INTRODUCTION-an overview of Auditing

Economic decisions in every society must be based upon the information available at the time the decision is made. For example, the decision of a bank to make a loan to a business is based upon previous financial relationships with that business, the financial condition of the company as reflected by its financial statements and other factors.

If decisions are to be consistent with the intention of the decision makers, the information used in the decision process must be reliable. Unreliable information can cause inefficient use of resources to the detriment of the society and to the decision makers themselves. In the lending decision example, assume that the bank makes the loan on the basis of misleading financial statements and the Borrower Company is ultimately unable to repay. As a result the bank has lost both the principal and the interest. In addition, another company that could have used the funds effectively was deprived of.the money.

As a means of overcoming the problem of unreliable information, the decision-maker must develop a method of assuring him that the information is sufficiently reliable for these decisions. In doing this he must weigh the cost of obtaining more reliable information against the expected benefits.

A common way to obtain such reliable information is to have some type of verification (audit) performed by independent persons. The audited information is then used in the decision making process on the assumption that it is reasonably complete, accurate and unbiased.

The word Audit is derived from the Latin word Audire which means to here. In olden days, whenever the owner of the business suspects the frauds, they appoint independent and impartial person who uses to hear the explanation given by the accountant. Such person was known as Auditor.

1|Page

Auditing may be defined as,

A careful and critical examination of books of accounts by a properly qualified person on the basis of proper evidence so as to express an opinion (i.e. views) about the truth and fairness of financial statements.

2|Page

ORIGIN AND EVOLUTION OF AUDITING

1) Origin of term :

The term audit is derived from the Latin term audire mean to hear. In early days, an auditor used to listing to the account read out by the accountant in order to check them.

2) Ancient origin :

Auditing is as old as accounting. It was in use in all ancient countries such as Mesopotamia, Egypt, Greece, Rome, U.K., and India. The Vedas,Ramayana, Mahabharata contain references to accounting and auditing. Arthashasastra by Kautilya gives detailed rules for accounting and auditing of public finances. The Mauryas, the Guptas and the Mughals had developed and accounting and auditing system to control state finances. Thus, basically, accounting and auditing had their origin in the need for the government to control the income and expenditure of the state and the army. The original object of auditing was to detect and prevent errors and frauds.

3) Compulsory audits of companies:

With increasing number of companies, the companies acts in different countries began providing for compulsory audit of accounts of companies. Thus U.K. audit of accounts of limited companies became compulsory in 1900. In India, the companies act, 1913 made audit of company accounts compulsory. With increase in size of companies, the object of audit also shifted to ascertaining whether the accounts were true and fair rather than true and correct. Thus, the emphasis was not arithmetical accuracy but on fair representation of financial affairs.

3|Page

4) Development of accounting and auditing standard:

The international accounting standards committee and the accounting standards board of institute of chartered accountant of India have developed standard accounting and auditing practices to guide the accountants and auditor in their day-to-day work.

5) Computer technology: The latest development in auditing pertains to the use of computers in accounting as well as auditing.

Really, auditing has come a long way from hearing the accounts in the ancient day to using computers to examine computerized accounts of today.

4|Page

DEFINITION OF AUDITING

Various persons such as the owners, shareholders, investors, creditors, lenders, government etc. use the final account of business concern for different purposes. All these users need to be sure that the final accounts prepared by the management are reliable. An auditor is an independent expert who examines the accounts of a business concern and reports whether the final accounts are reliable or not. Different authorities have defined auditing as follows.

Mautz define the auditing as auditing is concerned with the verification of accounting data, with determining the accuracy and reliability of accounting statement and reports.

International auditing guidelines defines the auditing as auditing is an independent examination of financial information of any entity with a view to expressing an opinion thereon.

5|Page

BASIC PRINCIPLES OF AUDITING

1) Integrity, objectivity and independence:

The auditor should be honest and sincere in his audit work. He must be fair and objective. He should also be independent.

2) Confidentiality:

The auditor should keep the information obtained during audit, confidential. He should not disclose such information to any third party. He should, keep his eyes and ears open but his mouth shut.

3) Skill and competence:

The auditor should have adequate training, experience and competence in Auditing. He should have a professional qualification ( i.e. be a Chartered Accountant) and practical experience. He should be aware of recent developments in the field of auditing such as statement of ICAI, changes in company law, decisions of courts etc.

4) Working papers:

The auditor should maintain working papers of important matters to prove that audit was conducted with due care according to the basic principles.

6|Page

5) Planning:

The auditor should plan his audit work. He should prepare an audit programmed to complete the audit efficiently and in time.

6) Audit evidence:

The report of the auditor should be base on evidence obtained in the course of audit. The evidence may be obtained through vouching of transactions, verification of assets and liabilities, ratio analysis etc.

7) Evaluation of accounting system and internal control:

The auditor should ensure that the accounting system is adequate. He should see that all the transaction has been properly recorded. He should study and evaluate the internal controls.

8) Opinion and report:

The auditor should arrive at his opinion on the account based on the audit evidence and submit his report. The opinion may be unqualified, qualified or adverse. The audit report should clearly express his opinion. Law should require the content and form of audit report.

7|Page

ADVANTAGES OF AUDITING

1) Assurance of true and fair accounts:

Audit provides an assurance to the various users of final accounts such as owners, management, creditors, lenders, investors, governments etc. that the accounts are true and fair.

2) True and Fair balance sheet:

The user accounts can be sure that the assets and liabilities shown in the audited balance sheet show the concern, as it is i.e. neither more nor less.

3) True and fair profit and loss account:

The user can be confident that the audited profit and loss account shows the true amount of profit or loss as it is i.e. neither more nor less.

4) Tally with books:

The audited final account can be taken to tally with the books of accounts. Thus, the income-tax officer can start with the figure of audited books profit, make adjustments and compute the taxable income. An outside user need not go through the entire books.

8|Page

5) As per standard accounting and auditing practices:

The audited final accounts follow the standard accounting and auditing principles laid down by professional bodies. Thus, audited accounts are based on objectives standard and not on personal whims and fancies of a particular accountant or auditor.

6) Detection and prevention of errors and frauds:

Audited accounts can be assumed reasonably free from errors and frauds. The auditor with his expert knowledge would take due care to see that Errors and frauds are detected so that the accounts shoe a true and fair view.

7) Advice on system, taxation, finance:

The auditor can also advise the client about the accounting system, internal control, internal check, internal audit, taxation, finances etc.

9|Page

LIMITATIONS OF AUDITING

1. An auditor cannot check each and every transaction he has to check only the selected areas and transaction on a sample basis.

2. Audit evidence is not conclusive in nature thus confirmation by a debtor is not conclusive evidence that the amount will be collected. It is said evidence is rather than conclusive in nature.

3. An auditor cannot be expected to discover deeply laid frauds usually involves acts designed to conceal them such as forgery , celibate failure to record transactions, false explanation and hence are difficult to detect.

4. Audit cannot assure the users of account about the future profitability, prospects or the efficiency of the management.

5. An auditor has to rely upon expert auditor may have to rely on expert in related field such as lawyers, engineers, values etc. for estimating contingent liabilities, valuation of fixed assets etc.

10 | P a g e

AUDIT COMMITTEE

In pursuance of RBI circular September 26, 1995, a bank is required to constitute an Audit Committee of its Board. The membership of the audit committee is restricted to the Executive Director, nominees of Central Government and the RBI, Chartered Accountant director and one of the non-official directors.

One of the functions of this committee is to provide direction and oversees the operations of the total audit function in the bank. The committee also has to review the internal inspection function in the bank, with special emphasis on the system, its quality and effectiveness in terms of follow up. The committee has to review the system of appointment and remuneration of concurrent auditors.

The audit committee is, therefore, connected with the functioning of the system of concurrent audit. The method of appointment of auditors, their remuneration and the quality of their work is to be reviewed by the Audit Committee. It is in this context that periodical meeting by the members of the audit committee with the concurrent auditors help the audit committee to oversee the operations of the total audit function in the bank.

Considering the coverage of this audit assignment and the specialized nature of work there is also a need for training to be imported to the staff of the auditors. This training has to be given in specialized field such as foreign exchange, computerization, and areas of income leakage, fraud prone areas, determination of credit rating and other similar specialized areas. The bank can organize such training programmed at various places so that it can ensure the quality of audit.

11 | P a g e

INTERNAL CONTROL IN CERTAIN SELECTED AREAS

General

The staff and officer of a bank should lift form one position to another frequently and without prior notice. The work of one person should always be checked by another person in the normal course of business. All arithmetical accuracy of the book should be proved independently every day. All bank form (e.g. books, demand draft book, travellers cheque, etc.) should be kept in the possession of an officer, and another responsible officer should occasionally verify the stock of such stationary.

The mail should be opened by responsible officers. Signature on all the letters and advice received from other branches of the bank or its correspondence should be checked by an officer with signature book.

The signature book of the telegraphic codebook should be kept with responsible officers, used, and seen by authorized officers only.

The bank should take out insurance policies against loss and employees infidelity. The power of officers of different grade should be clearly defined. There should be surprise inspection of office and branches at periodic interval by the internal audit department. The irregularities pointed out in the inspection reports should be promptly rectified.

12 | P a g e

Cash:

Cash should be kept in the joint custody of two responsible people. In addition to normal checking by the chief cashier, cash should be test checked daily and counted in full occasionally by responsible officers unconnected with the balanced shown the balanced shown by the daybook every day.

The cashier should have no access to the ledger account and the daybook. This is an important safeguard. Bank management are often tempted to used cashier because of their shorter working hours as a ledger clerks in the absence of regular staff on leave, etc. This cash can be a very expensive price of economy.

Clearings:

Cheques received by the bank in clearing should with the list accompanying them independent list should be prepared for cheques debited to different customers account and those return unpaid and these should be checked by officers.

The total numbered and amount of cheques sent out the bank for clearing should be agreed with the total of the clearing pay-in-slip, by an independent person. The unpaid cheques received back return clearing should be checked in the same manner as the cheques received.

Constituent ledger:

Before making payment, cheques should properly checked in respect of signature, date, balanced in hand etc. and should be passed by an officers and entered into constituents account.

No withdrawal should normally be allowed against cheques deposited on the same day.

13 | P a g e

An officer should check all the entries made in the ledger with the original document particularly nothing that the correct account have been debited or credited. Ledger keeper should not have access to voucher summary sheet after they have been checked by an officer and to the daybook. Interest debited or credited to constituent account should be independently checked.

Bill of collection:

All documents accompanying the bill should be received and entered in the register by a responsible officer. All the time of dispatch, the officer should also see that all document sent along with the bills.

The account of customers or principals should be credited only after bills have been collected or an advice to that effect received form the branch or agent to which they were sent for collection.

