Page 1
Seminar on
“Bank Branch Audit”
Presented by:
CA P.Manohara Gupta
Partner
DAGLIYA & CO.,
Chartered Accountants
BANGALORE
organised by :
BANGALORE Branch of SIRC of ICAI
Page 2
How is Bank Branch Audit
different ?
Complex & voluminous transactions
Availability of limited time
Audit in computerised environment
Risk of frauds & errors
Numerous Reporting & Certifications
By CA P.Manohara Gupta
Page 3
PLANNING
&
DOCUMENTATION
Page 4
• Complete the acceptance formalities
• Communicate with previous Auditor
• Study HO Annual closing instructions to Branches or
guidelines on Branch Audit
• List out the Returns and Certificates required to be
verified and certified by the Branch Auditors.
• Issue letter of Engagement to the branch; include
obligations and responsibilities for issuing all
certifications, LFAR and other reports.
Contd…
Preliminary work on receipt of Appointment:
By CA P.Manohara Gupta
Page 5
• Letter to the Branch in-charge prior to the commencement of the audit.
• Important information to be sought in the letter:
Particulars of nature and size of the branch
Latest list of advances with asset classification
Previous audits conducted and status of compliance with the observations in those reports
List of SMA accounts generated in last three months
List of fresh advances sanctioned/ disbursed and relevant files
List of accounts restructured or under resolution plan
By CA P.Manohara Gupta
Preliminary work on receipt of Appointment:
Page 6
Audit Tools • Maintain record of : -
Appointment Letter and acceptance
Letter of introduction
Key contact details
• Key circulars and instructions received from the bank regarding
branch audit – „accounts closing instructions‟
• Keep soft copies of Formats of audit reports / Certificates
• GN on Bank audit (ICAI) & recent RBI circulars (especially
master circulars on prudential norms on advances and capital
adequacy)
• Ready reckoner for NPA identification
• Interact with the branch to get confirmation of availability of duly
verified and authenticated copies of key statements, returns,
reports, etc.
By CA P.Manohara Gupta
Page 7
• Study size of the branch and nature of its activities
Comply with SA 310 - Knowledge of Business
• Define scope identifying key areas
• Set materiality levels- SA 320
• Decide sample size keeping in mind minimum
requirements like 5 % of the advances or Rs 2 Crores
whichever is less-SA-530
By CA P.Manohara Gupta
Scope & Materiality:
Page 8
• Documentation (SA- 230)
• Auditors Responsibility for Fraud and error (SA- 240)
• Audit evidence (SA- 500)
• Audit Planning (SA- 300)
• Risk Assessment-(SA-315)
• Auditors Response to assessed Risk-(SA-330)
• Audit materiality (SA - 320)
• Analytical procedures (SA - 520)
• Audit sampling (SA - 530)
• Representation by management (SA - 580)
• Using the work of another Auditor (SA- 600)
Standards on Auditing
By CA P.Manohara Gupta
Page 9
Documentation:
• It is fundamental that any audit needs to be carried
out in accordance with Standards on Audit (SA).
• An Auditor needs to comply with SA 230 in
documenting the audit procedures adopted by him in
conducting the audit and the results obtained by him
in order to form his opinion.
• Bank Audit is no exception.
By CA P.Manohara Gupta
Page 10
Pre Audit Documentation :
•Prepare Audit plan & Programme to ensure
completion of the audit with in the time schedule- SA
300
•Prepare Checklist of Various Reports and
Certifications and work allocation among the staff.
•Compile important and latest RBI Master Circulars
bearing on Branch Audit.
Documentation
By CA P.Manohara Gupta
Page 11
During Audit Documentation :
•Document the features of CBS adopted by the Bank
and control tests carried out.
• Obtain list of Exception Reports generated by the
system and out come on review of such Reports.
• Maintain an „Advance noting sheet‟
• Retain the work sheets of documents verified by the
audit staff, duly initialed and dated; marking the same
in the checklist along with the name of team member(s)
•Ensure that relevant back up papers are taken for the
MOCs issued, Remarks/ Comments made
Documentation
By CA P.Manohara Gupta
Page 12
Documentation • Obtain and file various other supporting documents
taken from the System and/or the Branch
Management.
