The organizational structure at TEB in terms of internal control, internal audit and risk management was implemented in accordance with the “Regulations on the Internal Systems of Banks”.
This structure is appropriate in view of the scope and nature of TEB’s activities and can effectively respond to changing conditions.
The Risk Management Division, the Internal Control Center and Internal Audit Group, all reporting to the Board of Directors, independent from each other but working in cooperation, have performed their activities in 2009.
The Board of Directors has taken the necessary measures regarding the approval of important strategies and policies with regard to control activities and the maintenance of effective internal audit and risk management systems.
The internal audit system is organized to cover all activities and units of the Bank. As of year-end, the Group Internal Audit operates with Head of Audit, two deputy heads, one IT and External Reporting and one manager and a staff of 46 internal auditors.
The Board of Directors has taken all necessary measures authorizing the Group Internal Audit to conduct its audit activities without any restrictions and covering TEB’s consolidated subsidiaries and their respective units. In 2009, the Group Internal Audit conducted 158 branch audits, 27 Head Office unit audits, 17 subsidiary audits and 23 process audits.
Internal control activities are organized as an inseparable part of daily activities and cover all areas of basic control. Following the organizational change during the year, Internal Control and Compliance functions are now structured separately. Within the scope of internal control, daily, weekly, monthly and quarterly controls of critical activities at branches and departments of the headquarters are carried out under the Banking Transactions Control, Treasury Control and Legal Compliance Units. The Compliance function covers the departments of Banking and Tax Legislation Compliance, Operational Risk, Information Security and Work Continuity, parallel to the Internal Systems Regulation of the BRSA. These departments have completed their tasks in 2009 with a staff of 73.
The risk management process is composed of risk definition and measurement, establishing risk policies and procedures, risk analysis and monitoring, reporting, and auditing phases, all in accordance with the principles that are jointly determined by TEB’s senior management and the Risk Management Group and approved by the Board of Directors.
The mission of the Group Risk Management function is to ensure, jointly with senior management, that the risks undertaken by the Group comply with the TEB’s policies and procedures and meet the Bank’s profitability criteria and rating.
In 2009, the Risk Management Group, under the Risk Management and Compliance Group had a staff of 13, including the Chairman of Group Risk Management. TEB’s Risk Management Division is composed of 4 departments, namely the Market and Liquidity Risk Department, Credit Risks and Subsidiary Risks Management Department, Operational Risk and Business Continuity departments. In addition to employees in charge of determining, measuring and reporting market, credit and operational risk, a risk management officer is employed in each subsidiary to monitor the implementation of risk management principles and policies. Group employees use advanced techniques in risk measurement and monitoring activities and closely follow local and international best practices.
At its meeting held on 8 November 2005, the Board of Directors convened to establish an Audit Committee responsible for all companies comprising the TEB Group, in accordance with Article 24 of Banking Law No: 5411 and further resolved that the powers of the Senior Risk Committee, which was established in accordance with Law No: 4389, be taken over by the new committee.
The Audit Committee has gathered sixteen times during the course of the year 2009. It monitors all risk in a consolidated format at the group level, establishing mechanisms of control, reviewing all written procedures, ensuring coordination between the Internal Audit Group, the Risk Management Group and the Compliance and Internal Control Centre, as well as working toward the establishment of internal control systems at the Bank and at Group companies which are in essence of the same scope.
TEB closely follows and implements new legislation and best practices of internal audit and risk management systems.