University of Cebu – Main Campus

Sanciangko St, Cebu City, 6000 Cebu

COLLEGE OF BUSINESS AND ACCOUNTANCY

Auditing a Bank/ Insurance Company

A Narrative Report

Philippine National Bank

(PNB)

In Partial Fulfillment
of the Requirements for the Degree
of Bachelor of Science in Accountancy

Submitted by

Craus, Cindy
Emnace, Rose Agnes
Dumabok, Ginalyn
Sibay, Donna
Ofancia, Jobe
Laña, Anthony
Piañar, Micheal

Submitted to

Ms. Mara Siega

Ms. Fergie Juria
 I.
Understanding the Client’s Business and Industry

Philippine National Bank, its Nature and Philosophy

Philippine National Bank (PSE:
PNB), the country’s first universal bank, is
the fourth largest privately-owned
Philippine commercial bank. PNB was
established by the Government of the
Philippines in 1916 and became fully
Figure 1. Philippine National Bank logo
privatized in 2007. As an instrument of
economic development, PNB led the industry through the years with its agricultural
modernization program and trade finance support for the country’s agricultural exports. In
addition, the Bank pioneered efforts in the Overseas Filipino Worker (OFW) remittance
business and introduced many innovations such as Bank on Wheels, computerized banking,
Automated Teller Machine (ATM) banking, mobile money changing, domestic traveler’s
checks, electronic filing and payment system for large taxpayers, and Unit Investment Trust
Fund (UITF) ATMs. PNB has the largest number of overseas offices and one of the largest
domestic branch networks among local banks.
PNB’s principal commercial banking activities include deposit-taking, lending, bills
discounting, trade finance, foreign exchange dealings, fund transfers, remittance servicing,
asset management, a full range of retail banking and trust services, and treasury operations.
Through its subsidiaries and affiliate, the Bank also engages in full banking services in China
and the United Kingdom; banking services in Hong Kong; and a number of diversified
financial and related businesses such as remittance servicing in the United States, Canada,
and Hong Kong; investment banking; life and non-life insurance; stock brokerage; and
leasing and financing services.
To date, the Bank has a total domestic footprint of 716 branches and more than 1,500
ATMs strategically located nationwide. PNB maintains its position as the Philippine bank
with the most extensive international reach with more than 71 overseas branches,
representative offices, remittance centers and subsidiaries across Asia, Europe, the Middle
East, and North America.
Backed by a legacy of service excellence, PNB is poised to move forward to become a
more dynamic, innovative, and customer-focused bank – a dependable financial partner that
offers stability and security for Filipinos all over the world. Masasandalan kahit saan, kahit
kailan.
 President and CEO
Jose Arnulfo “Wick” Veloso, former President
and Chief Executive Officer of HSBC Philippines. He was
appointed on November 16, 2018. Veloso holds the
distinction of being the first Filipino CEO for HSBC
Philippines. He also served as Chairman of the Board of
HSBC Savings Bank (Philippines), Inc. and HSBC
Insurance Brokers Philippines. He was also a Director
and Entity Manager of HSBC Electronic Data Processing
(Philippines), Inc.

Veloso’s extensive banking and capital markets

experience spans over 30 years, 23 years of which were
with HSBC. He joined HSBC in December 1994 as Head
Figure 2. Wick A. Veloso
of Interest Rate Trading in the Philippines. In July 2000,
he transferred to HSBC’s Asian headquarters in Hong
Kong to take on dual roles: as Head of Asian Local Currency Debt Trading, then concurrently
as Head of Credit Derivatives for Asia Pacific.

History
The Early Years
The Philippine National Bank was established as a government-owned banking
institution on July 22, 1916 with headquarters in the old Masonic Temple along Escolta,
Manila. Its and support the government’s economic development effort. World War I, then
raging in Europe, generated huge demand for the country’s major exports namely: sugar,
copra, coconut oil, Manila hemp and tobacco. However, not much was being done to develop
the industries that produced these sought-after crops since access to credit facilities was
limited then. To solve this problem, Henderson Martin, Vice Governor of the Philippines,
together with Mr. Miguel Cuaderno (who later became Central Bank governor) drafted the
charter for a national bank.
In February 4, 1916, Public Act 2612 was passed by the Philippine legislature
providing for the establishment of the PNB to replace the small P1 million government-
owned Agricultural Bank. PNB’s first head office was the Masonic Temple along Escolta, the
then “Wall Street of the Philippines” in the bustling district of Sta. Cruz in Manila. An
American, H. Parker Willis, was its first president.
“The First Universal Bank in the country”
 With PNB’s establishment, Filipinos found a bank of their own. PNB was authorized
to grant short and long-term loans to agriculture and industry. The Filipino farmers then
could avail of loans with interest between 8% to 10% per annum. PNB was also authorized
to receive deposits, open foreign credits and rediscount bills. It was also given the special
power to issue circulating notes. As such, PNB functioned as the de facto Central Bank of the
country until 1949.
On July 24, 1916, PNB established its first branch in Iloilo.
In 1917, PNB marked its entry in the field of international banking when it opened its
New York Branch. The following year, it established five more domestic branches and
another overseas branch in Shanghai, China.
PNB briefly ceased operations in January 1942 but reopened the next month under
the supervision of Japanese authorities. After the Second World War, PNB reopened
immediately and acquired the assets and assumed the liabilities of the banking division of
the National Treasury.
With the establishment of the Central Bank in 1949, PNB’s role as issuer of currency
notes, custodianship of bank reserves, sole depository of government funds and clearing
house of the banking system ceased.
“PNB launched the first on-line Electronic
Data Processing System in the entire Far East”
In 1955, it was authorized to operate as an investment bank with powers to own
shares and to issue debentures.
In 1963, it established the National Investment and Development Corporation to
engage primarily in long-term and equity financing of business ventures.
PNB transferred to its new Head Office along Escolta in 1966 and launched the first
on-line Electronic Data Processing System in the entire Far East.
Between 1967 and 1979, PNB continued to expand its operations by opening offices
in London, Singapore, Djakarta, Honolulu and Amsterdam. In the domestic field, it opened 14
provincial branches. It was also during this period that the Bank started the Dollar
Remittance Program.
In 1980, PNB became the first universal bank in the country. However, it encountered
operational difficulties in the mid-80s as a result of the economic downturn triggered by the
assassination of Senator Benigno S. Aquino, Jr and had to be assisted by the government in
1986.
A New Beginning
In 1999, a group of new private stockholders led by Dr. Lucio C. Tan acquired
approximately 35% of the total outstanding capital stock of PNB. In early 2000, the group
increased its share in the Bank to 69.32% and pumped in nearly P20 billion fresh capital in
less than one year. This was done to emphasize the commitment of the new stockholders to
the improvement of the Bank’s financial condition, which had been incurring losses in
operations due to poor asset quality.
In late 2000, the Bank suffered a liquidity crisis and the National Government stepped
in to support the Bank by implementing a capital restructuring and injecting P25 billion in
liquidity assistance.
In May 2002, the Government and the Lucio Tan Group, representing the group of
private stockholders, sealed the Memorandum of Agreement (MOA) that embodied the
provisions that would help turn the Bank around. It included, among others, the settlement
of Government’s liquidity assistance by way of increasing the Government’s stake in the
Bank from 16.58% to 44.98%, in effect reducing the group’s share from 68% to 44.98%. At
the same time, the Bank started operating under a 5-year rehabilitation program.
In August 2005, the Government, as part of its privatization program, sold down its
32.45% stake in the Bank via an auction. The private stockholders represented by the Lucio
Tan Group exercised their right of first refusal, reducing the Government’s share to 12.5%
and raising the group’s to a total of 77.43%.
In June 2007, PNB settled its P6.1 billion loan to Philippine Deposit Insurance
Corporation (PDIC), more than four years ahead of the loan’s due date. The loan repayment
was a clear indication of the Bank’s renewed financial health.
In August 2007, the Bank completed its Tier 1 follow-on equity offering where it
raised about P5.0 billion in Tier 1 capital. Together with the sale of 89 million primary shares,
71.8 million secondary shares owned by the National Government through PDIC and DOF
were sold to the public, thus bringing about a complete exit of the Government from PNB.
Since the inception of the rehabilitation program, PNB exceeded the targets of the
program. While the program called for profits starting 2005, the Bank became profitable as
early as 2003. Within four years, PNB increased its net income sixteen times from P52
million in 2003 to P820 million in 2006.
With its successful exit from the Government’s Rehab program and the strong income
performance, PNB has demonstrated its ability to sustain its heightened competitiveness
based on the three tenets of reducing non-performing assets, strengthening core businesses
and increasing profitability.
The Bank remains as one of the largest banks in the country with a wide array of
competitive banking products to answer for the diverse needs of its huge clientele including
more than 2 million depositors.
 PNB maintains its leadership in the overseas remittance business with remittance
centers in the United States, Canada, London, France, Italy, Hong Kong, Japan, Singapore and
the Middle East countries.
Through its subsidiaries, the Bank also engages in a number of diversified financial
and related businesses such as remittance servicing, investment banking, non-life insurance,
stock brokerage, leasing and financing and foreign exchange trading. The Bank, through its
affiliate, is also engaged in other services such as life insurance.

