The goal of the Internal Audit in UniCredit is to contribute to the protection of assets and corporate stability and provide a “reasonable guarantee” that the organization is able to achieve its goals efficiently through:
- controls ensuring that operations are appropriate and carried out in compliance with laws and regulations;
- assessment of the effectiveness and efficiency of operating processes;
- support provided to group divisions and companies to obtain a clear view of risk exposure/assessment at division level and of the implementation of guidelines on internal controls at individual entity level;
- assessment of the proper operation of the overall Internal Control System (line or operational controls, and controls on risk management).
The Parent Company’s Internal Audit Department verifies the conformity of group companies’ conduct with the Parent Company’s guidelines and the effectiveness of internal control systems, establishes guidelines, and coordinates and oversees the internal audit activities carried out by internal audit departments in the group. In this sense, the Internal Audit Department performs the function of third- and fourth-level controls.
Every entity in the group has established an Internal Audit unit responsible for third-level controls.
Where possible, these controls are entrusted to the specialist company UniCredit Audit.
The Parent Company’s Internal Audit Department and the local Internal Audit structures, including in those instances where the legal entities operate as sub-holding companies, form part of the Internal Audit competence line. The responsibility of the competence line coincides with the responsibility of the Internal Audit Department.
