Background Image
Table of Contents Table of Contents
Previous Page  94 / 324 Next Page
Information
Show Menu
Previous Page 94 / 324 Next Page
Page Background

FINANCIAL HIGHLIGHTS AND RISK MANAGEMENT

94

STATUTORY AUDITOR’S

REPORT

To the General Assembly of Shareholders of Türkiye Vakıflar Bankası T.A.O:

This audit report was prepared pursuant to the provision of Article 44 of Türkiye Vakıflar Bankası T.A.O. Articles of Incorporation.

While the Bank is eligible for the auditing performed by the Supreme Audit Institutions, the Bank’s external auditing is made routinely by the Court of Accounts and the Banking Regulation and

Supervision Agency (“BRSA”), and also by the independent auditor as per the Article 43 of the Bank’s Articles of Incorporation.

In the current period, the Bank increased its assets by 17% and reached TL 158,217,726 thousand while increasing its loans - that have the most important portion in the assets with 66% - by 21%

and reached TL 104,583,517 thousand. Moreover, the Bank increased its deposits by 13% and reached TL 91,756,968 thousand in this period. As a consequence of these growing figures, the Bank

increased its profit higher than the sector by 11% and made TL 1,753,273 thousand profit.

In this period, with the 34 new branches the number of domestic branches reached 890. Thus, the total number of employee is 14,920. Moreover, in line with the issue on providing continuous

training to the employees, it was observed that the employees attended internal on-the-job training sessions as well as domestic and international training programs organized by institutions other

than the Bank.

The included financial data related with the annual activities of the Bank was reflected in compliance with the procedures and principles in force within the frame work of the Banking Law n.5411,

Turkish Commercial Code n.6102, Capital Markets Law n.6362, generally accepted accounting principles, relevant legislation and the Regulation of Internal Systems.

Internal auditing of the Bank: is made by the Audit Board Department, Internal Audit and Risk Management Departments.

It was concluded that: the Bank had an annual audit plan with regard to the on-site audits conducted in the Bank covering 890 domestic branches, 3 overseas branches, Head Office units and

consolidated subsidiaries; and these audits were conducted within the framework of the audit standards including the inspection of the operational transactions to carry out the Bank operations, of the

Bank’s communication channels and information systems, of the financial reporting systems, of the implementations for the business processes and of consistency.

Within the framework of the auditing activities, in general terms and briefly:

Within the scope of the audits conducted on-site; it was concluded that, the internal audit units, primarily detected the risks the Bank encountered, performed controls related with these

risks, determined the fields that necessitate priority, specified the details that had to be taken into account and performed risk assessments;

Furthermore, it was concluded that, after the regularity of the audit (yearly for the Head Office Departments, overseas branches and subsidiaries and monthly for the branches) was

determined, it was submitted to the approval of the Audit Committee;

Upon the starting of the audit process in the branches/departments, the data included in the audit program determined for the branches/departments was in a short time assessed by the

auditors conducting the audit and the audit process was systematically conducted on the risky matters and on the fields subject to the audit;

Within the scope of the centralized audits; it was concluded that; the Bank’s transactions and processes were controlled periodically with the determined risk control matrixes; specific

risk points were monitored daily, weekly and monthly during the year through the inquiries created by the central audit team; detected findings were analyzed in detail at the branches/

departments by the auditors on the field and the conclusions reached after the control of the physical documents were reported via the central audit system;

Within the scope of the management statement activities; it was concluded that; with regard to the information systems and banking processes, by performing tasks for increasing the

effectiveness of the control processes through manual and systematic control points covering the operations of all the departments, the findings were presented to the related departments

with the aim of setting action plans for the control deficiencies; the management statement, after being evaluated regarding its effectiveness, competency and consistency in terms of

audit period, was prepared with the purpose of ensuring safety regarding the current situation and audit activities conducted; during the audit period, even if it was not at an important

level, all the abuses (if any) involved by the Bank employee were reported;

Within the scope of the audits made on the information systems; it was concluded that, taking into account the banking processes as well, the auditing of the information systems (such

as applications, systems, servers, databases) which were used in these processes, was made, taking into consideration the framework of the Cobit processes, during the audit, it was

monitored whether or not the information systems, related documentation and their control mechanisms were set, the procedures regarding the testing and assessment of the controls

within the framework of the importance principle of design and operating effectiveness, were monitored during the audit, the actions taken for the findings discovered in consequence

of the leak testing, were monitored during the audit, Within the scope of the regulation with regard to the procurement of support service by the Banks; it was concluded that the

assessments were performed regarding the compliance of the firms that the Bank purchased support services from, with the specified terms and conditions;

Within the scope of the consistency controls; it was concluded that; the legislative amendments were monitored and practices were performed to find out whether the Bank complies with

these amendments or not; transactions carried out in the Bank were inspected through the programs and controlled in line with the Financial Crimes Investigation Board (MASAK);

Within the scope of the Risk management processes; it was concluded that; the audit practices were performed for the Bank’s internal and external reporting systems which had impacts on

the Bank’s capital adequacy ratio.

All these issues were shared with the Bank’s Senior Management.

As a consequence; it was observed that the Bank’s audit mechanisms function efficiently and strict attention was paid to keep any risky and fraudulent transactions under control through the

continuous on-site audits performed by the internal control units as well as on-site and centralized audits performed by the Bank’s internal auditors, in addition to the external audits. In 2014, the

issues identified by the internal control units were presented in the Management Statement which was prepared in compliance with the Communiqué of BRSA and submitted to the aforementioned

Organization (BRSA) after being approved by the Board of Directors.

Yours sincerely,

Mehmet HALTAŞ

Yunus ARINCI

Audit Member

Audit Member

I 89 90 91 92 93 94 95 96 97 98 99 100 IV  FlippingBook