Corporate Objectives
“PNB aims to continually provide the best customer experience to generations of
Filipinos here and abroad.”

Strategies
According to Mr. Veloso, President, CEO and Director of Philippine National Bank,
“Our partnership with our customers goes beyond banking. We create value in everything
we do. I envision PNB as a dependable growth partner of Filipinos and their communities.
This is very much anchored on our brand promise of serving ‘You First’”. Veloso emphasizes
that being proactive is a must when it comes to driving the CSR strategy. “In sales, we go out
to find more customers. With CSR, the same principle works. We need to go out of our way
to search for opportunities where we can serve and make a difference.”
The veteran banker shares how PNB is taking steps to further drive CSR as a vital part
in its roadmap for the business. “CSR is not new to PNB. For years now, service has been a
part of our corporate DNA. Our extensive nationwide branch network plays an important
role in helping the Bank reach out to communities.
“For the long-term, our goal is to help the country achieve sustainability, one step at
a time,” says Veloso.
Corporate Social Responsibility (CSR) - is a new idea, one in which the corporate
sector incorporates social and environmental concerns in its strategies and plays a more
responsible role in the world.

Related Business Risks

1. Operational Risk
2. Legal Risk
3. Insurance Risk
4. Strategic Risk
5. Compliance Risk
 6. Reputation Risk
7. Technology Risk
8. Legal Risk
9. Information Security Risk
10. Business Continuity Risk and Disaster Recovery Risk

Accounting Policies
• PFRS 16
• PFRS 17

PFRS 16, Leases that has superseded PAS 17, Leases, Philippine Interpretation IFRIC 4,
Determining Whether an Arrangement Contains a Lease, Philippine Interpretation SIC-15,
Operating Leases-Incentives, and Philippine Interpretation SIC-27, Evaluating the Substance
of Transactions Involving the Legal Form of a Lease.
 II.
Assess Client Business Risk

Operational Risk
The risk of loss resulting from inadequate or failed internal processes, people or system or
from external events. This definition includes Legal Risk, but excludes Strategic and
Reputational Risk. Operational Risk is inherent in all activities, products and services, and
cuts across multiple activities and business lines within the financial institution and across
the different entities in a banking group or conglomerate where the financial institution
belongs. (BSP Cir. No. 900, Series of 2016).

Financial Risk
The Company is exposed to financial risk through its financial assets, financial liabilities and
insurance liabilities. In particular, the key financial risk that the Company is exposed to is
that the proceeds from its financial assets are not sufficient to fund the obligations arising
from its insurance contracts. The most important components of this financial risk are credit
risk, liquidity risk and market risk.

Insurance Risk
The risk under an insurance contract is the risk that an insured event will occur including
the uncertainty of the amount and timing of any resulting claim. The principal risk the
Company faces under such contracts is that the actual claims and benefit payments exceed
the carrying amount of insurance liabilities. This is influenced by the frequency of claims,
severity of claims, when actual benefits paid are greater than originally estimated and
subsequent development of long-term claims.

Strategic Risk
Strategic risk is the current and prospective impact on earnings or capital arising from
adverse business decisions, improper implementation of decisions, or lack of responsiveness
to industry changes. This risk is a function of the compatibility of an organization’s strategic
goals, the business strategies developed to achieve those goals, the resources deployed
against these goals, and the quality of implementation. The resources needed to carry out
business strategies are both tangible and intangible. They include communication channels,
operating systems, delivery networks, and managerial capacities and capabilities. The
organization’s internal characteristics must be evaluated against the impact of economic,
technological, competitive, regulatory, and other environmental changes. (BSP Circ 510,
dated 03 Feb 2006)

Compliance Risk
Compliance risk is the current and prospective risk to earnings or capital arising from
violations of, or nonconformance with, laws, rules, regulations, prescribed practices, internal
policies and procedures, or ethical standards. Compliance risk also arises in situations where
the laws or rules governing certain FI products or activities of the FI’s clients may be
ambiguous or untested. This risk exposes the FI to fines, payment of damages, and the
voiding of contracts. Compliance risk can lead to diminished reputation, reduced franchise
value, limited business opportunities, reduced expansion potential, and lack of contract
enforceability. (BSP Circ 510, dated 03 Feb 2006)

Reputation Risk
Reputation risk is the current and prospective impact on earnings or capital arising from
negative public opinion. This affects the FI’s ability to establish new relationships or services
or continue servicing existing relationships. This risk may expose the FI to litigation,
financial loss, or a decline in its customer base. In extreme cases, FI's that lose their
reputation may suffer a run on deposits. Reputation risk exposure is present throughout the
organization and requires the responsibility to exercise an abundance of caution in dealing
with customers and the community. (BSP Circ 510, dated 03 Feb 2006)

Technology Risk
Technology can give rise to operational, strategic, reputation and compliance risks in many
ways. With PNB Gens’ increased reliance on technology, it is important for the banks to
understand how specific technologies operate and how their use or failure may expose banks
to risk. (BSP Circ 510, dated 03 Feb 2006)

Legal Risk
Legal Risk is the current and prospective impact on earnings or capital arising from legal
sanctions against PNB Gen. This impacts not only the company’s financial performance but
will also affect the PNB Gen’s reputation if such legal sanctions are made public. (BSP Circ
510, dated 03 Feb 2006)
Information Security Risk
Information Security risk is the risk to organizational operations (including mission,
functions, image, reputation), organizational assets, individuals due to the potential for
unauthorized access, use, disclosure, disruption, modification or destruction of information
or information assets that will compromise the Confidentiality, Integrity, and Availability
(National Institute of Standards and Technology (NIST) and BSP Circular 808). This covers
data or information being processed, in storage or in transit.
Business Continuity Risk and Disaster Recovery Risk
Business Continuity risk & Disaster Recovery risk is the risk that an organization cannot
maintain state of continued, uninterrupted operation of a business when its primary location
of business(es) becomes inoperable due to unforeseen natural and man-made disaster or
loss events. Disaster Recovery risk is the risk to the organization where the primary location
of its technology assets that enables continuity of business becomes inoperable. (BSP 808,
BIS High-level principles for business continuity 2006)
 III.
EVALUATION OF INTERNAL CONTROL

COSO FRAMEWORK: PHILIPPINE NATIONAL BANK

1. Control Environment

The Board of Directors, Management and Staff of the Philippine National Bank (PNB)
Group commit themselves to adhere to the highest principles of good corporate governance
as embodied in the Bank’s Amended Articles of Incorporation, Amended By-Laws, Code of
Conduct and this Revised Corporate Governance Manual.