• Carryout analytical reviews and obtain explanations
from Branch Management for significant variations and
comply with SA-520.
• Compile a list of points discussed with the Branch
Management before the closure of audit and finalization
of audit report.
• Obtain Letter of Representation from the Branch
Manager in terms of SA 580
Contd…
By CA P.Manohara Gupta
Page 13
Documentation • Checklist/guideline for the conduct of the audit.
• Takes care of the LFAR requirements also.
• Important checks suggested (analytical reviews): Comparison of each of the NPA account as at the end of
the previous year with the current year‟s NPA statement.
Comparison of the NPA‟s with the previous years MOC and the RBI inspection report u/s 35.
Major Advances to be noted - this takes care of the requirements for the LFAR.
LFAR Questionnaire check list.
Back up papers for each of the certificate issued.
By CA P.Manohara Gupta
Page 14
Management Representation
SA 580 • Major confirmations to be obtained in the letter:
Observations of all the audit reports rectified
Compliance with Accounting Policies of the Bank
Compliance with all RBI circulars issued
Impairment of assets
Confirmation as to provision against all known losses
Confirmations with respect to Frauds/misappropriations during the year.
All claims against the branch and other contingent liabilities are duly disclosed
Penalties paid during the year.
Page 15
VERIFICATION
of Returns & Certifications
Page 16
• Various Returns from branches are required to be
compiled for disclosures in the Balance Sheet.
• Returns for compiling the data to be furnished in the
Balance sheet in compliance with:
RBI Disclosure requirements
Accounting Standards
Returns & Certificates required by the Bank‟s
Management
Certificates required by the Bank for submitting to
Government Authorities.
Verification of other Returns
By CA P.Manohara Gupta
Page 17
Verification of Certificates
• Verify the records and data relating to various
certificates required to be given.
• Ensure to keep proper working document for each
certificate data verified.
• Ensure to issue ‘NIL’ certificates where there are no
such events/ transactions.
• Contd…..
By CA P.Manohara Gupta
Page 18
Verification of Certificates
• While verifying the Returns & Certificates SBA‟s
should ensure to comply with „GN on Reports and
Certificates for Special Purpose’ issued by ICAI.
• List of certificates required by the Bank would be
given in the Annual Closing Manual issued by the
Bank or in the appointment letters.
By CA P.Manohara Gupta
Page 19
Returns for disclosure in
compliance with AS
• Segment Reporting –Retail & Corporate banking
• Return on lease commitments
• Return relating to Related Party Transactions (RPT)
By CA P.Manohara Gupta
Page 20
Returns & Certificates as per RBI
disclosure requirements:
• ALM reporting
• Movement of NPAs
• Provision for Un-hedged foreign currency exposure
• Sector wise lending
• Certificate relating to credit/ deposit ratio.
• Statement of accounts Re-structured/ Re-scheduled/
Re-negotiated relating to stressed accounts.
• Projects under implementation.
Contd…. By CA P.Manohara Gupta
Page 21
Returns & Certificates as per RBI
disclosure requirements:
• Certificate on Unhedged Foreign Currency Exposure in case
of Borrowal having exposure of Rs.1 crore or more.
• Certificate on exposure to sensitive sectors .i.e. exposure to
Capital Market, Infrastructure & Real Estate Sector.
• Certificate on Capital Adequacy
• Reporting on compliance with SLR requirements (12 odd
dates)
• Report about serious irregularities requiring immediate
action
By CA P.Manohara Gupta
Page 22
Certificates for submitting to
Government Authorities • Certification of technology up gradation fund scheme (TUFS) – non SSI
textile centre.
• Certificate relating to recoveries in claim paid accounts under Small
Loans Guarantee Scheme 1971/Small Loans (SSI) Guarantee Scheme,
1981.
• Certificate Central sector interest subsidy scheme.
• Certificate for agricultural interest subvention claim @2% for residual
period of repayment of the loans disbursed during FY.
• Certificate for agricultural interest subvention claim @2% for
disbursements made during FY.
