The Supervision Committee under the Board of Supervisors
4. Implementation of “Basic Principles for Internal Control of Enterprises” and their supporting guidelines
The Company has put great emphasis on the thorough implementation of the “Basic Principles for Internal Control of Enterprises” and their supporting guidelines. During the reporting period, the Company carried out comprehensive review, analysis and research in respect of the existing internal control structure and the results achieved. With the aim of establishing an integrated internal control framework that is complete, sound and compliant with regulatory requirements while fully blending with the existing management structure and practices, we decided to introduce external consulting firms to oversee the progress of internal control projects in the form of project consulting.
In accordance with the requirements in the circulars of China Securities Regulatory Commission and Shenzhen Securities Regulatory Bureau and taking into account the actual internal control circumstances, the Company prepared and disclosed the “Working Plan for the Implementation of Internal Control Principles of China Merchants Bank” and established a leading and working group at the Head office for the internal control regulation project, with all detailed tasks and their corresponding departments in charge and the scheduled date of completion specified. After scrutinizing a number of consulting firms, we appointed Deloitte Touche Tohmatsu Certified Public Accountants Ltd. as an adviser of the Company and the internal control regulation project was officially commenced throughout the bank.
Based upon the principle of importance and comprehensiveness as well as the requirements covering internal control related to financial reports, the Company determined the scope of implementation of the internal control regulation project for the year 2011, conducted a comprehensive system review with focus on the contents within the scope, summarized the necessary internal control mechanisms and requirements to be established in the Company and implemented a comparative analysis of the Company’s actual internal control practices in details. Amongst which, in respect of control measures closely related to financial reports, we prepared a control matrix and implemented testing throughout the bank. Meanwhile, results of internal control review conducted along four lines, namely wholesale, retail, international and accounting, were publicized to the entire bank in concert with the actual business management situation. Based on the results of the internal control review and testing, we prepared the “China Merchants Bank Internal Control Handbook”, which has fully described the Company’s current internal control management conditions, initially forming internal control management standards of distinct layers, clear objectives and well-defined responsibilities.
In the internal control regulation project, the Company also conducted a system review and enhancement in respect of the internal control management structure of the entire bank, further defining the overall framework of internal control management structure which has determined the workflow and division of responsibilities, and regulating and subdividing details including internal control review, rectification and training. In accordance with the requirements of the “Internal Control Evaluation Guidelines for Enterprises”, we formulated the “Internal Control Evaluation Measures of China Merchants Bank Co., Ltd.”, defining the organization, management and division of responsibilities of internal control evaluation, specifying the principle, content, formula, approach, defect identifying criteria, format of report and other details in assessing internal control and establishing an internal control evaluation mechanism compliant with regulatory requirements. At the same time, in accordance with relevant provisions of the “Basic Principles for Internal Control of Enterprises” and their supporting guidelines, and the “Internal Control Evaluation Measures of China Merchants Bank Co., Ltd.”, the Company formulated the “Internal Control Evaluation Implementation Plan of China Merchants Bank”, and organized and conducted internal control self-evaluation work for the year 2011. Through the implementation of the internal control regulation project, the Company has initially constructed an integrated internal control management structure covering all processes from the two perspectives of executing internal control establishments and monitoring evaluation.
As at the end of the reporting period, the Company conducted various tasks for the purpose of internal control regulation according to the schedule in the “Working Plan for the Implementation of Internal Control Principles of China Merchants Bank”.
8.8.2 Internal Audit
The Company has established a two-tier audit management system covering the Head Office and branches. An audit committee is placed under the Board of Directors to take charge of supervision over the Company’s internal audit system and its implementation. In terms of the allocation of internal audit departments, the head office has set up an Audit Department governing four audit divisions, namely Beijing, Shanghai, Shenzhen and Xi’an, which is independent from all levels of business organs to be audited and reports its audit findings directly to the Board of Directors, Board of Supervisors and senior management. Internal audit departments at each branch are running on a dual-management and dual-reporting mechanism, with any audit findings reported directly to the Audit Department under the head office.
The Internal Audit department of the Company is responsible for inspecting and assessing all internal control structures, systems and implementations of the whole bank, supervising rectification on internal control defects identified from inspection, and applying inspection results to the annual appraisal of audited entities. The scope of audit includes all business lines while covering various risks such as credit risk, market risk, operational risk and IT risk. In 2011, the Audit Department focused on the inspection and monitoring of compliance and risk issues as well as follow-up supervision over problem correction on the basis of continuously enhanced audit coverage. We also strengthened the supervision of internal control management and promoted the construction of internal control mechanism, giving gear to improving internal control management standards of the whole bank.
8.9 Misconduct Reporting and Monitoring
In 2011, the Company reported no material internal cases or external malignant cases of consummated theft and robbery and severe accidents. During the reporting period, the Company adopted the following major preventive measures: