Annual report 2010 - Dexia.com

More documents

Recommendations

Info

Declaration of corporate governanceManagement reportConsolidatedfinancial statementsAdditional information Annual financial statementsIndeed, in 2010, the risk methodology and establishment ofthe audit plan, which were reviewed in 2009, were subjectto improvements and simplifications (particularly for thesubsidiaries), as well as the computerisation of the principalstages.The methodology first of all identifies the objectives of thebusiness lines and the support processes in order then toquantify the impact of major risks which might adversely affectthe achievement of those objectives. Then the audit tasks aretargeted on the more critical subjects in terms of impact andprobability of occurrence. The methods used structure theaudit activity as a support to corporate governance in termsof risk control.The global risk universe approach, the common auditmethodology, the performance of “transversal” tasks ifnecessary, if not local and jointly depending on needs, andthe terms of accounting and monitoring at the level of theGroup parent structure contribute to assessing whether theDexia internal audit system is integrated and efficient and, ifnecessary, to asking for improvements.1. Process of risk analysis and planning audit tasks andresourcesInternal audit at Dexia SA exercises its function on the basisof a single audit plan for the Group defined by the IAEC,approved by the Management Board and then by the AuditCommittee and/or the Board of Directors.This plan is constructed from an annual risk analysisperformed independently by audit in compliance with bestpractices presented by the Institute of Internal Audit. Theprincipal stages leading audit to elaborate its audit plan areas follows:• identification of potential critical risks which might becontrary to the outcome of business line objectives by businessline and support process;• evaluation of the degree of vulnerability of Dexia SA inrelation to those critical risks, via a measure of the impactand probability of occurrence. The results of that evaluationenable more significant risks to be identified;• identification of audit units and audit universes which areeither at the origin of risks or responsible for anticipatingthem, leading to a risk score per audit unit, a score fromwhich a frequency of audit review is deducted;• listing of tasks performed in the past (the last three years)on audit units (back testing);• selection of tasks on risky audit units taking account of tasksperformed in the past and possible regulatory requirements interms of frequency.With a desire for efficiency, the audit plan is targeted onthe more risky audit units, namely those which, through allbusiness lines and all support processes, carry the greatestnumber of risks and/or key controls for the achievement ofobjectives. The audit units which do not carry major risks aresubjected to a simplified approach, responding to regulatoryrequirements to cover the audit universe.This perennial plan enables any resources requirement to bedetermined both from a quantitative and a qualitative pointof view as well as training needs.The audit plan draws a distinction between several types ofaudit tasks:• transversal tasks which are performed on the same sphereof activity in several entities at the same time and relateprincipally to one of the processes with a relatively highdegree of integration;• joint tasks which are performed jointly within an entity bylocal audit teams (if available), with the participation of oneor more auditors from a shared service centre;• local tasks which only relate to a single entity.2. Method of performing audit tasksThe method of performing audit tasks is common to allentities of the Dexia Group. The different phases of theprocess are presented in a procedure which describes thedifferent phases to be followed in performing an internal audittask (preparation, realisation, audit report, recommendationmonitoring...) as well as the formats of documents expectedat each phase. The procedure also determines the roles andresponsibilities and modes of review and approval and thearchiving of documents.The Dexia audit methodology revolves around four principalphases.• The preparation phase: after studying the activity sectorto be audited, when the aim is to gather and to analyseavailable information which might prove useful in properlyunderstanding the activity, the audit team prepares a workprogramme which in particular includes the processes, risks,controls expected to cover the identified risks and tests to beperformed in order to give an opinion on the concept andeffectiveness of the controls in place to cover identified risks.A task letter informs those concerned as well as the membersof the management boards of the entities involved of thescope, objectives and programme for the task• The realisation phase: each task must be performed on thebasis of working documents established on a determined basisand organised in audit files. They clearly reflect the work carriedout and the techniques and methods of work used to reacha substantiated conclusion. The audit opinion is expressed onthe capacity of the controls to provide appropriate cover ofidentified risks. A causal analysis is performed of weaknessesrevealed and residual risk is assessed.• The conclusion phase: each task is subject to a writtenreport, established in the presence of all concerned, intendedfor the parties audited as well as management. The reportcontains an assessment of the ability of the internal controlsystem to cover risks (positive and negative points), but alsorecommendations on measures enabling the risk level to beimproved. Then action plans are established by the partiesaudited and discussed with audit. Each action plan is definedby an operational member of staff who assumes responsibilityfor it and the date completion. The audit attributes a criticallevel to each of the recommendations made. Finally, eachaudited process is given a rating expressing the degreeof risk control. Throughout the task, a constant andconstructive dialogue is established with the audited partiesand management. Each report is then presented to theManagement Board which rules on the recommendations,action plans and their completion.• Recommendation monitoring: each task results inrecommendations being made from the action plans definedby the audited parties with an undertaking on their part asto the date of completion. The aim of these is to remedy anyweaknesses revealed by the audit tasks, in order to consolidatethe internal control system. The implementation of each action54 Dexia Annual report 2010
Declaration of corporate governanceplan is regularly monitored by audit on the basis of a declaredprogress statement and supporting documents provided bythe parties audited. Internal audit keeps a database of allrecommendations arising from audit reports and has defineda consistent procedure for monitoring the implementation ofthose recommendations.3. MonitoringTwice a year, the General Auditor of Dexia SA presentsthe Audit Committee and/or the Board of Directors with areport on the activities of internal audit. This report containsa summary of the principal observations made during audittasks, an annotated statement of the completion of auditplans, particularly in the case of a significant departure fromplanning, and an assessment of the sufficiency of means(from a qualitative and quantitative point of view).To support the recommendation monitoring process, twiceyearly monitoring of the action plans associated with the auditrecommendations is presented to the management boards ofthe various Group entities, and any delay in completing theaction plans responding to the recommendations is dealt withthere.A new recommendation monitoring tool was commissionedsuccessfully at the end of January 2010. This tool enablesthe auditors and the audited parties constantly to exchangeviews on the evolution of action plans responding to theaudit recommendations. It is planned in 2011 to deploy thetool in the subsidiaries of the Dexia Group and to integraterecommendations from the Regulators.TrainingIn addition to the training organised by human resources, anaudit-specific training plan has been introduced. It has varioussections to be followed depending on the role and seniorityof the auditor. Furthermore, at a human risk control level, theorganisation of internal audit into shared service centres willprovide better cover for Group activities by mitigating the riskof a lack of means (both qualitative and quantitative) whilstensuring the required reactivity in the case of urgency.Projects for 2011In 2011, correspondents must allocate some of an evengreater part of their time compared to 2010 to monitoringrisks in the scope under their responsibility (includingmonitoring action plans responding to recommendations frominternal audit, the regulators and the corporate auditors). Inthis way, the internal audit support line wishes clearly, beyondthe completion of tasks enabling new risks to be identified, toplace the emphasis on strengthened monitoring of the actionsagreed with the audited parties at the end of the previoustasks and having to remedy risks identified in the past. Thismechanism should, when it appears necessary, allow thetriggering of a warning procedure from management onthe areas of weakness which might appear significant andlasting.Several methodological projects are provided for 2011,including:• Revision of the audit universe. This new revision will integratethe transformation plan as well as all the organisationalchanges and associated movements of members of staff.This revision of the universe will have an impact on therecommendation monitoring tool.• Introduction of a more robust tool for reporting on thestate of progress made on action plans associated withrecommendations, a tool which will be provided both toauditors and to the parties audited. This tool will permit thesharing of reporting between the internal audit support lineand the operational support lines. It should be in operation atthe end of 2011.