102 VAKIFBANK
ANNUAL REPORT 2015
To the General Assembly of Shareholders of Türkiye
Vakıflar Bankası T.A.O:
This audit report was prepared pursuant to the
provision of Article 44 of Türkiye Vakıflar Bankası T.A.O.
Articles of Incorporation.
While the Bank is open to public scrutiny, the Bank’s
external auditing is made routinely by the Court of
Accounts and the Banking Regulation and Supervision
Agency (“BRSA”), and also by the independent
auditor as per the Article 43 of the Bank’s Articles of
Incorporation.
In the current period, our Bank’s; i) total assets
increased by 16% and reached TL 182,947,124
thousand; ii) total loans with 68% share in the assets
increased by 18% and reached TL 123,780,653
thousand, iii) total deposits – with a broadened base
– increased by 20% and reached TL 109,922,534
Thousand. Within this scope, demand deposits
increased by 21% while savings deposits increased
by 24% and reached TL 45,072,299 thousand. As a
consequence of these growing figures, the Bank’s net
income increased by 10% –outperforming the sector –
and reached TL 1,930,109 thousand.
The Bank valuated its real estates, which were in
use throughout the year, at a fair market value, and
increased its equities with a net value of TL 548.390
thousand. Moreover, our Bank’s Capital Adequacy
Ratio, which is an important figure for the banking
sector, increased by 60 basis points and reached
14.52% compared to the previous year.
In this period; within the scope of the policy of
increasing the number of branches, the Bank opened
27 new branches. In this context, the number of
its domestic branches reached 917, while the total
number of personnel is 15,410. Moreover, in line
with the issue on providing continuous training to
the employees, it was observed that the employees
attended internal on-the-job training sessions as
well as domestic and international training programs
organized by institutions other than the Bank.
The included financial data related with the annual
activities of the Bank was reflected in compliance
with the procedures and principles in force within
the frame work of the Banking Law no. 5411, Turkish
Commercial Code no. 6102, Capital Markets Law
no. 6362, generally accepted accounting principles,
relevant legislation and the Regulation of Internal
Systems.
Internal auditing of the Bank: is performed by the
Audit Board Department, Internal Audit and Risk
Management Departments.
It was concluded that: the Bank had an annual audit
plan with regard to the on-site audits conducted
in the Bank covering domestic branches, overseas
branches, Head Office departments and consolidated
subsidiaries; and these audits were conducted within
the framework of the audit standards including the
inspection of the operational transactions to carry out
the Bank operations, of the Bank’s communication
channels and information systems, of the financial
reporting systems, of the implementations for the
business processes and of consistency.
Within the framework of the auditing activities, in
general terms and briefly:
Within the scope of the audits conducted on-site; it
was concluded that, the internal audit departments,
primarily detected the risks the Bank encountered,
performed controls related with these risks,
determined the fields that necessitate priority,
specified the details that had to be taken into account
and performed risk assessments;
Furthermore, it was concluded that, after the
regularity of the audit (yearly for the Head Office
Departments, overseas branches and subsidiaries and
monthly for the branches) was determined, it was
submitted to the approval of the Audit Committee;
Upon the starting of the audit process in the
branches/departments, the data included in the audit
program determined for the branches/departments
was in a short time assessed by the auditors
conducting the audit and the audit process was
systematically conducted on the risky matters and on
the fields subject to the audit;
Within the scope of the centralized audits; it was
concluded that; the Bank’s transactions and processes
were controlled periodically with the determined risk
control matrixes; specific risk points were monitored
daily, weekly and monthly during the year through
the inquiries created by the central audit team;
detected findings were analyzed in detail at the
branches/departments by the auditors on the field
and the conclusions reached after the control of the
physical documents were reported via the central
audit system;
Within the scope of the management statement
activities; it was concluded that; with regard to the
information systems and banking processes, by
performing tasks for increasing the effectiveness of
the control processes through manual and systematic
control points covering the operations of all the
departments, the findings were presented to the
related departments with the aim of setting action
plans for the control deficiencies; the management
statement, after being evaluated regarding its
effectiveness, competency and consistency in terms
of audit period, was prepared with the purpose of
ensuring safety regarding the current situation and
audit activities conducted; during the audit period,
even if it was not at an important level, all the
abuses (if any) involved by the Bank employee were
reported;
Within the scope of the audits made on the
information systems; it was concluded that, taking
into account the banking processes as well, the
auditing of the information systems (such as
applications, systems, servers, databases) which
were used in these processes, was made, taking into
consideration the framework of the Cobit processes,
during the audit, it was monitored whether or not
the information systems, related documentation and
their control mechanisms were set, the procedures
regarding the testing and assessment of the controls
within the framework of the importance principle of
design and operating effectiveness, were monitored
during the audit, the actions taken for the findings
discovered in consequence of the leak testing, were
monitored during the audit,
Within the scope of the regulation with regard to the
procurement of support service by the Banks; it was
concluded that the assessments were performed
regarding the compliance of the firms that the Bank
purchased support services from, with the specified
terms and conditions;
Within the scope of the consistency controls; it was
concluded that; the legislative amendments were
monitored and practices were performed to find out
whether the Bank complies with these amendments
or not; transactions carried out in the Bank were
inspected through the programs and controlled in
line with the Financial Crimes Investigation Board
(MASAK).
All these issues were shared with the Bank’s Senior
Management.
As a consequence; it was observed that the Bank’s
audit mechanisms function efficiently and strict
attention was paid to keep any risky and fraudulent
transactions under control through the continuous
on-site audits performed by the internal control
departments as well as on-site and centralized audits
performed by the Bank’s internal auditors, in addition
to the external audits. In 2015, the issues identified
by the internal control departments were presented
in the Management Statement which was prepared
in compliance with the Communiqué of BRSA and
submitted to the aforementioned Organization (BRSA)
after being approved by the Board of Directors.
Yours sincerely,
Mehmet HALTAŞ
Yunus ARINCI
Audit Member
Audit Member
STATUTORY AUDITOR’S REPORT