The Bank subscribes to the philosophy of integrity, accountability and transparency

in its manner of doing business; dealing fairly with its clients, investors, stockholders, the
communities affected by its environmental/social activities and various publics;
professionalism among its Board of Directors, executives and employees in managing the
Bank, its subsidiaries and affiliates; and respect for the laws and regulations of the countries
affecting its businesses. Internally, it follows a philosophy of rational check and balances as
well as a structured approach to its business operations.

The Bank’s operations are managed through an established organizational structure

with adequate policies and procedures embodied in manuals approved by management and
board committees and the Board. These manuals are subjected to periodic review and
update to be consistent with the new laws, regulations and generally conform to
international best practices. The Bank has adopted the Revised Corporate Governance
Manual aligned with recently issued regulatory guidelines and new reportorial disclosures
for entities within the group structure and significant transactions among related parties
with particular focus on the Related Party Transaction (RPT) Policy. This is in accordance
with the SEC and BSP regulations.
 The Control Environment of the Bank consists of

(a) the Board which ensures that the bank, its subsidiaries and affiliates are properly
and effectively managed and supervised;

(b) Management that actively manages and operates the PNB Group in a sound and
prudent manner;

(c) the organizational and procedural control supported by effective management

information and risk management reporting systems; and (d) an independent audit
mechanism to monitor the adequacy and effectiveness of the PNB Group governance,
operations, and information systems, including reliability and integrity of financial and
operational information, the effectiveness and efficiency of operations, the safeguarding of
assets, and compliance with laws, rules, and regulations and contracts. The board of
directors shall be ultimately responsible for ensuring that senior management establishes
and maintains an adequate, effective and efficient internal control framework
commensurate with the size, risk profile and complexity of operations of the bank. It shall
also ensure that the internal audit function has an appropriate stature and authority within
the bank and is provided with adequate resources to enable it to effectively carry out its
assignments with objectivity.

POLICY STATEMENT

The Board of Directors, Management and Staff of the Philippine National Bank,
including Trust Banking Group and its subsidiaries and affiliates commit themselves to adopt
and adhere with the Policy Guidelines on Related Party Transactions (RPTs). These
guidelines were formulated in accordance with the requirements of the SEC Code of
Corporate Governance for PLCs; Securities Regulations Code; BSP's Enhanced Corporate
Governance Guidelines for BSFIs; Guidelines in Strengthening Corporate Governance on
Related Party Transactions (RPTs) of Banks; Guidelines on Related Party Transactions,
Prudential Policy on Loans to DOSRI/Subsidiaries/Affiliates; Basel Core Principles (BCP) for
Effective Banking Supervision No. 20 and other related laws and regulations.
 The Bank recognizes that engaging in RPTs have economic benefits to individual
entities and to the entire PNB Group. Related Party Transactions (RPTs) are generally
allowed provided that these are done on an arm’s length basis; monitors these transactions;
take appropriate steps to control or mitigate the risks; and write off of exposures to related
parties in accordance with standard policies and processes; and in accordance with the
board approved RPT policy guidelines. As such, RPTs shall be conducted in the regular
course of business (fair process) and not undertaken on more favorable economic terms to
such related parties than similar transactions with non-related parties under similar
circumstances (fair terms).

The Board, through the Board Oversight RPT Committee (BORC), exercises
appropriate oversight in the implementation of the control systems for managing RPT
exposures; ensures that RPTs handled in sound and prudent manner, with integrity, and in
compliance with the board approved RPT Policy Guidelines/Manual; sets an example in
complying with supervisory expectations, and practicing good governance for the best
interest of the bank and its depositors, creditors, fiduciary clients, and other stakeholders.
As a publicly listed company (PLC), the Bank likewise recognizes the magnitude and impact
of RPTs to its financial position and to the interest of stakeholders. Section XIV of this Manual
is hereby adopted to align with the provisions of the SEC Memorandum Circular No. 10,
Series of 2019: Rules on Material Related Party Transactions for Publicly– Listed Companies.

BOARD COMMITTEES

The Board has delegated certain functions to board-level committees to enable more
focused and specialized attention on specific areas. Currently, there are eight Board
Committees that have been instrumental in setting the tone for the corporate governance
practices of the Bank, its subsidiaries and affiliate: Corporate Governance and Sustainability
Committee; Board Audit and Compliance Committee; Risk Oversight Committee; Board
Oversight RPT Committee; Executive Committee; Trust Committee; Board IT Governance
Committee; and Board Strategy and Policy Committee.
• Corporate Governance and Sustainability Committee is tasked to assist the Board in the
performance of its corporate governance responsibilities, ensuring compliance with and
proper observance of corporate governance principles and global practices. It oversees the
implementation of the corporate governance framework and periodically reviews the
framework to ensure that it remains appropriate in light of material changes to the Bank’s
size, complexity and business strategy, as well as its business and regulatory environments.
It is also responsible for ensuring that the Bank has clear & focused policy on disclosure of
non-financial information emphasizing on management of economic, environmental, social &
governance (EESG) issues, which underpin sustainability.

• Board Audit and Compliance Committee is responsible for assisting the Board in the
performance of its oversight function relating to financial reporting process, systems of
internal control, audit process, and monitoring of compliance with applicable laws, rules and
regulations
• Risk Oversight Committee assists the Board in overseeing the risk profile and approves the
risk management framework of PNB and its related subsidiaries and affiliate. It is mandated
to set risk appetite; approve frameworks, policies and processes for managing risk; and
accept risks beyond the approval discretion provided to management. It has the authority to
direct management to submit regular reports on current risk exposures on credit, market,
interest rate, liquidity, operational, legal, compliance, strategic, reputation, technology, and
other areas, as well as to address such risks.
• Board Oversight RPT Committee assists the Board in performing its oversight functions of
monitoring and managing potential conflicts of interest of shareholders, Board members,
management, and other stakeholders. The Committee oversees the evaluation of related
party transactions (RPTs) that present the risk of potential abuse and ensures that the Bank’s
RPT policy guidelines are effectively implemented. It exercises sound and objective judgment
on the RPTs for the best interest of the Bank and sees to it that the processes and approvals
are conducted at arm’s length basis.

• Executive Committee is responsible for the review, discussion, approval and/or

endorsement to Board, of the following: (a) management proposals on credit facilities;
investment in financial assets; and borrowings and capital raising, updates and reports on
credit, transactional, administrative and other matters; and (b) policies, procedures, and
 manuals of products and services other than personnel policies, as proposed or initiated by
Management. It also provides oversight and focus on specific areas to ensure long term
viability of the Domestic and Foreign Offices/Subsidiaries consistent with the Parent Bank
Strategic Goal
• Trust Committee is primarily responsible for overseeing the fiduciary activities of the Bank.
It ensures that fiduciary activities are conducted in accordance with applicable laws, rules
and regulations, and prudent practices. The Committee is also responsible for the initial
review of assets placed under the custody of the Trust Banking Group in its capacity as trustee
or fiduciary; investment, re-investment and disposition of funds or property; and review and
approval of transactions between trust and/or fiduciary accounts, among others.
• Board IT Governance Committee assists the Board in performing its oversight functions of
reviewing, approving, and monitoring the IT Risk Management Framework and IT Strategic
Plan of PNB. It reviews and endorses for approval of the Board the Enterprise IT Strategic
Plans of the Parent Bank, its subsidiaries, and affiliate. The Committee also reviews and
monitors significant IT concerns including disruption, cyber security, and disaster recovery
to ensure that all key risks are identified, managed and reported to the Board.
• Board Strategy and Policy Committee is the governing board committee exercising
authority and delegating to management the implementation of the board approved strategic
plans and policies. The Committee reviews, evaluates, approves and/or endorses for Board
approval the following: new products; amendments to product; marketing programs; and
policies, procedures and manuals pertaining thereto. It also performs oversight function on
the business plans, initiatives, risk and regulatory compliance. Likewise, it reviews the
strategic objectives and business priorities, direction, overall plans, and result areas that
relate to the thrusts and programs of the Bank.

2. Risk Assessment

PNB’s approach to risk management strives for an integrated view on strategy,

risk tolerance, capital and funding and performance management. Putting high priority
on risk management, the bank endeavors to continuously refine its framework for risk
management, and at the same time ensuring that revenue targets are set and reviewed
on a regular basis to maximize the growth of business. Capital Planning, Funding and
Liquidity requirements are driven both by the business and by regulatory requirements.

The PNB Board and its Risk Oversight Committee operate as the highest level of
PNB’s risk governance. The bank’s Board of Directors has delegated specific
responsibilities to various board committees which are integral to the PNB’s risk
governance framework and aIIow executive management, through management
committees, to evaluate the risks inherent in the business and to manage them
effectively.

Executive officers are assigned to various management committees that provide

the leadership and execution of the vision and policies approved by the bank’s board of
directors. The bank’s business strategies are driven for most part by the day-to-day
directions decided by these management committees with approvals and notation by
the various board level committees.

The PNB Board Risk Oversight Committee (ROC) is mandated to set risk appetite,
approve frameworks, policies and processes for managing risk, and accept risks beyond the
approval discretion provided to management.

The risk management policy includes:

• a comprehensive risk management approach

• a detailed structure of limits, guidelines and other parameters used to govern risk
taking .
• a clear delineation of lines or responsibilities for managing risk
• an adequate system for measuring risk and
• effective internal controls and comprehensive monitoring & risk reporting process

While the first line of defense in risk management lies primarily on the bank’s risk taking
units as well as the bank’s support units. The Risk Management Group is responsible for the
monitoring of bank’s overall risk management functions to ensure that a robust risk-
oriented organization is maintained. The Risk Management Group (RMG) is independent
from the business lines and is organized in 7 divisions: Credit Risk Division, ICAAP & BASEL
Implementation Division, Market & ALM Division, Operational Risk Division, Information
Security and Technology Risk Division, Trust Risk Division and Business Intelligence & Data
Warehouse Division.

Each division monitors the implementation of the processes and procedures that
support the policies for risk management applicable to the organization. These policies
clearly define the kinds of risks to be managed, set forth the organizational structure and
provide appropriate training necessary to manage and control risks. The policies also
provide for the validation, audits and compliance testing, to measure the effectiveness and
suitability of the risk management structure.

Risk Management Group also functions as Secretariat to the Risk Oversight

Committee which meets monthly to discuss the immediate previous month’s total risk
profile according to the material risks defined by the Bank units ICAAP document. Further,
each risk division engages with all levels of the organization among its business and support
groups, including domestic/overseas branches and domestic/foreign subsidiaries. This
ensures that the risk management and monitoring is embedded at the moment of origination.

THE BANK’S RISK APPETITE, THRESHOLD AND TOLERANCE

The Bank’s principle on risk appetite is expressed as Risk Threshold (as defined in
the bank’s ICAAP documents), and is embedded in the business units. Risk Threshold
emphasizes that “the risk appetite should not go beyond the Bank’s capacity to manage risk;
thus risk management is the responsibility of everybody”

The bank expressed its overall risk appetite through quantitative statement on
materiality defined as our Risk threshold. Threshold. This is the guiding principle behind the
execution of our business objectives and is closely monitored alongside the set limits by the
various revenue generating groups.

Risk tolerance is expressed in limits (internal & regulatory) for each of the determined
material risks, which are more conservative than regulatory limits to provide
cushion/buffer.
The following major limits (among others) are set:

1. Earnings At Risk
2. Value At Risk
3. Capital Adequacy Ratio Threshold Level
4. Credit Concentration Limits
5. Single Borrower’s Limit

The Board of Directors and Senior Management are responsible in ensuring that the
Group maintains at all times the desired level and quality of capital commensurate with
the inherent risks (credit, market and operational risks) and with the material risks such
as Legal, Compliance, Information Technology/ Security, Strategic Business, Customer
Franchise/Reputational that the Group is exposed to.

The Board Risk Oversight Committee (ROC), as delegated by the Board, supported by
Risk Management Group, oversees the risk profile and approves the risk management
framework of PNB and its related allied subsidiaries.

The Board Policy Committee (BPC) reviews, evaluates, approves and/or endorses
for Board approval policies, procedures and manualsof products and services to be offered
to the Bank’s domestic and overseas market, as well as, Annual Strategic Forecasts, Plans
and Budget. They are also responsible in determining the Bank’s risk appetite and set
limits on risk taking activities and the periodic review of the Bank’s ICAAP program.

The Executive Committee (ExCom) reviews, discusses, notes, endorses and/or

approves management proposals on credit facilities; investment in financial assets; and
borrowings and capital raising, updates and reports on credit, transactional,
administrative and othermatters.

The Capital Management Sub-Committee of the Asset/Liability Committee

(ALCO) is tasked to specifically handle policies and procedures pertaining to the
capital planning and assessment as well as possible equity investments of the Bank.
 The Senior Management Team and the Business Units agree on the target risk
profiles defined by the Bank’s strategic plan, and allocatecapital based on the risk/return
profile. Corporate Planning Group (CorPlan) and RMG monitor this jointly.

3. Control Activities

ENTERPRISE RISK MANAGEMENT

Under the Bank’s ERM framework, all the risk taking Business Units of the Bank,
including its domestic and foreign subsidiaries, shall perform comprehensive assessment
of all material risks.

The identification of risks revolves around the monitoring of the risk categories as
defined by BSP for supervision purposes. These key risks, namely, credit, market, interest
rate, liquidity, operational, compliance, strategic, and reputational risks, are not only
monitored under their separate and distinct components, but also monitored across all
interrelated business risks. In addition, the various business units identify, measure,
monitor and control additional risk categories that may be relevant to their specific areas
and correspondingly identify the priorities in the roll up of the bank’s Risk & Control Self-
Assessment (RCSA) Process.

