Statutory Audit of Bank Branches – under Core Banking System

Friday, 18 th March 2011. Statutory Audit of Bank Branches – under Core Banking System. A presentation by CA. GOPAL KRISHNA RAJU, Assurance & Tax Partner, M/s. K. GOPAL RAO & Company , Chartered Accountants, Chennai for Calicut Branch of SIRC of ICAI. Disclaimer.

Share Presentation
Embed Code
Link
Download Presentation

sheena

sheena + Follow

Download Presentation

Statutory Audit of Bank Branches – under Core Banking System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

Presentation Transcript

  1. Friday, 18th March 2011 Statutory Audit of Bank Branches – under Core Banking System A presentation by CA. GOPAL KRISHNA RAJU, Assurance & Tax Partner, M/s. K. GOPAL RAO & Company, Chartered Accountants, Chennai for Calicut Branch of SIRC of ICAI
  2. Disclaimer • These are my personal views and cannot be construed to be the views of the SIRC or its branches or K. GOPAL RAO & Co., Chartered Accountants • No representation or warranties are made by the SIRC with regard to this presentation • These views do not and shall not be considered as professional advice • This presentation should not be reproduced in part or in whole, in any manner or form, without my or SIRC’s written permission
  3. Need for Branch Audit • The strength of Indian Banking system is the audit and reporting system of Chartered Accountants. • Robots are not working in branches, its Humans there. To err is Human, to forgive CBS…. • Until Human Beings are operating branches Branch Audit will exist • Together let’s bring quality in our reports. Let’s not give a fell that Branch Audit is a custom but a necessity and need based.
  4. Need for Branch Audit… • Even ICICI Bank prefers now to go back to conventional Branch Audit for many expediency reasons they had earlier. The management believes that the main reason for its fall/failure is withdrawal of Branch Audit System. • Until the leadership of ICAI is daring, dynamic, effective in putting forth before the Ministry/RBI the necessity of Branch Audit, it will never see sunset.
  5. Need for Branch Audit… • All the parameter settings are made at Branch. Documentation is done at Branch. Documents are maintained at Branch. Branch Audit should focus more on facts with figures & Documents with deeds. • Branch Audit should focus more on facts, figures and documents…
  6. Coverage
  7. Public Sector Bank Audits – Scenario at present Appointments of Statutory Central Auditors (done 4 months ahead) Appointments of Statutory Branch Auditors (done 4 weeks ahead) Closing instructions of the Bank (booklet, annual audit manual) Timelines given (April 15th perhaps!) Meeting with SCA’s, if organized by Bank (let us network) Conduct of audit within given timelines (of course with necessary resources ) Submission of Reports (ASAP)
  8. Normal Audit Process Popularly known as Balance Sheet Audit Why? Even if an Auditor wants to conduct detailed audit, he is precluded from doing so, due to Delayed appointments Early Finalization deadlines Race of management to publish Balance Sheet (congrats to CAs..some banks publish before 30th April)
  9. Audit is hence, limited to Review of Balance Sheet & Profit & Loss Account Arithmetical accuracy of annual financial statements (Thing of Past) Review of Fresh Advances (Take help of Concurrent Audit Report) Review of application of Income Recognition Norms Review of application of Provisioning Norms Review of Expenditure
  10. Audit is hence, limited to… Verification of information filled in the various formats prescribed by Bank’s H.O. Noting & confirming certain areas that are under direct control of and monitored by H.O. e.g. Purchase & record of fixed assets, depreciation, information for tax provision etc. Certification as required by regulatory authorities
  11. First and Last Anxiety is because facts & figures is not in our control Understanding of facts & figures is first Application of law is last
  12. CBS plus points Getting reports for clarity on operation & for sample selection Parameter settings – Adequate controls over parameter settings, authorization, modification is to be exercised at branch level. Most of the parameters are set-based or paper based authorization.
  13. CBS myths Requires system literacy for audit No data can be made available in the branch except what is given by the branch suo-moto.
  14. What do banks inform us We have a core banking solution All transactions are captured and processed seamlessly All calculations are automated Statements are generated from the CBS Absolutely no issues in completing audit within the given timeline
  15. Can we rely on this information? Yes, provided we are satisfied of the adequacy of the C I A Principle within this computerized system and environment aware of the control mechanisms of computer systems and environment in the branch
  16. CIA Principle Confidentiality Assurance that information / data is shared only amongst authorized persons or organizations Integrity Assurance that the information is authentic and complete. Ensuring that information can be relied upon to be sufficiently accurate for its purpose Availability Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them
  17. Satisfaction about CIA Principle Existence of controls in the computer systems Review of their implementation in the branch processes Auditor has to remove the myth of not being “IT Smart”
