Audit Of Banks PDF
Document Details
Tags
Related
- NNPCL Finance and Accounts Banking Counterparty Policy PDF
- AASI IM PDF Instructional Material For ACCO 30073 Audit In Specialized Industries PDF
- Audit of Banks PDF
- Special Features of Audit of Banks & Non-Banking Financial Companies - PDF
- Audit in Specialized Industries 2020-2021 PDF
- PAPS 1006: Audits of the Financial Statements of Banks PDF
Summary
This document details the audit of banks in the Philippines, outlining responsibilities of the Bangko Sentral ng Pilipinas and covering various categories of banks, their responsibilities, and auditing requirements.
Full Transcript
AUDIT OF BANK Handouts b. Foreign banks and branches or subsidiaries of foreign banks, regardless of unimpaired capital; and BANGKO SENTRAL NG PILIPINAS...
AUDIT OF BANK Handouts b. Foreign banks and branches or subsidiaries of foreign banks, regardless of unimpaired capital; and BANGKO SENTRAL NG PILIPINAS c. Banks, trust department of qualified banks and other trust - The Bangko Sentral ng Pilipinas (BSP) is the central bank of entities with additional derivatives authority, pursuant to the Republic of the Philippines. Section 613 regardless of classification, category and capital - It was established on July 3, 1993 pursuant to the provisions position. of the 1987 Philippine Constitution and the New Central Bank Act of 1993. 2. CATEGORY B - The BSP enjoys fiscal and administrative autonomy from the a. Thrift Banks National Government in the pursuit of its mandated b. Quasi-Banks responsibilities. c. Trust department of qualified banks and other trust entities; d. National Coop Banks; and RESPONSIBILITIES OF BSP e. Non-Banking Financial Institutions with quasi-banking - To provide policy directions in the areas of money, banking, functions and credit; - To supervise the operations of the banks and to exercise 3. CATEGORY C such regulatory and examination powers as provided under a. Rural Banks Republic Act No. 11211 (The New Central Bank, as amended) b. Non-Stock Savings and Loans Associations and other pertinent laws over the quasi-banking operations of c. Local Cooperative Banks; and non-banking institutions; and d. Pawnshops - To exercise regulatory and examination power over money system businesses, credit granting businesses, and payment ACCREDITATION OF EXTERNAL AUDITORS FOR BANKS system operators. GENERAL REQUIREMENTS - Its primary objective is to maintain price stability conducive to 1. BOA accreditation & PIC - At least 5 years of audit a balance and sustainable growth of the economy and experience employment. 2. Auditor’s independence - The auditor or any of the auditor's immediate family not have COVERED ENTITIES or committed to acquire any direct or indirect financial interest 1. CATEGORY A in the covered institutions. a. Universal Banks / Commercial Banks - Auditor doesn’t have outstanding loans or any credit Banks refers to entities licensed by the BSP that are accommodations or arranged for the extensions of credit or to engaged in the lending of funds obtained in the form of renew an extension of credit with the covered institution deposits (Gen. Banking Law of 2000) (except credit card obligations and fully secured auto/housing loans which are not past due) at the time of signing the CLASSIFICATION OF BANKS engagement and during the engagement. - The covered institution’s CEO, CFO, Chief Accounting 1. Universal Banks: These banks offer a full range of Officer, or comptroller shall not be previously employed by the financial services, including investment banking, external auditor during 1 year preceding the date of initiation of commercial banking, and other financial services. They audit. can operate both locally and internationally. 3. Category A auditors- established adequate Quality 2. Commercial Banks: Focus primarily on providing Assurance procedures. business and personal banking services, such as accepting deposits, granting loans, and offering credit SPECIFIC REQUIREMENTS facilities. They serve a broad clientele, including 1. At least 5 years experience in external audits. individuals and businesses. 2. Experience required as an associate, partner, lead partner, 3. Thrift Banks: These are savings and loan institutions concurring partner or auditor-in-charge. that primarily focus on accepting savings deposits and 3. a. CATEGORY A- At Least 5 years corporate clients with providing home loans. They cater to retail customers total assets of at least P50M each. and small businesses. b. CATEGORY B- At Least 3 years corporate clients with total 4. Rural Banks: Serve rural areas and agricultural assets of at least P25M each. communities. They focus on providing financial c. CATEGORY C- At Least 3 years corporate clients with total services to support local economic development, such assets of at least P5M each. as agricultural loans and savings accounts. 