The Board shall ensure an independent and adequate internal control system
in the Bank and review its effectiveness. The Board shall establish, communicate
and enforce the Bank’s direction through adoption of written policies and
procedures that cover every aspect of operations and management.
These
policies and procedures shall represent the guidelines within which the
management operates, and the methodology in which the business and affairs of
the Bank are governed by the Board and the Executive Management
The Bank's
annual report shall include report on the internal control systems showing the
responsibility of the Executive Management regarding the same, and the framework
used to assess the efficiency of internal control systems, along with the
Executive Management's assessment of how effective these systems are as shown in
the date of the financial statements in the Bank's annual report. There shall
also be disclosure regarding any critical weak points in internal
controls.
Internal Audit
The Bank shall establish an independent department for
Internal Audit, with a sufficient number of qualified personnel and ensure that
they are suitably trained and rewarded.
External Audit
The Board shall appoint an independent external auditor,
based on the recommendations provided by the BAC with regards to selection,
termination, rotation, remuneration for the external auditor, and any other
contractual terms related to it, in addition to evaluating the objectivity of
the external auditor. The Bank shall have a Board approved policy and procedure
for engagement of the External Auditor.
Compliance
The Board, through its Board Corporate Governance Committee
(BCGC), shall ensure adherence to the Compliance Policy of the Bank as approved
by the Board. The Board shall assess the extent to which the Bank is managing
its compliance risk effectively, at least once a year.
The Bank’s Management
shall establish an independent compliance department within the Bank as part of
the Bank’s Compliance Policy and ensure that compliance officials are not placed
in a position where there is a possible conflict of interest to their compliance
responsibilities.
The Bank shall comply with applicable laws and regulations
in all jurisdictions in which the Bank conducts business, and the organization
and structure of the compliance department and its responsibilities shall be
consistent with local and international legal and regulatory requirements.
Risk Management
The Board shall ensure that the Bank adopts an effective
risk management framework
The Board shall ensure independence of the Risk
Management Department and shall appoint a Chief Risk Officer (CRO) with suitable
qualifications and experiences required for this position and its tasks.
The
CRO shall report to the Chairman of the Board and the Chairman of the Board Risk
Committee (BRC) and presents the report to them.
The CRO shall be independent
and not given any financial or business targets.
The CRO shall not be
terminated or dismissed from his position without approval from the Board and
discussion with the Central Bank of Kuwait.