RISK BASED INTERNAL AUDIT ( RBIA ) – A STEP BY STEP APPROACH

Welcome to the tenth edition of this series and after a short break. The ides and prosperity of March and the Branch audit are back albeit with the bang missing. The last nine editions had one digression on VAT audits and this article is topical as well and throws some light on managing Audit and Professional risks associated with Bank Audits and the need for an Integrated Work Paper approach to documenting the work we do. I have for a different forum attempted to create an integrated document for Bank Audits and have shared the context and content with you briefly here. The editor has agreed to mail the soft copies of the work paper template as well

Risks in Bank Branch Audit

There are two overall risks in Branch audits namely the Audit Risk that the True and Fair opinion could be vitiated and material misstatements can go undetected and two, a Professional Risk that could emerge on account of non-maintenance of proper working papers to demonstrate the adequacy, timing and extent of audit procedures performed by us as well as Audit reporting on Control related issues. The broad objectives in a bank Branch Audit are as under:

• Financial statements are true and fair and free from material misrepresentations • Compliance with RBI norms including master and other circulars • Compliance with relevant Accounting Standards as relevant to Bank Branches • Compliance with Audit, Review and Other Standards of the ICAI as relevant

What is an Integrated Document Approach

This approach means that the entire sequence and actions in a Bank Audit comprising the following key processes are structured in a single flowing document with relevant attachments. An ideal work paper should include the following segments

Segment Heading Contents

GENERIC DOCUMENTS

A Objective and Scope The Terms of reference, Broad objectives, Audit Staff, Time lines, Auditee personnel to be indicated here. This is a foreword for the entire work paper document

B Scope Limitations Non availability of documents, records, information, explanations and inability to perform audit procedures such as borrowers inspections should be covered here

C Key Deliverables All reports, returns and certificates to be attested by us are to be indexed and an original set of the same to be filed in this section

D Auditing Standards The Auditing and Review standards as applicable and relevant to be indicated for compliance with the same. This is only an index to confirm compliance

Segment Heading Contents

E Accounting Standards

The Accounting as applicable and relevant to be indicated for compliance with the same. This is only an index to confirm compliance

F Engagement related formalities

The Audit acceptance letter, Engagement letter issued by the auditor, communication with the previous auditor and the Management Representation Letter are kept here along with the index of the same

G Branch Over view The key details about the Branch to be audited are kept here. These include Frauds reported, total value and volume throughput of Asset and Liability products, profiling and stratification of advances including restructured advances, Top 10 categories, Top advances, Top Borrowers , Targets vs actual , branch rating etc

H Other Audit report Reviews

This includes a Rapid review document of other audit reports such as Concurrent Audit reports, Inspection, Risk based Internal Audit reports

I Audit Strategy This is the Auditors note on a proposed strategy to perform the audit within the allotted time without compromise on the adequacy and commensuration of audit procedures, extent and basis of sampling etc. This document guides on the What , How, When, Why , Who of the Audit

J Standard Schedules These are the key schedules for an audit. The term schedule is used in an academic sense here and includes the following documents

• Top Notes for attention of Manager / Partner • Items Adjusted –Memorandum of Changes • Items ignored and not adjusted in the Financial Statements • Minutes of discussions with Branch Manager including NPA

review

K References Key references are indexed here with hard soft / copies as relevant

attached

• Branch Audit guidance document as received from the HO / CO • Bank Authority levels for sanction limits for loans and advances • IRAC norms relevant for this audit • RBI master circular – July 2, 2013 • Other RBI Circulars relevant for the purpose of this audit • Guidance Note on Bank Branch audit as issued by the ICAI • Others

COMPONENT WISE WORKING PAPERS

L Advances category wise

The work papers to be kept here should include • General Audit plan • Category wise sample and issues arising therefrom • Special actions on restructured advances • Interest / Charges accuracy workings

Segment Heading Contents

M NPA Review

The various system reports – NPA , Irregular advances and Specially marked Account files should be documented here along with the review discussions with the Branch Manager

• List of MoC along with rationale therefor • Summary of unadjusted items

N Deposits This should contain :

• General Audit plan • Category wise sample and issues arising therefrom • Interest / Charges accuracy workings

O Other Assets and Liabilities

This should contain :

• General Audit plan • Category wise review and issues arising therefrom

P LFAR checklist A checklist of key aspects in LFAR excluding aspects on advances and

deposits to be filled up and kept here R Profit and Loss

Account Analytical review of income and expenses with reference to the logical base of the same

S All Certificates Working papers in relation to the following to be kept here

• Asset Liability Management • Jilani committee and Ghosh committee • Capital adequacy ratio • PMRY / SEEUY • SLR / CRR – 12 odd dates • Compliance with RBI Norms on IRAC • DICGC / ECGC • Interest subvention schemes • TUF schemes • Certification of Provision for Restructured Accounts • Certificate of Sensitive Sector and CRE

T Tax Audit Tax audit report, working papers to be kept here

U Other papers A miscellaneous segment of extra work performed to be indexed for all matters worked on and reported or otherwise

Bank Branch Audits – the unique context and risk mitigants

Now that we know what to maintain, we need to understand why doing this would be beneficial Branch audits are unique because of the following reasons which cause risks to stand enhanced. These risks can be reduced if not be completely eliminated by a robust work paper document which seeks to ensure a top down approach to Bank Branch Audits

Unique Context Integrated Document approach

No Cumulative Audit Knowledge as each audit is a new experience and any professional scepticism will only seem judgemental

A top down approach commencing from Branch Overview, Other audit reports review will help to enhance ability to apply professional scepticism

The audit and matters arising in one area may impact – Branch Auditors report, MoC, LFAR and some certificates and they may be required to be reported depending on Financial and Control impact in different places

Adopting a Standard Schedule of Matters for the attention of the Partner will ensure that all audit staff bring up all issues in the area for appropriate inclusion

The audit duration is short and the need to deploy larger team sizes which needs to be planned

An integrated document approach enables each member of the team to take up an area, complete and report back on the same and the audit time can be maximised on sampling and verification

Need to ensure compliance and report back on : Branch Sanction Limits Bank CO / HO instructions RBI master circular Other RBI circulars Auditing Standards Accounting Standards

As the reference data is vast, it would help to understand and document the key aspects to be checked in all such reference points

Peer Review Enables easy recollection of events, presentation of back ground information, samples at the time of peer review in addition to ensuring SA 230 compliance on Audit Documentation

The author is a member of the ICAI and can be contacted at Sripriya@spka.in