Internal Audit
The İşbank Board of Inspectors reports to the Board of Directors. The İşbank Board of Inspectors audits the activities of the Bank’s
head office units (including internal control, risk management and compliance units), domestic and foreign branches and the
subsidiaries, in accordance with the Bank’s mission, strategies and policies, as well as relevant laws and regulations. Furthermore,
the Board of Inspectors performs the Bank’s processes and information systems audits. The Board of Inspectors also carries out
preparatory inquiries, fraud examinations and investigations when necessary.
Having been certified to be in conformance with the international quality standards, the İşbank Board of Inspectors combines the
Board’s fundamental audit experience with advanced technology in a modern, risk-focused approach to perform its duties. The
board’s auditing functions are carried out by on-site inspections as well as remotely by using data mining and fraud detection
technologies.
Depending on their content and priority, audit reports are submitted to the Board of Directors, Audit Committee, senior management
and related Head Office units. In the meantime, corrective measures taken by the relevant head office departments are monitored
by the Boards of Inspectors. The Board of Directors monitors activities of the Board of Inspectors through monthly reports presented
via the Audit Committee.
During 2013, The Board undertook 467 branches, 3 head office units and 4 subsidiaries audits. In addition to their audit-related
activities, members of the İşbank Board of Inspectors also undertake duties on major projects that the Bank is involved in.
Banking processes and IT audits are conducted annually by the members of The Board of Inspectors in accordance with the
“Regulation on Bank Information Systems and Banking Processes Audit to be Performed by External Audit Institutions” that is
published by Turkish Banking Regulation and Supervision Agency. During the financial reporting process audit, both consolidated
and unconsolidated financial statements’ preparation process is taken into account.
According to the results of the banking processes and IT audits conducted in 2013, as of December 31, 2013 there has been,
-- no material weakness in the internal controls over the main banking processes ensuring the Bank to perform efficiently, reliably
and continuously,
-- no material finding about the integrity, availability, consistency and reliability of the data reported in consolidated and
unconsolidated financial statements.
With the help of the risk focused audit plan, The Board audited a considerable portion of İşbank’s entire credit portfolio in 2013. The
remote auditing activities of the Board has enabled the Bank to monitor the major risks especially in loans and human resources
regularly and has given the Bank the ability to counteract before the risks increase further.
Internal Control
Internal Control system of İşbank is designed and operated in a way to ensure the protection of assets of the Bank, the continuation
of the Bank’s activities in compliance with the laws and other related regulations, banking conventions, internal rules and policies; in
an effective and efficient way and to provide the reliability and integrity of accounting and financial reporting systems and to enable
the availability of information in a timely manner. The continuous integrity of all of İşbank’s operations is enabled by the internal
control system.
At the time of planning and operation of Banking activities, the main framework of the internal control activities that are carried
out by all of İşbank personnel with a sense of high responsibility are structured on the control of operations, the control of
communication channels and information systems, control of financial reporting system and compliance controls. The Internal
Control Division operates under the direction of and reports to the Board of Directors. It aims to provide the maximal contribution
to ensure that the internal control structure that makes up the Bank’s control infrastructure always functions in compliance
with the related laws, regulations and standards in a sound, strong and effective way. Internal Control Division is responsible for
examining, controlling, monitoring and evaluating the Bank’s activities and reporting its findings to the parties concerned. Control
and monitoring activities by the Internal Control Division are carried out by on site activities and/ or from a central location, these
controls are structured to comprise the Head Office divisions, internal and external branch operations and subsidiaries that are
subject to consolidation.
Audit Committee’s Assessments on the Operation of Internal Control, Internal
Audit and Risk Management Systems and Its Activities in the Reported Period
Financial Information and Risk Management
90
İşbank
Annual Report 2013
