Internal Audit
Role and Function
The Internal Audit Division (IAD) operates independently from all business groups and supporting units. IAD independently examines and evaluates whether the Group’s internal controls are functioning properly and effectively, and offers constructive and practical recommendations for business improvement. As of March 31, 2025, 28 employees were directly engaged in internal audits.
Internal audits are conducted in line with audit plans, which are developed according to the Annual Internal Audit Plan approved by the Management Committee and the Board of Directors each fiscal year. When developing the audit plan, IAD carries out risk assessments based on the type and degree of inherent risk within each business group, supporting unit, and Group company, as well as the status of internal controls, and determines factors such as the frequency, complexity, and deployable resources of audits.
Audits Conducted in FY2024
|
Type of audit |
Number of audits |
|---|---|
|
Audits for business groups and supporting units |
14 |
|
Cross-sectional |
23 |
|
System audits |
3 |
|
J-SOX audits |
37 |
|
Total |
77 |
Positioning of IAD within the Organization
IAD reports directly to the Chief Executive Officer (CEO) and shares the status of the Group’s internal controls with the CEO mainly through periodic reporting. IAD also provides an independent evaluation of internal controls by presenting individual audit results to the Management Committee monthly as well as a report on audit policies, summaries of audits and others, directly to the Risk Governance Committee and the Board of Directors annually.
In order to better fulfill its audit mission, IAD exchanges information and opinions as necessary with the Audit & Supervisory Board and its members, and also works closely with them and the Accounting Auditor through periodic three-way audit meetings.
Efforts to Improve Audit Quality and Effectiveness
The Bank’s internal audit is structured to ensure that internal audits are conducted on a risk basis in accordance with the global internal audit standards of the Institute of Internal Auditors (IIA). In addition to an internal quality assessment conducted annually, IAD periodically undergoes an external quality assessment by a third-party organization in order to further improve the Bank’s internal audits. Moreover, steps are taken to support further improvements in the Group’s internal audit framework through a dual role assignment system between Aozora and the audit divisions of Group companies in order to strengthen Group governance.
To improve the effectiveness of its internal audits, IAD conducts ongoing internal and external recruitment of audit team members with a high level of expertise. In addition, IAD supports its audit team members to obtain professional certifications, such as Certified Internal Auditor (CIA) and Certified Information System Auditor (CISA).
Internal Audit Structure
- The Audit and Compliance Committee was reorganized into the Risk Governance Committee on July 1, 2025.