It should be ensured that bills sent by one, branch for collection to another branch of the bank, are not in the collection twice in the amalgamated balance sheet of the bank. For this purpose, the receiving branch should reverse the entries such as bills at the end of the receiving branch at the end of the year fir closing purposes.

Bill purchased:

At the time of purchased of bill, an officer should verify that all the document of titles are properly assigned to the bank.

Sufficient margin should be kept while purchased or discounting a bill to cover any decline in the value of the security etc. If the bank is unable to collect a bill on the due date, immediately step should be taken to recoveries the amount form the drawer against the security provided. All irregular outstanding account should be reported to the head office. 14 | P a g e

In the case of purchased outstanding at the close of the year discount received thereon should thereon should be properly apportioned between years.

Loan and advances:

The bank should make advances only after satisfying itself as to the creditworthiness of the borrowers and after obtaining sanction from the proper authorities of bank. The entire necessary document (e.g. agreement, demand promissory note, letter of hypothecation etc.)

Sufficient margin should be kept against securities taken to cover any decline in the value thereof and also to comply with proper authorities of directives. Such margin should be determined by the proper authorities of the bank as a general policy or for particular account.

All the securities should be received and returned by responsible officer. They should be kept in the joint custody of two such officer In the case of good in possession of the bank, content of the package should be test checked at the time of receipt.

Surprise check should be made in respect of hypothecated goods not in the possession of the bank. Market value of good should be checked by officer of the bank by personal enquiry in addition to the invoice to the invoice value given by the borrowers. As soon as any increased or decreased takes take place in the value of securities proper entries should be made in the drawing power book and daily balance book. These entries should be checked by an officer.

All account should be kept within both the drawing power and the sanctioned limit at all times. At the account, which exceed the sanctioned limit or drawing power or are against unapproved securities or are otherwise irregular, should be brought to the notice of the management/head office regularly. 15 | P a g e

Demand draft:

The signature on demand draft should be checked by an officer with signature book. All the best demand draft sold by should be immediately confirmed by the advice to the branches concerned. If the branches does not receive does not received proper confirmation of ant demand draft form the issuing branch or does not received credit in its account with that branches, it should take immediate step to ascertain the reason.

Inter branch account:

The account should be adjusted only on the basis of application with reasonably good credit assessment. Prompt action should be taken preferably by central authorities, if any entries are not reasonably time.

Credit card operation:

There should be effective screening of application with reasonably good credit assessment. There should be strict control over storage and issues of card. There should be at system whereby a merchant confirm the statues of utilized limit of a credit card holder form the bank before accepting the settlement in case the amount to be settled exceed a specified percentage of the total limit of the credit holder.

There should be system of prompt reporting by the merchant of all settlement accepted by them through credit cards.

16 | P a g e

Reimbursement to merchants should be made only after verification of the validity of merchant acceptance of card. All the reimbursement should be made immediately charged to the customers account. There should be a system to ensure that statements are sent regularly and promptly to the customers. There should be a system to monitor and follow up customer payment. Items overdue beyond a reasonable period should identification and attended to carefully. Credit should be stopped by informing the merchant through periodic bulletin, as early as possibly to avoid increased losses.

There should be a system of periodic review of credit card holder account. On the basis, the limit of customer may be revised; it necessary, the review should also includes determination of doubtful amount and the provisioning in respect thereof.

17 | P a g e

STAGES IN AUDITING

1) Preliminary work:

a) The auditor should acquire knowledge of the regulatory environment in which the bank operates. Thus, the auditor should familiarize himself with the relevant provisions of applicable laws and ascertain the scope of his duties and responsibilities in accordance with such laws. He should be well acquainted with the provisions of the Banking Regulation act, 1956 in the case of audit of a banking company as far as they relate of preparation and presentation of financial statements and their audit.

b) The auditor should also acquire knowledge of the economic environment in which the bank operates. Similarly, the auditor needs to acquire good working knowledge of the services offered by the bank. In acquiring such knowledge, the auditor needs to be aware of the many variation in the basic deposit, loan and treasury services that are offered and continue to be developed by banks in response to market conditions. To do so, the auditor needs to understand the nature of services rendered through instruments such as letters of credit, acceptances, forward contracts and other similar instruments.

c) The auditor should also obtain and understanding of the nature of books and records maintained and the terminology used by the bank to describe various types of transaction and operations. In case of joint auditors, it would be preferable that the auditor also obtains a general understanding of the books and records, etc, relating to the work of the other auditors, In addition to the above, the auditor should undertake the following:

I.

Obtaining internal audit reports, inspection reports, inspection reports and concurrent audit reports pertaining to the bank/branch. 18 | P a g e

II.

Obtaining the latest report of revenue or income and expenditure audits, where available.

III.

In the case of branch auditors, obtaining the report given by the outgoing branch manager to the incoming branch in the case of change in incumbent at the branch during the year under audit, to the extent the same is relevant for the audit.

d) RBI has introduced and offsite surveillance system for commercial banks on various aspects of operations including solvency, liquidity, asset quality, earnings, performance, insider trading etc., and has indicated that such reports shall be submitted at periodic intervals from the year commencing 1-04-1995. It will be appropriate to be familiar with the reports submitted and to review them to the event that they are relevant for the purpose of audit.

e) In a computerized environment the audit procedure may have to appropriately tuned to the circumstances, particularly as the books are not authenticated as in manually maintained accounts and the auditor may not have his in-house computer facility to taste the software programmes. The emphasis would have to be laid on internal control procedure related to inputs, security in the matter of access to EDP system, use of codes, passwords, data inputs being prepared by person independent of key operators and other build-in procedure for data validation and system controls as to ensure completeness and correctness of the transaction keyed in. system documentation of the software may be obtained and examined.

f) One set of tests that the auditor at both the branch level and head office level may apply for audit of banks in analytical procedure.

19 | P a g e

2) Evaluation of internal control system:

It may be noted that transaction in banks are voluminous and repetitive, and fall into limited categories/heads of account. It may, therefore, be more appropriate that the evaluation of the internal control is made for each class/category of transaction. If the exercise of internal control evaluation is properly carried out, it assist the auditor to determine the effectiveness or otherwise of the control systems and accordingly enable him to strengthen his audit procedures, and lay appropriate emphasis on the risk prone areas. Internal control would include accounting control administrative controls.

a) Accounting controls:

Accounting controls cover areas directly concerned with recording of financial transactions and maintenance of such registers/records as to ensure their reliability.

Internal accounting controls are also envisaging such procedures as would determine responsibility and fix accountability with regard to safeguarding of the assets of the bank. It would not be out of place of mention that there is a distinction between accounting system and internal accounting controls. Accounting system envisages the processing of the transaction and events, their recognition, and appropriate recording. Internal controls are techniques, method and procedures so designed and usually built into systems, as would enable prevention as well as detection of errors, omissions or irregularities in the process of execution and recording of transaction/events.

The internal accounting controls as would ensure prevention of errors, omissions and irregularities would include following:

I.

No transaction can be registered/recorded unless it is sanctioned/approved by the designated authority. 20 | P a g e

II.

Built- in dual control/supervisory procedures ensure that there is an independent automatic check on input/vouchers.

III.

No single person has authority to initiate transaction and record through all stages to the general ledger. Each day transactions are accurately and promptly recorded, and the control and subsidiary records are kept balanced through personnel independent of each other.

The auditor would be well advised to look into other areas may lead to detection of errors, omissions and irregularities, inter alias in the following:

I.

Missing/loss of security paper, stationery forms.

II.

Accumulation of transactions/balances in nominal heads of accounts like suspense, sundries, inter-branch accounts, or other nominal head of accounts particularly if their accounts particularly if these accounts are extensively used to balance books, despite availability of information.

III.

Accumulation of old/large unexplained/unsubstantiated entries in accounts with Reserve Bank of India and other banks and institutions.

IV.

Transaction represented by mere book adjustments not evidenced/substantiated or upon non-honoring of contracts/commitments.

V.

Origination debits I head office accounts/inter-branch accounts.

VI.

Analytical review procedure.

21 | P a g e

VII.

Serious irregularities pointer out in internal audit/inspection/special audit

VIII.

Complaints/matters

pending

in

the

vigilance/grievances

cell,

as

regards

discrepancies in accounts of constituents, etc.

IX.

Results of periodic analytical review, if observed as adverse.

a) Administrative control:

These are broadly concerned with the decision making process and laying down of authority/delegation of powers by the management. It may be noted that in the normal course, the head office use the zonal/regional offices do not conduct any banking business. They are generally responsible for administrative and policy decisions which are executed at the branch level.

3) Preparation of audit programme for substantive testing and its execution

Having familiarized him the requirements of audit, the auditor should prepare an audit programme for substantive testing which should adequately cover the scope of his work. In framing the audit programme, due Weightage should be given by the auditor to areas where, in his view, there are weaknesses in the internal controls. The audit programme for the statutory auditors would be different from that of the branch auditor. At the branch level, basic banking operations are to be covered by the audit. On the other hand, the statutory auditors at the head office (provisions for gratuity, inter- office accounts, etc.). The scope of the work of the statutory auditors would also involve dealing with various accounting aspects and disclosure requirements arising out of the branch returns.

22 | P a g e

4) Preparation and submission of audit report

The branch auditor forwards his report to the statutory auditors who have to deal with the same in such manner, as they considered necessary. It is desirable that the branch auditors reports are adequately in unambiguous terms. As far as possible, the financial impact of all qualification or adverse comments on the branch accounts should be clearly brought out in the branch audit report. It would assist the statutory auditors if a standard pattern of reporting, say, head wise, commencing with assets, then liabilities and thereafter items related to income and expenditure, is followed.

In preparing the audit report, the auditor should keep in mind the concept of materiality. Thus, items which do not materially affect the view presented by the financial statements may be ignored. However, in the judgment of the auditor, an item though not material, is contrary to accounting principles or any pronouncements of the Institute of Chartered Accountants of India or in such as would require a review of the relevant procedure, it would be appropriate for him to draw the attention of the management to this aspect in his long form audit report. In all cases, matters covering the statutory responsibilities of the auditor should be dealt with in the main report. The LFAR should be used to further elaborate matters contained in the main report and as substitute thereof.

Similarly while framing his main report, the auditor should consider, wherever practicable, the significance of various comments in his LFAR, where any of the comments made by the auditor therein is adverse, he should consider whether qualification in his main report is necessary by using his discretion on the facts and circumstances of each case. In may be emphasized that the main report should be self-contained document.

23 | P a g e

TYPES OF AUDIT
The entire process of audit depends upon the type of audit. Type of audit to be conducted is to be selected carefully, keeping in mind the objects of audit in each and every case. Hence it is essential to study the various types of audit before laying down the programme for any audit work.