The Bank’s philosophy is that responsibility for risk management resides at all levels
within the Bank and therefore uses the three lines of defense model:

• The First Line of Defense rests with business units that are responsible for risk
management. Assessment, evaluation and measurement of risk are ongoing
processes and are integrated in the day to day activities of the business units. The
process includes the setting up of a proper system of internal control, identifying
issues and taking remedial actions where required.
• The Second Line of Defense comes from the risk management function of the Bank,
which is independent of business operations. The Risk Management Unit implements
the risk management framework, provides independent oversight over the specific
 board directives and is responsible for regular reporting to the Risk Oversight
Committee.
• The Third Line of Defense is the internal audit function & the compliance testing
function which provides an independent assessment(s) of the adequacy and
effectiveness of the overall risk management framework and governance structures.
The internal audit function & compliance testing function report directly to the Board
Audit Committee & Compliance Committee

4. Information and Communication

PNB has adopted various communication systems to allow its stockholders and third
parties, including regulatory authorities, to exercise their rights and communicate their
concerns/queries to the Bank. The contact details of the Office of the Corporate Secretary
and the stock transfer agent of the Bank are posted in the Bank’s website for the easy
reference of shareholders and other stakeholders. For regulatory issues, the Bank follows
the procedure set forth by the concerned regulators.

Communication for Internal Controls (set through PNB’s Corporate Governance

Manual):

1. Defined policies and procedures that is set through PNB’s corporate governance
manual
2. Specific goals and objectives for desired outcomes
3. Benefits and importance of effective Internal Controls
4. Defined roles and responsibilities of management as well as staff
5. Clear expectations for performance behaviors Clear channels of communication

Philippine National Bank maintains a comprehensive and cost-efficient

communication channel for disseminating relevant information. This channel is crucial for
informed decision-making by investors, stakeholders and other interested users. It has
media and analysts’ briefings as channels of communication to ensure the timely and
accurate dissemination of public, material and relevant information to its shareholders and
other investors.

The following are the communication channels that the Bank uses to disseminate
information:

• Internal and External Email • TV Advertisements (Local, Cable

Broadcasts and Overseas
• Facebook/Twitter • Press Releases
• Print Media • Short message service alerts
• Radio • Electronic Channels – ATM, Phone,
• Letter Advices to Publics Mobile
• Websites and Social Networks

As to access of information, the board papers for Board of Directors’ meetings are
provided to the Board five (5) working days in advance, whenever possible and appropriate.
The Board members have independent access to Management and the Corporate Secretary
to enable them to have complete information about the matters to be taken up during the
meeting, or any action to be taken thereafter. The Bank conducts media briefings subsequent
to the Annual Stockholders’ meetings. Analysts’ briefings are likewise held jointly with LT
Group, Inc. Further, press releases and other reports are regularly disclosed through the PSE.

5. Monitoring Activities

The Board of Directors is primarily responsible for approving and overseeing the
implementation of the Bank’s strategic objectives, risk strategy, corporate governance and
values as well as monitoring and overseeing the performance of senior management as the
latter manages the day-to-day affairs of the Bank, its subsidiaries and affiliates. The Board
shall formulate the Bank’s vision, mission, strategic objectives, policies and procedures that
shall guide its activities, including the means to effectively monitor Management’s
performance of PNB Group.
 PNB has an integrated a bank-wide risk management process of comprehensive
identification, assessment, mitigation and monitoring of all relevant material risks exposures
of the Bank through individual unit's Risk and Control Self-Assessment (RCSA) process. The
RCSA is an integral component of Enterprise Risk Management (ERM) and the Internal
Capital Adequacy Assessment Process (ICAAP). The Board of Directors and Senior
Management are consistent and diligent in the discharge of their oversight and governance
functions over the Bank's internal control system through regular monitoring of major issues
of the Bank operations. Periodically, appropriate policies and procedures are issued to
strengthen controls versus changes in the economic and regulatory environment.

PNB adapts a three-year strategic compliance plan with the objective to sustain and
upgrade existing policies and procedures and practices, take proactive actions by
strengthening succession planning, risk rating systems compliance test scripts and
investigation processes with the ultimate goal to preserve franchise licenses achieved
through standardization of manuals, compliance testing programs and compliance package
across all businesses.

RCSA, CCSA, CICA & Quarterly Certifications

Since 2007, the Bank has adopted the Risk and Control Self-Assessment (RCSA)
Program as integral to the bank’s ICAAP Program. In 2010, the Global Compliance Group
(GCG) has developed a template for regulatory compliance that forms part of the RCSA
program for all business units. Compliance reviews aim to validate the adequacy of internal
controls and compliance with applicable laws, regulations and corporate standards affecting
the business unit.

With the robust governance of the Board and the unwavering support of Senior
Management, the Committee is greatly confident that strong oversight on the establishment,
administration, and assessment of the Bank’s systems of risk management, control and
governance processes provides reasonable assurance that Philippine National Bank’s
internal control environment remains effective and dynamic, able to support the business
model and ensures the attainment of its business plans.
 IV.
Substantive Review on Financial Data

These are the audit procedures designed to detect material misstatements at

assertion level for Philippine National Bank in accordance with PFRS and Global Compliance
Group:

1. Testing of Balances

These are tests applied directly to the details of balances in General Ledger Accounts.

Cash and Cash Equivalents

• Check if the cash balances on the balance sheet exist at the date of financial statements or
not. This is checked by ensuring that the bank statements that are issued by the bank have
the respective balance that is declared on the balance sheet by the Philippine National Bank
or not.
• Measure checks if the cash balances actually include all the cash transactions that have taken
place during the accounting period. In the case of transactions taking place within the
company, all records are duly maintained.

• Verify that the company has the legal right to declare the amount of cash it has declared, on
the reporting date. This calls for companies to have sufficient proof that they own that
particular cash, or cash equivalent. For example, they cannot declare money not yet received
from a customer as a cash or cash equivalent.

• Verifies that the recorded balances actually reflect the true underlying economic value of
cash. This amount should not be overstated, and should be included as per the existing value
in the bank accounts, or the equivalents that the company has.

• Cash should be properly disclosed in the balance sheet with adequate and required
disclosure made in the notes to the statements. All the sources of cash should be properly
disclosed, with any other information that is relevant to the shareholders. The cash and cash
equivalents should be broken down into cash in the bank, and other cash that the company
might have on the reporting date.

Note that, to check for various different procedures for cash, it includes the following.
Bank Confirmation:

This process is mainly undertaken in order to ask for verification or confirmation to

the external party, which is primarily cash, as well as the underlying balances the company
actually holds at the bank. In order to verify the balance at the bank, it is rudimentary for the
company to ensure that they are able to obtain a formal, writer authority by the relevant
bank, so that the bank can disclose the respective information to the client with proper
information.

Furthermore, once the authorization process has been covered, it is important to

follow up on all the points of the bank confirmation.

Bank Reconciliation:

This tends to be another integral component of the audit procedure for cash and cash
equivalents. This is because after the bank confirmation and statements have been issued,
the auditor is supposed to compare the bank statements sent by the bank and the cash
statement prepared by the bank in order to check for any discrepancies. In this regard, they
are supposed to check and agree with the balances per bank statement that is shown on the
reconciliation to the bank statement as well as balances that are shown otherwise. This also
tests these balances arithmetically, to ensure that there are no discrepancies in the
calculation, whatsoever.

Hence, these audit procedures to check for cash and cash equivalents is created in
order to ensure that there are no differences in the actual amount the company owns, and
the amount it has disclosed on the balance sheet. In the same manner, this backward trail
also helps to identify any leakages or potential areas of fraud within the cash system of the
company.