5. Cooperative Banks: Owned and operated by their BANK members, these banks offer banking services similar to Bank is a type of financial institution whose principal activity commercial banks but are community-focused and is the taking of deposits and borrowing for the purpose of aimed at supporting the economic activities of their lending and investing and that is recognized as a bank by the members. Bangko Sentral ng Pilipinas (Philippine Auditing 6. Islamic Banks: Operate according to Islamic law Practice Statement 1006) (Sharia), which prohibits earning interest. They offer financial products that comply with Sharia principles, such as profit-sharing investments and interest-free - Exclusive access to clearing and settlement systems. loans. - Linked to national and international settlement systems. 7. Digital Banks: Operate primarily online and use - Issue and trade in complex financial instruments. technology to offer banking services. They typically have lower operating costs and offer services such as AUDIT OBJECTIVE OF THE BANK FS digital payments and online account management, According to PSA 200, the objective of an audit of often with minimal physical branches. financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in all material aspects, in accordance with the generally accepted CHARACTERISTICS OF BANKS accounting principles. - Custody of large amounts of monetary items and other liquid assets. OBTAINING KNOWLEDGE OF THE BUSINESS - Engaged in transactions that transcends multiple places or a. The bank’s corporate governance structure; jurisdictions. b. The economic and regulatory environment in which the - Holding assets that can rapidly change in value or whose bank operates; and value is often difficult to determine. c. the market conditions existing in each of the significant - Derive significant amounts of funding from Short Term sectors in which the bank operates. deposits. - Fiduciary duties respect the assets they hold on behalf of BANK RISKS other persons or entities. a. Country Risk: The risk that foreign customers or - Engaged in a large volume and variety of transactions with counterparties might fail to meet their obligations due to significant values, complex accounting and Internal Control economic, political, or social issues in their home country. systems & dependance on Internal Control. b. Credit Risk: The risk that a borrower or counterparty will - Operate through networks of branches and departments that not be able to repay a loan or fulfill other financial obligations are geographically dispersed. in full and on time. - Transactions that can often be directly initiated & completed c. Currency Risk: The risk of financial loss due to fluctuations by the customer without intervention of the bank. in exchange rates between currencies. - Assume significant commitments without any initial transfer d. Fiduciary Risk: The risk that a financial institution or of resources. individual will fail to act in the best interest of their clients, - Stringent government regulations (BSP) possibly leading to financial losses. - Customer relationships that the auditor may have with the bank might affect the auditor’s independence. e. Interest Rate Risk: The risk of loss due to changes in - Auditor’s report contents, including any special-purpose interest rates, which can affect the value of investments and reports. financial instruments. - Communication requirements with BSP and regulatory f. Legal and Documentary Risk: The risk that legal authorities. documents or contracts may be invalid, unenforceable, or - BSP’s access to auditor’s working papers and bank’s improperly executed, leading to disputes or financial losses. consent. g. Liquidity Risk: The risk that an entity may not be able to meet its short-term financial obligations due to an inability to AUDIT PLANNING convert assets into cash quickly. In audit planning, the auditor obtains detailed knowledge about h. Modeling Risk: The risk of errors or inaccuracies in the client's business and industry to: financial models used for decision-making, which can lead to Understand the transactions and events affecting the incorrect conclusions and financial losses. financial statements i. Operational Risk: The risk of loss resulting from inadequate Early identification of the potential problems that might or failed internal processes, people, systems, or external be encountered in the audit events. Develop an overall audit plan j. Price Risk: The risk of financial loss due to changes in the market price of assets, such as stocks, bonds, or commodities. OBTAINING KNOWLEDGE OF THE BUSINESS k. Regulatory Risk: The risk of financial loss or operational On obtaining a knowledge of the bank’s business, the auditor impact due to changes in laws, regulations, or regulatory should understand: policies. the bank’s corporate governance structure the economic and regulatory environment in which the ACCEPTING AN ENGAGEMENT bank operates PSA 210 Summary: the market conditions where the bank operates. - Engagement Letter: Confirms auditor’s acceptance, audit objective and scope, responsibilities, and report form. - Unique Bank Characteristics: Auditor must assess their and their assistants' skills, focusing on: - Expertise in banking and IT systems. - Resources