are being followed as per Instruction Circular No.3830 dated 25.10.05. Terms of Reference of Audit and Inspection and ICC organizational structure has partly been amended.