  18. Coverage
  19. Audit steps in CBS environment Firstly, have a chat with the Systems in Charge at the Branch & Branch Manager Then execute key audit processes Next discuss findings Lastly, form audit opinion
  20. CBS environment - Infrastructure Core [Centre, Central Part, Hub, Nucleus, Middle, Interior, Mainstay, Heart] May or May not have Branch Server depending on CBS Software FINACLE – No Branch Server Flexcube, Bancs24 – Need Branch Server Network Connectivity Primary Links & Secondary Links (alternate routes) – Connectivity Topology Power Supply UPS and / or Generator
  21. Interact with System Executive Obtain an overview of the systems Software Core application as well as all other applications Hardware Server as well as other machines Network configurations Ask about his / her perception of CIA principle implementation in branch
  22. Issue 1: Audit Manual – Not available/ given Audit Manual / System Manual copy for your reference – Not Available should be brought as a note in LFAR. Check Point: Verify BCP document Familiarity with procedure Availability of Emergency Reports Incident Handling/Management System - Instances of Resorting to BCP available on record
  23. Issue 2: Management Representation Letter Standards on Auditing (SA) 580 – “Representations my Management” requires that in case management does not provide management representation letter, the auditor should himself prepare a letter in writing and sent it to the management with a request to acknowledge and confirm that his understanding of the representations are correct. If the management refuses to acknowledge or confirm the letter sent by the auditor, this will constitute a limitation on the scope of his examination.
  24. Questions about CBS & Branch How is the SOD activity handled? Whether officials other than those of the branch have authority to record transactions in branch books? If so, when does the branch becomes aware of it? Immediately / At pre-defined intervals / EOD / SOD If so, what is the branch manager’s authority
  25. Questions about CBS & Branch… Communication systems downtime What happens when communication lines are down? Are there offline periods? How are transactions in these offline periods recorded? Who is responsible for Downloading pre-defined reports at SOD? Distributing the reports within the branch as per the distribution schedule How is the EOD activity handled? Are there frequent delays in EOD procedures?
  26. Questions about CBS & Branch… Whether CBS is designed to apply IRAC norms ? Whether the card rates of interest and other charges are correctly parameterized? Inquire about Access control norms and adherence thereto Modality of year-end process Whether branch was subject to a system audit? Inquire of management action on audit findings
  27. Questions about CBS & Branch… What are SE’s views on LFAR questions? Take written / oral assurances that System is implemented as designed No modifications are made to the system All problems faced during implementation & thereafter are resolved Problems faced have not affected the confidentiality, integrity & availability of data
  28. Interaction with Branch Manager Obtain his confirmation / view on the information obtained from the SE Discuss BM’s methodology in EOD / SOD processes Report sign-offs Fulfilling additional responsibilities as a result of CBS and its effect on branch business Discuss your reservations / opinion of the CBS environment
  29. Coverage
  30. Access Controls Peruse Access Control Matrix Match the matrix with the users in the branch Inquire whether logs of unauthorized access are available at branch / data center Review management action on the same
  31. Migration Controls If migration process has been undertaken in the supervision of controlling office team, to check & comment whether Certificate of Verification of Integrity and Consistency of data migrated has been preserved on branch records. If branch has undergone an independent Migration Audit, to check whether all irregularities and recommendations have been duly attended / followed.
  32. Migration Controls To check from print copies of reports held on branch records whether migrated data has been verified by the branch for integrity and consistency and the procedures undertaken by the branch have been supervised and documented adequately. In case of inadequacy / ineffectiveness of procedures carried out, an independent Migration Audit may be recommended.
  33. Day-End Controls Various control reports are generated to ensure integrity of the transactions and also to ensure whether transactions are in conformity with the Bank’s guidelines/system of authorizations (maker-checker). These reports reveal the exceptions and anomalies encountered during the day. Vital amongst these reports are:
  34. EOD reports Exceptional report (parking/ proxy/ unprocessed/ to-do/ error/ withhold) List of users (to be matched with attendance registers) Access Log Rejected/Cancelled entries Over-limits/TOD Report GL affected Balances Report Report on large cash transactions / KYC Anti Money Laundering etc.
  35. Report as per MITRA Committee Recommendations To be reported by a CA if we have come across any matter / transaction that is Susceptible to be a fraud (How do we know as Auditors!) Susceptible to be a fraudulent activity (Quite a broad spectrum of responsibilities tagged here!) Foul Play (unclean / stinking / polluted / tainted / soiled / fetid)