for domestic and international locations. - Additional Considerations: - Specialized accounting principles (laws, BSP, regulatory authorities, industry practice). FRAUD RISK FACTORS POLICIES, PROCEDURES AND CONTROLS TO DEFER AND TO RECOGNIZE AND REPORT MONEY LAUNDERING ACTIVITIES - A requirement to obtain customer identification (know your client, KYC Procedure) - Staff screening - A requirement to know the purpose for which an account is to be used. - The maintenance of transaction records. - The reporting to the authorities of suspicious transactions or of all transactions of a particular type, for example, cash transactions over a certain amount. - The education of staff to assist them in identifying suspicious transactions. UNDERSTANDING THE RISK MANAGEMENT PROCESS - Oversight and involvement in the control process by those charged with governance - Identification, measurement and monitoring of risks - Control activities - Monitoring Activities - Reliable information system DEVELOPMENT OF AN OVERALL AUDIT PLAN In developing an overall plan for the audit of the financial statements of a bank,the auditor gives particular attention to: a. the complexity of the transactions by the bank - banks typically involve in complex activities, which is difficult for an auditor to understand its implications b. the assessment of audit risk Three components of audit risk are: inherent risk - the risk that material serious decline in profitability level misstatements occur rates of interest being paid are higher than normal control risk - the risk that the bank’s internal market rates control does not prevent or detect misstatements INTERNAL CONTROL detection risk - the risk that the auditor will not The Basel Committee on Banking Supervision provides detect material misstatements a policy framework for evaluating banks' internal c. the assessment of materiality control systems. This framework is used by banking d. Involvement of other auditors - As a result of the complex supervisors to assess and discuss the internal controls activities in most banks, it is necessary for the auditor to use of individual banks. the work of other auditors in many of the locations where the bank operates Management Responsibilities: Management is PSA 600, “Using the Work of Another Auditor”, the responsible for maintaining an adequate accounting auditor should: system and internal controls.This includes selecting a. considers the independence and competence and applying appropriate accounting policies and of those auditors safeguarding the entity's assets. b. considers whether the accounting principles to be applied are clearly communicated Auditor's Role: The auditor must understand the c. performs procedures to obtain sufficient accounting and internal control systems to plan the appropriate audit evidence that the work audit effectively.This understanding helps the auditor performed by the other auditor is adequate assess risks (inherent and control risks) and determine e. Related party transactions - The auditor remains alert for the appropriate audit procedures. related party transactions during the audit, particularly in the lending and investment activities IDENTIFYING, DOCUMENTING AND TESTING CONTROL f. Going concern considerations PROCEDURES PSA 570, “Going Concern”guides the auditor on assessing the appropriateness of management's use of the going concern (1) Objectives of Internal Controls (PSA 400): assumption The following events may raise significant doubt about the - Transactions are executed in accordance with bank's ability to continue as a going concern management’s general or specific authorization. rapid increase in derivative trading - All transactions and other events are promptly significant decreases in deposits recorded at the correct amount, in the appropriate amounts and in the proper accounting period so as to permit preparation of financial statements in (4) IT and EFT system accordance with accepted principle generally accepted in the Philippines. The use of IT and EFT systems significantly impacts how - Access to assets is permitted only in accordance with auditors assess a bank’s accounting and internal controls. management's authorization. PSA 400, PSA 401, and PAPS 1008 guide auditors in - Recorded assets are compared with the existing evaluating IT controls, including system development, access, assets at reasonable intervals and appropriate action is data entry, network security, and contingency planning. For taken regarding any differences. EFT systems, auditors focus on pre-transaction controls and post-transaction reconciliations, using reports from service Auditors consider these objectives to ensure that internal organizations as needed, as guided by PSA 402. controls effectively support accurate financial reporting. In banking, a critical internal control objective is ensuring that the (5) When designing an audit plan to assess a bank's bank meets its regulatory and fiduciary duties, particularly reconciliation controls, the auditor should: regarding trustee activities. 