Receivables

Aside from the business risk , here are also some audit risk which includes the
following:
- That receivables do not exist
- That recorded receivable balances are inaccurate
- That it may not be possible to collect accounts receivable
- That the derivation of the allowance for doubtful accounts may not properly
reflect bad debt experience
- That sales transactions were not processed in the correct periods
 - That revenue was incorrectly recognized
To trace this risk, conduct a substantive procedures of the following:

• Trace receivable report to general ledger. Ask for a period-end accounts receivable
aging report, from which they trace the grand total to the amount in the accounts
receivable account in the general ledger. (If these totals do not match, you may have a
journal entry somewhere in the general ledger account that should not be there)
• Calculate the receivable report total. Add up the invoices on the accounts receivable
aging report to verify that the total they traced to the general ledger is correct.
• Investigate reconciling items. If you have journal entries in the accounts receivable
account in the general ledger, the auditors will likely want to review the justification for
the larger amounts. This means that these journal entries should be fully documented.
• Test invoices listed in receivable report. Select some invoices from the accounts
receivable aging report and compare them to supporting documentation to see if they
were billed in the correct amounts, to the correct customers, and on the correct dates.
• Confirm accounts receivable. Contact your customers directly and ask them to confirm
the amounts of unpaid accounts receivable as of the end of the reporting period they are
auditing. This is primarily for larger account balances, but may include a few random
customers having smaller outstanding invoices.
• Review cash receipts. If accounts receivable are unable to confirm, some of the backup
auditing technique is to verify that customers have paid the invoices, for which they will
want to review check copies and trace them through your bank account.
• Assess the allowance for doubtful accounts. Review the process that you follow to
derive an allowance for doubtful accounts. This will include a consistency comparison
with the method used in the last year, and a determination of whether the method is
appropriate for your business environment.
• Assess bad debt write-offs. Compare the proportion of bad debt expense to airline sales
for this year in comparison to prior years, to see if the current expense appears
reasonable.
• Review credit memos. The auditors will review a selection of the credit memos issued
during the audit period to see if they were properly authorized, whether they were
issued in the correct period, and whether the circumstances of their issuance may
indicate other problems. They may also review credit memos issued after the period
being audited, to see if they relate to transactions from within the audit period.
• Assess bill and hold sales. If you have situations where you are billing customers for
sales despite still retaining the goods on-site (known as "bill and hold"), the auditors will
examine your supporting documentation to determine whether a sale has actually taken
place.
• Related party receivables. If there are any related party receivables, the auditors may
review them for collectability, as well as whether they should instead be recorded as
wages or dividends, and whether they were properly authorized.

2. Assessment of check receipts

❖ Cash receipt journal vouchers prepared from cheque listing a pay-in slips and
approved by senior accounting staff before input into cash book.
❖ Periodic bank reconciliations prepared by an independent accounting staff member.
❖ Independent review of bank reconciliation.
❖ Segregation of duties in the handling of cheque receipts and recording.
❖ Immediate preparation of incoming cheque listing and endorsement of incoming
cheques.
❖ Timely deposit of cheques, preferably on a daily basis

3. Evaluating the existence and completeness of cash receipts and payments

❖ Select samples of cash receipts from cash book and trace to remittance advices, pay-
in slips, and bank statement.
❖ Select samples of cash payments from cash book and trace to payment vouchers (with
supporting documents) and bank statements.
❖ Scan through the entries and trace all the unusual items, like contra items, stopped
payment items and cancelled cheques, to support documents and authorization
❖ Trace a sample of remittance advices and pay-in slip to cash receipt journal.
❖ Trace a sample of payment vouchers (with supporting documents) to cash book.
❖ Agree the total of cash receipts and payments to general ledger.
❖ Compare a sample of remittance advices with amount in cash receipts recorded in the
cash book.
❖ Compare a sample of (cancelled) cheques with amounts in cash recorded in the cash
book.
❖ Compare the dates for recording a sample of cash transactions with the dates of cash
deposited in bank or cheques sent.
4. Verification of deposits

❖ Reconcile subsidiary and general ledger accounts and any related adjustment items
such as return items, overdrafts, holdovers, or service charges.
❖ Review any unusual or unapproved withdrawals from inactive or dormant accounts.
❖ Compare cash items, rejects, and exception items to individual account records to
determine if the accounts exist, have sufficient funds, or have been closed.
❖ Cross check the interest paid on certificates of deposit to the interest expense account
to verify ownership, dates, amounts due, and amounts actually paid.
❖ Be alert for possible check kiting when reviewing accounts. When available, review
reports on kiting suspects and uncollected funds. Kiting characteristics include a high
number of daily deposits, a high percentage of deposits coming from accounts under
common control of a kiting suspect, large round-dollar checks, total daily debits and
credits of similar amounts, and small average balances.
❖ With a bank employee, reconcile incoming cash letters and local clearings, and sight-
post items to demand account records to determine if there is an account for each
item. If the cash letter has already been opened, compare the number of items listed
on the tape accompanying the letter with actual items to ascertain whether any items
have been removed.

5. Testing the completeness of disclosures made in the financial statements.

❖ Evaluate the overall presentation, structure and content of the consolidated and
parent company financial statements, including the disclosures, and whether the
consolidated and parent company financial statements represent the underlying
transactions and events in a manner that achieves fair presentation.
❖ Review the disclosures related to the transition adjustments based on the
requirements of PFRS 16 and PAS 8, Accounting Policies, Changes in Accounting
Estimates and Errors

6. Assessment of Credit Exposure

❖ Assessment based on homogeneity of credit risk characteristics

❖ tested the definition of default and significant increase in credit risk criteria against
historical analysis of accounts and credit risk management policies and practices in
place
❖ tested the application of internal credit risk rating system by reviewing the ratings of
sample credit exposures
❖ assessed whether expected life is different from the contractual life by testing the
maturity dates reflected in the Philippine National Bank records and considering
management’s assumptions regarding future collections, advances, extensions,
renewals and modifications
❖ tested loss given default by inspecting historical recoveries and related costs, write-
offs and collateral valuations
❖ tested exposure at default considering outstanding commitments and repayment
scheme
❖ checked the reasonableness of forward-looking information used through
corroboration using publicly available information and our understanding of the
Philippine National Bank lending portfolios and broader industry knowledge.
❖ tested the effective interest rate used in discounting the expected loss.
❖ we checked the data used in the ECL models by reconciling data from source system
reports to the data warehouse and from the data warehouse to the loss allowance
analysis/models and financial reporting systems. To the extent that the loss
allowance analysis is based on credit exposures that have been disaggregated into
subsets of debt financial assets with similar risk characteristics, we traced or re-
performed the disaggregation from source systems to the loss allowance analysis.
❖ We also assessed the assumptions used where there are missing or insufficient data.

7. Verification of impairment assessment

❖ We evaluated management accounting policy and impairment methodology

based on Philippine National Bank assessment for impairment to its consumer
loans and credit card receivables on a collective basis using a net flow rate
methodology.
❖ assessed financial asset, whether significant or not, it included the asset in a
group of financial assets with similar credit risk characteristics (such as
internal credit risk rating, collateral type, past-due status or term) and
collectively assessed them for impairment based on historical loss experience.
❖ assessed for impairment its consumer loans and credit card receivables on a
collective basis using a net flow rate methodology.
❖ For AFS equity securities, assessed impairment whether there was a
significant or prolonged decline in the fair value of the investments below their
cost.