• Certificate for additional interest subvention (Incentive @3%) for prompt
repayment for short term production
By CA P.Manohara Gupta
Page 23
Returns & Certificates required
by Bank’s Management
• Certificate of cash and bank balances.
• Certificate relating to MOC entries of the previous years being
accounted for.
• Certification for advances to infrastructure project and income
generated thereon.
• Certificate of advances exceeding Rs.10 Crores.
• Certificate for Gold Stocks held for Sale of Gold/Metal Gold
Loans.
• Certificate for Gold Coins Held.
• Certificate for Gold Deposit Scheme.
By CA P.Manohara Gupta
Page 24
• Capital Adequacy is calculated based on:
1. Fund Based exposures
2. Non Fund Based Exposures &
3. Un-availed limits both under FB & NFB
• Classification of borrowers is vital aspect.
• Different Risk weights are assigned based on LTV
Ratio. Hence security value is important.
• Jotting Sheets generated by the system needs to be
reviewed by the Branch Auditors.
• Issue MOCs for any discrepancy noticed.
Verification of Basel III
By CA P.Manohara Gupta
Page 25
• Any items where accrual system of accounting not followed (AS-9)
• Prior period and extra-ordinary items (AS-4)
• Contingencies and events occurring after balance sheet date (AS-5)
• Provision for retirement benefits (AS-15)
• Segment-wise reporting(AS-17)
• Lease accounting(AS-19)
• Related party disclosure(AS-18)
• Impairment of Assets(AS-28)
ICAI Regulations-Adherence to
Accounting Standards
By CA P.Manohara Gupta
Page 26
REPORTING
(Incl. LFAR)
Page 27
Audit Report
• Audit Report Format (as prescribed under
the Banking Regulation Act, 1949).
• Generally, the specimen format of the
Audit Report provided by the Bank.
• All Standards on Auditing (SA) for the
conduct of the Audit and Issue of Audit
Report equally applicable to Bank Audit.
Page 28
Auditors Report • Reporting format pursuant to revised SA 700
• Discuss all audit findings with the Branch Manager
• Comply with SA - 260 wherever audit report is
qualified- Communications with those charged with
governance.
• To bring out clearly impact of qualifications on
revenue, assets and liabilities, item-wise and
cumulative impact
• Non-adherence to Accounting Standards
By CA P.Manohara Gupta
Page 29
Reporting & MOC
• Study and understand the MOC format designed by
the Bank
• List out number of MOCs and amount involved in the
Audit Report.
• Ensure that matters reported in LFAR having impact
on asset classification or on financial statements are
duly covered by MOCs
• Ensure to give proper explanatory note is given for
each entry appearing in MOC
By CA P.Manohara Gupta
Page 30
LFAR & MOC • Discuss all audit findings with the Branch Manager
• Ensure that matters reported in LFAR having impact
on asset classification or on financial statements are
duly covered by MOCs
• Some Banks have introduced a system of changing
asset classification in the Credit Information Reports
itself instead of issuing separate MOC.
By CA P.Manohara Gupta
Page 31
Objective of LFAR
• Important inputs about the health of the bank to the Regulator
• To ensure uniformity in audit of all banks.
• Structured approach with focus on all critical areas of banking operations
• Focus on systems, controls, practices, procedures, risk management practices in the banks.
• Highlights critical areas and issues:
To the Management; and
To the Regulators.
By CA P.Manohara Gupta
Page 32
Status of LFAR
• LFAR is an independent report to highlight any
weaknesses to the Management.
• It is neither an Annexure to the Audit Report nor it is a
substitute.
• Should not make any reference in the Audit Report to
the comments made in LFAR
• Any adverse comment made in LFAR need not
necessarily result in qualification in the Audit Report.
• Branch Auditor should use his professional expertise
and judgement in deciding the audit qualifications.
• It is preferable to draft both LFAR and Audit Report
simultaneously.
By CA P.Manohara Gupta
Page 33
Features of LFAR
• Different formats for Branch LFAR and Whole Bank
LFAR.
• Branch LFAR is in a Questionnaire form
• Branch LFAR is designed to cover entire branch
operations.
• SCA‟s would review branch LFAR‟s during
consolidation process and for drafting Whole Bank
LFAR.
