Indian banking sector is witnessing major changes in recent years, as a result of which new regulations are being brought into practice. With the implementation of Basel III requirements, more importance is given to risk-based bank audits. With more guidance and circulars from RBI for regulating the banking business in the country, bank’s management is focused to bring about a robust framework which will identify, assess and manage the financial risks. In order to achieve this target, the internal audit of banks is necessary.
A periodic Internal audit is required to monitor the bank’s system of internal control and procedures. Good internal audit process helps the management in the effective discharge of its responsibilities. It gives them the assurance of the risk and operational performance of the bank. Based on the volume and value of its transactions, every bank should conduct an internal audit to fulfil its responsibilities and to achieve its objectives.
Generally, the scope of any bank’s internal audit revolves around the following:
Internal audit function begins with the audit plan drafted by the audit team in consultation with the management. This audit plan includes the timing and frequency of the internal audit work to be carried on and it is based on control risk assessment. Risk assessment examines all the bank’s activities and internal control system which exhibits the probable degree of risk present in these activities. The audit plan must be realistic and should take into account future developments and expected innovations. Audit plan should also state the time to be assigned for special investigation if any to be undertaken and other activities as and when required. The plan should cover the resources required for carrying out the audit activities in terms of personnel and other resources. Such an audit plan established by the internal audit team has to be approved by the bank’s management.
The objectives framed in the audit plan are achieved through a detailed audit programme which lists down the procedure to be carried out for each specific audit area. These procedures are adapted according to the risks identified in every process across the bank’s operations. Based on the value and volume of the banking transactions, samples are selected in each of the core areas to be audited. Audit samples should also be selected on a random basis in certain areas, which will expose all the related risk. Listed below are some of the important areas to be covered in any of the bank’s internal audit:
All the audit procedures carried out by the internal audit staff must be documented in working papers in a well-determined method. Such working papers must list out the activities performed in checking the transactions along with the sampling details. Working paper must also exhibit the conclusion arrived which in-turn gets initiated by the audit supervisor.
A written audit report is drafted for each department and the executive summary is taken for discussion with the senior management. The audit report contains the scope and purpose of the audit along with the findings and the banks (auditee’s) response. It also provides the importance of the deficiencies found and related recommendations to the management to mitigate/reduce the associated risk.
Senior management ensures the audit concerns are addressed accordingly and recommendations made are implemented on a timely basis. The internal audit team checks that the recommendations given during the previous audits are implemented and adhered to in the next audit.
Reserve bank of India has already instructed the implementation of Basel III requirements in the banking sector and all the banks are in the process of enhancing their reporting system accordingly. Some of the Basel implementation steps are listed below:
With the volume of increasing bank frauds, RBI is bringing in more stringent controls to mitigate the risk involved in the banking sector. Internal audit function is undergoing major changes with the assimilation of international internal audit standards to the banks. It is important for the internal audit team to be vigilant and ensure all related risks are captured carefully.
Listed below are some of the benefits of having a good internal audit system in banks: