| 5- | To ensure the performance of the ordinary general assembly to its functions regarding the audit committee and internal auditing as specified, in accordance with the provisions of the Companies Law and its implementing regulations, the Corporate Governance Regulations issued by the Capital Market Authority, and the Key Principles of Governance in Financial Institutions issued by SAMA, the board is required to do the following: |
| | | 5-1 | submitting effective proposals and recommendations that enable the ordinary general assembly to carry out its functions. |
| | | 5-2 | Monitor any developments that occur in the regulations, rules, and instructions related to internal auditing from the relevant authorities from time to time. |
| 6- | Although the audit committee operates independently from the board and executive management, this does not exempt the board—according to the key principles of governance in financial institutions—from the responsibility of effectively overseeing the audit committee and monitoring its work and assigned duties. |
| 7- | The following responsibilities fall upon the board concerning the roles and responsibilities of executive management regarding internal auditing: |
| | | 7-1 | The ultimate responsibility for ensuring that executive management establishes and maintains an appropriate internal control framework that is efficient and effective, which identifies, measures, monitors, and manages all risks faced by the bank. |
| | | 7-2 | Ensuring the review of the effectiveness and efficiency of the internal control system based on information provided by the internal audit function, though not relying solely on it. |
| 8- | Without prejudice to the powers, duties, and responsibilities of the Board according to the relevant SAMA instructions and other regulatory authorities, the Board has the responsibility to continuously ensure the following with respect to the internal audit function: |
| | | 8-1 | Taking all necessary actions to ensure the existence and continued effectiveness of an independent and effective internal audit function within the bank, and periodically updating its organization and operating policies. |
| | | 8-1 | Ensuring that the size of the internal audit function, the qualifications and competence of its head and staff, are appropriate to the size of the bank, its nature of operations, the automated systems in use, and the complexity of its organizational structure. |
| | | 8-3 | Ensuring that the Audit Committee conducts an independent external evaluation of the quality of the internal audit function’s performance at least once every five years. |
