Professional Documents
Culture Documents
Audit Functions in Bank
Audit Functions in Bank
R CHANDRA SEKHAR
CLD HYDERABAD
ORGANIZATIONAL SETUP
CGM Contains
ZACE contains
RACE contains
SRM/RM (Chairman)
AGM/CM of RO (Convener)
Incharge of ZAO
Incharge of Credit Monitoring of RO
Incharge of Credit of RO Minimum 2
members
Incharge of Operation of RO
Required
Incharge of Recovery of RO
Incharge of RCC of RO
Incharge of HRD of RO
Incharge of Priority sector Department of RO
Types of Audits
1. RBIA
2. RBI Inspection Reports
3. Stock Audit
4. Legal Audit
5. Compliance Audit
6. Revenue Checking
7. Snap Audit
8. 100% Audit/Special Audit/100% verification etc..
9. IS Audit
10.Management Audit of RO/ZO/CO
RBIA
• In the eyes of RBI, a sound Internal Audit function plays an important role in
contributing to the effectiveness of the internal control system.
• To achieve these objectives, RBI had advised the banks to gradually move towards
risk-based internal audit which will include, in addition to selective transaction
testing, an evaluation of the risk management systems and control procedures
prevailing in various areas of a bank’s operations.
• While focusing on effective risk management and controls, in addition to
appropriate transaction testing, the risk-based internal audit would not only offer
suggestions for mitigating current risks but also anticipate areas of potential risks
and play an important role in protecting the bank from various risks.
• The risk-based internal audit, on the other hand, undertakes an independent risk
assessment solely for the purpose of formulating the risk-based audit plan keeping
in view the inherent business risks of an activity/ location and the effectiveness of
the control systems for monitoring the inherent risks of the business activity.
RISK ASSESSMENT METHODOLGY
RAM is classified as
1. Business Risk
2. Control Risk
3. Composite Risk
Business Risk
If Branch does not have FOREX business then rationalized weightage of FOREX parameter
will be treated as NIL and similarly for the Branches were the Legal Audit not applicable the
rationalized weightage will NIL. The weightage will be distributed proportionately under
remaining heads.
Rating under RBIA
Composite Risk Rating under RBIA
Trend Matrix
Trend Matrix in Composite Risk
Types of Audit and its Frequency
Type of Audit Periodicity/Frequency of Audit
Risk Based Internal Low risk rated Branches once in 12-15 months. Medium Risk rated
Audit (RBIA) of Branches: Once in 12 months However, Extremely High, Very High
Branches and High risk rated Branches shall be re-audited within 3 (Three) to 6
(Six) months. However, if the Branch confirms to RO that the remarks
of the audit report have been complied with, the RM shall get
Compliance Audit conducted and on satisfying himself, recommend
to ZAO for re-audit & re-assessment of risk rating before the
stipulated periodicity.
Periodicity of RBIA in The periodicity for Risk Based Internal Audit of CFB/ MCB and Credit
Credit intensive oriented ELBs with advances of `100.00 crore and above (as on 31st
Branches March) shall be subjected to Risk Based Internal Audit with duration
of 12 months. If such Branch is rated as High/ Very High/ Extremely
High then next Risk Based Internal Audit shall be conducted after six
months of previous audit.
Audit of Service Service Support Branches shall be subjected to Internal Audit at a
Support Branches regular interval of six months, considering the sensitivity of their
functions
Types of Audit and its Frequency
Type of Audit Periodicity/Frequency of Audit
Audit of Centralized Credit All CCPCs shall be subjected to Risk Based Internal Audit
Processing Center Branches (RBIA) at quarterly interval
Management Audit of Zonal Management Audit of Zonal Offices is to be conducted
Office: annually
Management Audit of Regional Management Audit of ROs having total business above
Office `10,000 crore or Advance portfolio above `5,000 crore as on
31st March may be subjected to Management Audit on
yearly basis. Other ROs shall be subjected to Management
Audit as per their Risk Rating i.e. once in two year in case of
Low & Medium Risk rating and immediately after 12
months period in case of High Risk
Management Audit of Once in two years
• Departments of Central Office
• Training Centres / Training
Colleges
Any special assignment of audit Need-based - with the permission of Head of Internal Audit
(HIA)
Types of Audit and its Frequency
Type of Audit Periodicity/ Frequency of Audit
Concurrent Concurrent Audit of ELBs, VLBs (including CFB, IFB, MCB) & some of
Audit Large and Medium category Branches, which shall generally be
decided in descending order of the Advances, so as to cover
minimum 50% of aggregate business, 50% each of Deposits &
Advances of the Bank. However, Concurrent Audit shall be
continued for SSBs, CCPBs, Integrated Treasury Branch, CBS, BSD
and Digital Payments & Transaction banking Dept. - Corporate
Office
Inspection of Once in two years
ZAOs
Stock Audit As per Credit Monitoring Policy, the appointment of auditors shall
be carried out by respective Regional Offices for periodical stock
audit in eligible accounts. The audit observations reported in Stock
Audit reports shall be attended by respective Branches and closure
shall be done in “Credit Monitoring Committee” Meeting of
respective RO/ ZO.
Types of Audit and its Frequency
Type of Audit Periodicity/ Frequency of Audit
Compliance Audit 1.Concurrent auditors of the Branches (which are under Concurrent Audit)
shall be advised to submit their verification report on Compliance done by the
Branch in respect of: Internal audit Report (RBIA), IS Audit, Special Report,
100%/ Statutory Audit Report, LFAR, Recovery of Revenue Leakage etc.
2.Compliance Audit of at least 10% of Branches, where compliance to audit
report has been submitted by the Branches, will be conducted by the Zonal/
Regional Offices, by deputing officials from RO/ other Branches prioritizing
Branches where Special report submitted, Branch rated with Extremely High
Risk/ Very High risk/ High risk under RBIA, Statutory Audit Reports with
adverse remarks in LFAR, Revenue Leakage exceeding Rupees one lac in fiscal
in Branches, irrespective of their coverage under Concurrent Audit.
3. Zonal Audit Offices will also conduct compliance audit in10% Branches,
including Branches which are under Concurrent Audit, where audit reports
have been closed by competent authority.
Head of Internal Audit (HIA) can instruct for 100% audit on the basis of feedback received from
the field/ other sources
SNAP AUDIT
• ZAOs shall conduct Snap Audit at the request of Field General Manager/
Zonal Manager in case of any officer vested with delegated authorities at
Branch/ RO/ ZO, tenders resignation/ applies for VRS.
• Such snap audit shall cover exercise delegated powers by the official
tendering resignation/ VRS after the last RBIA. If regular Risk Based
Internal Audit of that Branch is due then the same will be taken up instead
of snap audit.
• Controller shall ensure rectification of adverse finding reported during
such snap audit. ZO shall inform ZAO at least 30 days in advance, if such
resignation/ VRS application is under their consideration.
• Snap audit conducted by ZAO at the request of FGM shall be closed at
ZACE prior to acceptance of resignation/ VRS of the delegated authorities.
Similarly, Snap Audit conducted in compliance of instruction of CA&ID,
shall be closed at CGM.