AUDIT COMMITTEE REPORT

The legal responsibilities of the Nedbank Group Audit Committee (the committee) are set out in the Companies Act, 61 of 1973 (as amended), and the Banks Act, 94 of 1990 (as amended). These responsibilities, together with the requirements of parent company Old Mutual plc’s audit committee and compliance with appropriate governance and international best practice, are incorporated in the committee’s charter, which is reviewed annually and approved by the board.

COMPOSITION OF THE COMMITTEE

All independent non-executive directors, with the exception of the chairman of the board, are eligible to serve on the committee. The Directors’ Affairs Committee recommends to the board any appointments to or removals from the board, which in turn is responsible for the composition of the committee. The committee has three or more members, all of whom are financially literate, with three members forming a quorum. Access to training is provided on an ongoing basis to assist members in discharging their duties.

The committee comprised the following members during the year and to the date of this report, except where noted otherwise:

• CJW Ball (Chairman)
  
• TCP Chikane
  
• JB Magwaza
  
• NP Mnxasana (appointed October 2008)
  
• BE Davison (resigned August 2008)
  
• MA Enus-Brey (resigned March 2008)
  
• RM Head (resigned March 2008)
  
• GT Serobe (resigned March 2008)
  
• CML Savage (retired May 2008)
  

Biographical details of the current members of the committee are set out here. Members’ fees are included in the table of directors’ remuneration here.

The Chief Executive, Chief Financial Officer, Chief Risk Officer, Chief Internal Auditor and representatives of the external auditors are invited to attend the committee meetings. The external auditors attend all committee meetings and separate meetings are held to afford them the opportunity of discussion without the presence of management or internal auditors. The internal auditors attend all committee meetings and are similarly afforded separate meetings with the committee.

INTERNAL AUDIT

Internal audit is an independent assurance function, forming part of the third-line-of-defence as set out in the Enterprisewide Risk Management Framework (ERMF) here of the annual report. The Chief Internal Auditor has a direct reporting line to the committee chairperson and also meets regularly with the Chief Executive Officer. Further details on the internal audit function are contained in the Enterprise Governance and Compliance Report here.

EXTERNAL AUDIT

The group’s external auditors are Deloitte & Touche and KPMG Inc. Fees paid to the auditors are disclosed in note 14. Further details are contained in the Enterprise Governance and Compliance Report here.

KEY FUNCTIONS AND RESPONSIBILITIES OF THE COMMITTEE

The key functions and responsibilities of the committee as outlined in the charter are to:

• assist the board of directors in its evaluation of the adequacy and efficiency of the internal control systems, accounting practices, information systems and auditing processes applied within the group in the day-to-day management of its business;
  
• facilitate and promote communication between the board, management, the external auditors and the Chief Internal Auditor;
  
• introduce such measures as in the committee’s opinion may serve to enhance the credibility and objectivity of financial statements and reports prepared with reference to the affairs of the group;
  
• nominate for appointment as auditors the company registered auditors who, in the opinion of the committee, are independent of the group;
  
• determine the fees to be paid to the auditors and the auditors' terms of engagement;
  
• ensure that the appointment of the auditors complies with the Companies Act and any other legislation relating to the appointment of auditors;
  
• determine the nature and extent of any non-audit services that the auditors may provide to the group;
  
• approve any contract with the auditors for the provision of non-audit services to the group;
  
• receive and deal appropriately with any complaints (whether from within or outside the group) relating either to the accounting practices and internal audit of the group or to the contents or auditing of its financial statements, or any other related matter thereto; and
  
• perform such further functions as may be prescribed.
  

The committee reports that it has adopted appropriate formal terms of reference to discharge its responsibilities, has regulated its affairs in compliance with its charter and has discharged all its responsibilities as contained therein.

EFFECTIVENESS OF INTERNAL CONTROL

The committee monitors the group’s internal controls for effectiveness and adherence to the ERMF for pragmatic and consistent application, as these form the foundation of successful risk management.

The emphasis on risk governance is based on a three-lines-of-defence concept, which is the backbone of the group’s ERMF. The ERMF places weight on accountability, responsibility, independence, reporting, communications and transparency, both internally and with all our key external stakeholders.

The functions of the three lines of defence, as well as the principal responsibilities that extend across the group, are set out in the Risk and Capital Management Report here.

