AUDIT AND COMPLIANCE COMMITTEE POLICIES

Introduction

The following Audit and Compliance Committee policies are complementary to the policies of the Board of Directors, the Articles of Association of MOB and any other provisions required of it by Myanmar Companies Law and the Financial Institutions Law (No.20/2016).

Roles and Responsibilities

In particular the Committee shall have the following specific roles and responsibilities (in addition to any other authority that the Board may from time to time delegate the Committee).

1. Inspection and Investigation

The Audit and Compliance Committee shall be authorized to:

  •  Investigate any within its authority as outlined in its Articles of Association; and
  • Seek any information that it requires from any employee of the Company, and all employees are directed to cooperate with any request made by the Committee.

2. Internal Audit

The Audit and Compliance Committee shall:

  • Monitor and review the effectiveness and organizational structure of the Bank’s internal audit function;
  • Approve the appointment and removal of the head of the internal audit function review the qualifications and effectiveness of internal audit personnel;
  • Ensure the internal audit function has adequate resources and appropriate access to information to enable it to perform its function effectively and in accordance with relevant professional standards;
  • Review and assess the annual internal audit plan;
  • Review all internal audit report and take or instruct necessary action;
  • Ensure the internal audit function remains independent from management to ensure objective reporting;
  • Review and monitor management’s responsiveness to the findings and recommendations of the internal auditor;

3. External Auditors

The Bank’s external auditor shall work closely with the Board of Directors, especially the Audit and Compliance Committee, and report directly to shareholders through the General Meeting of Shareholders (AGM). The Audit and Compliance Committee shall consider and make recommendations to the Board, to be put to shareholders for approval, in relation to the appointment, re-appointment and removal of the Bank’s auditing board or external auditors. The Audit and Compliance Committee shall oversee the selection process for new members of auditing board or auditors and if a member of auditing board or an auditor resigns the Audit and Compliance Committee shall investigate the issues leading to this and decide whether any action is required by the Board of Directors.

The Audit and Compliance Committee shall works closely with the Bank’s external auditors and shall:

  •  Oversee the relationship with the external auditor and ensure adherence to the Bank’s External Audit policy.
  • Recommend to the board for approval of their remuneration, whether fees for audit or non-audit services and that the level of fees is appropriate to enable an adequate audit to be conducted.
  • Recommend to the board for approval of their terms of engagement, including any engagement letter issued at the start of each audit and the scope of the audit.
  • Assess annually their independence and objectivity taking into account relevant professional and regulatory requirements and the relationship with the auditor as a whole, including the provision of any non-audit services. These regulations are based on the principles that:
    1. The External Auditor must be independent from the client audited, both in mind as in appearance;
    2. An External Auditor is someone who is able, in the light of all relevant facts and circumstances, to form an objective and all impartial opinion on all matters that fall within the scope of his assignment.
  • Satisfy itself that are no relationships (such as family, employment, investment, financial or business) between the auditor and the Bank (other than in the ordinary course of business).
  • Monitor the auditor’s compliance with relevant ethical and professional guidance on the rotation of audit partners, the level of fees paid by the Bank compared to the overall fee income of the firm, office and partner and other related requirements.
  • Assess annually their qualifications, expertise and resources and the effectiveness of the audit process which shall include a report from the external auditor on their own internal quality procedures.
  • Ensure adherence with the Bank’s policies on supply of non-audit service by external auditor, taking into account relevant ethical guidance and legal requirements regarding the matter. In general, MOB stipulates that the appointed External Auditor shall not provide any other service to the Bank beyond the scope of the financial audit, unless otherwise explicitly approved by the Board of Directors. No exceptions shall be granted if they are deemed to compromise the independence of the External Auditor in any way (e.g., consulting services, tax services, other). Any exceptions to this provision should be disclosed to shareholders along with an explanation as to why this was granted and what assurances exist to safeguard the auditor’s independence.
  • Consider whether, in order to assure the continuing independence of the external auditors and prevent the External Auditor and the Bank becoming too close, there should be regular rotation of the lead audit partner, ideally, every five (05) years after the start of their involvement. The partner of the audit team of the Company charged with essential tasks who have been replaced are not allowed to work on a new assignment for the Company until at least two years have expired from the date of their replacement.
  • Review and discuss with the Board, external auditors and the Bank’s internal auditors the performance and adequacy of the Bank’s internal audit function, including its responsibilities, budget, staffing, and any proposed changes in the scope or procedures of the internal audit year on year.
  • Monitor and review management’s responses to recommendations of the external auditor, including those in the Management Letter.

4. Financial Reporting and Financial statements

The Audit and Compliance Committee shall:

  • Monitor, review and assess the integrity of the financial statements of the Bank, including the monthly financial reports required by the regulator, and any other formal announcements relating to the Bank’s financial performance, and review any significant reporting issues and judgments contained therein.
  • Discuss with management and the external auditors on a regular basis and review and approve the annual financial statements and other disclosures required by laws and regulations, including announcements of a sensitive nature, prior to board approval and public disclosure.
  • Review the findings of the audit with the external auditor. This shall include but not be limited to, the following;
    1. A discussion of any major issues which arose during the audit,
    2. Any accounting and audit judgments, and
    3. Levels of errors identified during the audit.
  • Review and challenge where necessary:
    1. The consistency of, and any changes to, accounting policies both on a year basis and across the company/group;
    2. The methods used to account for significant or unusual transactions where different approaches are possible;
    3. Whether the company has followed appropriate accounting standards and made appropriate estimates and judgments, taking into account the views of the external auditor;
    4. The clarity of disclosure in the Bank’s financial reports and the completeness of the accompanying financial statement notes;
    5. All material information presented with the financial statement, including both financial and non-financial information, such as the business review and the corporate governance statement.
  • Review with the internal auditors and the external auditors their annual audit plans and the degree of coordination of such plans and ensure that it is consistent with the scope of the audit engagement.

5. Internal Controls

The Audit and Compliance Committee shall:

  • Monitor and review the framework for internal controls and risk management of the Bank to ensure its effectiveness. This includes ensuring the internal auditor conducts adequate testing of the internal controls, per its plan, to attest to the Bank’s control effectiveness.
  • Discuss any significant internal control deficiencies or material weaknesses and monitor changes needed to mitigate the issues.
  • Discuss with management the internal auditors and the external auditors the Bank’s policies with respect to risk assessment and risk management. This discussion should cover the Bank’s major financial and non-financial risk exposures in close collaboration with the Risk Oversight Committee and the steps management has taken to monitor and control these exposures.

6. Compliance

The Audit and Compliance Committee shall:

  • Ensure the Bank has an effective compliance function in place to ensure compliance with external laws and regulations and internal codes and policies, particularly the Code of Conduct.
  • Review the findings of any examinations by regulatory and supervisory agencies and respond as needed.
  • Review with the Bank’s legal counsel, the internal auditors and other appropriate parties, legal matters that may have a material impact on MOB’s financial statements and compliance procedures, and any material reports received from or communications with regulators or government agencies.
  • Oversee the procedures for
    1. The receipt and treatment of complaints received by MOB regarding financial reporting, accounting and auditing, internal controls, or conduct or conflict matters; and
    2. The confidential, anonymous submission by the Bank’s employees of concerns regarding questionable financial reporting, accounting, auditing or other matters. The Committee’s objective shall be to ensure that arrangements are in place for the proportionate and independent investigation of such matters and for appropriate follow-up action.