Audit in Banks

 Bank Branch Audit

Disclaimer

The  article “Audit in Banks” is based on my experience as an Inspecting Official  and  I have purely elaborated my experience (what I was taught and what I learned/experienced)

Preamble:

The audit is a tool to measure the health of an Organisation. It will help the Management of the Organization to assess the point where they stand and its Clients to foresee the growth of their benefits.  Besides, it is a mandatory requirement for the Organization to claim its legitimacy in the market for its survival

Any organization be it Private Public or Government undertaking, is subject to this mandatory requirement.  Even a Proprietary/Partnership establishment is required to undergo this exercise in India.

With a view to accomplish this task, there are many Chartered Accountant firms and Tax consultants spread over the country.  Nowadays, many MNC auditing firms have also fallen in line with the other local resources to enable smooth auditing tasks.

While we are on the subject, I shall slightly deviate from the topic.  Let us have some idea about Audit functions in a Bank.  In India, Banks are coming under the control of the Reserve Bank of India, generally called the “Central Bank” (RBI).  The RBI controls the key functions of Banks in India.  They issue various guidelines and regulations on various parameters like Rate of Interest – both on Deposits and Lending, SLR, CRR, lending norms, Assets and Liability Management System, Bad Debts / Non-performing Assets Management etc.  The Banks are required to strictly comply with the guidelines issued by RBI from time to time.

Various Types of Audit :

1. Internal Audit – done by Staff of the Bank
2. Statutory Audit – done by External Agencies
3. Revenue Audit – done by External Agencies
4. Stock Audit = done by External Agencies
5. Concurrent Audit = done by External Agencies
6. Information System Audit – done by both Internal and External agencies
7. Credit Audit – Mostly entrusted to External Agencies
8. Forensic Audit – In case of suspect fraud

Bank Audit is conducted by various machineries – both Internally and externally.  As per the eligibility norms, the Banks may appoint external Agencies also to complete the process.  Bank audit is done to assess the procedures and systems followed by a Bank Branch in the opening and conduct of a Deposit account and also following the lending norms while processing/sanctioning loans to its customers.  The Inspecting Official/firm will compile a Report and express their opinion as also the ways to overcome the Risks, may be in a structured format as prescribed by the Bank entrusting the task, wherein they point out the deviations observed and based on the observations, bring out the risk involved as also the health of the Bank Branch.

The Bank shall have a Centralised and Regionalised setup for conducting the Audits in turn consolidate the Reports, after a thorough verification, and transmit the same to the Central Bank (RBI).  After assessing the consolidated report, the RBI may call for explanations from the concerned Bank for rectification progress, steps taken for immediate improvement and staff involvement/accountability etc. so that the Bank does not derail or the public money is safeguarded.

However, to assess the health of the Banks, the Central Bank (RBI) has laid down a structured policy of Audit.  Audits in Banks may differ from one another.  Nevertheless, the ultimate aim is to have the best control mechanism for the functioning.  Widely, the following pattern is followed in Banks while forming the Audit Policy.

RISK-BASED AUDIT : 

The Audit risk is mainly divided into two categories viz.

• Business Risk

• Control Risk

Business Risk comprises various parameters like the position of the Bank Branch, viz. Actual achievements vis-a-vis Targets allocated by Higher Offices.  This includes various components like Deposits, Advances, Profitability, etc.   A few major areas of Business Risk assessment are given below :

Business Risk: Business Risk is based on the inspection and findings of the Inspecting Official about the following vital areas and compilation of the Bank Branch Profile, which may mostly contain the data obtained :

• Composition of Advances
• Analysis of Non-performing Assets
• Composition of Deposits
• Frauds (if any, already reported and steps taken)
• Customer Base
• Customer Complaints
• Growth in Deposits
• Growth in Advances / Credit / Lending
• NPA Management
• Profitability
• Performance in respect of Third Party products

1. i)   Composition of advances of the Bank Branch:

•         % of Exposure to Sensitive Sectors with regard to total/gross advances
•         Top Advances say 15 to 25 (depends upon the guidelines of the Bank)
•         % of Exposure to Group borrowers in respect of total/gross advances
•          % of Unsecured Advances (advances without any security)
•         % of Contingent Liabilities invoked to total outstanding Bank Guarantees and Letters of Credit
•         % of advances to the Non-Priority Sector
•        Spurt in advances
•        % of Time barred debts to total Non-Performing Assets
•        Share of High-risk exposure to total exposure
•        % of Leakage of Income detected/recovered to total business

1. ii)   Control over Bad Advances (NPA Management):

• The ratio of Assets falling under the “Standard” category to Total Advances
• Share of Advances in NPA portfolio – Sector-wise
• % of Early Alert System Advances and Special Mention Advances to Total Advances
• Analysis of Quick Mortality Accounts
• % of Gross NPA to total Credit portfolio

iii) Coming to the Deposits portfolio of the Bank Branch, the following parameters are analyzed and data is obtained : 

• Ratio of CASA deposit to Total Deposits
• Risk category of Deposit accounts and its share in total deposits
• Retail Deposit Percentage to Total Deposits
• Computing the Non-Interest Income and Net Interest Income and their percentage to Total Income
• Analysis of Interest Income whether it has increased or decreased over the last audit period.

1. iv) Analysis of Fraud-prone areas: Areas of fraud are defined in the Bank’s guidelines and certain parameters are to be taken into account for computing the Risk. 

1. v) Profitability – Target vis-a-vis Achievement: The Bank Management will give some targets, either quarterly, half-yearly, or annual targets.  The Inspecting Officer is required to cull out the data from the System and analyze whether the Branch has achieved the goals as per the expectations of the Higher Offices.  The shortcomings, if any, should be given proper attention and accordingly arrive at the Risk. 

Control Risk :  

Control Risk is based on the inspection and findings of the Inspecting Official in respect of the following major areas and compilation of marks awarded, which mostly contain the data obtained :

1. Risk parameters involved in Lending
2. Control Parameters in Credit Management
3. Control over other Banking Operations
4. Opening of Deposit Accounts
5. Monitoring of Deposits Accounts
6. Cash Management system
7. Remittances – both Inward and Outward remittances
8. Collection of Bills / Cheques
9. Cheque Purchases
10. Clearing Department
11. Government Business operations
12. Para banking activities
13. Statutory Compliances
14. Security measures and Administrative lines
15. Monitoring of Frauds
16. Compliance with Audit irregularities
17. Observance of Information Technology guidelines
18. Customer Service
19. Processing Credit applications
20. Sanctioning of Credit Proposals
21. Monitoring of Advances portfolio
22. Minimizing the NPA Portfolio of the Bank Branch

The Overall Risk Rating is arrived at by the Inspecting Officials is categorized as – 

1. Low Risk
2. Medium Risk
3. High Risk
4. Very High Risk 

Broadly speaking, the Risk assessment is made based on the combination of Business risk and Control Risk.

The performance of the Bank Branch in respect of the above major parameters would be taken into consideration while arriving at the Risk factor.    

Matrix of Risk: