1 / 65

Bank audit documentation – With reference to Sqc

Bank audit documentation – With reference to Sqc. Gopi. K Varma & Varma gopi@varmaandvarma.com. Complying with SAs relevant to the audit- SA 200.

annschultz
Télécharger la présentation

Bank audit documentation – With reference to Sqc

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Bank audit documentation – With reference to Sqc Gopi. K Varma & Varma gopi@varmaandvarma.com

  2. Complying with SAs relevant to the audit- SA 200 • To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework; and • (b) To report on the financial statements, and communicate as required by the SAs, in accordance with the auditor’s findings.

  3. Overall objectives of the auditor SA 200 • To obtain reasonable assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low level and thereby enable the auditor to draw reasonable conclusions on which to base the auditor’s opinion

  4. Overall objectives of the auditor SA 200 • The auditor shall comply with all SAs relevant to the audit. • An SA is relevant to the audit when the SA is in effect and the circumstances addressed by the SA exist. • The auditor shall not represent compliance with SAs in the auditor’s report unless the auditor has complied with the requirements of this SA and all other SAs relevant to the audit

  5. Overall objectives of the auditor SA 200 • The auditor shall have an understanding of the entire text of an SA, including its application and other explanatory material, to understand its objectives and to apply its requirements properly. • The auditor shall not represent compliance with SAs in the auditor’s report unless the auditor has complied with the requirements of this SA and all other SAs relevant to the audit

  6. Nature and Purposes of Audit Documentation(SA 230) • Evidence for the basis for a conclusion that audit objective is achieved • Planning and performing the audit in accordance with SAs and applicable laws and regulations. • Supervision and discharge of review responsibilities   • Making the engagement team accountable for their work.  • Retaining a record of matters of continuing significance • Enabling the conduct of quality control reviews and inspections (SQC-1) and • Enabling the conduct of external inspections in accordance with applicable legal, regulatory or other requirements.

  7. Scope of SAs • Applicable:- • whenever an independent audit is carried out • whether or not profit oriented • irrespective of the size and legal form When such an examination is conducted with a view to express an opinion Also Applicable to other related functions of the auditor

  8. Compliance with SA Duty of the members of the Institute to ensure compliance If not been able to comply the member should draw attention to the material departure there from. Mandatory under Companies Act (Section 143 (10)).

  9. Structure of Engagement Standards Issued by AASB Chartered Accountants Act, 1949, Code of Ethics and other relevant pronouncements of the ICAI Standards on Quality Control (SQCs) Services covered by the pronouncements of AASB Related Services Assurance Services Framework for Assurance Engagements Audits and reviews of historical financial information Assurance Engagements other than audits or reviews of historical financial information Standards on Auditing (SAs)100 - 999 Standards on Review Engagements (SREs) 2000 - 2699 Standards on Assurance Engagements (SAEs)3000 - 3699 Standards on Related Services (SRSs)4000 - 4699

  10. SQC 1 + 9 Standard On Quality Control – 1 General Principles and Responsibilities (SA) - 9 Risk Assessments and Response to Assessed Risks (SA)- 6 Audit Evidence (SA) – 11 Using work of Others (SA) – 3 Audit conclusions and Reporting (SA)-5 Specialized Areas (SA)– 3 Standards on review engagements (SRE) – 2 Assurance Engagements other than audits or reviews of Historical Financial Information(SAE) - 2 Standards on related services (SRS) - 2

  11. SQC 1 -Quality Control for Firms that Perform Audits and Reviews of Historical Financial Information, and Other Assurance and Related Services Engagements. • contains extensive requirements in relation to establishment and maintenance of a system of quality control in the audit firms as well as even for sole practitioners • mandatory from April 1, 2009 • Applied to all services covered by the Engagement Standards (audit/review)

  12. System of Quality Control All firms to have system of quality control that provides reasonable assurance that: • Firm & personnel comply with professional standards, regulatory & legal requirements • Reports issued by partners are appropriate in the circumstances.

  13. Definitions • Engagement documentation (work performed, result obtained & conclusions reached – assembled for each engagement in engagement file ) • Engagement partner • Engagement quality control review • Engagement quality control reviewer • Engagement team • Firm • Inspection

  14. Elements of system of quality control • The firms quality control system should include POLICIES AND PROCEDURES, addressing each of the 6 elements • The policies and procedures should be documented and communicated to firms’ personnel.

