Basic Policy on Internal Auditing

JAPAN POST BANK Co., Ltd. (hereafter, the "Bank") establishes this Basic Policy for the purpose of denoting the basic viewpoints regarding internal audits conducted by the Bank.

1. Purpose of Internal Auditing
   Internal auditing serves the purpose of adding value to, as well as improving upon, the Bank's business operations by making an independent assessment based on an objective investigation and by providing advice that contributes to management.
   The Internal Audit Division systematically conducts risk-based assessments of, as well as makes improvements to, the effectiveness of each process involved in risk management, control, and governance with the discipline of a professional internal auditor for the purpose of supporting the Bank in its efforts to achieve its management goals.
2. Standards for the Professional Practice of Internal Auditing
   The Internal Audit Division follows the basic viewpoints in the "Core Principles for the Profession of Internal Auditing," "Code of Ethics," "International Standards for the Professional Practice of Internal Auditing," and "Definition of Internal Auditing," which form the required structural elements of the "International Professional Practices Framework" provided by the Institute of Internal Auditors.
3. Targets of Internal Auditing
   Internal auditing covers all operations conducted and all organizations maintained by the Bank, its subsidiaries, and its indirectly owned subsidiaries (including outsourced operations) within a scope that does not conflict with arrangements between companies and other such requirements, or with laws and regulations.
4. Authority of the Internal Audit Division
   The Internal Audit Division possesses the authority to fully access all divisions, committees, assets, and individuals in regard to the execution of internal auditing duties in a free, unfettered manner. It also possesses the authority to request the submission of, as well as explanations regarding, materials and records.
   However, the Internal Audit Division is aware that requesting such coincides with accountability regarding confidentiality and the integrity of information.
5. Responsibilities of the Internal Audit Division
   The Internal Audit Division maintains the responsibility for conducting the following matters.

   (1)

   The Division must formulate an Internal Audit Plan at least once per year.
   During formulation of the Plan, the Division must first provide an explanation to the Audit Committee regarding the Internal Audit Plan draft, the risk assessment that serves as the basis for this proposal, the core audit items, and the personnel plan. Following this, it must obtain consent for the Internal Audit Plan from the Committee before receiving the approval of the President and Representative Executive Officer and reporting to the Board of Directors.

   (2)

   The Division must report to the President and Representative Executive Officer, Board of Directors, and Audit Committee (hereafter, the "Board of Directors, etc.") regarding any major changes made midway to the Internal Audit Plan and any impacts on the Plan due to limitations on auditing resources.

   (3)

   The Division must document the goals, scope setting, appropriate allocation and management of auditing resources, operations programs, and audit results as part of individual internal audit duties, and convey suggestions for making appropriate conclusions from, as well as improvements to, the results thereof, and convey such to the appropriate interested parties.
   Further, the Division must report to the Audit Committee, on a regular basis or as needed, regarding the implementation status of internal audits, audit results, communications with the operating divisions, and important matters related to internal audits. When the Audit Committee deems such to be necessary, the Division must provide explanations or make an investigation in accordance with requests from the Committee.

   (4)

   The Division must follow up on matters discovered during, as well as on improvement measures taken as part of, individual internal audit duties. When effective improvement matters have not been taken, the Division must report such to the President and Representative Executive Officer and the Board of Directors, etc., on a regular basis.

   (5)

   The Division must pay attention to changes in the environment and new issues that may potentially affect the Bank, as well as to internal audit trends and best practices from within and outside the Bank. As necessary, the Division must report on such to the President and Representative Executive Officer and the Board of Directors, etc.

   (6)

   The Internal Auditor must fully comply with rules regarding honesty, objectivity, and confidentiality, and must, on an ongoing basis, strive to acquire and improve upon knowledge, skills, and other abilities required to fulfill its own responsibilities.

   (7)

   The Division must develop human resources in order to expand upon the knowledge, skills, and other abilities required to fulfill the Division's responsibilities as a whole, and must, in an ongoing manner, strive to improve upon the quality of internal audit duties.

   (8)

   The Internal Auditor must possess a level of professional skepticism and, as professionals, pay proper attention to the target, scope, methods, resource allocation (cost-effectiveness), and other aspects of audits for the purpose of achieving the goals of internal audit duties.

6. Internal Audit Independence and Objectivity

   (1)

   The Internal Audit Division must be ensured to have organizational independence, and the Internal Auditor must ensure objectivity when executing internal audit duties.

   (2)

   Organizational independence is effectively secured by having the officer in charge of the Internal Audit Division report directly to, as well as communicate directly with, the President and Representative Executive Officer and the Board of Directors, etc.

   (3)

   The Internal Audit Division must not be subject to any manner of limitation or pressure when fulfilling its responsibilities for internal audits, including, but not limited to, decisions on the scope of internal audits, execution of duties, and results reporting.

   (4)

   Changes to the executive officer in charge of the Internal Audit Division and the head of the Internal Audit Planning Department must only be made upon obtaining the consent of the Audit Committee or an Audit Committee member selected by the Audit Committee.

   (5)

   The Internal Auditor must maintain a fair and unbiased attitude, and must avoid any situations in which interests as a professional and interests as an individual conflict in a way that causes difficulties in carrying out duties in a fair manner.

7. Assessment and Improvement of Internal Audit Quality

   (1)

   The executive officer in charge of the Internal Audit Division must construct a process designed to assess and improve upon the quality of internal audits in order to reliably achieve the goals of internal audits, and to ensure that the internal audit duties have earned the trust of related parties, including the Board of Directors, etc., and the audited divisions.

   (2)

   Internal audit quality assessments are made through internal and external evaluations.
   Internal evaluations are made through ongoing monitoring incorporated into the practices of the regular work of the Internal Audit Division and through regular self-assessments.
   External evaluations are conducted at least once every five years by an eligible independent evaluator that is not an employee of the Bank.

   (3)

   The Internal Audit Division reports to the Audit Committee regarding the execution status of duties and responsibilities, audit methods and human resources development, the details of measures to continuously enhance and strengthen internal audits, and the implementation status thereof. The status of improvements to, as well as operation of, internal audit abilities is reviewed and assessed by the Audit Committee.