1. Focus on the documentation, testing, and evaluation of reconciliation controls due to the numerous accounts (2) Governance and Decentralization: Responsibility for and frequent reconciliations, and utilize the internal internal control lies with those in governance roles, auditor's work. overseeing bank operations.Due to the decentralized 2. Audit reconciliations effectively at year-end if they are nature of banks, where decision-making and prepared timely and control procedures are deemed transaction authority are distributed across various effective. levels, there is a need for a formal system of 3. Ensure that items are not improperly transferred to delegation. This involves clearly identifying who can non-reconciliation accounts. authorize transactions and the procedures for granting such authorizations. Inherent Limitation of Internal Control PSA 400 outlines that while auditors identify, document, and (3) Authorization Controls: The auditor ensures that test internal controls, they must recognize the inherent transactions follow the bank's rules, particularly for limitations of these controls. Even if inherent and control risks loans, by checking that credit assessments are done are assessed as low, auditors still need to perform substantive before funds are released. The auditor also verifies that procedures for material account balances and transactions. transaction limits are respected and any breaches are promptly reported to management. CONSIDERING THE INFLUENCE OF ENVIRONMENTAL assess the appropriateness of the accounting FACTORS treatment they have been given. When assessing internal control effectiveness, auditors 3. Inquiry and Confirmation consider the operating environment, including: Include asking knowledgeable people both inside The bank's organizational structure and delegation of and outside the business for information. authority. Confirmation consists of the response to an inquiry to Management supervision quality. verify data contained in the accounting records. The Internal auditing effectiveness. auditor inquiries and confirms in order to: Risk management and compliance systems. obtain evidence of the operation of internal Skills and integrity of key personnel. controls; Inspection by supervisory authorities. obtain evidence of the recognition by the bank’s customers and counterparties of amounts, Performing Substantive Tests terms and conditions of certain transactions; Internal Control Nature, Timing, and Extent and obtain information not directly available from the Strong Less extensive bank’s accounting records. 4. Computation Weak More extensive Consists of carrying out independent computations or verifying the arithmetical accuracy of source 1. Observation documents and accounting records. Consists of looking at processes or procedures being 5. Analytical Procedures performed by others. Consist of the analysis of significant ratios and trends 2. Inspection including the resulting investigation of fluctuations and Consists of investigating through reports, records, or relationships that are inconsistent with other pertinent physical assets. The auditor investigate in order to: data or deviate from expected amounts. be satisfied as to the physical existence of material negotiable assets that the bank holds; COMPLETING THE AUDIT and obtain the necessary understanding of the 1. Identifying subsequent events that may affect the terms and conditions of agreements (including financial statements under audit master agreements) that are significant - for the audit purpose the auditor is only concerned with those individually or in the aggregate in order to: events that occur subsequent to the financial statement date, consider their enforceability; and but before the date of the auditors report. Types of subsequent event -has acknowledge that it has fulfilled its responsibility for the 1. Requiring adjustment preparation and presentation of financial statements 2. Requiring disclosure - has approved the financial statements. Procedure to identify subsequent events a. Inquiring management as to the occurrence of subsequent 4. Wrap up Procedure events. - are those procedures done at the end of the audit that b. Reviewing procedures management has established to generally cannot be performed before the audit work is ensure that subsequent events are identified completed. These include: c. Reading the minutes of board of directors and stockholders a. Final analytical procedure meetings after the financial statement date b. Evaluation of the bank ability to continue as going concern d. Reading the latest available subsequent interim financial c. Evaluating audit findings and obtaining client's approval for statements as well as management report such as budgets the proposed adjusting entries. and forecast e. Inquiring of the entity's lawyers concerning litigation, claims, ISSUING A REPORT and assessment In expressing an opinion on the bank’s financial statements, the auditor: 2. Identifying litigation and claims - Adheres to legal, regulatory, and industry practices - Litigation and claims involving the bank may have a