Page 78 - EXIM-BANK-AR20
P. 78

76    EXIM BANK MALAYSIA
            Annual Report 2020

          STATEMENT OF
          INTERNAL CONTROL








          INTERNAL CONTROL
          Internal Control is defined as a process, performed by EXIM Bank’s Board of Directors, management and personnel, designed to
          provide reasonable assurance towards the achievement of the following objectives:

           •   The reliability and integrity of information
           •   Compliance with policies, plans, procedures, laws and regulations and contracts
           •   The safeguarding of assets
           •   The economical and efficient use of resources

           •   The accomplishment of established objectives and goals for operations or plans

          The Board recognises the importance of maintaining a sound system of internal control and risk management practices,
          as well as good corporate governance. It exercises overall responsibility in identifying, evaluating and reviewing the adequacy
          and effectiveness of the Bank’s risk management, governance and internal control. It recognises that risks cannot be
          eliminated completely and as such, systems and processes have been put in place to provide reasonable, and if not absolute,
          assurance against material misstatement of financial information or against losses and fraud. The Board is of the view that the
          internal control framework that has been instituted throughout the Bank is sufficient to safeguard stakeholders’ investments,
          customer’s interests and the Bank’s assets. Reviews are continuously carried out by the Bank to ensure effectiveness of
          the system.


          BOARD AUDIT COMMITTEE
          Established  to  further  strengthen  EXIM  Bank’s  internal  audit  processes,  the  Board  Audit  Committee  (BAC)  meets  regularly
          with  the  objective  of  assisting  the  Board  in  managing  the  Bank’s  range  of  inter-related  risks  in  an  integrated  manner.
          The key processes that the Board has established in reviewing the integrity of the systems of the internal controls
          are as follows:
          a)    The  President/Chief  Executive  Officer  (P/CEO)  is  entrusted  with  the  management  of  the  Bank,  where  his/her  roles,
             responsibilities and authority limits are set by the Board. The appointment of P/CEO requires the approval of the Board;
          b)    Specific  responsibilities  have  been  delegated  to  the  relevant  Board  Committees,  based  on  their  respective  terms  of
             references. The Committees have the authority to examine all matters within their scope of responsibility and submit their
             recommendations to the Board. The ultimate responsibility for the final decision on all matters, however, lies with the Board.

          c)    Delegation  of  authority,  including  limits  at  various  levels  of  Management  and  those  requiring  the  Board’s  approval,
             are documented and designed to ensure proper accountability.

          d)    Policies  and  procedures  manual  for  key  processes  are  documented  and  regularly  reviewed  and  updated  for  application
             across the Bank.

          e)    BAC  regularly  reviews  the  adequacy  and  integrity  of  the  Bank’s  internal  control  systems  and  management  information
             system, including systems for compliance with applicable laws, regulations, rules, directives and guidelines, as identified
             by the internal auditors, external auditor and regulatory authorities. It also reviews the adequacy and comprehensiveness
             of the internal audit process, scope of audit, competency of the auditors and the independence of the internal audit function;
   73   74   75   76   77   78   79   80   81   82   83