Internal Control

Internal Control ensures that rules and regulations regarding security and risk management (as set by corporate management) are incorporated into the Bank’s business procedures.

The Bank follows the independence principle of the Internal Control Service, which reports directly to the Supervisory Board and makes recommendations on the efficiency of risk management procedures, complies with regulators’ requirements, and reports the timeliness, reliability and economic efficiency of operations.

The Internal Control Service annually draws up an audit plan comprising a revisions schedule based on the adopted methodology of the Bank’s risks and internal controls assessment, which takes into account changes in the Bank’s internal control system and new business segments.

The plan necessarily includes audits of branches that are exposed to increased risk levels, and carry a significant amount of loans on their balance sheet. The Head office audit plan comprises audits of business processes that involve: high credit, market, and operational and reputational risks. On a monthly basis, the Internal Control Service carries out audit reviews on how internal controls functions over credit operations.

Branch-level internal auditors carry out audits of branches and additional offices, including end-to-end checks in the following directions:

  • Credit operations;
  • Operations with payment cards;
  • Information technology;
  • Human resources management;
  • Anti-money laundering and terrorism financing measures;
  • Internal economic transactions.

On an ongoing basis, the Internal Control Service monitors the Bank’s operations in the financial market, including changes in internal and external regulations, compliance with set limits, proprietary securities transactions, and brokerage operations.

The internal auditor, within the sphere of financial market operations, carries out a compliance audit with the qualification requirements of Russian legislation by employees executing financial market operations and checks on the Bank’s compliance with Russian legislation and Federal Financial Markets Service regulations.

In addition, the internal auditor of financial market operations carries out the following checks:

  • Routine monitoring of the Bank’s operations in financial markets as part of controlling the deal’s pricing aspects, economic efficiency and substantiation (including: re-purchase agreements), the analysis of large-scale and back-to-back transactions, and the correct maintenance of internal and depositary registers;
  • Regularly auditing the reliability and timeliness of the Bank’s reports as a professional securities market participant, as well as the adequacy of provisions for possible losses from securities transactions;
  • Controlling legislative compliance on the use of insider information and market manipulation.

Regarding enhancing further internal controls, the Bank sets a priority on the application of computer technologies and the development of IT audits