1. Home
  2. Governance
  3. Internal Audit System
  4. Basic Policy on Internal Auditing

Basic Policy on Internal Auditing

JAPAN POST BANK Co., Ltd. (hereafter, the "Bank") establishes this Basic Policy for the purpose of denoting the basic viewpoints regarding internal audits conducted by the Bank.

  1. Purpose of Internal Auditing
    (1)
    Internal auditing serves the purpose of enhancing the Bank’s ability to create, protect, and sustain its corporate value by providing the President and Representative Executive Officer, Board of Directors, and Audit Committee (hereafter, "the Board of Directors, etc.") with objective assessments and advice that contributes to management based on independent, risk-based insight from a professional viewpoint.
    (2)
    Internal auditing enhances the Bank’s:
    a.
    Successful achievement of its management goals
    b.
    Governance, risk management, and control processes
    c.
    Decision-making and oversight
    d.
    Reputation and credibility with its stakeholders
    e.
    Ability to serve the public interest
  2. Standards for the Professional Practice of Internal Auditing
    The Internal Audit Division follows the basic viewpoints in the "Global Internal Audit Standards," which are required components of the "International Professional Practices Framework" provided by the Institute of Internal Auditors.
  3. Targets of Internal Auditing
    Internal auditing covers all operations conducted and all organizations maintained by the Bank, its subsidiaries, and its indirectly owned subsidiaries (including outsourced operations) within a scope that does not conflict with arrangements between companies and other such requirements, or with laws and regulations.
  4. Authority of the Internal Audit Division
    (1)
    The Internal Audit Division possesses the authority to fully access all divisions, committees, assets, and individuals in regard to the execution of internal auditing duties in a free, unfettered manner. It also possesses the authority to request the submission of, as well as explanations regarding, materials and records.
    However, the Internal Audit Division is aware that requesting such coincides with accountability regarding confidentiality and the integrity of information.
    (2)
    If the Executive Officer in charge of the Internal Audit Division determines that there is a risk of infringement of the authority prescribed in the preceding paragraph, they must report the facts of the matter and response measures to the President and Representative Executive Officer and the Board of Directors, etc., and discuss the response with them.
  5. Responsibilities of the Internal Audit Division
    The Internal Audit Division maintains the responsibility for conducting the following matters.
    (1)
    The Division must formulate an Internal Audit Plan at least annually.
    During formulation of the Plan, the Division must first provide an explanation to the Audit Committee regarding the proposed draft of the Internal Audit Plan, including auditing resources, as well as the risk assessment that serves as the basis for this proposal, the core audit items, the human resources plan, and the business objectives. Following this, it must obtain consent for the Internal Audit Plan from the Committee before receiving the approval of the President and Representative Executive Officer and reporting to the Board of Directors. Any significant changes that are made to the Internal Audit Plan after its formulation shall be handled in the same manner.
    (2)
    The Division must report to the President and Representative Executive Officer and the Board of Directors, etc. regarding the impacts that constraints in auditing resources may have on the Internal Audit Plan.
    (3)
    The Division must document the goals, scope setting, appropriate allocation and management of auditing resources, operations programs, and audit results as part of individual internal audit duties, and convey suggestions for making appropriate conclusions from, as well as improvements to, the results thereof, and convey such to the appropriate interested parties.
    Further, the Division must report to the Audit Committee, on a regular basis or as needed, regarding the implementation status of internal audits, audit results, communications with the operating divisions, and important matters related to internal audits. When the Audit Committee deems such to be necessary, the Division must provide explanations or make an investigation in accordance with requests from the Committee.
    (4)
    The Division must follow up on matters discovered during, as well as on improvement measures taken as part of, individual internal audit duties. When effective improvement matters have not been taken, the Division must report such to the President and Representative Executive Officer and the Board of Directors, etc., on a regular basis.
    (5)
    The Division must pay attention to changes in the environment and new issues that may potentially affect the Bank, as well as to internal audit trends and best practices from within and outside the Bank. As necessary, the Division must report on such to the President and Representative Executive Officer and the Board of Directors, etc.
    (6)
    The Internal Auditor must uphold the principles of demonstrating integrity, maintaining objectivity, demonstrating competency, exercising due professional care, and protecting confidentiality, and must, on an ongoing basis, strive to acquire and improve upon knowledge, skills, and other abilities required to fulfill their own responsibilities.
    (7)
    The Internal Auditor must understand, respect, meet, and contribute to the legitimate and ethical expectations of the Bank.
