As per the requirement of the Section D 1.3 of the Code of Best Practice on Corporate Governance – 2013, jointly issued by the Securities and Exchange Commission of Sri Lanka and The Institute of Chartered Accountants of Sri Lanka, the Board of Directors presents this Report on Internal Control mechanisms of Ceylinco Life Insurance Limited (‘the Company’).
The Board of Directors is responsible for the Company’s system of internal controls and reviewing its design and effectiveness in order to safeguard shareholders’ investment and the Company’s assets.
This system is designed to manage the Company’s key areas of risk within an acceptable risk profile, rather than eliminating the risk of failure to achieve the business objectives and policies of the Company. Accordingly, a reasonable but not absolute assurance can be provided, against material misstatement of management and financial information and records or against financial losses or fraud.
The Board Risk Committee is established to assist the Board to oversee the overall management of principal areas of risk of the Company. The Board Risk Committee implements the Risk Management Framework through Executive Risk Committees. Meetings are held monthly to discuss key risk areas and necessary actions are initiated. Risks that have been discussed in each Executive Committee level are discussed and escalated to the Board level accordingly. Further, details of the activities undertaken by the Board and Executive Risk Committees of the Company have been explained in the Risk Management.
Internal Audit Department and Information System Audit Department review the design and effectiveness of the internal control systems, management information systems, systems for compliance with applicable laws, regulations, rules and directives.
Audits are carried out on all the branches and departments and the frequency is determined based on a prioritisation of the audits using a risk based methodology including input of senior management and the approval of the Audit Committee.
Significant findings in respect of non-compliances or ineffectiveness of internal controls identified by the Internal Audit Department and Information Systems Audit Department are brought to the notice of the Audit Committee during the quarterly review meetings.
External Auditors highlight all the significant issues and control weaknesses by way of submitting the Management Letter to the Audit Committee.
All the issues highlighted by Auditors and corrective actions implemented by the Management in order to strengthen the internal control environment of the Company are reviewed by the Audit Committee at the every quarter.
The Audit Committee reviews the quality assurance and improvement programmes of the Internal Audit Departments and the performance of the External Auditor, in order to evaluate the adequacy and effectiveness of the risk management and internal control system.
The minutes of the Audit Committee meetings and recommendations, with regard to the requirement of improvements, are tabled for the information of the Board on a periodic basis. Further, details of the activities undertaken by the Audit Committee of the Company have been explained in the Audit Committee Report.
The Board of Directors confirms that the financial system of the Company has been designed to provide a reasonable assurance regarding the reliability of financial reporting and the preparation of Financial Statements for various stakeholders has been done in accordance with Sri Lanka Accounting Standards, comply with the regulatory requirements including the Companies Act No. 07 of 2007 and the Insurance Industry Act No. 43 of 2000.
By order of the Board,
J A Setukavalar
Chairman – Audit Committee
Director/Chief Financial Officer
Managing Director/Chief Executive Officer
23 February 2017