  15. 6 Elements of SQC • Leadership responsibilities for QC • Ethical requirements (firm policies) • Client acceptance (based on integrity & application of fundamental ethical principles) continuance. • Human resources • Engagement performance (Supervision, Review, Consultation, Engagement QC review, Engagement documentation- policies) • Monitoring (of policies & Procedures)

  16. I. Leadership Responsibilities for Quality within the firm • Firm to design policies/ procedures • To promote internal culture: • Require CEO/ managing partner to assume ultimate responsibility for QC • Leadership to recognise that business strategy is subject to quality and accordingly : • Assign management responsibilities appropriately • HR policies to demonstrate firm’s QC commitment • Sufficient resources for development, documentation & support of QC policies & procedures • Person delegated the QC responsibility by CEO/ Managing partner to have sufficient appropriate experience & ability, & necessary authority to assume responsibility

  17. II. Ethical Requirements • Establish policies & procedures - reasonable assurance • Firm & personnel comply with relevant ethical requirements • Fundamental ethical principles: • Integrity • Objectivity • Professional competence & due care • Confidentiality • Professional behavior • Ethical requirements enshrine Independence Contd./…

  18. Independence • Establish policies & procedures - reasonable assurance that • Maintenance of independence by relevant personnel • Firm notified of breaches of independence requirements • Policies & procedures should enable: • Communication of independence requirements to personnel & others • Identification & evaluation of circumstances/ relationships threatening independence • Take appropriate action for elimination/ reduction of threats/ withdrawal from engagement • Resolution of breaches of independence Contd./…

  19. Contd./… • Policies/ procedures should require:

  20. Contd./… • Annual written confirmation as to compliance with independence requirements • Familiarity threat: • Created by using same senior personnel on assurance engagements • Create policies & procedures: • Criteria for need for safeguards to reduce familiarity threat • Audit of FS of listed entities – rotation of engagement partner

  21. III. Client Acceptance & Continuance • Establish policies/ procedures - reasonable assurance that clients are accepted/ continued only where: • Client integrity has been considered & no information to conclude that client lacks integrity • Firm competent to perform engagement – capability, time & resources • Can comply with ethical requirements • Document how issues were resolved Contd./….

  22. Withdrawal from Engagement Policies to address following issues: • Discussion with appropriate level of management & those charged with governance • If withdrawal necessary, discuss with management & those charged with governance • Professional/ regulatory requirement to: • Not to withdraw, or • Report withdrawal from engagement and/ or client relationship • Documentation of significant issues, consultations, conclusions, basis for conclusions

  23. IV. Human Resources • Establish policies/ procedures - reasonable assurance: • Sufficient personnel with capabilities, competence & commitment to ethical principles • Enable firm/ partners to issue reports appropriate in circumstances • Issues to be addressed by HR policies:

  24. Assignment of Engagement Teams • Responsibility for each engagement to be assigned to engagement partner. • Policies/ procedures to ensure that: • Identity & role of engagement partner communicated to key personnel of client management & those charged with governance. • Engagement partner is capable & competent & has time & authority for engagement. • Responsibility of engagement partner clearly defined & communicated to him/ her. • Assign appropriate staff • Assessment of staff capability & competence Contd./….

  25. V. Engagement Performance Establish policies/ procedures - reasonable assurance: • Compliance with professional standards • Compliance with laws/ regulations • Consultation (internally/externally)– as per firm’s policies and procedures • Difference of opinion between Engagement partner and Review partner • Engagement partner issues reports appropriate in the circumstances • Engagement quality control review – on a timely manner

  26. VI. Monitoring • Policies & procedures - reasonable assurance that QC policies/ procedures are: • Relevant • Adequate • Operating effectively • Complied with in practice • Involves on going consideration & evaluation of QC system, includes periodic inspection of completed assignments.

  27. contd./….. • Communicate results of monitoring to engagement partners, CEO, managing partner & other appropriate individuals at least annually. • Communication to include: • A description of the monitoring procedures performed. • The conclusions drawn from the monitoring procedures. • Where relevant, a description of systemic, repetitive or other significant deficiencies and of the actions taken to resolve or amend those deficiencies. Contd./…

  28. Documentation • Policies/ procedures for documentation to provide evidence of operation of each element of QC system • Form & content – factors to consider • size of the firm and the number of offices. • degree of authority both personnel and offices have. • nature and complexity of the firm’s practice and organization. • Retention • Time period sufficient to permit evaluation of firm’s compliance with QC system. • Longer period, if required by law • Engagement Documentation specimen.docx

  29. DOCUMENTATION –Pre-commencement Work

  30. Pre-commencement Work • Appointment letter • Compliance with Companies Act (qualifications) • Communication to previous Auditor by Regd.AD • Audit Planning and pre audit briefing • Pre audit discussion with Branch Manager • Engagement Letter under (SA 210) • Overview of relevant Banking terminology and schemes • Guidance note on audit of banks by ICAI would provide valuable guidance. • Long Form Audit Report- reporting requirments

  31. Understanding the Banking Business

  32. Banking business • Special Features of Banking Business ( events, transactions ,practices and regulatory norms etc). • Special audit considerations in bank branch audits • Important Circulars of RBI…… • Internal controls in banks • Additional Controls for Computerised Environment • Accounting System and Standards applicable • Formats of Financial Statements ( as per schedule III section 29 of Banking Regulation Act ,1949)

