Escolar Documentos
Profissional Documentos
Cultura Documentos
Bank Management ensure that all transactions and events, relating to the accounting
period,areduly and faithfully recorded accurately and are complete; and further, that the year-
end account balances truly represent assets and rights(in existence and with beneficial
ownership), liabilities and obligations of the bank. Such financial statements include
assertions(implicit and explicit)related to the recognition, measurement, presentation, and
disclosure of the financial information contained therein in accordance with the applicable
statutory, regulatory(directives and guidelines)and the related Accounting Standards / Indian
Accounting Standards(translated into significant accounting policies), as also the compliance
of other applicable laws having effect on the financials. To ensure uniformity in approach in
the preparation of the financial statements, the bank managements encourage the issue of
periodic, and period end, internal instructions pursuantto the above, which instructions are
expected to be followed by all offices, branches, sections and department of the bank to enable
offices/branches to prepare their financial statements accordingly. With extensive use of
technology and its continuous evolution in a dynamic and changing environment, customers of
the Bank have the advantage of expeditious and convenient anytime-anywhere-banking, based
on their access on real time basis, to their information/data, stored in a safe and secure
environment on the bank’s servers. With the ever increasing number of customers having
access to Internet and mobile connectivity, monetary transactions from inception to finish have
become expeditious through banking; and, due to Core banking technology and extensive
advancements there in banks have achieved phenomenal and accelerated growth, and are able
to venture into, and continuously offer, a wide range of innovative products and services to
their customers. Transactions in banks are not only voluminous, but originate also from outside
the branches. Though the RBI has desired that banks ensure that all information relating to
transactions of the branches be captured and built into the centralized system, in reality it may
not be practically possible; and necessarily, there are areas of manual intervention, particularly
where discretionary charges at the Branch are liveable e.g. go down and other inspection
charges, penal interest chargeable due to non compliance of bank’s requirements, stock audit
fees, insurance charges, locker rentals, loan processing fee, bank guarantee renewals etc. It is
imperative that the auditor enquires into areas where the Branch needs to originate entries
which are not covered by, or to supplement, the centralized system. The system of capturing
the economic event/ information/ data, and integrity thereof needs to be optimally maintained
at all stages from origin, recording, transmission and storage; and the control systems that
ensure that the same is free of risks of errors, omissions, irregularities and frauds. Considering
the challenges of technology, bank managements continuously endeavour to focus on the
internal control systems to ensure that they are robust, safe and secure and risks are minimized.
An audit involves an objective independent examination of the financial statements of the
banks that enhances their value and credibility based on whether management’s assertions as
to recognition, measurement, presentation, and disclosure of the financial information contain
there in can be supported by facts and evidence. The purpose of such audits to express an
opinion, and provide a reasonable assurance as to whether or not the financial statements are
presented fairly, in all material respects, that there are no material errors or misstatements and,
besides complying with the statutory and regulatory impositions, give true and Fairview in
accordance with the financial reporting framework. Given the severe time constraints for the
auditor to complete the bank branch audit exercise and furnish his report as per the applicable
auditing and assurance standards, it is imperative that he is equipped with thorough knowledge
of the relevant statutory and regulatory impositions for the time being in force, the applicable
Accounting Standards/ Indian Accounting Standards, and has there quasit expertise and skills
to ensure timely execution of the audit assignment as per systematic plan. The work performed
needs to be well documented to enable him to support his audit opinion within his reporting
responsibilities. Banking operations are conducted only at the branches, while other offices
act as controlling authorities or administrative offices that lay down policies, systems
and internal control procedures for conduct of business. The auditor needs to understand
the scope of the assignment and the terms of engagement to enable him to plan and
perform so that all requisite reports/attestations are furnished within the severe time
constraints without, however, sacrificing quality Beyond the scope of the statutory audit
. and furnishing a report pursuant thereto, RBI requires the banks to obtain, in response
to a questionnaire in a structured format, a Long Form Audit Report (LFAR); and the
banks also appoint the auditors to conduct an audit under Section 44AB of the Income
tax Act 1961 and issue a Tax Audit Report as also issue certain validations /certificates
the requisite The execution of the assignment as per the audit plan would involve
obtaining, and consideration, of internal and external evidence as necessary, seeking
sufficient appropriate information/ explanations/ evidence, documenting queries/audit
observations and notes on exceptions and other related issues by representations , having
nature and quantum, seeking and testing management relevance to, and for the purpose
of, reporting in the manner required. It is relevant to state that the centralized system
in Banks is expected to incorporate all the required statutory, regulatory and accounting
norms and the same reviewed / updated so that the statements generated , being constantly
based thereon show a ‘true and fair view’. The system generates on a daily basis, a
‘Daily Exceptional Report’ that needs Branch Manager’s consideration and compliance.
This is pertinent information in audit verification procedures and must not be ignored.
The objective of the background/reference material is to enable branch statutory auditors
to be equipped with the basic knowledge and skills to ensure that the audit assignment
is undertaken and completed expeditiously and in the manner expected. It is relevant to
state that the auditors are expected to follow the Standards on Quality Control (SQCs)
and maintain their working papers (documentation) in evidence of the performance of
thei r audit procedures (reference may be made to the Audit Review and Other Standards
referred to hereinafter).