    If the Internal Auditor becomes aware of any ethical issues in the Bank or acts that are in violation of laws or regulations, they must report the matter immediately to the Executive Officer in charge of the Internal Audit Division.
    (8)
    The Division must develop human resources in order to expand upon the knowledge, skills, and other abilities required to fulfill the Division's responsibilities as a whole, and must, in an ongoing manner, strive to improve upon the quality of internal audit duties.
    (9)
    The Internal Auditor must possess a level of professional skepticism and, as professionals, pay proper attention to the target, scope, methods, resource allocation (cost-effectiveness), and other aspects of audits for the purpose of achieving the goals of internal audit duties.
    (10)
    The Internal Auditor must gather relevant, reliable, and sufficient information to support the findings of their internal audits.
    (11)
    The Executive Officer in charge of the Internal Audit Division may, when deemed necessary, outsource the implementation of internal audits to employees outside of the Internal Audit Division or to external experts, taking into consideration their professional competence. If there are any concerns that the assessment results from such outsourcing may not reach an appropriate level, the Executive Officer in charge of the Internal Audit Division must report to the President and Representative Executive Officer, and where necessary, the Board of Directors, etc.
    (12)
    The Division will periodically consider the need to review this Basic Policy.
  6. Internal Audit Independence and Objectivity
    (1)
    The Internal Audit Division must be ensured to have organizational independence, and the Internal Auditor must ensure objectivity when executing internal audit duties.
    (2)
    Organizational independence is effectively secured by having the Executive Officer in charge of the Internal Audit Division report directly to, communicate directly with, and receive instructions from, the President and Representative Executive Officer and the Board of Directors, etc. The status thereof must be verified at least annually through direct communication with the Board of Directors, etc.
    (3)
    The Internal Audit Division must not be subject to any manner of limitation or pressure when fulfilling its responsibilities for internal audits, including, but not limited to, decisions on the scope of internal audits, execution of duties, and results reporting.
    (4)
    Changes to the executive officer in charge of the Internal Audit Division and the head of the Internal Audit Planning Department must only be made upon obtaining the consent of the Audit Committee or an Audit Committee member selected by the Audit Committee.
    (5)
    If the Executive Officer in charge of the Internal Audit Division is responsible for all or part of the department being audited, their authority related to the implementation of the audit of the department in question, as prescribed in the relevant regulations, shall be suspended, and a proxy shall be selected with the consent of the Audit Committee or an Audit Committee member selected by the Audit Committee.
    (6)
    The Internal Auditor must maintain an impartial and unbiased attitude, be aware of potential biases, and avoid any situations in which interests as a professional and interests as an individual conflict in a way that causes difficulties in carrying out duties in a fair manner. The Internal Auditor must not conduct internal audits on any duties that they have been responsible for in the past 12 months.
  7. Assessment and Improvement of Internal Audit Quality
    (1)
    The executive officer in charge of the Internal Audit Division must construct a process designed to assess and improve upon the quality of internal audits in order to reliably achieve the goals of internal audits, and to ensure that the internal audit duties have earned the trust of related parties, including the Board of Directors, etc., and the audited divisions.
    (2)
    Internal audit quality assessments are made through internal and external assessments.
    Internal assessments are made through ongoing monitoring incorporated into the practices of the regular work of the Internal Audit Division and through regular self-assessments.
    External assessments are conducted at least once every five years by qualified independent assessors who are not employees of the Bank. These assessors must include at least one person holds an active Certified Internal Auditor.
    (3)
    The Executive Officer in charge of the Internal Audit Division conducts internal quality assessment (regular self-assessment) annually based on conformity with the Global Internal Audit Standards, business objectives, and other criteria, and reports the results thereof to the President and Representative Executive Officer and the Board of Directors, etc. In providing this report, the status of the execution of duties and responsibilities, audit methods and human resources development, the details of measures for continuously enhancing and strengthening internal audits and the implementation status thereof, and the status of improvements to, as well as operation of, internal audit functions are reviewed and assessed by the Audit Committee.
    (4)
    The Executive Officer in charge of the Internal Audit Division must prepare, and obtain the Audit Committee’s consent on, a draft plan on the external quality assessment and include within this plan the scope of the assessment (including conformity with the Global Internal Audit Standards) as well as the professional competence and independence of the external assessors.
    External assessors shall report to the Audit Committee on the results of external assessments.