risk based internal audit ( rbia ) – a step by step ...thesmartca.com/t20/feb06.pdf · • irac...
TRANSCRIPT
RISK BASED INTERNAL AUDIT ( RBIA ) – A STEP BY STEP APPROACH
Welcome to the tenth edition of this series and after a short break. The ides and prosperity of March and the Branch audit are back albeit with the bang missing. The last nine editions had one digression on VAT audits and this article is topical as well and throws some light on managing Audit and Professional risks associated with Bank Audits and the need for an Integrated Work Paper approach to documenting the work we do. I have for a different forum attempted to create an integrated document for Bank Audits and have shared the context and content with you briefly here. The editor has agreed to mail the soft copies of the work paper template as well
Risks in Bank Branch Audit
There are two overall risks in Branch audits namely the Audit Risk that the True and Fair opinion could be vitiated and material misstatements can go undetected and two, a Professional Risk that could emerge on account of non-maintenance of proper working papers to demonstrate the adequacy, timing and extent of audit procedures performed by us as well as Audit reporting on Control related issues. The broad objectives in a bank Branch Audit are as under:
• Financial statements are true and fair and free from material misrepresentations • Compliance with RBI norms including master and other circulars • Compliance with relevant Accounting Standards as relevant to Bank Branches • Compliance with Audit, Review and Other Standards of the ICAI as relevant
What is an Integrated Document Approach
This approach means that the entire sequence and actions in a Bank Audit comprising the following key processes are structured in a single flowing document with relevant attachments. An ideal work paper should include the following segments
Segment Heading Contents
GENERIC DOCUMENTS
A Objective and Scope The Terms of reference, Broad objectives, Audit Staff, Time lines, Auditee personnel to be indicated here. This is a foreword for the entire work paper document
B Scope Limitations Non availability of documents, records, information, explanations and inability to perform audit procedures such as borrowers inspections should be covered here
C Key Deliverables All reports, returns and certificates to be attested by us are to be indexed and an original set of the same to be filed in this section
D Auditing Standards The Auditing and Review standards as applicable and relevant to be indicated for compliance with the same. This is only an index to confirm compliance
Segment Heading Contents
E Accounting Standards
The Accounting as applicable and relevant to be indicated for compliance with the same. This is only an index to confirm compliance
F Engagement related formalities
The Audit acceptance letter, Engagement letter issued by the auditor, communication with the previous auditor and the Management Representation Letter are kept here along with the index of the same
G Branch Over view The key details about the Branch to be audited are kept here. These include Frauds reported, total value and volume throughput of Asset and Liability products, profiling and stratification of advances including restructured advances, Top 10 categories, Top advances, Top Borrowers , Targets vs actual , branch rating etc
H Other Audit report Reviews
This includes a Rapid review document of other audit reports such as Concurrent Audit reports, Inspection, Risk based Internal Audit reports
I Audit Strategy This is the Auditors note on a proposed strategy to perform the audit within the allotted time without compromise on the adequacy and commensuration of audit procedures, extent and basis of sampling etc. This document guides on the What , How, When, Why , Who of the Audit
J Standard Schedules These are the key schedules for an audit. The term schedule is used in an academic sense here and includes the following documents
• Top Notes for attention of Manager / Partner • Items Adjusted –Memorandum of Changes • Items ignored and not adjusted in the Financial Statements • Minutes of discussions with Branch Manager including NPA
review
K References Key references are indexed here with hard soft / copies as relevant
attached
• Branch Audit guidance document as received from the HO / CO • Bank Authority levels for sanction limits for loans and advances • IRAC norms relevant for this audit • RBI master circular – July 2, 2013 • Other RBI Circulars relevant for the purpose of this audit • Guidance Note on Bank Branch audit as issued by the ICAI • Others
COMPONENT WISE WORKING PAPERS
L Advances category wise
The work papers to be kept here should include • General Audit plan • Category wise sample and issues arising therefrom • Special actions on restructured advances • Interest / Charges accuracy workings
Segment Heading Contents
M NPA Review
The various system reports – NPA , Irregular advances and Specially marked Account files should be documented here along with the review discussions with the Branch Manager
• List of MoC along with rationale therefor • Summary of unadjusted items
N Deposits This should contain :
• General Audit plan • Category wise sample and issues arising therefrom • Interest / Charges accuracy workings
O Other Assets and Liabilities
This should contain :
• General Audit plan • Category wise review and issues arising therefrom
P LFAR checklist A checklist of key aspects in LFAR excluding aspects on advances and
deposits to be filled up and kept here R Profit and Loss
Account Analytical review of income and expenses with reference to the logical base of the same
S All Certificates Working papers in relation to the following to be kept here
• Asset Liability Management • Jilani committee and Ghosh committee • Capital adequacy ratio • PMRY / SEEUY • SLR / CRR – 12 odd dates • Compliance with RBI Norms on IRAC • DICGC / ECGC • Interest subvention schemes • TUF schemes • Certification of Provision for Restructured Accounts • Certificate of Sensitive Sector and CRE
T Tax Audit Tax audit report, working papers to be kept here
U Other papers A miscellaneous segment of extra work performed to be indexed for all matters worked on and reported or otherwise
Bank Branch Audits – the unique context and risk mitigants
Now that we know what to maintain, we need to understand why doing this would be beneficial Branch audits are unique because of the following reasons which cause risks to stand enhanced. These risks can be reduced if not be completely eliminated by a robust work paper document which seeks to ensure a top down approach to Bank Branch Audits
Unique Context Integrated Document approach
No Cumulative Audit Knowledge as each audit is a new experience and any professional scepticism will only seem judgemental
A top down approach commencing from Branch Overview, Other audit reports review will help to enhance ability to apply professional scepticism
The audit and matters arising in one area may impact – Branch Auditors report, MoC, LFAR and some certificates and they may be required to be reported depending on Financial and Control impact in different places
Adopting a Standard Schedule of Matters for the attention of the Partner will ensure that all audit staff bring up all issues in the area for appropriate inclusion
The audit duration is short and the need to deploy larger team sizes which needs to be planned
An integrated document approach enables each member of the team to take up an area, complete and report back on the same and the audit time can be maximised on sampling and verification
Need to ensure compliance and report back on : Branch Sanction Limits Bank CO / HO instructions RBI master circular Other RBI circulars Auditing Standards Accounting Standards
As the reference data is vast, it would help to understand and document the key aspects to be checked in all such reference points
Peer Review Enables easy recollection of events, presentation of back ground information, samples at the time of peer review in addition to ensuring SA 230 compliance on Audit Documentation
The author is a member of the ICAI and can be contacted at [email protected]