CHART SHOWING DIFFERENTCLASSES OF AUDIT

BASED ON AUTHORITY

BASED ON SCOPE

BASED ON TIME

BASED ON OBJECT

OTHER TYPES

Statutory Audit Y

Non-Statutory Audit

Internal Audit

Complete Audit

Partial Audit

Continuous Audit

Final Audit

Interim Audit

Special Audit

Cost Audit

Management Audit

Social Audit

Balance Sheet Audit

Occasional Audit

Audit In Depth

Cash Audit

Operational Audit 24 | P a g e

BASED ON AUTHORITY: 1) Statutory Audit It is the audit, which is compulsory under the law*Appointment of auditors, removal, Remuneration, rights; duties, and liabilities are governed as per the provisions 'of the respective law applicable to the organisation. Scope of audit work and all other terms are as laid down by the law. It can be conducted only by a qualified Chartered Accountant.

2) Non-Statutory Audit Non-statutory audits are voluntary audits. These audits are not compulsory under any law. Terms and conditions of audit are determined as per the agreement made between the auditor and proprietor for e.g. financial audit of a sole trader or partnership firm. It also includes nonfinancial audits e.g. internal audit, management audit, Operational audit, Social audit, etc.

a) Private Audit The audit which is done for the satisfaction of the owner is called private audit. This type of audit is not compulsory at all. It may be conducted by sole proprietors, partnership firms, family trusts, private trusts, etc. The various types of private audit are i) Audit of Sole Proprietor Audit of accounts of a sole-proprietor is not compulsory. However, he may get his books audited for various reasons. Some of the reasons are: 1) 2) 3) For obtaining loan from bank and financial institutions. For presenting authentic data to income tax and Sales tax authorities. For his own satisfaction that his employees have written the books of accounts properly and that there are no frauds and errors. ii) Audit of partnership firms 1) Under partnership Act it is not compulsory to audit the accounts. However in actual practice it is not only advisable but even necessary to get them audited 2) It helps to prevent disputes among the partners. 25 | P a g e

3) 4) 5)

It facilitates borrowing from banks Audited accounts are preferred by income tax and sales tax departments. Audited accounts can be helpful in case of litigation.

3) Internal Audit

This type of audit is also optional. It is conducted by the internal auditor who is appointed by the proprietor. Even the employee of the organisation may be appointed as an internal auditor to examine the books of accounts. All the terms and conditions of audit work are determined by the agreement. The basic purpose of internal audit is not only to examine the books of accounts but also to review the present working and make valuable suggestions to improve it.

BASED ON SCOPE: 1) Complete Audit In complete audit the auditors have to check each and every transaction, voucher document etc. relating to the transactions of business. This types of audit is not possible in case of large business organizations. 2) Partial Audit Sometimes auditor may be called upon to audit few books and give his finding thereon. Sometimes he may be called upon to audit only the payment side of cashbook or receipts side only. This is called as Partial Audit. Auditor has to be very careful when he undertakes this type of audit. Usually this type of audit is called for when a fraud or misappropriation is" suspected. While submitting the report auditor should clearly mention -the scope and documents or books made available to him for his audit. Partial audit is not practical. Such an audits possible where audit is not a legal necessity.

26 | P a g e

BASED ON TIME:

1) CONTINUOUS AUDIT One where the auditor, or his staff, is constantly engaged in checking the accounts

during the whole period or where the auditor or his staff attends at regular or irregular intervals during the period. Continuous audit means an audit at regular intervals throughout the accounting year. Continuous audit, accounting and auditing work is done side by side.

(2) FINAL /ANNUAL /PERIODICAL / COMPLETED AUDIT: Periodic audit is also known as 'final or completed audit'. Final audit is carried out continuously until it is completed. It is a past accounts audit. In case of a final audit, the auditor gets hold of all the books of accounts and the vouchers for the, accounting Period. He is in possession of all the facts and figures relating to the accounting period for which the audit is being conducted. In case of this audit, the auditor visits the clients place only once and remains there till the audit is over. Generally this type of audit is appropriate for smaller business concerns. Generally majority of audits are in the nature of Final Audits.

(3) INTERIM AUDIT: It is a kind of audit, which is conducted in between the annual or final audits. It is conducted

to find out the interim profit and know the financial 'position at the end of a part of the accounting year. This is usually carried out at half yearly intervals. Hence, this is also called as half yearly audit.

27 | P a g e

BASSED ON OBJECT : 1) SPECIAL AUDIT Under section 233 A of companies Act, the central government has power to direct special audit under following circumstances: a) When the affairs of any company are not managed as per the sound business principles. b) When the financial position of the company is such as to endanger its solvency. c) When company is being managed in a manner which is likely to cause serious injury or damage to the interest of trade or industry The auditor appointed by the government is required to report to the government.

2) COST AUDIT It is a type of audit, which involves verification of cost records maintained by the organisation. Under section 233 B of the companies Act, 1956 the central government may direct an audit of cost records by a person who is qualified. Appointment of auditor is done by the board of director subject to the approval of the central government. The auditors repot to the government, the copy of the report is send to the company. It has been defined as the verification of the correctness of cost accounts and of adherence to the cost accounting plan.

3) Management audit:'Management auditing is concerned with review of operations and performance of management to improve efficiency and effectiveness of the organisation. It is, thus, an extension of internal audit function. Some authors use the terms management auditing and operational auditing interchangeably because of the close resemblance of methodology employed. But it may be noted, although operational auditing is also concerned with review of operations of an entity, management auditing, in addition to it also includes review of managerial performance. Secondly, the frame of reference of a management audit is derived, generally, from the expectations of the external participants and not of organisation's management as in case of operational auditing.

28 | P a g e

4) Social audit Social audit is a recent development in the field of at it is based on the modern concept of social responsibility of business. Social audit examines to what extent the business is discharging the social responsibilities. It examines the contribution of the concern to the society at large.

Other types:

1) Balance sheet Audit Balance Sheet audit is of a recent origin. It has acquired popularity in U.S.A. As the very name suggests, balance sheet audit consists of verification of all the items appearing in the balance sheet such as assets, capital, reserves and liabilities of the business. Under 'balance sheet audit, the auditor commences audit on the basis of the Balance sheet, and he works back to the books of original entry and other evidences. Though balance sheet audit concentrates mainly on balance sheet items, it also includes an examination of those transactions, which are appearing in the Profit and Loss Account because balance of Profit and Loss Account appears in the balance sheet. Thus, in balance sheet audit all the items contained in the balance sheet and other related or allied items are verified completely. The auditor' will check up general ledger also

(2) Occasional audit: This type of audit is carried out occasionally as per the need of the business, T1V applicable to the proprietary concerns such as sole traders and partnerships, it is just a need-based audit. It is conducted at the desire of the owner of the business. This of audit is not possible in case of Joint Stock Company as the annual au; compulsory as provided in Companies Act, 1956.

29 | P a g e

(3) Audit in Depth Under this type of audit, the auditor examines thoroughly selected transactions right from their origin to the conclusion. All records and documents pertaining to the

transactions are checked in detail. The basic purpose of this type of audit is to whether the system of internal check or control system is effective. This type of audit enables the auditor to suggest to the management a better procedure for recording the transactions to avoid any loopholes for committing frauds. 4) Cash Audit Here the auditor examines only cash transactions. He examines cash receipts and cash payments. Cash transactions are checked with the help of receipts and vouchers and other evidences. The receipts and payments may be capital or revenue in nature. 5) Operational Audit Operational audit goes beyond financial audit. It is conducted to see that the business operations are improved in future. It guides the management in achieving organizational objectives

30 | P a g e

INTRODUCTION TO BANK AUDIT

Bank Audit is a time bound exercise and it is full of challenges and responsibilities. For those who approach this exercise with scientific methods and proper planning The auditor has very limited option as far as the availability of time is concerned, therefore, the only option he has is to carry out the audit in a very scientific manner so that he is able to conduct a purposeful audit in the limited time.

Generally, the appointment letters are received in second or third week of March and the auditors are expected to commence the audit in the first week of April and to complete the audit, in one visit and in all respect, by the end of second week of April. Therefore, the time available for the completion of audit in all respects is generally in the range of 4-5 days to a maximum of a week or 10 days, irrespective of the size of the branch, volume of business and nature of activities.

The banks are taking effective measures to address this issue and some banks have allowed the auditors of large and very large branches to visit the respective branches before the close of the year. Such visits help the auditors to gather lot of first hand information and insight about the branch and its business profile, performance, NPA profile, client profile, level of computerization, etc.

Generally, banks circulate detailed closing instructions to the branches and the auditors well in advance. It is important to review the instructions and to incorporate the significant instructions in the audit plan/programme/checklist. With the latest information available at the touch of button, it is very important that to keep update about the significant developments in the banking sector and to incorporate all the significant developments in the audit programme/checklist.

31 | P a g e

As the concept of Peer Review is already put in place, it is important that while carrying out the attest function due emphasis is given to Auditing & Assurance Standards and other pronouncements of the Institute while discharging the attest function. Apart from this, it is also important to preserve all the required documents/representations etc. for future reference.

Appointment of Auditor

The auditor of a banking company is to be appointed at the AGM of the shareholders, auditor of a nationalised bank is to be appointed by the bank concerned acting through its Board of Directors. In either case, approval of the Reserve Bank is required before the appointment is made. The auditors of the SBI are to be appointed by the RBI in consultation with the Central Government. The auditors of the subsidiaries of the SBI are to be appointed by the SBI. The auditors of RRB's are to be appointed by the bank concerned with the approval of the Central Government.

As mentioned earlier, the SBI Act, 1955, specifically provides for appointment of two or more auditors. Besides, nationalised banks and subsidiaries of SBI also generally appoint two or more firms as joint auditors.

Remuneration of Auditor

The remuneration of auditor of a banking company is to be fixed in accordance with the provisions of section 224 of the Companies Act, 1956\i.e., by the company in general meeting or in such manner as the company in general meeting may determine). (The remuneration of auditors of nationalised banks and SBI is to be fixed by the RBI in consultation with the Central Government. The remuneration of auditors of subsidiaries of SBI is to be fixed by the latter. In the case of RRB's, the auditors' remuneration is to be determined by the bank concerned with the approval of the Central Government.

32 | P a g e

Powers of Auditor:

The auditor of a banking company or of a nationalised bank, SBI, a subsidiary of SBI/or a regional rural bank has the same powers as those of company auditor in the matter of access to the books, accounts, documents and voucher's. He is also entitled to require from the officers of the bank such information and explanations as he may think necessary for the performance of his duties. In the case of a banking company, he is entitled to receive notice relating to any general meeting. He is also entitled to attend any general meeting and to be heard there at on any part of the business, which concerns him as auditor

It may be noted that the Regional Rural Banks Act, 1976, does not contain any provisions relating to audit of branches. Accordingly, in the case of such banks, audit of branches is also carried out by the auditors appointed for the bank as a whole.

