Governance
07 Internal Audit

Bankmed Internal Audit Division (IA) assists the Bank in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. The IA operates in accordance with an approved Internal Audit Charter which clearly specifies the reporting level, mission and scope of work of the Internal Audit.

The IA, independent of the Bank’s Management, is managed by the Head of the Internal Audit Division who, in turn, reports to the Audit Committee and to the Chairman of the Board.

The staff of the IA, under the supervision of the Head of the Internal Audit Division, have unrestricted access to all functions, records, property, and personnel; in order to allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish the audit objectives.

Collectively, the IA has extensive experience and know-how pertaining to auditing tools and techniques and is composed of dynamic, flexible, and experienced audit staff. The IA encourages and supports the Bank's Internal Auditors to qualify for the Certified Internal Auditor certification (CIA) and the Certified Information Systems Auditor certification (CISA), creating as such a knowledgeable pool and well-trained team of professional Internal Auditors.

While the IA coverage at the Bank is guided primarily by the regulations of the Central Bank and the Banking Control Commission of Lebanon, yet this coverage continuously exceeds such requirements and rigorously complies with International Auditing Standards as well as standards of other related supervisory authorities.

Given the steady and gradual expansion of Bankmed Branch network and diversity of operations, the Internal Audit plans to maintain sufficient and adequate Audit coverage and techniques, while maintaining a cost effective approach through:

  • Using a “risk-based” audit approach, a methodology that links internal auditing coverage to the Bank’s overall risk management framework. Such a methodology relies heavily on the efficient and effective use of technology in the conduct of its business;
  • Developing the IA electronic audit methodology, namely the "Continuous Auditing" methodology, employing one of the most widely used Computer Aided Audit Techniques (CAATs), Audit Command Language (ACL);
  • Emphasizing the importance of controls and preventive techniques by requiring Branches to comply with Key Control Elements (KCE) embedded in the Banking Operations, necessary to prevent incidents of fraud and regulatory non-compliances.