Page 98 - Exim iar24_Ebook
P. 98
EXIM BANK MALAYSIA
96
STATEMENT ON
INTERNAL CONTROL
i) Reviews the Bank’s whistleblowing terms of reference and determine the effectiveness of the whistleblowing overall framework;
j) Decide on whether incidents reported through the whistleblowing platform merits further investigation. Where incidents are
investigated, to provide updates on the status of investigation and their outcomes;
k) Review of annual performance report on the effectiveness of EXIM’s Anti-Bribery; Management System (ABMS) and conformance
with the standard requirement of ISO 37001 ABMS 2016; and
l) Review of IID’s integrity and governance report for submission on a biannual basis to Bahagian Pengurusan Integriti Agensi of
the Malaysian Anti-Corruption Commission.
In 2024, the BAC held six scheduled meetings and seven Special BAC meetings to discuss and deliberate on agenda items that
include AAD’s Annual Audit Plan and Internal Audit Reports, BNM Composite Risk Rating Report, External Auditors’ Statutory Audit
Plan and their Report, and financial statements of the Bank.
In addition, the Board Audit Committee (BAC) continued its oversight of the Audit & Compliance Issues Resolution Committee
(ACIRC) chaired by the President and Chief Executive Officer (PCEO) to expedite the resolution of audit as well as compliance-related
issues. Since establishment in 2023, ACIRC has continued to be a platform that facilitates the effective and prompt implementation
of management actions. In 2024, eight ACIRC meetings were held involving five scheduled and three special meetings.
Furthermore, BAC reiterated to Senior Management on the importance and continuous need to strengthen the consequence
management framework in reinforcing compliance culture as well as instilling discipline among personnel across the Bank.
AUDIT & ASSURANCE DEPARTMENT (AAD)
The internal audit function of EXIM Bank is organized in-house to assist the BAC in overseeing that Management has established
sound risk management, internal control, and governance processes. The internal audit function is guided by internal audit
standards, regulations as well as policies and procedures with the Chief Internal Auditor (CIA) reporting functionally to the Board
Audit Committee (BAC) and administratively to the President Chief Executive Officer (PCEO).
AAD independently reviews the adequacy and integrity of the system of internal control in managing key risk and reports accordingly
to the Board Audit Committee (BAC) on every two months basis, or more often, as and when required. Where weaknesses have been
identified as a result of reviews performed, improvement measures are recommended to strengthen controls and follow-up on these
measures is conducted by AAD to assess the status of implementation thereof by Management. In addition, the BAC also meets
with the CIA without the presence of Senior Management at least once a year.
In 2024, AAD continued to perform its integral coordinating role as secretariat to the Audit & Compliance Issues Resolution
Committee (ACIRC). In this capacity, AAD organized ACIRC meetings and materials, periodically reported the status of management
actions taken as well as prepared minutes of meeting. This role ensured that ACIRC operated efficiently and remained focused on
expediting the resolution of issues in strengthening the level of governance, risk management and internal controls.
RELATIONSHIP WITH EXTERNAL AUDITOR
The BAC has established a collaborative and professional relationship with the external auditor. In 2024, The BAC met once with the
external auditor without the presence of the Management of EXIM Bank.
In 2024, BAC assessed the effectiveness of Ernst & Young (EY) as the Bank’s external auditor by utilising a questionnaire that
focuses on the overall audit process, its effectiveness, and the quality of the output. Arising from this evaluation, the BAC had
therefore recommended to the Board that EY be reappointed as auditor.
