Internal Audit

INTERNAL AUDIT UNIT (IA)

The Internal Audit Unit (IA) of Bank CIMB Niaga assists the Bank in achieving its objectives through a systematic, independent, and disciplined approach in evaluating internal processes. This role also assessing and enhancing the effectiveness of corporate governance, internal control systems, and risk management, while also ensuring that sustainability principles are consistently implemented across all levels of the organization.

In carrying out its mandate, IA also ensures that management decision-making and oversight processes are conducted in accordance with prudential principles and remain within the applicable legal and regulatory framework. By providing objective assessments to the Board of Directors (BOD) and the Board of Commissioners (BOC) on the adequacy of controls and the level of compliance, IA contributes to safeguarding the Bank’s integrity, reputation, and credibility in the eyes of stakeholders. Furthermore, the effectiveness of the IA function constitutes a key element in ensuring the Bank’s ability to continuously deliver optimal services for the public interest.

The IA provides independent, risk-based assurance, advisory, insight, and foresight services that are designed to increase value and improve the Bank’s operations.

INTERNAL AUDIT CHARTER

IA has an Internal Audit Charter as a guideline in carrying out its duties and responsibilities. The charter contains objectives, internal audit professional practice principles, vision and mission, organizational structure, position and authority, roles and responsibilities, scope of engagement, independence and objectivity, professionalism, impartiality, as well as the rights, obligations, and responsibilities of Chief Audit Executive, including the IA Code of Ethics.

The Internal Audit Charter also reflects compliance with prevailing regulations issued by the Financial Services Authority (OJK) and related OJK Circular Letters regarding the Implementation of the Internal Audit Function in Commercial Banks, The Establishment and Guidelines for Internal Audit Charters, Financial Conglomeration, The Implementation of Information Technology by Commercial Banks, The Implementation of Risk Management for Commercial Banks and Sharia Business Units, Internal Control System Standards for Commercial Banks, The Implementation of Good Corporate Governance for Commercial Banks and Sharia Business Units, the Personal Data Protection Law, Bank Indonesia Consumer Protection, as well as best practices referring to the Global Internal Audit Standards (GIAS) issued by The Institute of Internal Auditors (IIA).

The Internal Audit Charter was last updated on 28 November 2024 and has approved by the President Director and the BOC. The updates are implemented to ensure alignment of the IA function with regulatory developments, business needs, and prevailing governance practices. The Internal Audit Charter is the main basis for carrying out audit duties and functions as a guideline for IA to ensure:

  1. The effectiveness, efficiency, and adequacy of the internal control system, risk management, and sustainable governance.
  2. The reliability, effectiveness, and integrity of management information processes and systems, including data relevance, accuracy, completeness, availability, and confidentiality.
  3. Compliance with applicable laws and regulations.
  4. Quality of organizational performance.
  5. Interaction with various governance groups.
  6. The accuracy, reliability, and timeliness of significant financial, managerial, and operational information.
  7. Resources are obtained economically, utilized efficiently, and protected adequately.
  8. Programs, plans, and targets are achieved well.
  9. Quality and continuous improvement are inherent in the Bank’s control processes.
  10. Opportunities to improve the Bank’s management controls, profitability, and reputation are identified and disclosed in the audit.

PARTY WHO APPOINTS AND DISMISSES HEAD OF IA (CHIEF AUDIT EXECUTIVE)

IA is chaired by a Chief Audit Executive who is appointed and dismissed by the President Director with the approval of the BOC, based on the recommendation of the Audit Committee. Currently, the position of Chief Audit Executive is held by Antonius Gunadi, who has served effectively since 3 January 2017 pursuant to Decree No. 024/HROB/HRS/XII/2016. The appointment has been reported to the OJK through Bank’s Letter No. 008/DIR/XII/2016 dated 19 December 2016.

