MANAGEMENT LETTER

Local Peoples Credits Fund

Fiscal year ended as at December 31st 2011

Hanoi, March 30th 2012 To: Director Boards Dear Sirs, We have completed the service audit the Financial Statements of Local Peoples Credits Fund for the fiscal year ended as at December 31st 2011. Throughout inspection process, we considered the important aspects of accounting system and internal controls in order to present our opinions on your Financial Statements as a whole. The main purpose of the job is not for identifying the weak points, detections or frauds of the Funds but for supporting us in making auditing conclusion. It is therefore inappropriate to make decision that there are no other weaknesses based on this report. Accompanying this letter, we attach the memorandum including our comments and proposals which indicate a number of possible methods to improve the accounting system and internal controls as well as overcome the weaknesses that we observed during the process. The comments in this Management letter only concern with the matters that came to our notice during the conduct of our normal audit procedures and therefore our comments cannot be expected to include all possible improvements in internal control which a more
extensive special examination might identify. The purpose of the letter is mainly for the use of Director Boards and Bank for Investment and Development of Vietnam and would not provide information for any third party. Hence, providing this letter to the third party without our agreement would be inappropriate and we will not take any responsibilities for any decisions made by third party using copies of this Management Letter. On this occasion, we would like to extend our sincere thanks to the Directors and other departments for the co-operation which we have received during the course of our audit. Yours faithfully,

Nguyen Quoc Dung Deputy General Director Auditing and Accounting Financial Consultancy Service Company Limited

Contents
1. 2. 3. 4. 5. 6. 7. 8. Information systems .............................................................................................................................. 4 Improvement on supporting operation department ............................................................................... 5 Enhancement of management and legal issues ..................................................................................... 7 Management and control credit risks .................................................................................................... 8 Policies of interest rate risk management............................................................................................ 10 Policy on liquidity risk management .................................................................................................. 12 Improvement on quality of credits documents .................................................................................... 13 Improvement on quality of assessment and evaluation of collateral assets ........................................ 14

1. Information systems Observation As audited, we have identified that your information systems have remained some issues needed to be clarified to generate an efficient measurement: The Fund has not installed security software to manage various potential risks derived from viruses and illegal attacks that leads to a high probability of losing significant data. Operational software has not integrated with financial hazard management models, interest rate liquidity, etc for managerial prospects. Software has not integrated with online working model Client-Server via WAN. The Fund has not constructed server systems as Proxy Server to manage and monitor outbound risks toward inbound networks. The Fund has installed camera and alarming systems for emergency occasion. However, the servers which save image data from cameras have not been backed up regularly. Otherwise, server room is placed on second floor, being near the cashier, having lack of appropriate security solutions which could possibly lead to deceptions Software has not embedded with basic modules, for instance, managing properties module, managing pay-roll module, etc Software has not embedded with functional warning mechanism to avoid unnecessary miss-conceptual definition of inputs, for example: Accountants input an entry for medium term loan, actual return period must be smaller than twelve months, but it does not display the warning message. Online functional monitoring mechanism has not been strictly high and sufficient to lower errors resulting from operation of software as well as clarify roles and responsibilities of individuals in case of sudden collapse. Recommendation: We highly recommend that the Fund should double check all the mentioned issues and participate with stakeholders to formulate an efficient resolution. Furthermore, firm should also apply a mix of appropriate solutions for security devices and prevent turmoil from internet. Fund approaches: The Fund will consider all issues mentioned by Audit firm.

