Internal Control Framework
The ESM internal control framework is embedded in the ESM’s daily operations and reflects the nature, complexity and risks inherent in ESM activities. The ESM internal controls are aligned with the principles of the Basel Committee’s Framework for Internal Control Systems in Banking Organisations.
The Managing Director, under the direction of the Board of Directors, is responsible for the ongoing maintenance of the ESM internal control framework. Assisted by the Management Board, the Managing Director sets a strong tone from the top and oversees internal controls across all areas of the ESM.
The ESM applies the following categories of internal controls:
Internal controls are subject to scrutiny and self-evaluation by management on an annual basis. As second line of defence, Risk Management exercises oversight of risk management, including risk practices defined in the process and control documentation established by the first line of defence. As third line of defence, Internal Audit provides an independent assurance on the established internal controls and procedures as part of the regular audit cycle. The external auditor gains a sufficient understanding of ESM internal controls to provide reasonable assurance on the ESM’s financial statements.
 Framework for Internal Control Systems in Banking Organisations, Basel Committee on Banking Supervision.