BIMB Integrated Annual Report 2017

This is accomplished through the following: i. Formulating a comprehensive and detailed Audit Plan using appropriate and structured risk-based methodology that is aligned to BHB’s strategic objectives; ii. Adopting a systematic and disciplined approach in evaluating risk exposures and the adequacy and effectiveness of controls to manage the risks within BHB’s governance, operations and information systems; iii. Embracing international standards and best practices such as Committee of Sponsoring Organisations (COSO) to further enhance the relevance and effectiveness of the internal audit activities; iv. Reviewing existing internal control systems and reporting on whether these provide reasonable assurance against material misstatement, loss and fraud; v. Reporting any significant issues that affect the processes of controlling the activities of, and managing the risks faced by the divisions/companies audited; and vi. Seeking the Management’s agreed course of actions to rectify weaknesses identified and perform follow-up audits to confirm if the actions have been correctly implemented, and are adhered to consistently. Scope and Coverage The summary of the activities of the Internal Audit for the financial year ended 31 December 2017 were as follows:- i. Prepared the Audit Plan for approval of the AEC. The Audit Plan was developed based on assessment of the significant potential risk exposure of the auditable areas; ii. Issued Audit Reports to the AEC and Management, identifying weaknesses and issues as well as highlighting recommendations for improvement. Such recommendations were acted upon by Management with agreed timelines; iii. Followed up on the Management corrective actions on audit issues raised by the IAD. Determine whether corrective actions taken had generally achieved the desired results; iv. Reported to the AEC, review on the adequacy, appropriateness and compliance of risk management, internal controls and governance processes; v. Reported to the AEC on the reliability, integrity and continuity of Information Technology in compliance with the Company’s Information Technology Policy together with the effectiveness and robustness of stress testing procedures and practices and the necessary back-up system to cover for contingencies and disaster; vi. Reviewed the reliability (including accuracy and comprehensiveness), integrity and timeliness of regulatory reporting, accounting records, financial reports and management information; and vii. Reviewed compliance with relevant legal, regulatory and internal policies as well as in compliance with Shariah rules and principles as determined by the Shariah Committee. Performance Review of the Committee During the financial year, the TOR of the Committee was reviewed to reflect the regulatory requirements arising from the company being approved and designated as a Financial Holding Company. The evaluation on the effectiveness of the Board, its committees and the members of the Board revealed that the Board is satisfied with the performance of the AEC and its members. The AEC has discharged its duties in accordance with its TOR and in line with the requirements of BNM and Bursa Securities. This report is made in accordance with a resolution of the Board dated 28 March 2018. 123 Overview Value Creation Accountability Financial Statements Sustainability Performance Data Shareholders Information 21 st AGM Information Management Discussion & Analysis