33 | P a g e

AUDIT (Legal provisions)

The provisions of section 30 of the Banking Regulation Act relating to audit apply to the banking companies. Sub-section (1B), (1C) and (2) also apply to nationalized banks, regional rural banks and the State Bank of India and its subsidiaries.

Section 30 reads as below:

(1) The balance sheet and profit and loss account prepared in accordance with section 29 shall be audited by a person duly qualified under any law for the time being in force to be an auditor of companies.

(1-A) Not withstanding anything contained in any law for the time being in force or in any contract to the contrary, every banking company shall, before appointing, re-appointing or removing any auditors, obtain the previous approval of the Reserve Bank.

(2) The auditor shall have the powers of, exercise the functions vested in, and discharge the duties and be subject to the liabilities and penalties imposed on, auditors of companies by section 227 of the Companies Act, 1956 and auditors, if any appointed by the law establishing constituting or forming the banking company concerned.

(3) In addition to the matters, which under the aforesaid act the auditor, is required to state in his report, (a) Whether or not the information and explanations required by him have been found to be satisfactory; (b) Whether or not the transactions of the company which have come to his notice have been within the powers of the company; (c) Whether or not the returns received from branch offices of the company have been found adequate for the purposes of his audit; 34 | P a g e

(d)

Whether the profit & loss account shows a true balance of profit or loss for the period covered by such account;

(e)

Any other matter, which he considers, should be brought to the notice of the shareholders of the company.

35 | P a g e

AUDITING AND ASSUARANCE STANDARD (AAS) XX:

The auditor should obtain an understanding of internal control relevant to the audit. The auditor uses the understanding of internal control to identify types of potential misstatements, consider factors that affect the risks of material misstatement, and design the nature, timing, and extent of further audit procedures. Internal control relevant to the audit is discussed below. Internal control, consists of the following components: (a) The control environment. (b) Control activities. (c) Monitoring of controls.

Controls Relevant to the Audit 1) There is a direct relationship between an entity's objectives and the controls it implements to provide reasonable assurance about their achievement. The entity's objectives, and therefore controls, relate to financial reporting, operations and compliance; however, not all of these objectives and controls are relevant to the auditor's risk assessment. 2) Ordinarily, controls that are relevant to an audit pertain to the entity's objective of preparing financial statements for external purposes that give a true and fair view (or are presented fairly, in all material respects) in accordance with the applicable financial reporting framework and the management of risk that may give rise to a material misstatement in those financial statements. It is a matter of the auditor's professional judgment, subject to the requirements of this AAS, whether a control, individually or in combination with others, is relevant to the auditor's considerations in assessing the risks of material misstatement and designing and performing further procedures in response to assessed risks. In exercising that judgment, the auditor considers the circumstances, the applicable component and factors such as the following: The auditor's judgment about materiality. The size of the entity. 36 | P a g e

 The nature of the entity's business, including its organization and ownership characteristics. The diversity and complexity of the entity's operations. Applicable legal and regulatory requirements. The nature and complexity of the systems that are part of the entity's internal control, including the use of service organizations. 3) Controls relating to operations and compliance objectives may, however, be relevant to an audit if they pertain to data the auditor evaluates or uses in applying audit procedures. For example, controls pertaining to non-financial data that the auditor uses in analytical procedures, such as production statistics, or controls pertaining to detecting non-compliance with laws and regulations that may have a direct and material effect on the financial statements, such as controls over compliance with income tax laws and regulations used to determine the income tax provision, may be relevant to an audit. 4) Internal control over safeguarding of assets against unauthorized acquisition, use, or disposition may include controls relating to financial reporting and operations objectives. In obtaining an understanding of each of the components of internal control, the auditor's consideration of safeguarding controls is generally limited to those relevant to the reliability of financial reporting. For example, use of access controls, such as passwords, that limit access to the data and programs that process cash disbursements may be relevant to a financial statement audit. Conversely, controls to prevent the excessive use of materials in production generally are not relevant to a financial statement audit.

Control Activities 1) The auditor should obtain a sufficient understanding of control activities to assess the risks of material mis-statement at the assertion level and to design further audit procedures responsive to assessed risks. Control activities are the policies and procedures that help ensure that management directives are carried out; for example, that necessary actions are taken to address risks that threaten the achievement of the entity's objectives. Control activities, whether within IT or manual systems, have various objectives and are applied at

37 | P a g e

various organizational and functional levels. Examples of specific control activities include those relating to the following: Authorization, Performance reviews, formation processing, Physical controls,

Segregation of duties 2) General IT-controls are policies and procedures that relate to many applications and support the effective functioning of application controls by helping to ensure the continued proper operation of information systems. General IT-controls that maintain the integrity of information and security of data commonly include controls over the following: Data centre and network operations. System software acquisition, change and maintenance. Access security. Application system acquisition, development, and maintenance.

The auditor should document:

The manner in which these matters are documented is for the auditor to determine using professional judgment. In particular, the results of the risk assessment may be documented separately, or may be documented as part of the auditor's documentation of further procedures. Examples of common techniques, used alone or in combination include narrative descriptions, questionnaires, check lists and flow charts. Such techniques may also be useful in documenting the auditor's assessment of the risks of material misstatement at the overall financial statement and assertions level.

For example, documentation of the understanding of a complex information system in which a large volume of transactions are electronically initiated, recorded, processed, or reported may include flowcharts, questionnaires, or decision tables. For an information system making limited or no use of IT or for which few transactions are processed (say, long-term debt), documentation in the form of a memorandum may be sufficient. Ordinarily, the more complex the entity and the more extensive the audit procedures performed by the auditor, the more 38 | P a g e

extensive the auditor's documentation will be. AAS 3, "Documentation" provides guidance regarding documentation in the context of the audit of financial statements.

Effective Date This Auditing and Assurance Standards is effective for audits related to accounting periods beginning on or after 1st April, 2007.

39 | P a g e

PREPARATION AND PLANNING FOR AUDIT

The audit preparation and planning should start immediately on receipt of the appointment letter and the auditor should not wait until actual commencement of audit for the same. The various stages involved in audit preparation and planning and the other related issues have been discussed below in detail.

STAGE I: AT THE OFFICE UNDERSTANDING THE BASIC SCOPE OF AUDIT: Broadly the scope of audit can be divided into three main parts: 1. Authentication of closing returns such as: a) Balance Sheet. b) Profit and Loss Account either for the full year or for two half years. c) Master Summary of advances containing asset classification. d) Statement of furniture/fixtures, computers, etc. and depreciation. e) Statement of Capital Adequacy. f) Statement of maturity pattern of loans & advances and deposits. g) Statement of maturity pattern of foreign currency assets and liabilities. h) Statement of maturity pattern of borrowings. i) Statement of cash and bank balance on twelve odd dates. j) Statement of lending to sensitive sectors. k) Statement of movements in NPA. 1) Statement of advances made by rural branches.

2. Issuance of certificates in relation to: a) Claim for PMRY subsidy. b) Refund of DICGC claim. c) Asset classification, income recognition and provisioning. d) Memorandum of Changes (MOC) for previous year. 40 | P a g e

e) Investments, if any, held on behalf of Head office.

3. Issuance of reports including special purpose reports/certificates such as: a) Auditors Report. b) Long Form Audit Report. c) Tax Audit Report. d) Compliance certificate in respect of implementation of recommendations of Ghosh & Jilani Committees. The scope is illustrative and not exhaustive and it may differ from bank to bank.

COMMUNICATION WITH THE BRANCH

Generally, the appointment letter issued by the HO/CO also contains the details like complete postal address and contact numbers of the branch, name of the branch head, business portfolio of the branch, etc. If these details are not mentioned in the appointment letter, the same must be obtained.

Depending upon the business profile of the branch, the auditor must issue written communication for all the audit requirements to the branch. PREPARATION OF AUDIT PROGRAMME 1. While preparing/updating audit programme due importance must be given to a) Auditing & Assurance Standards and other pronouncements of the Institute. b) Provisions of the governing statutes. c) Latest closing instructions. d) Latest business profile. e) Audited and un-audited financial statements. f) LFAR for the previous year. g) Guidelines and circulars issued by RBI. h) Past experience of bank audit. 41 | P a g e

2. Generally, the information about the closing returns to be signed and certificates and reports to be issued is mentioned in the appointment letter and/or the closing instructions issued by the HO/CO. It must be ensured that all this information is properly updated/incorporated in the audit programme and all the related instructions for the closing returns, certificates, reports, etc., are incorporated in the audit checklist. 3. As most of the branches/operations are computerized, due emphasis must be given to the level of computerization at the branch level. The audit approach in case of a computerized branch is totally different from the one adopted in case of the branch maintaining manual records. 4. The audit programme must be flexible and have substantial scope for modification/revision during the course of audit.

STANDARDIZATION OF WORKING PAPERS 1. As the scope of audit is very wide and the time available is very limited, there are chances

that the (a) Critical/important areas are either completely omitted or not audited thoroughly by the team. (b) Proper noting of important issues observed is not made. (c) More time is devoted on insignificant matters/areas. 2. In order to avoid such possibilities, it is advisable that all the working papers including

audit programme/checklist and audit memo/query sheet are standardized.

STAGE II: AT THE BRANCH UNDERSTANDING THE EDP ENVIRONMENT 1. Before commencing the audit, it is very important to understand the EDP environment at the branch. The team must interact with the EDP department at the branch to gain an understanding of the overall EDP environment.

42 | P a g e

2.

The team must review the report on System Audit, if any, conducted during the year. The team must also review the reports of concurrent auditors, RBI Inspectors and Internal Inspectors to understand the overall EDP environment at the branch.

3.

The audit team must be properly briefed about (a) The approach of audit in the computerized environment. (b) The system of data processing and generation of various outputs at the branch. (c) The importance of proper understanding and verification of the output before placing reliance. (d) The basic differences between the Automated Ledger Posting Machine (ALPM) branches, Total Branch Mechanization (TBM) branches and branches under Core Banking Solutions (CBS).

4.

At times, the branches continue to use old version of the software even though latest version is supplied. It must be ensured that the version being used by the branch is the latest version that is supplied by the controlling authorities.

5.

The

branches

are

required

to

maintain

logbook

for

recording

any

disruption/corruption/breakdown that may arise in the software/ hardware at the branch. The logbook must be reviewed to understand the implication of the systemic issues on the overall presentation of the financial statements.

EXECUTION OF AUDIT During execution of audit, following important aspects must be borne in mind: 1. The audit programme and the checklists must be suitably updated/ modified in the light of the understanding gathered about the overall functioning of the branch. 2. 4. The audit observations must be discussed on a daily basis. The documentation and proper filing must be given due importance. All the audit memos along with the supporting documents must be systematically filed on a daily basis. 5. The final issues affecting the true and fair view and other disclosures must be discussed with the branch management.