OBJECTIVE
To learn bank auditing
To understand importance of bank audit
To learn process of bank audit
To learn period of bank audit
To understand role of manager in bank audit
To understand why bank auditing is necessery
Cost Factor
A very thorough and detailed audit would be a costly affair. It is not cost effective. So the
auditor has to limit the scope of his audit and use techniques like sampling and test checking.
2] Time Factor
Auditors generally work on a very specific timeline. Sometimes this is due to statutory
requirements. This means he has to audit a whole year’s accounts in a few weeks. Hence
insufficient time is one of the main limitations of auditing.
3] Inconclusive Evidence
Generally, the audit evidence the auditor collects is persuasive in nature, not conclusive in
nature. So there is never cent percent conclusive evidence in most cases while auditing.
This is one of the major limitations of auditing. There also a lot of use of estimates in
accounting. The auditor cannot measure or comment on the exact accuracy of these estimates.
He has to rely on his knowledge.
All transactions cannot be checked
It is not possible for an auditor to check each and every transaction; he has to check them on
sample basis
Rely on experts
The auditor has to rely on experts like lawyers, engineers, valuers etc. for estimation of
contingent liability and valuation of fixed assets.
Indian banking sector is witnessing major changes in recent years, as a result of which new
regulations are being brought into practice. With the implementation of Basel III requirements,
more importance is given to risk-based bank audits. With more guidance and circulars from
RBI for regulating the banking business in the country, bank’s management is focused to bring
about a robust framework which will identify, assess and manage the financial risks. In order
to achieve this target, the internal audit of banks is necessary. A periodic Internal audit is
required to monitor the bank’s system of internal control and procedures. Good internal audit
process helps the management in the effective discharge of its responsibilities. It gives them
the assurance of the risk and operational performance of the bank. Based on the volume and
value of its transactions, every bank should conduct an internal audit to fulfil its responsibilities
and to achieve its objectives.
Generally, the scope of any bank’s internal audit revolves around the following:
Evaluating the effectiveness of the internal control systems and monitor its application
Review the adequacy of the risk management procedures and methodologies
Checking the efficiency of routine operations of the bank
Evaluate the reliability and accuracy of the financial records and reports
Review the management information system and the efficiency of the electronic banking
services
Implementation of policies and procedures and ensure its effectiveness
Ensure that the procedures comply with the legal and regulatory requirements
The undertaking of fraud investigations, if required
Ensuring the adequacy of procedures to safeguard the bank’s assets
Monitoring the bank’s Non-Performing Assets (NPA) and alarming the management when
required
Technology has become a part of all walks of life and across all business sectors, and even
more so in banking. There has been massive use of technology across many areas of banking
business in India, both from the asset and the liability side of a bank’s balance sheet. Delivery
channels have immensely increased the choices offered to the customer to conduct transactions
with ease and convenience. Various wholesale and retail payment and settlement systems
have enabled faster means of moving the money to settle funds among banks and customers,
facilitating improved turnover of commercial and financial transactions. Banks have been
taking up new projects like data warehousing, customer relationship management and financial
inclusion initiatives to further innovate and strategise for the future and to widen the reach of
banking. The dependence on technology is such that the banking business cannot be thought
of in isolation without technology, such has been the spread of technology footprints across
the Indian commercial banking landscape. Developments in IT have also brought along a
whole set of challenges to deal with. The dependence on technology has led to various
challenges and issues like frequent changes or obsolescence, multiplicity and complexity of
systems, different types of controls for different types of technologies/systems, proper
alignment with business objectives and legal/regulatory requirements, dependence on vendors
due to outsourcing of IT services, vendor related concentration risk, segregation of duties,
external threats leading to cyber frauds/crime, higher impact due to intentional or unintentional
acts of internal employees, new social engineering techniques employed to acquire
confidential credentials, need for governance processes to adequately manage technology and
information security, need for appreciation of cyber laws and their impact and to ensure
continuity of business processes in the event of major exigencies. Technology risks not only
have a direct impact on a bank as operational risks but can also exacerbate other risks like
credit risks and market risks. Given the increasing reliance of customers on electronic delivery
channels to conduct transactions, any security related issues have the potential to undermine
public confidence in the use of e-banking channels and lead to reputation risks to the banks.
Inadequate technology implementation can also induce strategic risk in terms of strategic
decision making based on inaccurate data/information. Compliance risk is also an outcome in
the event of non-adherence to any regulatory or legal requirements arising out of the use of IT.
These issues ultimately have theKeeping in view the changing threat milieu and the latest
international standards, it was felt that there was a need to enhance RBI guidelines relating
to the governance of IT, information security measures to tackle cyber fraud apart from
enhancing independent assurance about the effectiveness of IT controls. To consider these and
related issues, RBI announced the creation of a Working Group on Information Security,
Electronic Banking, Technology Risk Management and Tackling Cyber Fraud in April, 2010.
The Group was set up under the Chairmanship of the Executive Director Shri.G.Gopalakrishna.
The Group delved into various issues arising out of the use of Information Technology in banks
and made its recommendations in nine broad areas. These areas are IT Governance,
Information Security, IS Audit, IT Operations, IT Services Outsourcing, Cyber Fraud,
Business Continuity Planning, Customer Awareness programmes and Legal issues. Major
Recommendations of the Working Group The Group felt that the recommendations are not
“one-size-fits-all” and the implementation of these recommendations need to be based on the
nature and scope of activities engaged by banks and the technology environment prevalent in
the bank and the support rendered by technology to the business processes. On IT Governance: