Internal audit

NLB’s Internal Audit Centre (hereinafter: the Center) functions in an independent and objective advisory role, using a systematic and professional approach to assess risk management, control systems and the management of operations. It plays an important role in the implementation of NLB Group’s strategic and business objectives and best banking practices.

In 2012, an external service provider assessed the quality of the internal audit activity at NLB, NLB Group banks and the majority of non-banking Group companies. The service provider assessed that all internal audit departments that were the subject of the examination functioned, in all material respects, in accordance with the definition of internal auditing, the International Standards for the Professional Practice of Internal Auditing, the Code of Ethics, the Code of Internal Auditing Principles and the Code of Ethics of Internal Auditors.

The Center’s purpose, effectiveness, work methodology, and competencies and responsibilities are defined in the Internal Audit Charter. Guidelines for the Center’s work are outlined in the Internal Audit Manual. The Center regularly reports to the Management Board, the Supervisory Board and its Audit Committee, and to external auditors as required.

The main role of the Center is to provide NLB’s Management Board and Supervisory Board impartial assurance with respect to the effectiveness of risk management by assessing whether critical risks are managed appropriately and whether the internal control system is functioning effectively. A good internal control system is the key element to effective risk management, which in turn is critical to achieving the Bank’s business objectives.

The emphasis of internal auditing is placed on the existence and functioning of the system of internal controls and effective risk management, which is also envisaged by international practices in line with guidelines of the COSO (Committee of Sponsoring Organizations of the Treadway Commission): e.g. IC (Internal Control) and ERM (Enterprise Risk Management). Both models represent internal auditing criteria for assessing the control system and risk management. Planning audits is based on an analysis of the inherent and control risks that arise in different areas of the Bank’s operations. In addition to planned audits, the Center also carried out audits at the request of the regulatory body, and extraordinary audits and unannounced audits in the business network.

In 2012, the Center’s auditors conducted audits in all key areas of the Bank’s operations subject to risk, and audited or participated in the audits of other NLB Group companies. The audits were carried out in the areas of credit, operational, market and other risk management, and covered specific business and support functions of the Bank. The Center conducted a total of 75 audits.

The majority of the Center’s other activities in 2012 related to coordinating Bank of Slovenia examinations and audits conducted by the external auditor, and to the monitoring of the implementation of recommendations, regarding which the Center reported regularly to the Bank’s Management Board and Supervisory Board. The Center also carried out other activities related to auditing such as consulting, training, the transfer of know-how and the supervision of and cooperation with the internal audit departments of NLB Group companies. With regard to the development of the internal audit function, the majority of time was dedicated to the introduction of new information support for monitoring the implementation of issued recommendations, while some time was also dedicated to changes to the methodologies used to plan audits and assess the control system and risk management.

The Center implements corporate governance and supervision principles within the Group in line with the NLB Group Governance and Supervision Policy and the Harmonization Program. In addition to the Center, other Group companies have 15 internal auditing departments, whose work is based on a standard umbrella act (e.g. the Internal Audit Charter for each individual NLB Group company), as well as uniform standards and work methodologies aimed at meeting the highest internal auditing standards across the entire NLB Group.