TheBAECwas satisfiedwith thequality of audit, performance, competency and sufficient resources provided to BIMB by the External Auditors during the financial year under review. The BAEC was also satisfied that the provision of non-audit services to BIMB by the External Auditors did not impair their objectivity and independence as External Auditors of BIMB. The amount of audit fees and non-audit fees paid by BIMB and the Group can be found on page 303 of Notes 31 of the Financial Statements. INTERNAL AUDIT FUNCTION BIMB has an in-house internal audit function which is carried out by the Internal Audit Division (IAD). The IAD undertakes the audit on entities within BIMB, its subsidiaries and related parties of BIMB. During the financial year under review, the audited entities include BIMB Investment Management Berhad, BIMB Securities Sdn Bhd, Syarikat Al-Ijarah Sendirian Berhad and BIMB Securities (Holdings) Sdn Bhd. The IAD is primarily responsible to undertake regular and systematic reviews in conformance with the Institute of Internal Auditors’ International Professional Practices Framework and the Internal Audit Charter so as to provide reasonable assurance that the risk management process, internal controls and governance practices of BIMB and its Group are operating satisfactorily and effectively and are in line with the Group’s goals and objectives. In view of the implementation of the movement control order, some of the audit works were performed offsite. Responsibility, Scope and Methodology The BAEC oversees the performance and effectiveness of the Internal Audit function based on the approved key performance indicators, assesses the competency and experience of the Internal Audit staff as well as the adequacy of resources in order for the Internal Audit function to carry out its work effectively. The BAEC also ensures that the Internal Audit staff have the authority to discharge their role objectively and independently, free from any relationship or conflict of interest. To reflect the independence of Internal Audit, the GCIA reports functionally to the Board through the BAEC and administratively to the Group CEO. The GCIA is Zalfitri Abd Mutalip who has a degree in Bachelor of Science in Business Administration (Finance), a Certificate in Internal Auditing for Financial Institution (CIAFIN) and is a Chartered Professional in Islamic Finance (CPIF). He has extensive experience in auditing in the financial industry and has helmed the IAD of BIMB since 2017. The annual audit plan is reviewed and approved by the BAEC prior to the beginning of each financial year. The audit plan adopts a risk-based approach in determining the auditable units and frequency of the audits which focussed on the following three (3) components:- i. Impact and likelihood of the inherent risk; ii. The respective controls in place; and iii. E xistence of effective risk transfer and loss impact reduction practices in minimising potential losses from negligence or fraud. IAD adopts the standards and principles outlined in the Internal Control Framework of Committee of Sponsoring Organization of the Treadway Commission (COSO) and the objectives set by the Institute of Internal Auditors’ International Professional Practices Framework which comprises the core principle for the Professional Practice of Internal Auditing, the definition of Internal Auditing and Code of Ethics. The results of the audit conducted, including its risks, rootcause and recommendations are reported to the BAEC on a regular basis. Resolution of the audit findings and recommendations are performed by the Management and closely observed by the Management Audit Committee whose members comprised the senior management members. In addition, Shariah audit reports including their findings, risks, root-cause and recommendations are notified and deliberated at the Shariah Supervisory Council meetings. Resources The overall costs incurred to maintain the internal audit function in the Group for the Financial Year 2021 was approximately RM7.9 million (Financial Year 2020: RM7.1 million), consists mainly of salaries and other audit related expenditures. As at 31 December 2021, the IAD has a staff strength of 43 auditors, all of whom are equipped with the relevant experience and qualifications. 27 auditors had obtained the required certification, namely, Certification for Bank Auditors (CBA) and/or CIAFIN. In 2021, three (3) staff had obtained CBA, and one (1) staff each had obtained the Certified Information System Auditor (CISA) and Digital Risk Manager (DRM) certification. Due to the continued movement control order and the need for social distancing, the training and development of the auditors’ skillset and competencies were mostly done via the virtual platform. The IAD is committed to provide an independent, objective assurance and advisory services that will add value and improve the Group’s operations. INTEGRATED ANNUAL REPORT 202 1 Key Messages Overview Value Creation MD&A Sustainability Leadership Accountability Financial Additional Information 191
RkJQdWJsaXNoZXIy NDgzMzc=