STRUCTURE AND POSITION OF IA IN THE ORGANIZATION

IA reports directly to the President Director and, on a matrix basis, to the BOC through the Audit Committee. This reporting structure is in line with OJK Regulation (POJK) No. 1/POJK.03/2019 dated 28 January 2019 regarding the Implementation of the Internal Audit Function in Commercial Banks, as well as POJK No. 56/POJK.04/2015 dated 29 December 2015 regarding the Establishment and Guidelines for the Preparation of Internal Audit Charters.

PROFILE OF HEAD OF IA (CHIEF AUDIT EXECUTIVE)

Antonius Pramana Gunadi

Chief Audit Executive

Age/Gender

 :

51/Male

Nationality

 :

Indonesia

Domicile

 :

Jakarta

Educational Background & Professional Certifications

 :

  • Master of Science – Management, Gies College of Business – University of Illinois Urbana-Champaign

  • Bachelor of Economics, Tarumanagara University

  • Certified Internal Auditor, the Institute of Internal Auditors

  • Certificate, Business Analytics: From Data to Insights, the Wharton School

  • Certificate, Sustainability Leadership Programme, University of Cambridge – Institute for Sustainability Leadership

  • Certificate, CIMB Leading Leaders Development Programme, IMD

  • Strategic Leadership & Management Specialization, Gies College of Business – University of Illinois Urbana-Champaign

Work Experiences

 :

  • Audit Director at Citibank (2013-2016)

  • Head of Internal Audit at PT Bank Internasional Indonesia (2010-2013)

  • Head of Internal Audit at PT Bank Barclays (2009-2010)

  • Head of Internal Audit at ABN Amro Bank (2005-2009)

  • Auditor at Ernst & Young (2003-2005)

  • Auditor at KPMG Indonesia (1998-2002)

  • Auditor at Coopers & Lybrand (1996-1998)

Legal Basis of Appointment

 :

024/HROB/HRS/XII/2016

EDUCATION AND/OR TRAINING OF INTERNAL AUDIT UNIT

Training / Workshop / Conference / Seminar Organizing Institute Time and Location
The Excellent Internal Auditor Daily Meaning 5-6 March 2025, 16 April 2025, 5 May 2025, 16 June 2025
The Urgency of Green Financial Transparency in Financial Services Institutions OJK Institute 26 May 2025
Cybersecurity and Data Protection in the Digital Era SGI Asia 14 July 2025
Virtual Learning Series: Write More Effective GenAI Prompts for Audits; Effective Communication; Fundamentals of Cyber Risk for Auditors; Root Cause Analysis. Gartner 14 – 17 July 2025
Examining the Risks and Compliance of Islamic Financing Institute of Bank Internal Auditors (IAIB) 24-25 November 2025

DUTIES AND RESPONSIBILITIES OF THE IA

The IA carries out its duties and responsibilities in accordance with internal audit charter, which serves as the primary guideline for implementing the audit function within CIMB Niaga. The duties and responsibilities of the IA, as outlined in the internal audit charter, are as follows:

  1. Assisting the President Director and the BOC in supervision by operationally outlining the planning, implementation, and monitoring of audit results.
  2. Analyzing and assessing finance, accounting, operations, and other activities through audits.
  3. Identifying all opportunities to improve and increase the efficient of resource and funds.
  4. Providing suggestions for improvement and objective information on audited activities across all management activities.
  5. Preparing and implementing an annual audit plan based on a comprehensive risk assessment methodology. The annual audit plan and budget allocation are approved by the President Director and the BOC, considering the recommendations of the Audit Committee.
  6. Collaborating with the Audit Committee.
  7. Testing and evaluating the implementation of internal controls and risk management systems in accordance with company policy.
  8. Executing audit activities and providing assessments on the efficiency and effectiveness of finance, accounting, operations, human resources, marketing, information technology, and other activities.
  9. Provide recommendations for improvement and objective information on audited activities at all management levels.
  10. Preparing and submitting audit reports to the President Director and the BOC. Prepare IA reports related to the implementation of sharia principles and submit them to the President Director, the BOC, and the Sharia Supervisory Board (SSB).
  11. May perform special audits, if necessary.
  12. Periodically report to the BOD and BOC through the Audit Committee on the objectives, authorities, and responsibilities, as well as the performance of IA activities compared to planning. Reporting also includes significant risk exposures and control issues.
  13. Preparing semester reports of the audit implementation and audit results to OJK on the summary of audit activities and significant audit findings no later than 1 (one) month after the end of the audit period.
  14. Monitor the implementation of follow-up on audit findings and recommendations. All significant audit findings will remain in “open” status until they are resolved. This includes reporting to the Audit Committee regarding management acceptance of risk.
  15. Inform the status of corrective actions regarding audit findings and audit recommendations to the BOD and BOC through the Audit Committee.
  16. Inform the Anti-Fraud Management Unit about indications of fraud discovered by the IA.
  17. Preparing measurements to assess the success of the IA performance and achievement of its objectives.
  18. Preparing and storing adequate audit working papers in accordance with applicable regulations.
  19. Implement and delivering Quality Assurance and Improvement Programs (QAIP) covering all aspects of IA activities. The QAIP includes an evaluation of Internal IA compliance with the definition of internal audit and Standards, as well as an evaluation of whether auditors implement the code of ethics. The QAIP also assesses the efficiency and effectiveness of IA activities and identifies opportunities for improvement.
  20. Report specifically to the OJK any IA findings that could significantly disrupt CIMB Niaga’s business continuity. The report must be submitted no later than 3 (three) days after discovery.
  21. Reporting to OJK regarding the results of the external review containing opinions on IA’s work result and compliance with PFAIB, as well as improvements that can be made.
  22. Submitting other reports to the OJK as requested by the OJK.
  23. In terms of implementing the Integrated Governance and with CIMB Niaga’s role as the FCHC that already has an established IA, the implementation of Integrated IA tasks is carried out by the existing IA with the 3 (three) following responsibilities:
    1. Auditing at Financial Services Institutions (FSIs), either individually, jointly, or based on reports from the IA FSI.
    2. Monitor and evaluate the implementation of the Integrated IA in each member of the CIMB Indonesia Financial Conglomeration, coordinate with all IA within the CIMB Indonesia Financial Conglomeration according to their respective functions, and compile the results of the Integrated IA implementation for each member of the CIMB Indonesia Financial Conglomeration, periodically (every semester).
    3. Preparing and submitting reports on the implementation of the duties and responsibilities of the Integrated IA to the Director appointed to supervise FSIs in the Financial Conglomeration, Director of Compliance of the FCHC and the BOC of the FCHC.

INTERNAL AUDITOR CODE OF ETHICS

The Chief Audit Executive and all employees of the IA are required to comply with CIMB Niaga’s Code of Ethics and Code of Conduct, as well as CIMB Niaga’s internal auditors code of ethics, which is based on and refers to the Code of Ethics of The Institute of Internal Auditors. every year, all IA members received a refresher on the Code of Ethics and sign a statement about it.

The key principles of CIMB Niaga’s Internal Auditors’ Code of Ethics are as follows:

  1. Demonstrating Integrity
    Internal auditors demonstrate integrity in their work and behavior, including demonstrating honesty and professional courage, the organization’s ethical expectations, as well as lawful and ethical behavior.
  2. Maintaining Objectivity
    Internal auditors maintain an impartial and unbiased attitude when performing internal audit services and making decisions, by paying attention to individual objectivity, maintaining objectivity, as well as disclosing impairments to objectivity, if any.
  3. Demonstrating Competence
    Internal auditors apply the knowledge, skills, and abilities necessary to successfully fulfill their roles and responsibilities, including having competence and undertaking continuous professional development.
  4. Applying Professional Care
    Internal auditors apply due professional care in planning and performing internal audit services, observing compliance with GIAS, professional care, and professional skepticism.
  5. Maintaining Confidentiality
    Internal auditors use and protect information appropriately. Internal auditors are not authorized to disclose information without clear authority, except in accordance with Bank policy regarding the provision of information/data/ documents to external parties.
Lokasi Kami
Bantuan
Login