In line with the Banking Act Direction No. 11 of 2007, section 3 (8) (ii) (b), the Board of Directors present this report on Internal Control over Financial Reporting.
The Board of Directors (“Board”) is responsible for the adequacy and effectiveness of the internal control mechanism in place at Bank of Ceylon (“the Bank”). In considering such adequacy and effectiveness, the Board recognises that the business of banking requires reward to be balanced with risk on a managed basis and as such the internal control systems are primarily designed with a view to highlighting any deviations from the limits and indicators which comprise the risk appetite of the Bank. In this light, the system of internal controls can only provide reasonable, but not absolute assurance, against material misstatement of financial information and records or against financial losses or fraud.
The Board has established an ongoing process for identifying, evaluating and managing the significant risks faced by the Bank and this process includes enhancing and strengthening the system of internal control over financial reporting as and when there are changes to business environment or regulatory guidelines. The process is regularly reviewed by the Board and accords with the Guidance for Directors of Banks on the Directors’ Statement on Internal Control issued by the Institute of Chartered Accountants of Sri Lanka. The Board has assessed the internal control over financial reporting taking into account principles for the assessment of internal control system as given in that guidance.
The Board is of the view that the system of internal controls over financial reporting in place is sound and adequate to provide reasonable assurance regarding the reliability of financial reporting, and that the preparation of financial statements for external purposes is in accordance with relevant accounting principles and regulatory requirements.
The management assists the Board in the implementation of the Board’s policies and procedures on risk and control by identifying and assessing the risks faced, and in the design, operation and monitoring of suitable internal controls to mitigate and control these risks.
The key processes that have been established in reviewing the adequacy and integrity of the system of internal controls with respect to financial reporting include the following:
Based on the above processes, the Board confirms that the financial reporting system of the Bank has been designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes and has been done in accordance with Sri Lanka Accounting Standards and regulatory requirements of the Central Bank of Sri Lanka.
The Auditor General, the external auditor of the Bank has reviewed the above Directors’ Statement on Internal Control included in the Annual Report of the Bank for the year 31 December 2012 and reported to the Board that nothing has come to his attention that causes him to believe that this Statement is inconsistent with his understanding of the process adopted by the Board in the review of the design and control effectiveness of the internal control system over financial reporting of the Bank. The Independent Assurance Report of the Auditor General on the Statement of Internal Control is given on page 235 of this Annual Report.
By order of the Board,
Razik Zarook
Chairman
Raju Sivaraman
Director
R M A Ratnayake
Chairman – Audit Committee
21st March 2013
Colombo