• 57th Ordinary General Assembly Meeting Agenda
• Summary Report of the Board of Directors
• Statutory Auditors' Report
• Profit Distribution Proposal for 2010 and Profit Distribution Policy
• Compliance Opinion on the Annual Report
• VakıfBank in Brief
• VakıfBank at the onset of 2011
• Shareholding Structure
• Credit Ratings
• Key Financial Indicators
• Key Ratios
• Message from the Board of Directors
• General Manager's Message
• 2010 in the World and in Turkey
• 2010 Activities
• Subsidiaries

• Board of Directors and Statutory Auditors
• Senior Management
• Heads of Internal Systems
• Committees
• Human Resources Applications
• Outsourced Support Services
• Related Party Transactions
• Corporate Governance Principles Compliance Report

• Assessment of the Functioning of Internal Systems and Activities Performed during the Year
• Risk Management Policies by Types of Risks
• Independent Auditors' Report
• Assessment of Financial Position, Profitability and Debt Servicing Ability
• Five-Year Summary Financial Information

Assessment of the Functioning of Internal Systems and Activities Performed during the Year

Audit activities in 2010 consisted of on-site audits, central audits and information technology application audits.

The audit of the units that are responsible for the operation of the Bank’s internal systems are performed within the framework of the Regulation on Banks’ Internal Systems that was published by the Banking Regulation and Supervision Agency on November 1, 2006, under the direct oversight of the Board of Directors via the Audit Committee and in a way to cover all operations of the Bank.

Internal Audit Activities
In line with the Internal Audit Plan for 2010, audit activities in 2010 consisted of on-site audits, central audits and information technology application audits.

As part of the on-site audit activities in 2010; operations of 442 branches, 98 satellite branches, 47 Head Office units, two overseas branches and one overseas subsidiary were audited with respect to whether these operations were performed in line with the Banking Law and other laws and regulations as well as the Bank’s internal strategies, policies, principles and targets. Within the scope of Article 32 of the Regulation on Banks’ Internal Systems, monitoring activities were carried out regarding the issues that were brought up in auditors’ reports following the audits and conveyed by the Board of Internal Auditors to the Executive Vice Presidents and/or Head Office Units authorized to take necessary corrective measures.

In line with the regulations of the Banking Regulation and Supervision Agency as well as the risk-based periodic audit vision, the Board of Internal Auditors focused on central audit activities. The enquiries formulated as part of the central audit were revised in 2009 and the audits of branches and units that carry higher risk were given higher priority. The effectiveness of the coordination between the internal audit and internal control functions was enhanced by allowing Internal Control employees access to central audit findings regarding their branches via the audit portal that is created and kept current by the central audit staff.

Efforts were expended to correct the deficiencies identified during these audits and to eliminate or insure the Bank’s losses resulting from operational risks. In addition, the necessary survey and investigation reports about the responsible parties were generated and submitted for the information of the senior management along with recommendations to prevent similar risk-bearing activities.

As part of the compliance audits; all operations, new transactions and products developed or planned by the Bank were assessed for compliance with the Banking Law, other legislation, Bank’s internal policies and rules and banking trends and the conclusions reached were reported.

Internal Control Activities
The internal control system has been set up to protect the Bank’s assets; to conduct the Bank’s activities in compliance with legislation, internal bylaws, arrangements, the Bank’s policies, strategies and objectives; to soundly establish the accounting and recording structure and the financial reporting system. It has been structured so as to enable its monitoring, evaluation and reporting based on an approach that will enable prevention of financial and operational risks.

Internal control activities were performed to cover all of the Bank’s domestic and overseas branches and all the operations of the Head Office units.

Based on auxiliary documents created at the internal control center, priority was given to branches with rapid increases in their amounts and intense operational errors such as in loans, deposits, follow-up and delinquency risks, also taking into consideration their impact on the Bank’s balance sheet; in addition, such branches were assigned different control durations and periods, auditors were referred to centrally identified risky areas and the control activities were caused to be carried out in shorter time periods, employing more efficient methods.

Operational errors and deficiencies that were identified during the internal control activities were first shared with the employees who perform the tasks; it was ensured that supplementary and preventative measures were taken rapidly. The operational errors and deficiencies that were not fixed were mentioned in reports and were recorded in the database with predetermined codes. An assessment of the data quantified in this database was performed, and a report was created and submitted to the senior management featuring the frequent operational errors and deficiencies as well as opinions and recommendations regarding process improvements for the elimination of these errors and deficiencies.

Major violations, transactions that caused the Bank to incur losses, and irregular, fraudulent transactions and those involving misconduct which are deemed to incorporate high risks were referred to the Board of Internal Auditors.

Findings of the central audit team regarding selected transactions were examined in detail at branches before the risk arose, and physical document checks were performed, upon which conclusions were reported on the Central Audit system.

New products and new implementations planned to be introduced at the Bank and the revisions to be made in the systems, along with related designs and projects were reviewed in terms of their compliance with the Bank’s overall practices and rules of conduct, legislation and regulations; feedbacks were provided on control points deemed necessary, taking into consideration the potential risks involved and their impact on practices and processes. The Bank aimed to implement new products and new projects without giving rise to risks.

Audit trails and worksheets were maintained, which allow monitoring internal control activities, control fields, methodology, documents used, and control outcomes together with their interrelations; this enabled retrospective follow-up and auditing of operations.

By closely monitoring the progresses in audit and control methods and in information technologies, it is targeted to make use of information technologies in audit activities, perform international audit methods, consider IT risks as part of the Bank’s risk management, thus carrying out the IT controls in relation to processes as a part and continuation of process implementation controls.

Internal control activities are planned in coordination with business units, consultancy is furnished to the same regarding their activities, process improvement and operational efficiency are ensured, and risk awareness and necessary controls are provided in an effort to support the Bank to capitalize on development opportunities.