8. Verification and valuation of Loan

❖ Checking the records for an unusually large number of advance payments or overdue
loans. In suspect cases, trace a sample of transfers to and from borrowers’ checking
accounts.
❖ Spot check a cross-section of loans for appropriate signatures, disposition of proceeds,
collateral, and sources of payment (particularly if outstanding loan volumes
increased substantially between examinations for no apparent reason and overdue
loans are unusually low or high).
❖ Assessing the records for occurrences of loan payments that come from the proceeds
of other loans. Spot check for adequate recordkeeping if indirect dealer-paper lines
are poorly monitored.
❖ Comparing the signature on a note with other notes or documents signed by the
maker.
❖ Evaluating the bank records to determine who actually pays the interest and
principal (and the source of the funds) on large lines of continuous credit
❖ Evaluating the records for power-of-attorney agreements giving an individual other
than the named borrower(s) control of loan proceeds. Review records for any
changes to the official signers on deposit accounts established to receive loan
proceeds. This may allow individuals other than the named borrower(s) to control
loan proceeds.
Investigate weak credit lines where directors or management may be the interested
party although the bank’s records do not reflect their interests.
❖ Spot check a cross section of out-of-territory loans to verify the disbursement of loan
proceeds and the source of principal and interest payments.
❖ Reviewing the loan interest account for several days and compare the total with
journal figures and the amount credited to the general ledger.
❖ Comparing collateral records to loans secured by such collateral, and compare the
collateral receipt date with the date the loan was granted.
❖ Review charge-offs in banks with large or numerous charge-offs. Verify the amount
charged off was the approved amount; determine who prepares the list of charge-offs,
who collects recoveries, and the accuracy of the reporting of these items. Compare
actual loan documents with the bank’s records to confirm balances and signatures.
❖ Consider tracing the proceeds of large loans and lines of credit that are subsequently
charged off.
❖ Consider the following when reviewing the recordkeeping and monitoring of
principal and interest receipts, especially payments relating to revolving accounts-
receivable (A/R) financing:
❖ Review records for occurrences of lapping
❖ Review records for occurrences of payments made through the creation of fraudulent
notes or unauthorized use of dealer reserve accounts.

9. Testing and evaluation of controls over data migration.

❖ Perform substantive testing on the data migrated from the old system to the
new core banking system by reviewing the reconciliations performed by the
Banks of the balances between the two systems.
❖ Evaluate the related IT application controls of the relevant business processes
affected by the migration to the new core banking system.
❖ Perform procedures to evaluate the controls design and test the operation of
compensating
controls.
❖ Evaluate and consider the results of the testing of controls in the design and
extent of our substantive audit procedures.
• assumptions: production volume, price, exchange rates, capital
expenditures, and long-term growth-rate
10. Review of company Compliance

❖ verifying that the compliance-risk mitigation controls are in place and

functioning as intended throughout the organization
❖ reviewing and testing the:
• potential exposure to regulatory penalties
• compliance testing and review results
• new laws and amendments to regulations
• other areas that require focus to include personnel
• turnover, operational processes, system enhancements, new product
offerings, and recent market developments
 V.
Internal Audit Findings

Purpose of this Report

The purpose of this Audit Findings report is to assist the members of the Board of
Directors, in their review of the results of our audit of:
(1) Financial statements of Philippine National Bank (the Group and the Parent
Company) as at and for the year ended December 31,2019
(2) Consolidated financial statements of Philippine National Bank (the Group and the
Parent Company) as at and for the year ended December 31,2019

Area of Focus
Inherent risk of material misstatement is the susceptibility of a balance or assertion
to misstatement which could be material, individually or when aggregated with other
misstatements, assuming that there are no related controls. We highlight our findings in
respect of areas of audit focus.
Area of Focus Why Our Response and Significant
Findings
Leases On February 17, 2016, FRSC adopted The adoption of PFRS 16 resulted in
PFRS 16 leases, effective January 1, the recognition of right-of-use assets
2019. Under the modified amounting to P1.8 billion and P1.6
retrospective approach of the new billion for the Group and Parent
PFRS, the company’s accounting company, respectively, and lease
policy for leases will be significantly liability amounting to P1.9 billion and
affected. The matter is significant for P1.6 billion for the Group and Parent
our audit because the company has company, respectively, as of January
high volume of lease agreements and 1,2019, recognition of depreciation
adoption involves application of expense of P568.1 million and P488.2
significant judgment and estimation in million for the Group and Parent
determining the lease term, including company, respectively, and interest
evaluating whether the Group and the expense of P131.7 million and P118.4
Parent company are reasonably million for the Group and Parent
certain to exercise options to extend company, respectively, for the year
or terminate the lease, and in ended December 31,2019.
determining the incremental Our comments
borrowing rate. • We confirm that the amounts
presented through inspection
of related documents.
 • We inspected the agreements
to confirm appropriateness of
the recognition of right-of-use
assets and lease liability. ( See
Notes 2,11 and 29 to the
financial statements)
• No issues were noted from our
testing results.
• Appropriate transition
adjustments were also
checked and no problems were
found
Allowance for Application of the expected credit The allowance for credit losses as of
Credit Losses losses (ECL) model in determining the December 31, 2019 amounted to
on Loans and allowance for credit losses on loans P18.4 billion and P14.3 billion for the
Receivables and receivables is significant as it Group and the Parent Company,
involves the exercise of significant respectively. Provision for credit
management judgment. It includes losses in 2019 amounted to P2.5
judgment in segmenting the Group’s billion and P1.6 billion for the Group
and Parent Company’s risk exposures; and the Parent Company,
determining the method to estimate respectively.
ECL; defining default; identifying Our comments
exposures with significant • We obtained an understanding
deterioration in credit quality; of the board approved
determining assumptions to be used methodologies and models
in the ECL model such as the used for the different credit
counterparty credit risk rating, the exposures and assessed
expected life of the financial asset and whether these considered the
expected recoveries from defaulted requirements of PFRS 9.
accounts; and incorporating forward- • No issues were noted from our
looking information in calculating testing results.
ECL. • No problem was also found
when we reconciled data from
source system reports to the
data warehouse and from the
data warehouse to the loss
allowance analysis/models
and financial reporting
systems.
• We recalculated impairment
provisions on a sample basis
and reviewed the
completeness of the
disclosures made in the
financial statements. Thus far,

Recoverability Analysis of the recoverability of
of Deferred deferred tax assets was significant
tax Assets because the assessment process is
complex and is judgmental and is
based on assumptions that are
affected by expected future market or
economic conditions and the expected
performance of the Group and the
Parent Company.
Goodwill Under PFRS, the Group is required
annually to test the amount of
goodwill for impairment. The annual
impairment test was significant
because it involves significant
judgment and is based on assumptions
such as estimates of future cash flows
from business, interest margin,
discount rate, current local gross
domestic product and long-term
growth rate used to project cash flow.
no errors od deficiency were
detected.
As of December 31, 2019, the deferred
tax assets of the Group and the Parent
Company amounted to P2.6 billion
and P2.0 billion, respectively.
Our comments
• We reviewed the
management’s assessment on
the availability of future
taxable income in reference to
financial forecast and tax
strategies.
• We evaluated management’s
forecast by comparing the loan
portfolio and deposit growth
rates with that of the industry
and the historical performance
of the Group.
• We reviewed the timing of the
reversal of future taxable and
deductible temporary
differences and no issues were
found.
Goodwill has been allocated to three
cash generating units (CGU) namely
retail banking, corporate banking and
global banking and market.
Impairment testing was done using
the value in use calculation. As of
December 31, 2019, the Group and
the Parent Company has goodwill
amounting to P13.4 billion.
Our comments
• We involved our internal
specialist in evaluating the
methodology and assumptions
used by the Group.
• We compared the interest
margin and long-term growth
rate to the historical
performance of the CGUs and
to economic and industry
forecasts.
 • We tested the current local
gross domestic product and
parameters used in the
derivation of the discount rate
against market data and no
problems were detected.
• We notice that there was an
acquisition for the year but
was not considered in getting
the current amount of
goodwill as fair value of said
acquired entity is not yet
determined thus accounting it
in cost basis. We, regarding
this case recommends to PNB
to consolidate this entity and
account it for the acquisition
based on provisional amounts.