material - Assesses if foreign branch and subsidiary accounts effect on the financial statements. It is the management align with Philippine GAAP for consolidated financial responsibility to adopt policies and procedures that will identify, statements as it is crucial for banks due to varying local evaluate, and account for litigation and claims as a basis for banking regulations, which can cause significant the preparation of financial statements in conformity with the differences in accounting practices. applicable financial framework. Bank financial statements are influenced by BSP Procedure to identify litigation and claims regulations, which can differ from GAAP. When a bank a. Inquiry of management prepares a single set of statements under both frameworks, b. Reading minutes of meeting and correspondence with an unqualified opinion requires compliance with both. If only lawyers one framework is followed, the auditor expresses an c. Reviewing legal expense account opinion accordingly. If RAP is used instead of GAAP, the auditor emphasizes this in the report. 3. Written management Representation Banks often include additional information in annual reports PSA 580 requires an auditor to obtain sufficient appropriate alongside audited financial statements. This can include evidence that the entity's management: risk-adjusted capital and other stability-related details. PSA 720 provides guidance on auditing this additional prior notice. Common examples include information. checking accounts. Savings - a bank account where funds are UNIQUE ACCOUNTS: deposited to earn interest over time, but 1. Cash in Vault - is a critical account in banks that withdrawals may be less frequent and represents the physical cash held by the bank in its sometimes subject to restrictions. branches and ATMs. Time Deposit - A time deposit is a bank 2. Cash in ATM - any cash held in, held for use in, in account where money is locked in for a fixed transit to, or otherwise designated for use in, period, earning interest until the term ends. automated teller machines or similar devices. 4. Loan loss reserves - are a financial provision set 3. Deposits aside by a lender to cover potential losses from loans Demand - is a type of bank account where that may not be repaid in full. funds can be withdrawn at any time without 5. Trust Accounts - A trust account is a legal arrangement in which a trustee maintains and manages assets on behalf of a beneficiary. NAME OF THE BANK AUDIT PROGRAM FOR CASH IN ATM Audit Objectives: 1. To establish the actual existence of cash in Automated Teller Machine (ATM) in the custody of the accountable officer. 2. To determine that all accountable officers/employees are adequately/properly bonded. 3. To determine adequacy of insurance coverage for actual cash on hand. 4. To ascertain the accuracy of the ATM cash balance appearing in the general ledger. Audit Assertions: Presentation and Disclosure (PD), Existence or Occurrence (EO), Rights and Obligations (RO), Completeness and Cutoff (CC), Accuracy and Valuation (AV) Audit Procedures: Activities WP Ref Date Done by 1. Cause the production of all cash by serving the cash production notice in the ATM Cash Count Sheet (CCS) (Annex A) at the time of count. Require the Accountable Officer (AO) to acknowledge the notice by signing the appropriate portion provided therein. 2. Obtain from the Accountable Officer the ATM reading before the retrieval of the cassettes from the ATM. 3. Count the bills by piece, in the presence of the AO by cassette (cassettes are marked from A to D). Tally the count against the machine reading. Analyze the difference, if there is any. 4. After the count, required the AO to accomplish and sign the certification in the CCS in the presence of two responsible persons, whose signatures shall likewise be affixed on the appropriate spaces. 5. Secure the following documents from the AO for reconciliation of cash counted against CIV Summary/Cash Transfer Slip of the day prior to the date of count: a. ATM machine reading at the time of count b. Accountant’s ATM logbook c. ATM Balance Register d. Bond of the AO 6. Establish and compare the cash counted with the GL balance, as follows: a. Reconcile the previous day’s balance using the working day prior to the date of reconciliation as the Beginning Balance. b. Compute for the balance of Accountability. c. Trace to logbook the replenishment and retrievals, and withdrawals to NAS Terminal Activity Report. d. Compare the amount established against general ledger and ATM Balance Register. Account for the difference if there is any. e. In case of shortage or overage, require recording in the books. Booking should be made not later than the following day after the transaction date. Prepared by: Reviewed by: ___________________________ ___________________________ REFERENCES: Auditing Standards and Practices Council - Philippine Auditing Practice Statement 1006: AUDITS OF FINANCIAL STATEMENTS OF BANKS Auditing Theory: A guide in Understanding the Philippine Standards on Audting (Salosagcol, Tiu and Hermosilla, 2021)