  36. Report as per MITRA Committee Recommendations
  37. Day-End Controls – Suggested Audit Check-point To obtain list of such reports generated by the system. To check whether all the mandatory reports are taken daily including on Sundays and holidays, as ATM transactions are carried out on these days also, and are scrutinized adequately and to comment whether exceptions / anomalies, if encountered during the day, have been duly noted and disposed of.
  38. Control over Proxy/Parking Transactions– Suggested Audit Check-point In normal course of business, some transactions might not be verified and may remain in entered (un-posted) status. But, since day end process could not be suspended for next day, hence, these transactions are posted in a pre-designated account called Proxy/Parking Account. These transactions, generally, are of two types:
  39. Control over Proxy/Parking Transactions– Suggested Audit Check-point System Generated: Transactions which take place during various system runs. For instance: Execution of SI (Standing Instruction) by the Data Centre on last day of the month and SOL being closed on that day. This entry may not be posted and will remain in entered status and will be posted in Proxy Account. User-Generated: Transactions which are initiated by the user, but owing to certain reasons may not be posted/authorised and kept in proxy/parking transactions account. For instance: Depositing RD installment in excess of the cumulative installments. This entry may not be posted in RD Account and posted in Proxy/parking transactions account and reversed subsequently.
  40. Control over Proxy/Parking Transactions– Suggested Audit Check-point To check whether report on such transactions is taken as a part of EOD process and scrutinised for prompt reversal. To check and comment specifically on old outstanding entries and reasons for non-reversal of the same.
  41. Read Alone Access Ask for a read-alone access to view the branch data If access cannot be given, decide whether it needs to be reported in Audit Report / LFAR Use assistance of SE to run queries If SE is not able to help then decide whether it needs to be reported in Audit Report / LFAR
  42. Transaction Logs Serial Control over all transactions Number to be allotted by the system No manual intervention allowed Peruse transaction logs of heavy days Typically after multiple holidays Review Exception Transactions Reports And also action taken thereon
  43. Income - interest Interest rate parameters are controlled centrally Obtain list of transactions where interest rate has been entered by branch management Ensure that such entry and authorization is as per the Access Control Rules Review process of interest rate modifications in similar manner Test check a few interest calculations
  44. There is no need of checking all the accounts. It is enough if at least one account of all the account types is checked for accuracy of interest application.
  45. Reports that can give leads List of cases where stock statements are not furnished on or after 28th February 2011 List of cases where fresh limits were santioned For the whole year from 1st April 2010 to 31st March 2011 For 4th Quarter period from 1st Jan 2011 to 31st Mar 2011 For 3rd Quarter period from 1st Oct 2010 to 31st Dec 2010 For 2nd Quarter period from 1st Jul 2010 to 30th Sep 2010 For 1st Quarter period from 1st Apr 2010 to 30th Jun 2010
  46. Reports that can give leads… List of overdue accounts i.e. outstanding amount > Sanctioned amount. List of manual entries viz. Interest Reversals Recognition of Interest in NPA Debit to HO account List of unchecked transactions (Accounts master) Standing Instructions
  47. Reports that can give leads…… Temporary OD – beyond time limit Time bound DPN Large cash transactions – list of it viz. above Rs: 10 lakhs cash deposits Operations in in-operative accounts These reports are backbone of the system.
  48. CS 1: Core Banking Solution A bank in the process of implementing CBS had a central support team at the CPPD. These users were allowed unrestricted remote access to the branches. One employee used this facility to transfer funds from in-operative accounts of branches to a particular account of her relative. The money was subsequently withdrawn. This came to light during regular concurrent audit when auditor noted that there was movement in the in-operative account.
  49. CS 2: Vulnerability in Account Mapping A fraud was committed due to vulnerability in mapping of accounts in a CBS. Mapping of accounts is done only in one place which is at the CCD. In the present scenario, the GL heads were created and access given to the branches in such a way that any GL head could be debited or credited. One employee utilized this feature to debit a GL which had accumulated unreconciled debit balances and credited his personal account.
  50. Income - charges As in case of interest rate, parameters for other charges are controlled centrally Ensure that the software relates the transaction with the income to be applied Bank Guarantee / LC and its Commission / Charges ATM / Credit Card charges Charges for miscellaneous transactions Number of debits Note counting Review transactions where branch has an authority to deviate from the set parameters Test check a few transactions Load More .