By CA P.Manohara Gupta
Page 34
• Where any of the comments made by the auditors in
their LFAR is adverse, they should consider whether
a qualification in their main report is necessary.
• A comment in LFAR in lieu of issuing MOC should
be strictly avoided.
LFAR Points to be considered
By CA P.Manohara Gupta
Page 35
Cost of deposits and yield on advances needs to be
analysed while answering clauses in Part III of LFAR.
Inter Branch reconciliations
Any Frauds particulars discovered during the year
Any possible window dressing of borrower accounts
Adequacy of data security , storage , back up , disaster
recovery plans & other internal control measures
LFAR Check Points
By CA P.Manohara Gupta
Page 36
LFAR CHECK POINTS
CASH
• Whether Cash Balance is within the limits prescribed
by Controlling Authorities.
• Regular reporting of Excess Cash Balance
• Insurance for Cash-in-custody and Cash-in-Insurance cover available in respect of cash
• System for Disposal of Soiled Notes, Missing Tokens,
Stapling of Notes etc
• Verification of cash balance in ATMs & Extension
counters , if any
By CA P.Manohara Gupta
Page 37
Balances with RBI, SBI and
Other Banks:
• - Verify Balance Confirmation Certificates and
Reconciliation Statements, in case of difference.
• - Analyze Pending/ Outstanding entries in Reconciliation
and Explanation to be obtained from the Branch.
• - If there are any revenue entries pending in
reconciliation which require Write Off – the same should
be reported in LFAR.
• - If there are pending entries in Reconciliation Statement
outstanding for a period of more than 6 months, specific
details of such pending entries should be given in LFAR.
By CA P.Manohara Gupta
Page 38
INVESTMENTS
Physical verification of Investments ,if any held by
branches on behalf of Head Office
Note: Branches are not permitted to make any kind of
investments. All investment portfolio of the bank as a whole is
carried out by Treasury department at Central Office. Branches
may hold securities on behalf of Treasury Department. In such
case physical verification has to be carried out and certificate
should be sent to Central Office/ concerned Statutory Central
Auditor.
LFAR CHECK POINTS contd…
By CA P.Manohara Gupta
Page 39
LFAR CHECK POINTS
ADVANCES
Credit Appraisal
Sanctioning / Disbursement
Documentation
Review/Monitoring/Supervision
Guarantees & Letter of Credit
Restructuring & Rescheduling of borrowers A/c
By CA P.Manohara Gupta
Page 40
LFAR CHECK POINTS
OTHER ASSETS
Stationary & Stamps
Suspense Accounts / Sundry Assets
LIABILITES
Deposits
Other Liabilities like bills payable, sundry deposits
etc.,
Contingent Liabilities
By CA P.Manohara Gupta
Page 41
LFAR CHECK POINTS
PROFIT & LOSS ACCOUNT
Verification of Charges-ensure all outstanding
exp are duly provided for.
Income recognition norms prescribed by RBI
Depreciation
Any divergent trends in major areas of income &
expenditure (Variance Analysis)
By CA P.Manohara Gupta
Page 42
LFAR on Computerised environment
“ Detailed audit checklist/procedures for audit in a computerised bank branch are listed on folios 133 to 142 of the Comprehensive Guide on Information Systems Audit issued by the ICAI”
1. Whether hard copies of accounts are printed regularly?
2. Indicate the extent of computerisation and the areas of operations covered.
Contd…
By CA P.Manohara Gupta
Page 43
LFAR on Computerised environment
“Are the access and the data security measures and other internal controls adequate?” (Environmental ,Physical access and logical access controls)
• Major checks:
Transferred, retired or resigned users need to be deleted
Check that more than 3 unsuccessful attempts results in unauthorised access.
Time for password duration should be restricted to branch hours
Root passwords of the server need to be enclosed in a sealed envelope.
Contd… .
By CA P.Manohara Gupta
Page 44
LFAR on Computerised environment
Whether regular back-ups of accounts and off-site storage are maintained as per the guidelines of the controlling authorities of the bank?
Whether adequate contingency and disaster recovery plans are in place for loss/encryption of data?