43 | P a g e

COMPLETION OF AUDIT At the final stage, the following important aspects must be borne in mind: 1. The auditor must ensure that all the audited closing returns, reports and certificates have been duly signed and stamped. 2. 3. It must be ensured that LFAR has also been prepared and discussed with the branch. Tax audit must also be completed during the course of statutory audit, as no separate visit is allowed for the same. 4. The copies of the audited closing returns, reports and certificates are obtained for the purpose of filing. 5. 6. Necessary representation letter must be obtained from the branch management. In case the Bank requires Attendance Certificate to be submitted along with the bill, ensure that the same has been obtained in the prescribed format.

AUDIT OF BL. AND P&L:

The statutory audit of banks and their branches is generally described as Balance Sheet Audit. The audit procedures followed in case of banks are to some extent different from those followed in case of other entities. The reason being the system of accounting followed and the nature of records maintained by the banks. Before we proceed with the Balance Sheet and the Profit & Loss Account, it is advisable to gain an understanding of accounting system and the nature of records of the branch.

The suggested audit approach in respect of the various items of the Balance Sheet and the Profit & Loss Account is as follows: GENERAL APPROACH 1. It is advisable to (a) Compare figures in the manual formats/closing returns prepared by the branch with the system generated outputs of the trial balance and groupings. 44 | P a g e

(b) Ensure completeness of the data/output provided before commencement of verification thereof. (c) Understand the nature of unusual accounts, the accounting entries thereof and the implication of balances appearing in those accounts. (d) Identify the accounts to be verified in detail.

2. Generally, the branches are instructed to generate the hard copies of ledgers and other records as per the specified periodicity. These records are available for the purpose of verification by the auditors. 3. Generally, the extract of significant accounting policies followed by the bank as a whole is provided to the branch and the branch auditor. In case it is not made available the same should be obtained. Many a times, the branch follows different accounting policy specially while recognizing guarantee commission, overdue interest on advances, discount on bills, accruing interest on overdue deposits, prepaid/unpaid expenses, etc. It must be ensured that the branch does not violate the significant accounting policies followed by the bank. 4. As the figures are inserted manually in the formats, it is important to ensure these are free from totaling errors. In case there is overwriting, cancellation, use of white ink, etc., in the formats, it must be ensured that the same are properly stamped and initialled by the branch and the auditor. 5. In respect of certain items of the balance sheet and profit and loss account that are expressed in foreign currency like FCNR deposits and interest thereon, Foreign letter of credit, Foreign currency loan and interest thereon, etc., it must be ensured that the year-end figures are revalued as per the prescribed procedures. In case there are no stated guidelines for the same, the procedure adopted by the branch for revaluation or the fact that no such revaluation is done as at the year-end must be stated in the audit report.

45 | P a g e

SPECIFIC AUDIT APPROACH FOR MAJOR ITEMS OF BALANCE SHEET PART I: ASSETS 1. Cash a) Evaluate the effectiveness of internal controls being exercised by the branch by making enquiries about the daily verification of cash at the opening and the closing hours, maintenance of cash related registers and vault regi'ster, safety of cash cabin, dual custody of cash, safe keeping of vault and cash box keys, recording of movements of keys, dual custody of the keys, security arrangements for cash movements, decoy money, daily cash holding and retention limit, etc. b) Review the reports of the concurrent auditors to ascertain the level and effectiveness of internal controls and also ascertain the frequency of cash verification carried out by the concurrent auditors. c) Verify the closing cash balance at the branch and the extension counter/ATM center connected to the branch as on the last day of the year or as of any day during the course of audit in the presence of the cashier and the manager.

2.

Balances with Reserve Bank of India, State Bank of India and other Banks Verify the balances as per the books with the balance confirmation certificates received from

these banks. Ensure that the matters to be reported in LFAR have been duly verified and incorporated. 3. Money at call and short Notice Generally these assets are not held or dealt with at the branch level. 4. Investments Generally these assets are not held or dealt with at the branch level. 5. Advances The audit approach in respect of advances is covered in detail in audit of advances 6. Furnitures, fixtures, computers and office equipments a) Evaluate the effectiveness of internal controls over acquisition, recording, identification, safeguarding and periodic verification of these items. 46 | P a g e

b) Verify the major additions and deletions/disposals with the related supporting documents such as invoices, challans, etc.

7.

Other asset - Inter Office adjustments (NET) a) Understand the basic nature of such transactions, the relevance thereof for the overall presentation of financial statements and the procedure for recording such transactions. b) Ensure that the closing balance shown in the statement of the last day of the year tallies with the corresponding balance in General Ledger. c) Comment of very old and high value un-reconciled items.

8.

Other asset - Interest accrued Ascertain the system of accruing interest on advances in the computerized branch in the

light of RBI guidelines for monthly charging of interest. 9. Other asset - Suspense account a) Understand the guidelines issued by HO for operating suspense account. b) c) d) Obtain the details of entries/items outstanding as at the year-end. Identify the provision to be made in respect of very old entries. Ensure that the matters to be reported in LFAR have been duly verified and

incorporated. 10. Other asset - Stationery and stamps Evaluate the effectiveness of internal controls exercised by the branch for acquisition, recording, usage, physical verification, dual custody, access, etc., for stamps, deposit receipts, drafts, pay-orders, cheque books, traveller's cheques, gift cheques, etc. 12. Other asset - Miscellaneous debits in Government accounts Generally the balance outstanding in this account indicates the pending claims to be received from the Government towards pension, provident fund, etc., paid by the branch on behalf of the Government. 13. Other asset - Security deposits It relates to telephone deposit, mobile deposit, electricity deposit, deposit paid to the landlord for leased premises, etc. 47 | P a g e

PART II: LIABILITIES 1. Deposits a) Ensure that the balances as per the subsidiary ledgers of various deposit accounts are duly balanced and tallied with the respective balances in the general ledger. Any difference in the balancing should be reported in the audit report. b) Understand the types of various deposits held by the branch and the salient features of those deposits with reference to the due dates for application, accrual, compounding and payment of interest. c) Ascertain that the branch has complied with the RBI guidelines related to opening and maintenance of deposit accounts including NRI deposit accounts. More emphasis should be given to KYC norms, operations in new accounts, heavy cash deposits and withdrawals, etc. Any serious discrepancy in this regard should be reported.

2.

Borrowings Generally borrowings are not held or dealt with at the branch level.

3.

Bills payable a) Generally bills payable relates to pay-order (PO), demand draft (DD), telegraphic

transfer (TT) and mail transfer (MT) and banker's cheque issued by the branch. The balances in these accounts indicate progressive balance that is subject to reconciliation at HO level. b) Ensure that the details of lost demand drafts, if any, circulated by RO/HO is readily

available with the branch.

4. 5.

Inter-office adjustment (NET) For details refer item 7 of PART I. Interest accrue Ascertain the system of accruing interest on deposits in the computerized branch. Generally interest on deposits is accrued at the last day of the month and is reversed on the first day of the succeeding month. 48 | P a g e

6.

Other liabilities - Rebate on Bills discounted a) Ascertain that the branch has complied with the related accounting policy and

necessary accounting has been done in respect of discount received in advance for the unexpired period of the bills outstanding as at the year-end. b) In case the bill-wise details are not made available and the amount of rebate is

material, report the fact in the audit report. 7. Other liabilities - Tax deducted at source `Normally tax is deducted at source as per the Income Tax Act, 1961 in respect of interest on term deposit, staff salaries, rent, professional charges and payments made to the contractors, etc. 8. Other Liability - unrealized interest on NPA a) This account is also referred to as Interest Suspense, De-recognized Interest, etc.

b) Generally the branches are required to maintain subsidiary ledger/register for recording account-wise details of unrealized interest.

9. Other liabilities Others a) This could include sundry deposits, staff security deposit, margin money and statutory dues such as deduction of professional tax, provident fund, ESI, etc. b) In respect of the statutory dues, ensure that proper reporting has been done in the Tax Audit Report.

PART III: CONTINGENT LIABILITY 1. Claims against the Bank not acknowledged as debts a) Generally this includes disputed amounts of lease rent, property tax, etc., in respect of premises taken on lease. b) Obtain suitable representation from the branch about the completeness of the disclosure of such contingent liabilities. 2. Guarantees and acceptances, endorsements & other obligations 49 | P a g e

Obtain the list of un-expired guarantees and letters of credit. In case the list is not made available, report the fact in the audit report.

PART IV: BILLS FOR COLLECTION (CONTRA ITEMS) a) Obtain the list of bills /or collection (inward and outward) outstanding as at the year-

end and verify the same with the related registers maintained by the branch. b) Ascertain that age of the outstanding bills and the reasons for old items.

SPECIFIC AUDIT APPROACH FOR MAJOR ITEMS OF PROFIT AND LOSS ACCOUNT PART I: INCOME 1. Interest/discount on advances/bills a) Evaluate the overall effectiveness of internal controls through the reports of

concurrent auditors and other agencies. b) Ascertain the nature and the extent of revenue leakage detected by the concurrent

auditors. c) Ascertain that the branch has complied with HO instructions for recognizing penal interest and overdue interest. 2. Other income - commission, exchange and brokerage a) It normally includes commission/exchange on letters of credit, guarantees,

remittances and transfer of funds through DD, TT, MT, etc., bills for collection and Government business. b) Ensure that the branch has complied with the provisions of Service Tax and other

taxes applicable on services. 3. Other income - profit on sale of fixed assets a) It normally includes profit or loss (net) on sale of motor vehicle, furniture and

fixtures, computers and other fixed assets held by the branch. b) Ensure that proper accounting has been done for the depreciation till the date of

disposal as per the accounting policy framed by the bank.

50 | P a g e

4.

Other income - miscellaneous income a) It normally includes locker rent, recovery of godown rent, income from bank's

property, security charges, etc. b) In case locker rent is recovered in advance for a year or more, ensure that the same

is properly apportioned on time period basis or as per the accounting policy advised by HO. PART II: EXPENDITURE 1. Interest on deposits a) Evaluate the overall effectiveness of internal controls through the reports of

concurrent auditors and other agencies. b) Obtain copies of applicable interest rate circulars issued by HO and verify the rate

applied for certain deposit accounts. More emphasis should be given to changes in the rates, premature closures, back-dated renewals, high value deposits, short-term deposits, staff deposits, special category of deposits, tax deduction at source, etc.

2.

Salary & allowances to staff a) Generally monthly salary and allowances to staff are processed centrally either at

RO or at any other main branches and the related records are also maintained there. The monthly salary sheets are then passed on to the respective branches and the payment is made by those branches. In such a situation, it must be ensured that the branch has properly accounted the payments for the entire year.

