Internal control system
The Bank’s internal control system is based on the reference framework established by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). It is made up of five components that are closely linked to each other and help to appreciate the system’s efficiency, namely:
- control environment, which is the environment in which staff members perform their duties and assume their responsibilities (integrity and other ethical values, human resource management, organization and responsibilities, strategic directions, corporate culture)
- risk assessment, based on a structured methodological approach adapted to the Bank’s specificities and environment
- control arrangements, whose relevance, effectiveness and efficiency are assessed regularly for a good risk management
- reliable and secure information, received in a timely manner with an effective information system and appropriate communication
- steering and permanent control by management, either directly or indirectly through the internal or external audit
The internal control system is subject to an annual review for all of its components. This review, whose main findings are presented to the Board, is developed based on the results of a self-assessment by the entities of their control arrangements, the overall operational risk map and the findings of internal and external audits.
The maturity of the internal control system is assessed on the basis of a five-level rating scale inspired from the reference framework of the Control Objectives for Information and Related Technology (COBIT), whose description is detailed in the table below.
|ASSESSMENT OF THE INTERNAL CONTROL SYSTEM|