Specific responsibilities of the committee include the following:

Internal control

• Monitoring management's success at creating and maintaining an effective internal control environment throughout the group and at demonstrating and stimulating the necessary respect for this control environment.
  
• Monitoring the identification and correction of weaknesses and breakdowns of systems and internal controls.
  

Financial control, accounting and reporting

• Monitoring the adequacy and reliability of management information and the efficiency of management information systems.
  
• Delegating to the Board Strategic Information Technology Committee the monitoring of the adequacy and efficiency of the group’s information systems and receiving from them reports thereon.
  
• Reviewing quarterly, interim and final financial results and statements and reporting for proper and complete disclosure of timely, reliable and consistent information and confirming the appropriateness of accounting policies used.
  
• Evaluating on an ongoing basis the appropriateness, adequacy and efficiency of accounting policies and procedures, compliance with generally accepted accounting practice and overall accounting standards as well as any changes thereto.
  
• Discussing and resolving any significant or unusual accounting problems.
  
• Reviewing and monitoring capital expenditure throughout the group for adequate control, monitoring and reporting.
  
• Reviewing reports from the Group Credit Committee regarding the effectiveness and efficiency of the credit-monitoring process, exposures and related impairments and adequacy of impairment provisions to discharge its board and Banks Act obligations satisfactorily.
  
• Monitoring the management and reporting of tax-related matters.
  
• Monitoring the management and effectiveness of the accounting and taxation risks as set out in the group’s ERMF.
  
• Reviewing and monitoring all key performance indicators to ensure that decisionmaking capabilities and the accuracy of the related reporting and financial results they aid are maintained at industry levels.
  

Internal audit

• Direct reporting by the Chief Internal Auditor to the chairman of the committee.
  
• Monitoring the effectiveness of the internal audit function in terms of its scope, plans, coverage, independence, skills, staffing, overall performance and position within the organisation.
  
• Monitoring and challenging, where appropriate, action taken by management with regard to adverse internal audit findings.
  
• Forming a view on the adequacy and effectiveness of the control environment.
  
• Monitoring compliance with the bank’s Advanced Internal Ratings-based (AIRB) credit approach.
  

External audit

• Recommending to the board the selection of the external auditors and approving their audit fees.
  
• Monitoring the effectiveness of external auditors in terms of their skills, independence, audit plan, reporting and overall performance.
  
• Approving non-audit services to be rendered by the external auditors and monitoring conflicts of interest.
  
• Considering whether the extent of reliance placed on internal audit by the external auditors is appropriate and whether there are any significant gaps between internal and external audit.
  

Regulatory reporting

• Reviewing the adequacy of the regulatory reporting processes, including the quality of the Banks Act reporting and the adequacy of systems and people to perform these functions.
  
• Considering the contents of any regulatory reports related to the key functions of the committee and monitoring management actions to resolve any issues identified.
  
• Performing such other functions as are prescribed in the regulations relating to the Banks Act.
  

Having considered, analysed, reviewed and debated information provided by management, internal audit and external audit, the committee confirmed that:

• the internal controls of the group have been effective in all material aspects throughout the year under review;
  
• these controls have ensured that the group’s assets have been safeguarded;
  
• proper accounting records have been maintained;
  
• resources have been utilised efficiently; and
  
• the skills, independence, audit plan, reporting and overall performance of the external auditors are acceptable and that it recommends their reappointment in 2009.
  

APPROPRIATENESS OF THE EXPERTISE AND EXPERIENCE OF THE CHIEF FINANCIAL OFFICER

In terms of the JSE Listings Requirements the Audit Committee had, at its meeting held on 28 January 2009, satisfied itself as to the appropriateness of the expertise and experience of the Chief Financial Officer.

ANNUAL FINANCIAL STATEMENTS

The committee has:

• reviewed and discussed the audited annual financial statements included in the annual report with the external auditors, the Chief Executive and the Chief Financial Officer;
  
• reviewed the external auditors' management letter and management’s response thereto;
  
• reviewed significant adjustments resulting from external audit queries and accepted any unadjusted audit differences; and
  
• received and considered reports from the internal auditors.
  

The committee concurs with and accepts the external auditors' conclusions on the annual financial statements and has recommended the approval thereof to the board. The board has subsequently approved the financial statements, which will be open for discussion at the forthcoming annual general meeting.

CJW Ball
Audit Committee Chairman

25 February 2009