Statutory <a href=Bank Branch Audit - Technical and Practical Aspects" width="320px" />

Statutory Bank Branch Audit - Technical and Practical Aspects

Bank Branch Audit . Rajkumar S.Adukia . 2. Agenda. General Pre commencement of work Understanding the banking business Audit Planning Audit procedures Audit Reports . Bank Branch Audit . Rajkumar S.Adukia . 3. General. Bank Branch Audit . Rajkumar S.Adukia . 4. History of banks . In 1920 Imperial bank was established The Reserve Bank of India was established as the Central bank of the country in 1935 under an act called

1.38k views • 90 slides

<a href=Bank Branch Audit – Audit Planning" width="320px" />

Bank Branch Audit – Audit Planning

Bank Branch Audit – Audit Planning. CA. Rashmikant C. Thakkar rctca@rediffmail.com / rcthakkarca@gmail.com (M) 09879447009 BARODA BRANCH OF WIRC OF ICAI. Need for Planning :. Primary Objective of Audit – to ensure that Annual Accounts of the Branch give a True and Fair View.

2.76k views • 36 slides

Audit under GST

Audit under GST

Audit under GST. CA. T.N. Raghavendra. Agenda. Audit [Section 2(13)]. Means examination of - Records Returns and Other documents Maintained or furnished by the registered person under GST Acts or rules made there under or under any other law for the time being in force.

421 views • 28 slides

<a href=Bank Branch Audit under Core Banking System" width="320px" />

Bank Branch Audit under Core Banking System

Bank Branch Audit under Core Banking System. Hosted by Hyderabad Branch of SIRC of ICAI. Table of Contents. Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS

1.35k views • 49 slides

Bank Audit under CBS Environment

Bank Audit under CBS Environment

Deepak Bholusaria, FCA Member, Banking Research Group, NIRC of ICAI deepak@bholusaria.com. Bank Audit under CBS Environment. Objective of this presentation. Beginner’s guide to Audit under Core Banking Solution. Giving rough idea as on how CBS works and its architecture.

1.5k views • 54 slides

Bank Audit in Core Banking System Seminar Friday, 29 th March 2013, Jaipur

Bank Audit in Core Banking System Seminar Friday, 29 th March 2013, Jaipur

Bank Audit in Core Banking System Seminar Friday, 29 th March 2013, Jaipur. banking under core banking system. banking under core banking system. Major statistics. banking under core banking system. Major Objectives of the IS Audit Policy

127 views • 0 slides

Core Banking Project

Core Banking Project

Core Banking Project. What is Core Banking Solution?.

644 views • 19 slides

BANKING ICICI BANK

BANKING ICICI BANK

BANKING ICICI BANK. ICICI Bank Formation ICICI Bank Today Current Strategies Assumptions Capabilities Future Goals Economic Factors effecting Growth. CONTENTS. Formation of ICICI Bank. 1986. 1955. 1993. 1993. 1994. ICICI Bank Today. Large capital base Vast talent pool

698 views • 16 slides

Raj Bank Universal Core Banking System FCBS

Raj Bank Universal Core Banking System FCBS

WestWay Financial Technology Services Banking Systems & Consulting. Raj Bank Universal Core Banking System FCBS. www.westway.in info@westway.in. LEVEL 1. LEVEL 2. LEVEL 3. LEVEL 4. 1. 2. 3. 4. CORE BANKING. DEVELOPMENT. SERVICES. OFFICE. WestWay - Overview .

256 views • 12 slides

NON-BANK STATUTORY FINANCIAL ORGANISATIONS

NON-BANK STATUTORY FINANCIAL ORGANISATIONS

NON-BANK STATUTORY FINANCIAL ORGANISATIONS. NBSFOs. The number and diversity of NBSFOs is so great that any single classificatory appellation cannot accurately reflect the nature of these institutions. They are also known as Development Banks . Industrial Financial Corporation of India (IFCI).