3. Rent a) Obtain the details of the rented premises used by the branch either for the branch

operations or for the officers/managers and the copies of the rent agreements. b) In case the lessor has availed loan against the rent payable by the branch ensure that the rent is properly appropriated towards the loan outstanding.

51 | P a g e

4.

Electricity a) Obtain the details of connections that are used for the branch premises and for the

staff premises. b) Ensure that the payment is made as per the original bills held by the branch.

5.

Printing & stationery Generally HO or any centralised department of the bank ! supplies major stationery

items like security items, etc., to the branches. At branch level, these items are recorded in the memorandum registers for the purpose of internal control. In case these items are recorded in the main books, ensure that the same are properly accounted as per the advices received from the HO. 6. Depreciation a) Ensure that the depreciation has been charged as per the rates and the method

prescribed in the HO instructions especially with reference to additions and deletions during the year. More emphasis should be given to inter branch transfer of assets and the depreciation thereon. b) Generally the branches commit mistakes in identifying revenue and capital expenditure. In case such mistakes are observed during the course of audit, it is advisable to identify the corresponding impact on the depreciation.

7.

Legal charges Ensure that these payments are made on the basis of the bills and other supporting

documents. More emphasis should be given to the approval/sanction of higher authorities required for making such payments.

8.

Postage, telegram & telephone a) Obtain the list of telephone connections used in the branch premises and residential

premises of the staff, as per the policy of the bank. c) Ensure that the payments are made as per the original bills held by the branch. 52 | P a g e

9.

Repairs & Maintenance Normally it includes expenditure incurred on repairs and maintenance of vehicles,

furniture, fixtures, premises, etc., and annual maintenance contracts (AMC) for computers, air conditioners, etc.

10. Insurance a) Normally it includes expenditure incurred on insurance of office equipments

installed at the branch like computers, air conditioners, etc. d) Obtain the details of insurance policies, if any, held by the branch.

11. Other expenditure It includes all other expenditure including professional charges, concurrent audit fees, etc., that is not included in any of the specific heads.

53 | P a g e

AUDIT OF ADVANCES PART I: INTRODUCTION Loans and advances constitute major portion of the assets of any branch and interest thereon is the major source of revenue for any branch. In view of the significance attached to this item, it is important for the auditor to thoroughly understand the scope of the audit and the reporting requirements. It is advisable to standardise the basic format of the scope of audit and also the notes to be prepared by the team at every stage of the verification. While verifying the advances it is important to keep in mind the requirements of LFAR, recommendations of Ghosh and Jilani Committees, Prudential Norms of RBI and various certificates to be issued. PART II: AUDIT PROCEDURE (Account level) 1. It is advisable to cover the following important aspects while verifying advances: (a) Compliance with terms and conditions as per the sanction letter. (b) Regular submission of stock and book-debt statements, QIS/ MSOD and audited and un-audited financial statements. (c) Adequacy of insurance coverage. (d) Adequacy of security coverage. (e) Quality of credit monitoring. (f) Regular renewal/review of limits. 2. It is advisable to review the following records/documents: (a) Latest sanction letter. (b) Latest correspondence files. (c) Stock & book-debt statements. (d) Latest audited and un-audited financial statements. (e) Insurance policies. (f) Latest valuation reports. (g) Latest stock-audit report, wherever applicable. (h) Legal documents. 54 | P a g e

(i) Latest inspection reports. (j) Minutes of consortium meetings, wherever applicable. (k) Review/Renewal proposal, if any, for expired limits.

PART III: IMPORTANT ASPECTS OF PRUDENTIAL NORMS While verifying compliance of the prudential norms issued by RBI give more emphasis on: a) b) c) d) e) f) g) h) Operations in the accounts of the borrower. Possibility of window dressing in the account. Reversal of unrealised interest. Identification of the date of NPA. Valuation of security. Accounts upgraded from NPA category to standard category. Potential NPA. Standard accounts with lowest credit rating

i) Standard accounts with negative net worth/under BIFR. j) Asset classification by the other consortium members.

55 | P a g e

AUDITING IN COMPUTERISED ENVIRONMENT

Technology and its progress has often been linked to progress of civilization. From the time man learnt to control fire to the iron and Bronze Age, we have noted that the control over inventions like guns and cannons have given certain civilizations the upper hand over the ones they conquered. It is not necessary for the inventions and progress to be restricted to the field of military or defence. Progress in Banking is an equal parameter of the cultural development of a civilization and like any other field; this sector is not spared from the technical revolution, which has taken over other sectors. This delves into the necessity of value added APPROACH to the traditional audit and not solely dependent on the system auditors. These approaches are general and can be applied to any environment whether LAN Branch or a core banking situation.

Is the burden shifted to the system auditor? There is unlikely any professional who will take this stand of shifting the burden to the other auditor. There are a few checks you can do without undergoing intensive training and examination! Please note that the computer system environment referred to here is a minimum of LAN (Local Area Network) or even a Core system where the data hub is at a Central Location and the branches/offices are connected to this data hub despite being many cities away. Apart from the large corporations and multinationals, many Banks, even large cooperative Banks have taken this option. Even the branch auditor, thus, has to take certain precautions to ensure he gives justice to his work.

56 | P a g e

PHYSICAL ACCESS CONTROL

In case the site is a LAN, the Server should be secure since the software and data is located in this device. Access to the Server room should be restricted and only senior management should permit 'outsiders' like software and hardware vendors to enter the server room. Many of the frauds that have already occurred in India would have been prevented only if this access was closely monitored. Apart from protecting the server from bad intentioned persons, we have to ensure it is protected from accidents of fire and water by installation of smoke alarms in the server room and extinguishers outside the server room. In case of core banking, the devices used for communication should be accorded the status of protection of the server. Computers require electrical power for working and when the environment is live, work comes to a standstill unless power is provided though a UPS (Uninterrupted Power Supply) This has battery bank and is activated immediately when the power fails providing a continuous power without any interruption. These machines heat when generating power and if proper ventilation is not provided, these UPS will provide service for shorter durations not only compromising the work but also wasting the investment of the company. Simple rules of maintenance should also be followed and monitored. While all pay attention to the application software access, many forget to police the access to the operating system. File copy, deletion even data manipulation (especially under database environments) etc. are some potential disasters that are possible unless controlled. You will have to ensure that the company holds the original license for using the operating system software. Ensure whether the original Operating System Media supplied by the vendor is available in the Company. This is necessary to ensure reloading in case of accidental corruption. Only if the company has the system can it be loaded without waiting for the vendor's representative. The application developed for the company should be encoded and not left in a manner that can be re-programmed by the user. This will enable any person knowing a bit of programming of that language to design trapdoors for fraud and these are later very difficult to identify. Over here, 'Prevention is easier than the cure'.

ENVIRONMENTAL SECURITY

SAFEGUARDING OF ASSETS -UPS

OPERATING SYSTEM CONTROLS

APPLICATION SYSTEM CONTROL

57 | P a g e

PASSWORD AND ACCESS CONTROL

Password control is the 'logical' access to the computer. The system should have passwords and these should be demanded by the system to changed frequently ensuring that the last password is not accepted, (not accepting last 12 is the least) Along with this, the 'internal control' should be ensured by the system ensuring that the person creating the voucher should not be permitted to authorize the voucher and without authorization, no voucher (other than system generated vouchers) should be accepted by the system. The corollary of this requirement is to ensure (check) that each user has only one identity in the system otherwise one person will take the identity of the clerk and with a change in short name take another identity of an officer thus effectively compromising the system.

Checklist for Audit of Computerized Operations ENVIRONMENT 1. Securing the The machines should be locked at the end of the day. Ensure that either the computers furniture, which is adjusted for locking, is locked or that the hardware lock of the computer is used. This is a simple point often ignored. Unlocked computer means any one can start it and the only hurdle after that is the password. Poor password maintenance further compounds risk of unlocked computers. Securing During computer operations especially during service hours, it is not during uncommon for the operator to leave his/her seat. The operator and thus you operations as an auditor should ensure that the operator either exits from the system or leaves it at a point where it cannot proceed without a password.

2.

Password Password is a key to something more valuable than cash - data No. Check for 1, Password allotment register Discussion on checkpoint When a password is allotted, entry is made in this register. This is similar to the key register where entries are made at time of giving keys. Check here whether the password level is also specified. Authority to give password is to the branch manager and those who hold supervisor password.

58 | P a g e

2.

Password Change register

3.

Where software does not control change in password (where not only warnings are given but user is disabled unless the password is changed after specified date) a register has to be shown to you with dates of change of password. In absence of this register, you do not have evidence that the passwords are changed frequently. Two to Supervisor password level permits the holder of this password unlimited access. three Ensure there are a minimum of two and a maximum of three such holders. supervisors Check the systems and procedure manual of the Bank in case they specify a only different figure.

Cheque related transactions No. Check for Discussion on checkpoint 1. Audit trail listing cheques out of range Audit trail for date Check if chequebooks issued are updated to the customer's master on the same and a record of the same is maintained.

2.

3.

Ensure that stop payment instructions are updated immediately on receipt of the instruction. Audit trail will give date of entry of such a stop payment. Verify with date of receipt written on the letter of the account holder. It should be the same day. Minimum Accounts having chequebook facility (savings/current) require having a specified balance minimum balance. Ensure minimum balance charges are levied in case the charges balance falls below the minimum level. In good systems, this information is asked in the 'parameter' file and thus the charges are correctly levied either every month or every quarter.

59 | P a g e

System audit framework

Need of Systems Audit: Since computer is so important for survival and progress of any organisation, it is necessary to have suitable controls and regular checks on Computer Resources and Data Processing Activities. System audit attempts to achieve this objective. System audit does not deal with the computer system alone but it deals with the audit of the system as a whole. It is felt necessary because a computer system is an integral part of the total business system. System audit attempts to link computer systems and manual systems in the overall system. It is particularly relevant for our country because we have a business environment, which is combination of computer system and manual system. OBJECTIVES OF SYSTEMS AUDIT The basic objectives of Systems Audit are to ensure: a) The assets are safeguarded in the system b) Data integrity is maintained throughout the system c) Organisational goals are effectively achieved by the system d) Resources in the system are being consumed efficiently Computer System Vs. Manual System Any system, manual or computerised, must have some internal controls. These internal controls ensure Asset Safeguarding, Data Integrity, Achievement of Organisational Goals and Efficient Consumption of Resources within the

Organisation. However, nature of these internal controls and their implementation may vary widely in Manual System and Computerised System, for the following factors: a) Separation of duties b) Authority and responsibility c) Dependable and skilled personnel d) Authorisation e) Availability of documents and records 60 | P a g e

f) Custody of assets and records g) Management by supervision h) Verification of performance

61 | P a g e

FRAUD DETECTION AND AUDIT IN BANKS

Vigilance and Fraud share a peculiar relationship. Whichever works faster and better makes the difference. In the case of frauds in the financial sector, there is no limit as to how bad things can get. Maladies in any organisation are more due to non-adherence of internal control mechanism rather than the absence of it.

Fraud is considered as a white-collar crime. In a most common modus operandi of committing the fraud the fraudster studies the procedures and processes adopted by a commercial entity for putting financial and funds transactions, ascertains the loopholes in the systems and then exploits it to the advantage in such a way that it does not come to light immediately. However, it is only a question of time before it is detected.

In the matter of preventing fraud, internal audit has an advantage over the external audit in the sense that it has an understanding of how the system works so as to initiate quick steps. Internal audit would be privy to the dynamics of decision-making and the process behind them in an organization. A vigilant internal audit team would be able to bring in the requisite transparency and through this, proper accountability.

Computerised Banking Environment:

The basic purpose of computerising and mechanisation of more and more business is to contain the occurrence of frauds due to manual intervention, besides improving overall efficiency for ensuring better customer service. But, over dependence on the staff of computer vendors and laxity coupled with lack of IT knowledge paved way for occurrence of frauds. Some of the frauds and the modus operandi of the same are summarized below: O Significant exposure of the banking activities to the employee of a software vendor, while later is providing the maintenance service.

62 | P a g e

O At the time of half-yearly crediting of interest in the huge operative savings bank account, substantial amount may be credited by inflating interest paid on deposit account by erasing genuine debits/fraudulent credits in the relative accounts. O Misappropriation of cash received at Single Window counter due to the absence of scroll/control mechanism, normally. O Even after years of computerisation, important functions like password secrecy, maintenance, printing of reports, exceptional reporting, checking of the output/reports, monitoring system generated entries, etc. are not performed as per the laid down guidelines. Alert Signals Normally certain alert signals are thrown by the system if the environment is fraudprone, and it is better to capture and catch them so that at least the impact is minimized, if not brought to nil. Some such signals are detailed herein below: Scrutinize various reports such as Internal Inspection, Concurrent Audit, Statutory Audit, Long Form Audit, Branch Audit, Supervisory/Regulatory inspection, etc., meant to throw light on the weakness in the system and vulnerable areas and ensure that the duly attended to/rectified. Deep probing of any abnormality of movement, transactions, data immediately before it becomes too late for any action. Non-rotation of jobs and some gaining roots in to the functioning of certain business oriented functional departments. No individual is bigger than the institution and while keeping faith on people working on the systems there should be no. relaxation and compromise on the systems and procedures. shortcomings are

Window of opportunity for perpetration of fraud In banking sector, frauds are perpetrated basically by three classes of people: (1) Employees, (2) Customers and (3) outsiders or strangers. It is a common knowledge that no fraud can take place without a window of opportunity for the same. Let us examine the window of opportunity and the environment because of which fraud takes place in banks. 63 | P a g e

Banks, particularly the public sector ones, have to handle huge rush of customers during the first week or 10 days in a month. With long queues and rush indiscipline, there is a tendency to overlook certain procedural aspects and overall control systems get automatically relaxed.

Creation/storage

of

surrogate

specimen

signatures

in

some

of

the

benami/fraudster's/collateral security in the system with an intention to pass fraudulent financial transactions. With large scale of computerisation, ordinary bank employees and customers are under the impression that mere computerisation is sufficient security, not fully appreciating the attendant vulnerabilities. Gaining access to operating systems, database systems, application software by unauthorised persons would make a number of business and administrative areas fraudprone. Many frauds come to light only when the customer concerned brings the same to the notice of the bank. Pigmy/daily deposit collectors from small vendors and household sectors for the reason that the control exercised by banks on these is not adequate. Improper appraiser of Jewels pledged to banks with the connivance of the Jewel Appraiser.

In the past one and a half decade, India has seen a number of scams relating to financial deal in general and capital market in particular as could be noticed from the alleged deals of Harshad Mehta, M S Shoes, CRB, Ketan Parekh, etc.

Occurrence of frauds: Some of the large value frauds that occurred in Indian banking environment revealed that the following led to the occurrence of frauds.

64 | P a g e

Opening fictitious account for crediting proceeds of forged/unauthorised cheque for withdrawal immediately. Allowing frequent overdrawing in the current or operative limits and not reporting to the higher authorities and not getting it regularized. Availing loans on the strength of forged documents/title deeds After availing loans, the proceeds of the asset procured out of the loan not being deposited back to the bank or being routed through other banks for siphoning the funds.

Release of the securities in an unauthorised manner before ensuring liquidation of direct or indirect liability of a borrower/guarantor. Encashment of forged/ stolen instruments such as cheque, demand draft, Credit Advice etc. Entertaining accommodation of Bill of Exchange transactions and wrongful encashment of loan proceeds through unauthorised withdrawal.

Fraud preventive measures

Proper security in the computer systems can be achieved by exercising series of regulations such as 'physical access controls', 'logical access controls' and environment controls, etc., This is because, perpetration of fraud in computerised environment happens mainly by breaking any one or more or all of these Access Control Mechanisms. Full adherence to all the security and control standards prescribed. Branches should be careful while issuing chequebooks on the basis of authorisation letters to avoid fraudulent usage of the same. Proper verification is required Implementation of segregation of duties, roles and responsibilities in the computerised environment. Job rotation among the staff and availment of leave by the employees should be ensured.

65 | P a g e

No one should have complete access to the entire operating cycle of any financial transactions and it should necessary pass through more than two or three officials. That is, four-eye principle should be adopted.

Checking and balancing of books should never be entrusted to the same person at any point of time. Newly opened accounts needs to be put under close watch for any unusual and large volume of transactions. Stipulated audit exercises such as credit audit, legal audit, stock audit, current asset audit should invariably be completed with different set of people.

Conclusion:

In the words of Mahatma Gandhi, there is enough in the world for every one's need, but not for one's greed. Law by itself cannot put a full stop to corruption and fraud.

According to the prevailing guidelines, cases of fraud of the value of below Rs 1.00 cr would be handed over to the local police. However, reference of such cases to Central Bureau of Investigation (CBI) would be necessary only if a bank official is suspected to be involved. Other cases would be referred to CBI The Banking Securities and Fraud Cell at Delhi, Mumbai, Bangalore and Kolkata would handle information/compliance of amount of alleged bank frauds in excess of Rs. 5 crore. If the amount of the alleged fraud ranges between Rs. 1 crore to Rs. 5 crore, the information would be handled/investigated by the branch of CBI having territorial jurisdiction over the area.

66 | P a g e

Issues in Tax Audit of Bank Branches

Under section 44AB of the Income Tax Act, the entities, whose turnover or gross receipts exceed Rs. 40 lacs during a financial year, are required to get their accounts audited from a Chartered Accountant. This audit is generally known as "Tax Audit". This topic focuses on various issues involved in the Tax Audit of Bank Branches.

Since generally the gross receipts of all the banks exceed Rs.40 lacs during a previous year, the statutory auditors of all the branches of such banks which are under audit, are generally appointed to carry out the tax audit assignment in respect thereof and submit their report in the prescribed format.

Audit Report & Format Form 3CA In this form, the auditor expresses his opinion on the correctness of the particulars given in Form3CD. Form 3CD Part A It consists of 6 clauses relating to name, address, etc. which are all self-explanatory. PartB It consists of 26 clauses. Of these, there are about 12 clauses, which are generally not applicable at the branch level, as follows: Clause - 7- pertaining to a firm or AOP Clause - 10 - pertaining to profit on presumptive basis Clause - 12 - pertaining to valuation of closing stock Clause-15-pertaining to amounts admissible under section 33AB, 33ABA, etc. Clause-19- pertaining to amounts deemed to be profits u/s 33AB etc. Clause - 23 - pertaining to details of amount borrowed on hundi Clause - 25 - pertaining to brought forward loss or depreciation allowance Clause - 26 - pertaining to details of deductions admissible under chapter VIA 67 | P a g e

Clause - 28 - pertaining to quantitative details of goods in case of trading concerns Clause - 29 - pertaining to details of tax on distributed pro fits u/s 115O Clause - 30 - pertaining to cost audit Clause - 31 - pertaining to audit under Central Excise Act, 1944 Clause-32- pertaining to accounting ratios some of the clauses that need to be attended to are as follows: Clause11: Method of accounting Though the banks generally follow mercantile system of accounting, there are a number of items in the bank which may be on cash basis income on NPA accounts, commission, exchange, leave encashment benefits, safe deposit vault rent, etc. The method of accounting employed in the previous year refers to cash or mercantile system of accounting. What is to be reported in clause 11 (b) is change in accounting method, i.e. cash or mercantile and not a change in accounting policy. Clause-13: Amounts not credited to Profit & Loss account Generally, at the branch level, there are no items to be reported under this clause. Clause14: Particulars of depreciation allowable Generally the only details provided by the branch are in sub-clause (d) regarding additions/ deductions during the year. Generally, fixed assets are controlled by the head office of the bank. Hence, the details of opening balance as per Income Tax Act are not available at the branch level. The auditor, therefore, may state that as the details are not maintained at branch level the same are not filled in here. Thus, information required in sub-clause (a), (b), (c), (e) and (f) have to be filled up at the head office level only. Clause-16 Particulars of bonus, commission & contribution to provident fund Sub-clause (a) regarding certain Payments to employees are generally not applicable at branch level. In sub-clause (b), the particulars of amount deducted by the branch from salary of staff members towards employees' contribution to Provident Fund has to be given, with details such as date of deduction, amount deducted, due date and actual date of remittance. 68 | P a g e

Clause-17: Details of expenses debited to P & L account that may be disallowed There are subclauses under clause 17. Sub-clause (a) is regarding capital expenditure debited to Profit & Loss account. Normal principles differentiating between capital and revenue expenditure should be applied while reporting under this clause. Items like new fire or security alarms, computers, printers, fire extinguisher, electric fans, cell phones are of capital nature and need to be capitalised. On the other hand, all repairs, maintenance, replacements, modifications and improvements to existing assets are revenue in nature and need not be capitalized for e.g. re-wiring of

branch, re-flooring, re-painting, re-polishing etc. All such expenses, including the professional fees paid to architect, interior decorators for this purpose are considered revenue expenditure nature. Petty items like calculators, briefcases, etc. are not of durable nature and should be treated as revenue expenditure. Sub-clause (b) is regarding expenditure of personal nature debited to profit and loss account. These personal expenses exclude those which are payable to the employee under contractual obligation. Thus, LFC, leave encashment, medical aid, telephone bill of residence, etc. paid under contractual obligation should not be reported here. Sub-clause (d) refers to expenditure incurred at clubs. Expenses incurred in respect of service organisations like Bankers club, Giants, Rotary, Jaycees, Lions, etc., which are for business development are not covered by this clause. Sub-clause (h) refers to expenditure exceeding Rs. 20,000/-incurred otherwise than by way of crossed cheque or crossed bank draft, which is inadmissible under section 40A(3) read with rule 6DD. Generally, in a bank, such payments are never made in cash. Clause-20: Profit chargeable to tax under section 41 Bad debts written off in the previous years and now recovered get covered under this clause. Clause~21: Deductions requiring actual payment under section 43B Certain types of expenditure like tax, duty, cess, fees, etc. payable under any law are allowed as a deduction in computing the total income only in the year in which it is actually paid. Similarly, interest 69 | P a g e

provision on any loan or borrowing from any financial institution/ deduction, only if it is actually paid.

cor poration is allowed as

Clause-24: Acceptance/repayment of deposits in cash exceeding specified limits Sub-clause (a) relating to acceptance of loan or deposit exceeding Rs.20,000/- is not applicable to banking company. Clause-27: Delay in deposit of TDS Generally, banks have to deduct tax at source from payment of salaries, interest on deposits, rent, professional fees, payment to contractors, etc. and deposit it with the Central Government within the stipulated period.

