Statement of Internal Control



The Board of Directors ("Board") recognises the importance of sound internal controls and risk management practices to good corporate governance. However, such system of internal control is designed to manage the Group's risks within an acceptable risk profile, rather than eliminate the risk of failure to achieve the policies and business objectives of the Group. Accordingly, it can only provide reasonable assurance against misstatement of management and financial information and records. To this end, the Board has established an organization structure which clearly defined lines of accountability and delegated authority.

The Board has delegated specific responsibilities to four subcommittees (Audit and Examination, Risk Management, Nomination and Remuneration). These committees have the authority to examine particular issues and report back to the Board with their recommendation. These committees are chaired by independent non-executive directors.

The management assists the Board in the implementation of the Board's policies and procedures on risk and control by identifying and assessing the risks faced, and in the design, operation and monitoring of suitable internal controls to mitigate and control these risks.


Key Internal Control Processes

The respective subcommittees of the Board are established by the Boards to assist the Boards in ensuring the effectiveness of the Bank's operations and that the Bank's operations are in accordance with the corporate objectives, strategies and the annual budget as well as the policies and business environment and internal operating conditions.

The Group Audit & Examination of the Bank monitors compliance with policies and procedures and the effectiveness of the internal control systems and highlights significant findings in respect of any non-compliance. Audits are carried out on all units or branches, the frequency of which is determined by the level of risk assessed, to provide an independent and objective report on operational and management activities of these units or branches. The annual audit plan is reviewed and approved by the respective Audit & Examination Committees of the subsidiaries.

The Audit & Examination Committee review internal control issues identified by the Group Audit & Examination, the external auditors, regulatory authorities and management, and evaluates the adequacy of internal control system. The minutes of the Audit Committee meetings are tabled to the Board of the Bank on a monthly or periodic basis.

The Risk Management Committee was established by the Board to assist the Board to oversee the overall management of principal areas of risk in order to ensure structures and procedures of risk management are in place and they are reflective of the Bank's risk tolerance.

The Remuneration Committee was established to provide a formal and transparent procedure for developing a remuneration policy for Directors and its Senior Management, ensuring that compensation is competitive and consistent with the Bank's culture, objectives and strategy.

The Nomination Committee was formed to establish a documented, formal and transparent procedure for the appointment of directors, Group Managing Director, Managing Director and key senior officers and to assess the effectiveness of individual directors, the Board as a whole and the various committees of the Board, Group Managing Director, Managing Director and key senior officers.

Further details of the activities undertaken by the Audit & Examination Committees, Risk Management Committees, Nomination Committees and Remuneration Committees are set out in the corporate governance disclosure.

Annual budgets are approved by the respective Boards and the business units and operating subsidiaries' performance are assessed against the approved budgets and explanations are provided for significant variances on a monthly basis to the respective Boards.

There are proper guidelines within the Group for hiring and termination of staff, formal training programmes for staff, annual performance appraisals and other relevant procedures in place to ensure that staff are competent and adequately trained in carrying out their responsibilities.

The Board of the Bank and the respective Boards of subsidiaries in the Group receive and review reports from management on a regular basis on business operations at their monthly meetings.

There are policy guidelines and authority limits imposed on Executive Directors and management within the Group in respect of the day-to day banking and financing operations, extension of credits, investments, acquisitions and disposals of assets.

Policies and procedure to ensure compliance with internal controls and the relevant laws and regulations are set out in operations manuals, guidelines and directives issued by the Bank and subsidiaries in the Group which are updated from time to time.