52 A&T BANK ANNUAL REPORT 2015

REPORT OF THE AUDIT COMMITTEE ON THE INTERNAL SYSTEMS OF THE BANK

Pursuant to the framework of the

Regulation Regarding Internal

Systems and Internal Capital

Adequacy Assessment Process of

Banks, the Audit Committee was

established by the Bank’s Board of

Directors to execute the auditing

and monitoring functions of the

Board. The Director of Internal

Systems, appointed by the Board of

Directors, coordinates the Internal

Systems Departments in accordance

with the requirements of the

Banking Law, Regulation Regarding

Internal Systems and Internal Capital

Adequacy Assessment Process of

Banks, along with other relevant

rules and regulations, and works

under the supervision of the Bank

Audit Committee. Although the

functions, duties and responsibilities

related to internal auditing, internal

control and risk management are

wholly separated within the Bank,

the Inspection Council, the Internal

Control Department and the Risk

Management Department all work

in coordination with each other.

The primary objective of

A&T Bank’s internal systems policies

is to increase shareholder value by

balancing risk and return in banking

activities. Internal auditing and

risk management activities have

aimed to start prior to taking risks

and project the precautions which

should be taken.

The Audit Committee believes in the

necessity of building and operating

an efficient and sufficient internal

systems structure appropriate

for the Bank’s activities and

characteristics under ever-changing

conditions. Accordingly, A&T

Bank has established the systems

required for a strong and controlled

expansion.

The global economic crisis has

revealed various application

errors in internal auditing and

risk management; and has put

the importance of effective risk

management and internal auditing

into sharp focus.

The Inspection Council and the

Internal Control Department plan

and execute their activities with a

risk-based approach that focuses

on minimizing operational risk

as well as conforming the Bank’s

activities to both internal rules

and external legislation, while

increasing efficiency and service

quality. Reports on audit results are

delivered to relevant executives in

a timely manner to ensure that any

weaknesses are eliminated without

delay.

The Inspection Council and the

Internal Control Department

continued their activities apace

in 2015. The “Self-Assessment

Application” implemented in

2010 to raise awareness of

internal controls among head

office departments’ staff and

branch personnel while improving

efficiency and effectiveness in

internal auditing functions, has

continued in 2015.

In addition to standard audits

carried out every year, A&T Bank

has also prioritized its business

processes; to this end, the Bank

conducts “Business Processes

Risk Analyses” within the

framework of the “Management

Declaration” and carries out

process and information systems

audits. Furthermore, a report was

presented to the Audit Committee

after evaluating the accuracy

of the data used in the Internal

Capital Adequacy Assessment

Process Report which was prepared

under the coordination of the Risk

Management Department. The

report evaluated the sufficiency of

the systems and processes along

with whether data, systems and

processes provided basis for correct

information and analysis.

The Risk Management Department

is responsible for analyzing,

identifying, measuring, monitoring,

reporting and controlling risks. It

also establishes and applies risk

management policies, guidelines

and rules in compliance with

principles approved by the Board

of Directors. Risk analysis reports

related to credit, market and

operational risks are submitted

to the Audit Committee, Senior

Management and the Board of

Directors on a monthly basis

to be evaluated and taken into

consideration during the decision-

making process.