70 | P a g e

Concurrent Audit Concurrent audit, as the name suggests, is an audit or verification of transactions or activities of an organization concurrently as the transaction/activity takes place. It is not a preaudit. The concept in this audit is to verify the authenticity of the transaction/activity within the shortest possible time after the same takes place. It is akin to internal audit which is a concept recognized under the Companies Act with the view of the complexities of economic activities it is now well recognized that there must be a system of someone, other than the person involved in the operations, verifying the authenticity of the transaction/activity on a regular basis so that any deviation from the laid down procedures can be noticed in the shortest possible time and remedial action can be taken.

Scope of Concurrent Audit: The guidelines issued by the RBI cover all the important areas of activities of the branch, which is under concurrent audit. Most banks have prepared an Audit Manual for this purpose. Broadly stated, the following areas are covered by these guidelines: a) .Daily cash transactions with particular reference to any abnormal receipts and payments. This include currency chest transactions, major expenses incurred by cash payments and high value cash receipts and disbursements. b) Purchase and sale of shares, securities, c) Physical verification of investments and verification of rates at which transactions are entered into. Similarly, examination of capital expenditure on purchase of capital assets as well as sales of such assets. This will include verification of relevant documents and authorization. d) Verification of procedure and documentation for opening new current, savings, term deposit accounts, etc. If there are any unusual operations in these new accounts the same should be examined thoroughly and unusual-features should be reported. e) Verification of Advances-Overdrafts, TOD, CC Accounts, Term Loans, Bills Purchase, L.C., Guarantees, Over dues, devolvement, and L.C./Guarantee, etc)

71 | P a g e

f)

Verification of statements, H.O. Returns, statutory returns, calculation of capital adequacy ratio, and compliance with requirements of government business (collection of tax and disbursements).

g)

Study of RBI and internal inspection reports, statutory auditor's report, LFAR relating to branch, etc. and compliance thereto.

h) Whether clients' complaints are dealt with promptly.

SUGGESTED ITEMS OF COVERAGE: (A) Cash I. Daily cash transactions with particular reference to any abnormal receipts and payments. II. Proper accounting of inward and outward cash remittances. III. Proper accounting of currency chest transactions, its prompt reporting to the RBI. IV. Expenses incurred by cash payment involving sizeable amount. (B) Investment I. Ensure that in respect of purchase and sale of securities the branch has within its delegated power having regard to its HO instructions. II. Ensure that the securities held in the books of the branch are physically held by it. III. Ensure that the branch is complying with the RBI/HO guidelines regarding BRs, SQL forms, delivery of scripts, documentation and accounting. IV. Ensure that the sale or purchase transactions are done at rates beneficial to the Bank. (C) Deposits I. II. Check the transactions about deposits received and repaid. Percentage check of interest paid on deposits may be made including calculation of Interest on large deposits. III. Check new accounts opened particularly current accounts. Operations in new Current/SB accounts may be verified in the initial periods to see whether there are any unusual operations. 72 | P a g e acted

(D) Foreign Exchange transactions 1.Check foreign bills negotiated under letters of credit. 2.Check FCNR and other non-resident accounts whether the debits and credits are permissible under rules. 3. Check whether inward/outward remittance have been correctly accounted for. 4. Examine extension and cancellation of forward contracts for purchase and sale of foreign currency. Ensure that they are duly authorized and necessary charges have been recovered. 5. Ensure that balances in Nostro accounts in different foreign currencies are within the limit as prescribed by the bank. 6.Ensure that the overbought/oversold position maintained in different currencies is reasonable taking into account the foreign exchange operations. 7. Ensure adherence to the guidelines issued by RBI/HO of the bank about dealing room operations. 8.Ensure verification/reconciliation of Nostro and Vostro a/c transactions/balances.

73 | P a g e

Conclusion... A Final Word

The Bank Audit is a vast area. In addition, there are number of seminars conducted. Apart from the sources of knowledge made available, the auditor has to understand the purpose of audit, conduct the audit with logical thinking and application of knowledge. The report has to be drafted in such a manner that it should stand on the test of contents, clarity and utility. To my mind the best test of audit is - "Whether the report had added any value to the branch in smoothening the operations?' If the answer is' Yes', then the job is done. A well conceived audit policy put to practice by those who are expected to discharge the onerous responsibility in the bank would depict that the audit operations is not mere ritual but a critical operation and need to be dealt with beyond numbers. Experienced audit committee in bank do make sense and value edition when audit function is given a direction and indeed great comfort to all concerned with the bank.

74 | P a g e

ANNEXURE Auditors Report of HDFC Bank: (i) The nature of the Corporations business/activities during the year is such that clauses (viii) and (xiii) of CARO, 2003 are not applicable. (ii) In respect of its fixed assets: (a) The Corporation has maintained proper records showing full particulars, including quantitative details and situation of fixed assets. (b) Some of the fixed assets were physically verified during the year by the Management in accordance with a programme of verification, which in our opinion provides for physical verification of all the fixed assets at reasonable intervals. There is also a system of periodic physical verification of leased assets by the Management, the frequency of which is reasonable. According to the information and explanations given to us no material discrepancies were noticed on such verification. (iii) In respect of loans, secured or unsecured, granted by the Corporation to companies, firms or other parties covered in the Register maintained under Section 301 of the Companies Act, 1956, (iv) In respect of loans, secured or unsecured, taken by the Corporation from companies, firms or other parties covered in the Register maintained under Section 301 of the Companies Act, 1956, according to the information and explanations given to us: The Corporation (ii),

has taken loans from 19 parties. At the yearend, the outstanding balances of such loans taken aggregated to Rs. 2,53,94,095 and the maximum amount involved during the year was Rs. 2,55,36,967. (v) In our opinion and according to the information and explanations given to us, there are adequate internal control procedures commensurate with the size of the Corporation and the nature of its business for the purchase of fixed assets and for the sale of services and we have not observed any continuing failure to correct major weaknesses in such internal controls. (vi) In our opinion and according to the information and explanations given to us, the Corporation has complied with the provisions of Sections 58 and 58AA of the Companies

75 | P a g e

Act, 1956 and the Housing Finance Companies (NHB) Directions, 2001, with regard to the deposits accepted from the public. (vii) In our opinion, the internal audit functions carried out during the year by firms of Chartered Accountants appointed by the Management have been commensurate with the size of the Corporation and the nature of its business. (viii) According to the information and explanations given to us, in respect of statutory dues: (a) The Corporation has generally been regular in depositing undisputed statutory dues including Provident Fund, Investor Education and Protection Fund, Income-tax, Salestax, Wealth Tax, Service Tax, cess and any other material statutory dues with the appropriate authorities during the year. (b) There are no undisputed amounts outstanding as at March 31, 2005 for a period of more than six months from the date they became payable. (c) Details of disputed Sales-tax, Wealth Tax and Interest on lease tax which have not been deposited as on 31st March, 2005 on account of any dispute are given below:

(ix) In our opinion, the Corporation is not dealing in or trading in shares, securities, debentures and other investments. Accordingly, the provisions of clause 4(xiv) of the CARO, 2003 are not applicable to the Corporation. (x) Based on the maturity profile of assets and liabilities with a residual maturity of one year, as given in the Asset Liability Management report, the liabilities are in excess of assets by Rs.1042 crores which is within the approved gap limit. As explained to us, the liabilities are generally renewed on maturity and consequently the excess stated above does not reflect a mismatch in application of funds. 76 | P a g e

For S. B. BILLIMORIA & CO. Chartered Accountants P. R. Ramesh MUMBAI Partner May 5, 2005 (Membership No. 70928)

Regulatory and Other measures Other Items

Date of Publish: Nov 22, 2004

Selected circulars issued by the Reserve Bank of India during September 2004 reproduced below: Ref. No.PCB.Cir.16/16.20.00/2004-05 dated September 2, 2004 The Chief Executive Officers of All Primary (Urban) Co-operative Banks INVESTMENT PORTFOLIO OF URBAN CO-OPERATIVE BANKS CLASSIFICATION AND VALUATION OF INVESTMENTS Please refer to the Master Circular on Investments by Primary (Urban) Co-operative Banks, forwarded with our letter UBD.BPD.(PCB) MC.No. 4/ 16.20.00/ 2003-04 dated 23 December 2003 (available on website rbi.org.in). 2. Representations have been received from banks, Federation/Association of urban cooperative banks that the existing guidelines of classification of investments should be reviewed with a view to bringing them in alignment with international practices and current state of risk management practices in India, taking into account the unique requirement of maintenance of statutory reserve requirement of 25 per cent of the Net demand and time liabilities (NDTL) under Section 24 of Banking Regulations Act 1949. Consequently, the Reserve Bank of India is setting up an Internal Group to review the existing guidelines and Report of the Group will be 77 | P a g e

discussed in the Standing Committee on Financial Regulation. In the meantime, it has been decided as under: (i) Banks may exceed the present limit of 25 per cent of a banks total investments under HTM category provided. a) the excess comprises only of SLR securities, and b) the total SLR securities held in the HTM category is not more than 25 per cent of their NDTL as on the last Friday of the second preceding fortnight. (ii) To enable the above, as a one-time measure, banks may shift SLR securities to the HTM category any time, once more, during the current accounting year. Ref. No. UBD.PCB.Cir. 17 /13.04.00/2004-05 dated September 4, 2004 The Chief Executive Officers of All Primary (Urban) Cooperative banks.

78 | P a g e