  33. Sources for information • Bank’s annual report to shareholders • Internal financial management reports • Previous year audit working papers • Discussion with bank Branch Manager • Letters seeking Information from Branch Manager • Bank policy and procedures manual • RBI circulars • Previous and current audit reports (concurrent , internal , revenue, inspection, RBI AFI)

  34. Use • To develop an overall audit plan • To decide on critical areas • To identify areas of special audit consideration • To evaluate the reasonableness of accounting estimates • To evaluate Management representations • To make judgments regarding the appropriateness of accounting policies and disclosures

  35. Guidance on documentation

  36. Letter seeking information • Organizational chart of bank and bank branch , along with name of head of department. • Authority and responsibility of each officer in the bank • Special feature of each banking product • Areas where work has been outsourced to outsiders • Copies of last year annual accounts and current year quarterly/half yearly accounts • Details of concurrent/other audits /inspections.

  37. Letter seeking information • Information about top borrowers • H.O instructions for closing of accounts • Details of software used by bank • List of reports generated by the software • Accounting policy followed by the bank • Prelim information format.doc

  38. Documentation of Internal controls in bank branch • System of supervision / checking of work of one staff member by another staff member, irrespective of the nature of work • System of job rotation • The financial and administrative powers of officials are fixed /communicated to all persons concerned • System for periodic reporting by Branch managers to their controlling authority on compliance of the laid down systems and procedures.

  39. Documentation of Internal controls in bank branch • System for reporting to controlling authority of exceedings of delegated powers • System for Periodical balancing of books and records • System for expeditious reporting of lost security forms to controlling authority • Currency, and security forms are in joint custody of at least two officials and periodically verified. • System for Periodic inspections/ concurrent audit/ other audits • System regarding operation of inoperative accounts

  40. Documentation of Controls for Computerised Environment • The system maintains a record of all log-ins and log-outs • System of posting transaction is to a inoperative account, like requirement of a supervisory password • The system check on whether the amount to be withdrawn is within the drawing power. • System alerts (eg: the balance in a lien account falls below the lien amount) • Whether transaction permitted in an inoperative account

  41. Documentation of Controls for Computerised Environment • Access to the system is available only between stipulated hours and specified days only. • Individual users can access only specified directories and files • Exception situations such as (eg: limit excess, reactivating dormant accounts) handled only with a valid supervisory level password. • User timeout. • Once the end-of-the-day process is over, the ledgers cannot be opened without a supervisory level password

  42. Materiality (SA 320) • Materiality for financial statements as a whole • Determination of materiality levels (Eg: With reference to: • Operating profit/net profit • Gross/Net NPA • Fixed as Percentage of , or absolute figure • Projection of individual errors • H . O. instructions

  43. Guidelines for documentation • May be recorded on paper or on electronic or other media. • Timely audit documentation to be concurrent • enhance the quality of the audit • Facilitate effective review and evaluation of audit evidence. • Documentation prepared after the audit work is likely to be less accurate than done while performing audit. • Record all aspects of the audit, in a single document, with cross references to supporting working papers.(Summary of observations)

  44. Engagement documentation Assembly of the Final Audit File • The final audit file is to assembled ordinarily within 60 days of the date of the auditor's report. • (Only) Administrative changes may, be made during the final assembly process (like deleting or discarding superseded documentation, Sorting, collating and cross referencing working papers , Signing off on completion checklists relating to the file assembly process and documenting audit evidence obtained, discussed and agreed before the date of the auditor's report) • The retention period for audit engagements ordinarily is not less than seven years from the date of the auditor's report

  45. Examples of documentation

  46. Examples of audit documentation • Audit programme and Checklists. • Obtaining basic information regarding advances Prelim information format.doc • Analytical review. • Summary of observations • Letters of confirmation and representation. • Correspondence (including e-mail) concerning significant matters.

  47. Examples of audit documentation • The nature, timing, and extent of the audit procedures performed along with audit objective that is sought to be satisfied • Specific items or matters tested   • Who performed /reviewed the audit work and the date such work was completed (name/date and signature) • Evidence of direction, control and supervision by the engagement partner .

  48. Examples of audit documentation • Understanding the software being used • Obtain necessary reports including exceptional reports from the software • Review of Statement on large advances prepared by Branch (advances > 5% of total advances or Rs.2 cr, whichever is lower) • Observations noted on review of other auditors reports

  49. Examples of audit documentation • Document the verification of advances disbursed during the period -W.r.to sanction terms by approp. Authority /Bank’s policy guidelines • Brief about Legal opinion obtained • Status of execution of necessary documents for loans disbursed during the audit period • Extent of verification • Check list of advances verified

  50. Examples of audit documentation • Note on scrutiny of ledger accounts • Checking DP Computation • Physical verification of security/ stock • Bank’s system of documenting physical verification of customer site • Note on financial position revealed in BS • Information available in public domain, if necessary • Dependency on 1 or 2 major customers

More Related