The Internal Audit function of NLB Bank and NLB Group is an independent function designated to provide objective assurance and to advise the management with the purpose of protecting NLB Bank's assets and improving the quality and efficiency of operations. It helps NLB Bank and the Group to accomplish strategic and business objectives by the principle of best practice.
Internal Audit operates in accordance with the Bank Law, its performance is defined in The Internal Audit Charter for NLB Bank and NLB Group. Internal auditors operate in accordance with principles of independence, professionalism, and objectivity, with respect to ethical principles and in accordance with International Internal Auditing Standards. Working procedures are detailed defined in the handbook for internal auditing. Activities are regularly reported to the Management Board, Audit Committee and external regulators.
Internal Audit is directly subordinated to the Management Board covering the areas of credit, non-credit and operational risk, branch network, NLB Group, financial management and audit methodology.
Work methods and main activities of Internal Audit
Audit approach and work methods of Internal Audit follow new bank legislation and development of the internal audit profession. Main stress is laid on the internal control system and risk management, which is also defined in international practice in accordance with COSO model (Committee of Sponsoring Organizations of the Treadway Commission). In order to check internal control systems in the branch network, the new audit approach of Control Self Assessment forms ('CSA') was introduced in the branches. CSA approach is a combination of management supervision and classic internal auditing and is an addition to the existing internal auditing.
Besides providing assurance to the Management Board and consultancy to different business areas, Internal Audit every year analyses inherent business risks and control risks of individual business areas, which is the basis for defining the audit cycle.
Internal Audit is also responsible for maintaining and developing unified audit standards in the NLB Group by organizing regular meetings, workshops and daily communications with the auditors of the Group members. Supervision of the internal audit activities and business performance of the Group members is performed by CSA forms and regular audits in subsidiaries in line with the annual audit plan.
Cooperation with external auditors and supervisors
Internal Audit is responsibile for coordination of selection of the external auditor responsible for auditing the Annual Report of NLB and NLB Group. In accordance with International Auditing Standards, the external auditor can use services of internal audit. Internal Audit collects documentation from organizational bank units and coordinates meetings of external auditor and responsible bank management. Furthermore it distributes external auditors management letters to the responsible management and reports to the Management Board on realizing recommendations, which form the letters. In accordance with the protocol, Internal Audit provides the Bank of Slovenia with current information of NLB Bank's operations clarifies the understanding and implementing of banks regulations, takes steps in case of finding irregularities at supervision reviews and regular monitoring of the Bank of Slovenia. Besides it coordinates supervision reviews and reports to the Management Board on the realization of the Bank of Slovenia recommendations.
The Internal Audit reports quarterly and annualy to the Audit Committee and provides information on important findings related to the auditing of NLB and NLB Group, realizing of the annual plan, staff occupation, information on flexible plan development and the suspicion of fraud (Compliance office is responsible for preventing frauds, Internal Audit cooperates in this process).
On the basis of agreement between NLB Bank and KBC Bank, Internal Audit cooperates with KBC internal auditors at joint audits of NLB. Joint audits are confirmed by NLB Management Board, however the authority of KBC auditors is limited by a special statement. Internal Audit also cooperates with KBC internal auditors on the matter of education and mutual exchange of knowledge and experience.
Main activities in 2003
Beside the main audit activities internal consolidation was achieved due to environmental changes, mostly regarding increase of requests for reporting to the Bank of Slovenia and to the Audit Committee, enlargement of NLB Group, communication in foreign language and expanding cooperation with KBC. The audit approach also significantly changed.
Internal auditors have performed 25 regular reviews, 18 extraordinary reviews and 14 reviews for the external auditor in the year 2002. Most of the activities in the year 2003 were focused on:
- performing of the first joint review of risk management on the financial markets with KBC auditors,
- audits in NLB Group: LB Maksima, Prvi faktor, LB Leasing Group, CBS Bank, Tutunska banka and LHB,
- cooperating at audit review of Bank of Slovenia,
- cooperating at the audit review of the IT system and internal controls in the field of securities trade, performed by PwC,
- cooperating with the auditors from Accenture in the audit review of the NLB Bank IT system;
- cooperating with external auditors KPMG and PwC,
- other: coordination of choosing a new external auditor, update of the audit handbook, coordination of choosing an external IT auditor.
The findings and recommendations of auditors show, that the most important tasks are focused on current IT organisation, its management and strategic development of IT activity. NLB Bank has formed a special Task Force and accepted action plan in order to normalize IT operations.
