Internal Control and Audit

VTB Internal Control

A system of internal control comprises internal control bodies and their activities aimed at ensuring conformity of the Bank`s activities with applicable Russian law, the Charter, Regulation on Internal Control at VTB and other by-laws of the Bank.

Internal control includes the following:

• control by governance bodies
• control over bank risk management and evaluation systems
• control over power delineation in banking and other activities
• control over information management and provision for information safety
• monitoring of the internal control system in order to make it match the Bank`s growing demands, identifying its drawbacks, drafting proposals as to its upgrade, and follow-up monitoring.

Internal control is performed by:

• the Bank`s governance and management bodies (General Shareholders Meeting, Supervisory Council, Council Audit Committee, Management Board as a collective executive body, and Chairman and CEO as a single-person executive body)
• Statutory Audit Commission
• the Bank`s Chief Accountant (or its deputies)
• a Branch director (or its deputies) and chief accountant (or its deputies)
• business divisions (authorized officers) in charge of internal control under the Bank`s relative by-laws.

Internal Control Division

VTB Bank Internal Control Division is an independent structure responsible for performing internal control within VTB Bank and ensuring the Bank`s efficient and effective operations.

The scope and functions of the Internal Control Division are as follows:

• to monitor the efficiency of internal control systems
• to review the appropriateness and completeness of risk evaluation and management (relative methodologies, programs, rules and procedures applied for conducting banking operations and transactions, for bank risk management)
• to ensure the efficiency of internal control over the use of automated information systems
• to audit the adequacy and completeness of accounting and reporting, their integrity and timely preparation; as well as reliability and timely submission of relative information
• to audit the adequacy, completeness, integrity and timely submission of other data to state authorities and the Bank of Russia in compliance with applicable regulations
• to review the methods applied to safeguard the Bank`s property
• to audit compliance of the Bank`s by-laws with legal and regulatory requirements applied to self-regulated institutions
• to review internal control processes and procedures
• to review the systems designed to comply with the applicable law and professional codes of conduct, and
• to perform other functions specified in the Bank of Russia`s Regulation No.242-P as of 16.12.2003 "On Internal Control in Credit Institutions and Bank Groups", and the Bank`s by-laws.

Internal Control Division is set to pursue the principles of:

• integrity
• independence
• impartiality
• professional competence
• unchecked and efficient performance.