2. Improvement on supporting operation department As audited period, we recognize that Fund has regularly built functional departments to fulfill Funds requirements. However, via investigation of regulations and operational constraints, several issues remain: IT department: - There are no terms and regulations of information security, maintenance, supply and return IT equipment. - There are no terms and regulations of procurement of IT equipments and the relation of this activity with other departments. - There are no terms and regulations of handling emergency circumstance for example, the possibility of back-up and restoration systems when the main server stops functioning or guidance for employee when errors occur. Legal and department collection departments: - There are no term and regulation of operation - There are no instruction documents about functional process: Internal regulations, review and systematized legislations, legal consultants for general manager, upgrade legislations for relevant department and department collections. Credit department: - Having not issued credit policies to control, identify tolerances applying in credit activities and formulate the environment to lower risks in some aspects: loan subjects, procedure to manage credit activities, financial constraints, different credit services, capital to fund credit activities, procedure to manage loan records, term and period to manage different products. - Having not issued loan interest rate identification process - Having not issued managing credit procedures for individuals and companies - Having not issued establishing and managing credit tolerance for funds, procedures on warranty operation and loan security. - Having not issued guidance to manage bad debts (NPLs), separate reviewing and monitoring credit program - Having not programed to develop credit services

In concern with systems and documents business processes and functions of the credit department and the other specialized sections, these will be addressed in detail in the relevant sections of this letter.

Recommendation In our opinion, documents and provisions above are necessary to ensure the normal operation of the Fund, especially, document relates to IT department, Credit department, Legal and Debt collection department. In the near future, we recommend the Fund to research and issues appropriate provisions to create effective working conditions and prevent risks. Initially, the Fund should focus on strengthening the internal documents of delegation of authority for credit based on following principles: - The delegation of authority for approving credit for each customer should be defined differently depending on credit score corresponding to each customer including risk factors, quantitative and qualitative. - Every year, the unit should issue the documents to establish and allocate credit limit concentration of credit portfolio structure based on risk factors such as customers, industry or security of the loan, the loan term, loan products, etc In addition, the credit department also needs more attention following a number of tasks to enhance business efficiency and reduce risks, namely: - Research strategy customer credit, customer classification and propose incentives for each client in order to promote the strengths of the area. - Develop and implement credit model pilot testing in the area, monitoring and evaluation, preliminary and final, propose director for replication allowance. - Collect, manage, and provide information for the evaluation and prevention of credit risk. In the long run, firm should consider issuing Credit Handbook to provide a framework and policies for the credit operations as well as the lending process and clearly define the responsibilities of all involved participants in credit activities application.

The Fund approaches The Fund is currently processing to complete policies as mentioned above.

3. Enhancement of management and legal issues Through investigation of legal update, and capability of legal department, some issues have been addressed as follow: The Fund has not constructed a mechanism or specific department to search for relevant legal documents to ensure the necessary of timely updated legal documents and rapid dissemination to professional sections. For now, the members in charge of departments and Board of Director search the internet or receive legal documents from Sate Bank or provincial tax agencies. However, these update methods have shown some limitations. The information on the internet is difficult to filter and document from State Bank is not completely or regularly sent, especially, the profession guidelines, or mode of guidance document in tax issues. The Fund has no officials on legislation to review legality of the documents released to the external partner in order to avoid legal risks that may arise, for example, the Fund have signed credit contracts to customers, but the return date was wrongly inputted. The credit officers have to correct by hand on the contracts without notifying IT department can lead to different details between information on software and singed contract (Very risky in case of dispute) Recommendation: We recommend the Fund should allocate general department to regular update legal documents from various channel such as State Bank, Firm providing consulting legal documents every monthly. In addition, new legislations should be classified for professional departments to generalize and summary to disseminate to each professional personnel. Furthermore, General department will also be responsible for reviewing the legality of the released documents before sending Board of Directors for consideration and approval to limit legal risks.

The Fund approach: The Fund will consider the proposals of Audit company.

4. Management and control credit risks After investigation, the Fund has issued a document system of risk management of credit operations. However, this document system has only met the basic requirements of credit processes. The Fund also does not have individual or department responsible for appropriate management and control credit risk to advice to Board on the following aspects: - To develop strategies to prevent and handle risks in the business activities. - Summarize, analyze, and monitor information of risks in business, research and implementation of risk prevention measure in business - Composing regulation on preventing and dealing with risks - Receive, summarize, and submit to authorities to provide further indication for handling risks in business as well as relationship with Credit Information Center of State Bank and relevant agencies. - Compose regulations, procedures, and guidelines on credit operations and suggest measures to prevent new violations arising. - Research and propose improvement of procedures for loans as well as analyze economics of each economic sector, select subjects to provide efficient loans. - Direct, inspect, analyze credit performance, loan classification, evaluate bad debts to find out causes and make counter measurements. - Assess the risks of the credit portfolio and risk management processes from a business perspective of each section. - Regularly review and assess the strictly execution of laws of State Bank of Vietnam, regulations and policies of the units of credit sector in order to detect violations and propose effective counter measurements. Recommendation: We recommend the Fund to consider appointing a capable member or set up a department in charge of prevention and process risks as mentioned above to ensure tight control of credit risk in business process. Moreover, to enhance the ability of control the credit risk in term of the Fund tends to develop stronger credit activities, the Funds should develop some measures following: - Standardize the process of credit activities. - Standardize the process of credit control activities independently. - Enhance human resource for independent credit monitor department.

- Increase training for professional staff, especially credit officers and independent credit monitor department. - Review and gradually apply the model, tools to support decision making and management of credit risks. We also recommended that the Fund need special attention to applying the solution support tool for decision making on the system's software since this is a very important factor for the process of evaluating a quantitative credit risk and improve service quality.

The Fund approach: The Fund will consider the proposals of Audit company.

5. Policies of interest rate risk management Through investigation, we recognize that in order to manage interest rate risks, the Fund is issuing interest rate ceiling frame and on that basis to calculate cost reasonably to determine interest rate floor. In addition, the Fund is conducting interest rate management based on cost and selling price at the time and the trend of the market. To manage interest rate, the Fund regularly monitors the deviation between the input interest rate and loan interest rate and applies floating interest rate on medium term loans. In term of management, the Fund has not issued a specified risk management policy. These activities have been actually conducted by Board of Director. The Fund also does not have analytical tools to model the identification of interest rate risks, qualify, and assess the impact of risk prevention measures. From the above remarks, we find that the Fund does not have the tools to analyze interest rate risks that will encounter difficulties in managing risks and making decisions to optimize benefits profit. In the long term, the absence of these tools will directly affect the safety of the system with large-scale development and diversity.

Recommendation: In our opinion, to enhance the ability to control interest rate risks, the Funds should implement the standardization of business processes of the department responsible for funding activities related to interest rate risks management and increase training for professional staff in this department. Besides, the Fund should pay attention to each step to consider the application of the model, the support tools for managing interest rate risk as well. Model to identify interest rate risks and interest rate forecasts: This model is understood as the ability to warn of interest rate risk and interest rate forecasts through the financial data of the system with different levels of alert on the basis of risk management policies of the Fund. Quantifying the interest rate risk analysis model for the period gap (GAP) and model duration (Duration and Modified Duration): Quantifying accurately will help the Fund to assess interest rate risk to maximize profits and business opportunities on the basis of the resources at the time.

10

The model to quantify the impact of preventive measures interest rate risk as the basis for the decision of the Board of Directors We recommend that units need special attention to applying the solution support tools on the system's software since this is a very important factor for the process of evaluating a quantitative risk and improve the quality of management decisions aimed at maximizing profits.

The Fund approach: The Fund will consider the proposals of Audit company.

11

6. Policy on liquidity risk management Through investigation we recognized that the Fund has not issued the processes and systematic rules on liquidity risk management. However, in practice, the department has also done business operations to calculate and optimize liquidity status. Therefore, in term of the audit scope, we have conducted to find out how the units control of liquidity risks. Specifically as follows: - Implement management of liquidity risks on the basis of compliance with the provisions of the State Bank. - Professional departments regularly identify the needs of cash monthly, weekly, daily. - The Fund already has plans for handling liquidity crisis situation. - Monthly, Board of Directors set up liquidity strategy consistently with actual situation. Recommendation: In our opinion, to enhance the effectiveness of policies to manage liquidity risk, the application can perform some consider the following solution: - Standardize the process management of net liquidity by specific instructions. - Divide and specialize departments to identify liquidity risk as well as model them. - Apply multiple methods of operations with the support of software systems to measure liquidity risk. For example, approach and use of resources, approach fund structures, approach indicators, maturity ladder approach. - Issue a policy and administrative regulations on liquidity in clearly defining management objectives, common strategies. Professional division considers the relationship with capital suppliers and capital concentration. - Consider to issue tolerance to ensure liquidity in the near future.

The Fund approach: The Fund will consider the recommendation of Audit company.

12

7. Improvement on quality of credits documents Observation As checking credit documents and investigating internal regulations related to credit recordkeeping, we acknowledged that the Fund has not got a fully guidance for credit records keeping and management as well as guidance for required documents and work need-to-be-done with a customer from issuing a loan until finishing loan process. It leads to the lack of necessary information to prove that the credit loan has an appropriate level of credit risks with loan classification on financial statement in auditing period.

Recommendations Credits document is considered an important resource, which provides information for periodical mortgage specialists, external auditors and other organizations. Therefore, we recommend that the Funds should clarify procedures on managing and keeping credits files as well as issue a detailed guidance on indispensable documents and required job for credits record-keepers Accompanying with these steps, independent supervisors are suggested to increase controlling activities toward the performance followed the regulations.

Funds approaches The Fund will consider all issued mentioned by Audit firm

13

8. Improvement on quality of assessment and evaluation of collateral assets Observation By investigating the credits documents and interviewing on the procedures of evaluating collateral assets, we acknowledge that the documentary evidences on assessment and evaluation the assets are lacking of information and unreliable to define the value of guaranteed assets. For instance: ascertaining the value of real estate in credit documents, which we examined, is not fully recorded the foundation to identify the value of the assets such as the location of the assets, compared market price and commercial advantages. On the other hand, the Fund has not completed appropriate regulation standards on evaluation collateral assets to support the work of mortgage specialists and the auditing activities of independent monitoring departments.

Recommendations Along with these above issues, we strongly suggest that the Fund should build up evaluation procedures in order to ensure the following aspects: a, Regulations on receiving and checking collateral assets files need to ensure that customers are consulted of required documents and the credit officers must follow the procedures on collecting adequate documents related to guaranteed assets. b, The procedures on evaluating collateral assets should follow the below terms: Assessment information resource: the evaluation is based on 3 main fundamental information resources: document and information provided by customers, survey, and other resources such as public authorities, police, court, media resources and other banks. By experience, the information collected from other resources is objective and precise, especially toward identifying ownership and evaluating mortgage value. Credit officers are required to record every meeting with other institutions, the documents should be signed by at least 2 people and be managed and controlled followed the regulations. The data taken from internet and newspaper should be taken a copy for recording purpose. Assessment contents: the contents which are kept in credit file should clarify these matters: customers ownership of the collateral assets; disputes related to the assets; the rights of trading and transferring of assets; the evaluation methods, the possibilities of
14

recapturing the loan when settling the collateral assets and proposals on methods to manage guaranteed assets effectively. Assessment report: a form of assessment report should be issued with compulsory regulations; credit officers therefore could follow to reduce possibilities of credit risks. c, Ascertaining value of collateral assets: Since most of collateral assets are real estate ownership, hence, we suggest that there should be procedures defining the evaluation of the ownership of real estate ownership. In detail, the mortgage specialists should refer to the estate price frame provided by Province Peoples Committee, the transferring price in the locality in the pledging period to negotiate with customers about the value of collateral assets. The transferring price in locality could be defined based on the price in newspaper, Land office, trading real estate agencies and other information resources. In case the credit officer could not collect the market information in documents, the specialist could open a market research report which is required to have the signatures of 2 staffs and the reference needs to be copied, recorded and kept in the mortgage documents. In addition, the Fund is recommended to enhance the inspection activities and independent control with credit transaction to ensure all the regulations are followed.

Fund approaches: The fund will considered all the issued mentioned by the Audit firm.

15