842 views • 10 slides

Linkage Banking under Islamic Banking

Linkage Banking under Islamic Banking

Linkage Banking under Islamic Banking. B.Mansuri DRMFS-Intl. Basic Principals of ISB:. ENTERPRANEURSHIP “We adopted Islam as it is guiding the Development” “You are created from Earth (in order) to develop it” PARTICIPATION (in Profit and Loss) NO COLLATERAL. SCOPE & Potential.

358 views • 20 slides

Benefits of Core Banking Solution

Benefits of Core Banking Solution

Benefits of Core Banking Solution. Reduction in transaction time Elimination of duplication. Minimum chance of mistake. Generation of different types of management Information. Benefits of Core Banking Solution. Uniform changes in all systems.

798 views • 4 slides

Statutory <a href=Bank Branch Audit - Technical and Practical Aspects" width="320px" />

Statutory Bank Branch Audit - Technical and Practical Aspects

Statutory Bank Branch Audit - Technical and Practical Aspects. CA. Rajkumar S. Adukia radukia@vsnl.com / rajkumarfca@gmail.com http://www.carajkumarradukia.com 093230 61049/098200 61049. Agenda. General Pre commencement of work Understanding the banking business Audit Planning

1.23k views • 101 slides

SEMINAR ON STATUTORY AUDIT OF BANK BRANCHES

SEMINAR ON STATUTORY AUDIT OF BANK BRANCHES

SEMINAR ON STATUTORY AUDIT OF BANK BRANCHES. Audit Planning and Long Form Audit Report PRESENTATION BY CA ATUL C. BHEDA B.COM, FCA, LLB(GEN), DISA(ICA). Importance of Audit Planning and reporting. Well planned is half done One should know destination to plan well

923 views • 59 slides

Procedure of Conduct of Statutory Audit of SSA Accounts, Compliance of Audit Observations

Procedure of Conduct of Statutory Audit of SSA Accounts, Compliance of Audit Observations

Procedure of Conduct of Statutory Audit of SSA Accounts, Compliance of Audit Observations.

866 views • 61 slides

Statutory Audit

Statutory Audit

Statutory Audit. Robert Hodgkinson, ICAEW Director, Technical BIICL, 19 November 2004. Auditor’s duties, liabilities and impact on board structure. Agency problems. Principals. Activities. Agents. The assurance solution of the IAASB framework. Intended users. Subject matter.

1k views • 19 slides

Core Banking Solution

Core Banking Solution

Core Banking Solution. Objectives of the CBS - 1. To streamline existing operations of Small Savings Schemes and to provide integrated facilities to customers. To provide facilities like ATMs for withdrawal by customer. Internet and telephone based access to all schemes

608 views • 12 slides

Audit Core Team

Audit Core Team

Audit Core Team. 2009/2010 CSP Contract Compliance Audit. Responsibilities Procedures Deadlines. Presented by Bob Muller, Steve Krovitz, Roger Wright, and Scott Elliott. Audit Core Team What is this.

649 views • 52 slides

Andhra Bank Branches in Hyderabad

Andhra Bank Branches in Hyderabad

Get all 151 branches of Andhra bank in hyderabad IFSC code MICR code, Address here: http://indianbankdetails.com/index.php/ANDHRA_BANK-IFSC-Code/TELANGANA/HYDERBAD

246 views • 5 slides

Andhra Bank Branches in Mumbai

Andhra Bank Branches in Mumbai

IFSC code for Andhra Bank Branches in Mumbai was issued by RBI. Get all the informations here: http://indianbankdetails.com/index.php/ANDHRA_BANK-IFSC-Code/MAHARASTRA/MUMBAI_CITY

232 views • 5 slides

Axis Bank Branches In Bangalore

Axis Bank Branches In Bangalore

Axis bank is one of the best private bank providing excellent service for their account holders. http://indianbankdetails.com/

194 views • 5 slides

Axis Bank Branches in Chennai

Axis Bank Branches in Chennai

IFSC is the 11 character code provided by RBI for Axis Bank Branches in Chennai. http://www.indianbankdetails.com/

189 views • 5 slides