• Major checks: Designated system administrator responsible for
daily backups.
Onsite and offsite backups.
Backups to be in a fireproof cabinet.
By CA P.Manohara Gupta
Page 45
Comments in LFAR
Following types of general comments in the LFAR
should be avoided:
• Loan against Bank deposit sanctioned beyond
discretionary power of The Manager (Banking
Operations)/Branch Manager.
• Installments are not recovered in 17 Housing loan
accounts for long time.
• Stock statements are not obtained in several cash credit
accounts through out the year.
• 24 limits have expired and not renewed.
By CA P.Manohara Gupta
Page 46
Case Study
Following comment is made in LFAR:
“X Ltd was sanctioned a CC limit of Rs 60 lakhs, which has
expired on 5.3.2018. But the outstanding in the account is
Rs.137.00 lacs as on 31.3.2018 on account of permitting
excess drawings by way of adhoc limits through out the year.
The limit has been increased to Rs.1.00 crore by the
Sanctioning authority on 19.3.2018. Documents for the revised
limits are not obtained as on 31.3.2018 till the date of audit.”
This is a clear case for issuing MOC instead of making a
comment in LFAR.
By CA P.Manohara Gupta
Page 47
OTHER MATTERS…
Page 48
Additional areas applicable to
specialised Branches
• Branches dealing with Foreign Exchange transactions
• Branches dealing with large advances. Total advances
exceeding Rs 100 Crores
• Branches dealing in NPAs ie., Asset Recovery
Management Branches.
• Service branches- dealing in clearing house
operations
By CA P.Manohara Gupta
Page 49
Annexure for Large Branches
• Branch Auditor needs to attach data in structured
format relating to advances of Rs 2 Crores and above
• This data should be prepared by the Branch Manager
• Branch Auditor is not required to sign these data
formats but is expected to review to ensure that the
information furnished is proper and does not
contradict with his findings
By CA P.Manohara Gupta
Page 50
Compliance of Ghosh & Jilani
Committee recommendations
• Ghosh Committee has made recommendations with
regard to action taken by the branch to prevent frauds
and malpractices.
• Jilani committee has made recommendations with
regard to action taken by the branch on internal
control issues, inspections and audit compliances.
• Implementation status of above recommendations
needs to be verified by the branch auditor and report.
By CA P.Manohara Gupta
Page 51
Mitra Committee recommendations
• Statutory, Internal and Concurrent Auditors of the banks are now required to:
“to specifically report, simultaneously , to the Chief
Executive of the bank and Central Office of the Department of Banking Supervision, RBI, Mumbai, any matter susceptible to be fraud or fraudulent activity or any foul play in any transactions.
Any deliberate failure on the part of the auditor should render himself liable for action.”
By CA P.Manohara Gupta
Page 52
Expectations
• Comments in LFAR having bearing on asset
classification should be covered in MOC.
• Explanatory note to entries in MOC with reasons
would help the Bank and Central Auditors.
• LFAR observations and MOC entries should be
discussed with the Branch Manager.
• Ensure that all Returns/ certificates prescribed are
prepared including NIL Returns and signed.
By CA P.Manohara Gupta
Page 53
Risk Relationship between Risk and Awareness: Taking risk is not in itself a problem but the ignorance of the potential consequences is an entirely different matter.
By CA P.Manohara Gupta
Page 54
Risk mitigation:
Risk due to accident mitigated by wearing a head gear (helmet)
Risk due to accident was not mitigated by wearing a head gear (helmet) – lead to fatal injury
By CA P.Manohara Gupta
How do we deal with Risk? • By Risk Mitigation
Page 55
Future challenges
• Broad based Quality Review Board and /or NFRA
would monitor audit profession.
• CAs would be under deep scanner
• Branch Audit System may go away unless we give
value addition to the Management
• We should raise to the occasion and meet the
challenges, if you have strength! or Magic Stick
By CA P.Manohara Gupta
Page 56
Parting thought
“To err is human but when the eraser
wears out before the pencil you are
overdoing it”
By CA P.Manohara Gupta
Page 57
THANK YOU
By CA P.Manohara Gupta