• Recasting of the intranet site for the internal audit supportline with more detailed access management rules. First ofall, the site will enable the audit support line to obtain allnecessary information on the audit methodology and alsoto gather in one single place all the audit reports and keydocuments for each of the phases of an audit task. Secondly,it will enable the flows of each audit task to be automatedand therefore performance indicators to be automaticallycalculated on the good operation of the support line.• A self-assessment of internal audit in line with the QualityAssurance Review standards of the Institute of InternalAuditors, with the aim of preparing for external validationby an independent body. This process is recommended byinternational standards.Activities in 2010A major part of the Dexia Group audit plan was implementedin the form of “transversal tasks”, namely tasks performedsimultaneously in Dexia SA and in the Group’s mainoperational entities: Dexia Crédit Local, Dexia Bank Belgium,Dexia Banque Internationale à Luxembourg and DenizBankas well as certain of their subsidiaries/branches, in relationto the subjects dealt with. In 2010, those tasks related inparticular to risk management, the Finance, Balance SheetManagement, Operations and IT support lines as well asmarket activities. The other support functions were also theobject of regular tasks.The audit tasks performed in 2010 gave rise to theestablishment of plans to remedy weaknesses detected inthe internal control system. Each action plan was approvedby the Management Board of the entity concerned and,depending on its importance, reported to the ManagementBoard of Dexia SA, and subject to regular monitoring, toensure that the recommendations formulated are effectivelyimplemented.In terms of implementation of the audit plan (number oftasks) over the year 2010, the performance rate of local andjoint tasks is considered good, and slightly up on the rate fortransversal tasks.The year 2010 was marked by a strengthening of themonitoring of contacts with the Regulators.In fact, contacts with the different Regulators of the DexiaGroup, whether through inspection tasks or meetings, tendedto be intensified, and this mobilised an increasing amount ofthe time of internal audit staff in 2010.When the Regulator performs a task within the Dexia Group,the role of audit consists of monitoring its progress ensuringthat the elements requested are properly transmitted to theInspectors, at the end of the task, coordinating the formulationof action plans responding to the recommendations by theRegulators (applying the principle of strengthening the roleof audit in these matters), then to likewise monitoring theresponse to its own recommendations.Management reportConsolidatedfinancial statementsAdditional information Annual financial statementsAnnual report 2010 Dexia55
Page 1:
A n n u a lr e p o r t2 0 1 0
Page 4 and 5:
4 Group profile8 Message from the c
Page 6 and 7: Group profileManagement reportConso
Page 8 and 9: Group profileRESULTS Dexia GAAP IFR
Page 10 and 11: Message from the ChairmenManagement
Page 12 and 13: 2010 and early 2011 highlightsManag
Page 14 and 15: 2010 and early 2011 highlightsDecem
Page 16 and 17: Update on the transformation planMa
Page 18 and 19: Update on the transformation planMa
Page 20 and 21: StrategyManagement reportConsolidat
Page 22 and 23: Declaration of corporategovernanceM
Page 24 and 25: Declaration of corporate governance
Page 70 and 71: Shareholder informationManagement r
Page 72 and 73: Shareholder informationManagement r
Page 74 and 75: Human ResourcesMEMBERS OF STAFFGEND
Page 76 and 77: Human ResourcesFinally, questions r
Page 78 and 79: Sustainable developmentEnergy perfo
Page 80 and 81: Risk managementManagement reportCon
Page 82 and 83: Risk managementThe Operational Risk
Page 98 and 99: Capital managementManagement report
Page 100 and 101: Capital managementEconomic capitalE
Page 102 and 103: Financial resultsConsolidated state
Page 104 and 105: Financial resultsManagement reportC
Page 106 and 107:
Activity and results of the busines
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116:
Page 119 and 120:
C o n s o l i d a t e d f i n a n c
Page 121 and 122:
Liabilities Note 31/12/09 31/12/10(
Page 123 and 124:
Consolidated statementof changes in
Page 125 and 126:
Gains and losses not recognised in
Page 127 and 128:
Consolidated cash flow statement(in
Page 129 and 130:
Notes to the consolidated financial
Page 131 and 132:
Page 133:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142:
Page 145:
Page 148 and 149:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Dexia saStatutory Auditor's reporto
Page 240 and 241:
240 Balance sheet241 Off-balance-sh
Page 242 and 243:
Balance sheet(before income appropr
Page 244 and 245:
Statement of incomeManagement repor
Page 246 and 247:
Notes to the annual financial state
Page 248 and 249:
Page 250 and 251:
Page 252 and 253:
Page 254 and 255:
Page 256 and 257:
Page 258 and 259:
Page 260 and 261:
Page 262 and 263:
Statutory Auditor's reportManagemen
Page 264 and 265:
Additional informationManagement re
Page 267 and 268:
Photographs: page 8: C. LEBEDINSKY/
show all

Annual report 2010 - Dexia.com

Create successful ePaper yourself

Delete template?

Save as template?