• Internal Audit

INTERNAL AUDIT UNIT (IAU)

Internal Audit function at CIMB Niaga is performed by the Internal Audit (IA). As the third line of defence, the main duties of Internal Audit are to ensure that the Bank’s management and operations are in compliance with all prevailing rules and regulations and support the Bank’s interests and objectives. Internal Audit is also responsible for ensuring the adequacy and proper implementation of the internal control process.

IA’s role is to provide independent and objective assurance and consulting services that will add value and improve the Bank’s operations. IA assists the Bank in achieving its objectives by evaluating and improving the effectiveness of Risk Management, Internal Control, and Governance Processes.

Up to the end of 2018, IA continued to develop innovations that are required in the banking industry as well as in the utilization of methodologies that will improve the audit process to be more effective and efficient.

APPOINTMENT OF CHIEF AUDIT EXECUTIVE

IA is led by a Chief Audit Executive (CAE) who was appointed by the President Director based on Audit Committee recommendation with approval from the Board of Commissioners effective on 3 January 2017 based on Decision Letter No.024/HROB/HRS/XII/2016. The appointment of the Chief Audit Executive has been reported to BI and OJK, respectively, through Letter No.008/DIR/XII/2016 dated 19 December 2016. As an independent control unit, IA reports directly to the President Director and in a matrix to the Board of Commissioners through the Audit Committee.

The President Director with approval from the Board of Commissioner based on Audit Committee recommendation also has the authority to terminate the Chief Audit Executive if the individual is deemed unable to perform the duties in accordance with his/her responsibilities.

HEAD OF INTERNAL AUDIT PROFILE (CHIEF AUDIT EXECUTIVE)

Antonius Pramana Gunadi

Chief Audit Executive


Age: 44 Years

Citizen: Indonesian

Education: Bachelor of Accounting from Universitas Tarumanagara in 1996

Work Experience:
1. Started his career as an Auditor at Public Acoounting Firm Coopers & Lybrand, KPMG and Ernst & Young
2. Head of Internal Audit at ABN Amro Bank Indonesia, Barclays Indonesia, Bank Internasional Indonesia
3. Audit Director at Citibank

Certifications:
1. Certified Internal Auditor (CIA),
2. Certified Internal Auditor (CIA),
3. Risk Management Certification - Level 4

Training in 2018:
Job Evaluation, Executive Program Planning Session – Sharia Banking & BT18 Workshop, Common Reporting Standard Workshop, 2018 IBEX Seminar.

IAU STRUCTURE AND COMPOSITION

In accordance with PBI No.1/6/PBI/1999 dated 20 September 1999 regarding the Assignment of a Compliance Director and Implementation of Internal Audit Standards for Commercial Banks and POJK No. 56/POJK.04/2015, regarding the position of IA in the Bank’s organizational structure is as follows:

IA ROLES AND RESPONSIBILITIES

In accordance with the Internal Audit Charter, the duties and responsibilities of IA CIMB Niaga are as follows:

  1. Develop an annual audit plan based on a risk-based methodology and submit the annual audit plans to the Board of Directors and to the Board of Commissioners through the Audit Committee for approval.
  2. Implement the approved annual audit plan, including any special tasks or projects requested by the Board of Directors or by the Board of Commissioners through the Audit Committee.
  3. Ensure the availability of sufficient number of audit staff with adequate knowledge, expertise, and experience and certified professionals to conduct the audit.
  4. Conduct audit activities and assess the efficiency and effectiveness of Finance, Accounting, Operations, Human Resources, Marketing, Information Technology area and other activities.
  5. Prepare audit report and submit the report to the audited party with a copy to the President Director, Compliance Director and other relevant units including to the Board of Commissioners through the Audit Committee.
  6. Periodically report to the Board of Directors and the Board of Commissioners through the Audit Committee regarding the objectives, authorities, and responsibilities, also the performance of IA activities in comparison with their planning. Reporting also includes significant risk exposure and control issues.
  7. Prepare semester reports on the implementation of the key points of audit results to the Financial Services Authority, no later than 2 months after the end of the period.
  8. Prepare bi-annual reports regarding implementation of the key points of audit results to the Financial Services Authority, no later than 2 months after the end of the period.
  9. Report all significant findings that arise, to the Board of Directors and the Board of Commissioners through the Audit Committee.
  10. Follow up on audit findings and recommendations. All significant audit findings will remain “unfinished” until those findings are resolved.
  11. Inform the status of corrective actions regarding audit findings and recommendations of audit results to the Board of Directors and to the Board of Commissioners through the Audit Committee.
  12. Inform the Anti-Fraud Management unit of any fraud indication identified by the Internal Audit.
  13. Prepare criterias for the assessment of performance achievement and target achievement of the IA.
  14. Create and maintain appropriate working papers in accordance with the prevailing regulations.
  15. Implement Quality Assurance and Improvement Programs (QAIP) covering all aspects of Internal Audit activities. The QAIP includes an evaluation of Internal Audit compliances regarding the definition of Internal Audit and Standards, as well as an evaluation of whether the auditor adopts the code of conduct. QAIP also assesses the efficiency and effectiveness of Internal Audit activities and identifies opportunities for improvement.
  16. Deliver Quality Assurance and Improvement Programs regarding Internal Audit activities.
  17. Report specifically to the OJK regarding IA’s findings that could significantly disrupt the business sustainability of CIMB Niaga.
  18. Report to the OJK regarding external audit results that disclosing an opinion on IA performance and compliance with SPFAIB and any room for improvements.
  19. In terms of Integrated Governance implementation and the role of CIMB Niaga as the Primary Entity with an already established Internal Audit Unit, the implementation of Integrated IA duties are carried by the existing IA, with the following responsibilities:
    • Perform audits of financial service institutions on an individual entity basis, on a collective basis, or based on reports from the IA of a financial services institution.
    • Monitor and evaluate the implementation of Integrated IA on each member of CIMB Indonesia Financial Conglomerate; coordinate with the IAs of the CIMB Indonesia Financial Conglomerate members based on functions; and compile the results of the Integrated IA from each member of the CIMB Indonesia Financial Conglomerate.
    • Prepare and submit a performance report covering the roles and responsibilities of the Integrated IA to the assigned Director.

INTERNAL AUDIT CHARTER

The Internal Audit Charter was developed to comply with POJK No. 56/ POJK.04/2015 regarding the Establishment and Guidelines for the Establishment of the Internal Audit Unit Charter, POJK No. 18/POJK.03/2014 dated 18 November 2014 regarding the Implementation of Integrated Governance for Financial Conglomerations and Bank Indonesia Regulation No.1/6/PBI/1999 dated 20 September 1999 regarding the Assignment of a Compliance Director and Implementation of Internal Audit Function Standards for Commercial Banks (SPFAIB), as well as best practices that refer to the IPPF (International Professional Practice Framework) standards from the IIA (The Institute of InternaI Auditor).

The Internal Audit Charter is reviewed and updated periodically according to the organization’s necessity. The most recent review and update was implemented on 26 October 2018 and was approved by the President Director and the Board of Commissioners. The Internal Audit Charter is a guideline for IA that contains the basic principles of IA professional practice, vision and mission, objectives, authorities, responsibilities, functions and scope of work, independence and objectivity, professionalism, impartiality, rights & obligations of the Head of Internal Audit (Chief Audit Executive ) and IA code of conduct.

The Internal Audit Charter regulates the implementation of audits and guidelines to ensure:

  1. Risks have been properly identified and managed.
  2. Interactions with various governance groups have been well managed.
  3. Key financial, managerial and operational information is accurate, reliable and timely.
  4. Employee actions are in accordance with all prevailing policies, rules and regulations.
  5. Resources are economically acquired and efficiently utilized as well as adequately protected.
  6. Programs, plans and goals are well achieved.
  7. Concept of quality and continuous improvement has been embedded in CIMB Niaga’s control process.
  8. Regulations which have significant impact on CIMB Niaga are properly acknowledged and addressed.
  9. Opportunities to improve CIMB Niaga’s management, profitability and reputation are identified and disclosed throughout the audit.