Significant accounting policies and practices

Significant accounting policies and practices are disclosed in the notes to the consolidated
financial statements.

Initial Selections
The following new accounting policies were selected and applied during the period:
• PFRS 16, Leases that has superseded PAS 17, Leases, Philippine Interpretation IFRIC
4, Determining Whether an Arrangement Contains a Lease, Philippine Interpretation
SIC-15, Operating Leases-Incentives, and Philippine Interpretation SIC-27, Evaluating
the Substance of Transactions Involving the Legal Form of a Lease.
• Lessor accounting under PFRS 16 is substantially unchanged from PAS 17. The Group
continues to classify leases as either operating or finance leases using similar
principles as in PAS 17. Therefore, PFRS 16 did not have an impact on leases where
the Group is the lessor.
• The Group adopted PFRS 16 using the modified retrospective method of adoption
with the date of initial application on January 1, 2019. Under this method, the Group
applied PFRS 16 retrospectively with the cumulative effect of initially applying the
standard recognized at the date of initial application. The Group elected to use the
transition practical expedient to no longer reassess whether a contract is, or contains,
a lease at January 1, 2019. Instead, the Group applied PFRS 16 only to contracts that
were previously identified as leases applying PAS 17 and Philippine Interpretation
IFRIC 4 at January 1, 2019.
 • The Group recognized right-of-use assets and lease liabilities for those leases
previously classified as operating leases, except for short-term leases and leases of
low-value assets. The right-of-use assets were recognized based on the amount equal
to the lease liabilities, adjusted for any related prepaid and accrued lease payments
previously recognized. Lease liabilities were recognized based on the present value
of the remaining lease payments, discounted using the incremental borrowing rate at
the date of initial application.
We consider the selection and application of this accounting policies to be
appropriate.

Control observations
Observation and implication:
It was identified that the acquisition of Allied Commercial Bank in 2019 was not
consolidated in the Group and Parent Company’s financial statement. It was said that the
reason for this is the inability to determine the fair values of certain material assets and
liabilities at the acquisition date, thus accounting it at cost basis. The effects on the
consolidated financial statements of the failure to consolidate have not been determined. But
had Allied Commercial Bank been consolidated many elements in the accompanying
consolidated financial statement would have been materially affected.
Recommendation:
Under PFRS 10, the Parent Company should have consolidated this subsidiary and
accounted for the acquisition based on provisional amounts. We recommend for this
measure to be used or adopted for this case and for future acquisitions of the Group and the
Parent Company that will have the same conditions as the acquisition of Allied Commercial
Bank.
 VI.
External Audit Report.

Independent Auditor’s Report

The Stockholders and the Board of Board of Directors
Philippine National Bank
PNB Financial Center
President Diosdado Macapagal Boulevard
Pasay City

Report on Financial Statements

We have audited the financial statements of Philippine National Bank and its subsidiaries
(PNB GROUP) for the year ended December 31, 2019 which comprise the Statement of
Financial Position, Income Statement, statement of changes in equity, statement of Cash
Flows and notes to the financial statements, including a summary of significant accounting
policies.

Statement of Management’s Responsibility for Financial Statements

The management of Philippine National Bank is responsible for the preparation and fair
presentation of the financial statements, including the schedules attached therein, for the
years, 2019, 2018 and 2017 ended December 31, in accordance with the prescribed financial
reporting framework indicated therein and for such internal control as management
determines is necessary to enable the preparation of financial statements that are free from
material misstatement, whether due to fraud or error.
In preparing the financial statements, management is responsible for assessing the
Philippine National Bank’s ability to continue as a going concern, disclosing as applicable,
matters related to going concern and using the going concern basis of accounting unless
management either intends to liquidate the Philippine National Bank or to cease operations
or has no alternatives to do so.
The Board of Directors is responsible for overseeing the Philippine National Bank’s financial
reporting process. The Board of Directors reviews and approves the financial statements,
including the schedules attached therein and submits the same to the stockholders.
We are the independent auditor appointed by the stockholders, has audited the financial
statements of the Philippine National Bank in accordance with Philippine Standards on
Auditing and in their report to the stockholders , have expressed their opinion on the fairness
of presentation upon completion of such audit.

Auditor’s Responsibility
Our responsibility is to express an opinion on these financial statements based on our audit.
We conducted our audit in accordance with Philippine Standards on Auditing those
standards require that we comply with ethical requirements and plan and perform the audit
to obtain reasonable assurance whether the financial statements are free from material
misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and
disclosures in the financial statements. The procedures selected depend on the auditor’s
judgment, including the statement of the risks of material misstatement of the financial
statements, whether due to fraud or error. In making those risk assessments, the auditor
considers internal control relevant to the entity’s preparation and fair presentation of the
financial statements in order to design audit procedures that are appropriate in the
circumstances, but not for the purpose of expressing an opinion on the effectiveness of the
entity’s internal control. An audit also includes evaluating the appropriateness of accounting
policies used and the reasonableness of accounting estimates made by the management as
well as evaluating the overall presentation of the financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide
a basis for our adverse audit opinion.

Adverse Opinion
In our opinion because of the significance of the matter discussed in the Basis for Adverse
Opinion paragraph, the consolidated financial statements do not present fairly of the
financial position of Philippine National Bank and its subsidiaries as at December 31, 2019,
and their financial performance and cash flows for the year then ended in accordance with
Philippine Financial Reporting Standards.

Basis for Adverse Opinion

As explained in Note X, the group has not consolidated subsidiary Allied Commercial Bank
that the group acquired during 2019 because it has not yet been able to determine the fair
values of certain of the subsidiary’s material assets and liabilities at the acquisition date. This
investment is therefore accounted for on a cost basis. Under PFRS 10, the parent company
should have consolidated this subsidiary and accounted for the acquisition based on
provisional amounts. Had Allied Commercial Bank been consolidated, many elements in the
accompanying consolidated financial statements would have been materially affected. The
effects on the consolidated financial statements of the failure to consolidate have not been
determined. Our opinion on the parent company’s financial statements is also qualified for
this matter as the failure to consolidate all subsidiaries is a departure from the requirements
of PFRS 10.
We conducted our audit in accordance with Philippine Standards on Auditing (PSAs). Our
responsibilities under those standards are further described in the Auditor’s
Responsibilities for the Audit of the Consolidated and Parent Company Financial Statements
section of our report. We are independent of the Group and the Parent Company in
accordance with the code of ethics for Professional Accountants in the Philippines. We
believe that the audit evidence we have obtained is sufficient and appropriate to provide a
basis for our adverse opinion on the group financial statements and qualified opinion on the
parent company financial statements.

Key Audit Matters

Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the consolidated and parent company financial statements of the
current period. These matters were addressed in the context of our audit of the consolidated
and parent company financial statement as a whole, and in forming our opinion thereon, and
we do not provide a separate opinion on these matters. For each matter below, our
description of how our audit addressed the matter is provided in that context.