560 likes | 1.37k Views
Bank Branch Audit under Core Banking System. Hosted by Hyderabad Branch of SIRC of ICAI. Table of Contents. Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS
E N D
Bank Branch Audit under Core Banking System Hosted by Hyderabad Branch of SIRC of ICAI
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Softwares used by Banking Industry • Base Software: Core Banking Software • Add-on Softwares for, • Credit Risk Calculation as per Basel – II Norms • Risk Weighted Assets / Capital Adequacy Computation • Asset Classification and NPA Provisioning computation • Classification of Priority / Non-priority / Sensitive Sector Advances CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Traditional Auditing Approach • Verification of Documents Physically • Availability of Hard Copies for each transaction • Number of Transactions for Audit In nutshell “Computerization does not affect Audit objectives. It only requires change in Audit Methodology.” CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Auditing through CBS • Understand the Core Banking Software • Review Internal Controls in CBS • Carry out Risk Assessment (viz. Manual Interventions in transaction processing, Modification of Master Data without proper documentations, Lack / non availability of Audit Trail) • Review Transaction Flow & Audit Trails • Apply Exception Approach • Determine Sample Size based on review • Carry out substantive procedures in & around CBS • Documentation of Audit Procedures • Prepare report on Audit Findings and prepare final Report CA. Kuntal Shah, Ahmedabad
What is Core Banking System? • Centralised Database • Transactions take place at various locations • Updation of Central Database on Real Time Basis • Report Generation at Back-End • Access Control CA. Kuntal Shah, Ahmedabad
What is CBS – An Overview ATM Switch Back Office Mobile Banking Central Server Internet Banking Branch Data Warehouse Phone Banking Credit-Card System CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Core Banking System - Concepts • Master Level Configuration • Account Level Configuration • Separate series of Account Nos. for different Types of Accounts • E.g. An Account No. 009905014678 – is made up of Branch Code i.e. “0099”, Account Type – “05” say Current Account and Account No. – “014678” • Auditor should seek details of formation of Account No. during discussion with Branch Head. Cont… CA. Kuntal Shah, Ahmedabad
Core Banking System - Concepts • Interest Calculation and Application • Maker – Checker Concept (Different Stages for a Transaction) Created by, Entered by, Authorised by, Posted by, Modified by, Deleted by • SOL ID & SET ID Concept • (SOL – Service OutLet ID i.e. Branch, Back Office etc.) (SET ID – Branch / Back Office who initiated the transaction) • Pointing Type Office Accounts • Auto generation of Exception Reports at EOD • Generation of various Tailor-made Reports from Back-End / MIS Server CA. Kuntal Shah, Ahmedabad
What is CBS – Auditors’ Checklist • Document list of Softwares, Applications and interface details associated with CBS • Review Usage Manual (if available at Branch) or Document Software navigation options and Menu Codes. • Document list of Reports available in CBS and its menu codes. • Review Exception Reports / MIS Reports generated by Data Center. CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Customer Master Level and Account Level Updations for Loans / CC Accounts • What to verify? • Interest Parameters (Regular & Penal Interest) • Repayment Instructions • Standing Instructions (SI) Parameters • DP / SL monitoring • Customer wise Limit Lookup • Stock / Debtors Statements Tracking and calculation of DP • When to verify? • At the time of verification of Documents for Advance CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Analysis of Advance Accounts • What to verify? • Turnover of CC Account based on Borrower’s Business profile • In case of Loan accounts ACTUAL recovery of Installments and Interest • When to verify? • After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • NPA Analysis • What to verify? • Reports on NPA and Probable NPA generated (if any) from CBS or CIS (Credit Information System) • NPA Account, Probable NPA Account, Other Advance Accounts with some irregularities: Transactions & Account Scrutiny for Correct Classification • When to verify? • After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • NPA Account Verification • What to verify? • Classification of NPA • Date of NPA • Calculation of Provisioning (out of System) • Reversal of Revenue charged • When to verify? • After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Security details updation • What to verify? • Whether Lien is marked in System for Fixed Deposits Accounts? • Whether details of security obtained are mentioned in Master Details? • When to verify? • After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Office Accounts (Inter Branch) Accounts • What to verify? • Entries outstanding in Office Accounts as on date. • Long Outstanding entries. • Improper reversal of Office Account entries • When to verify? • During verification of LFAR Compliance CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • TDS Related Records • What to verify? • Debit to Charges Accounts and relevant entries to TDS Account. • Reversals in TDS Account. Whether by Constructive Payment or otherwise? • Account Code List / Name of Expense (charges) accounts Liable for TDS should be obtained from BM • When to verify? • During verification of Income Tax Compliance CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Fixed Assets & Depreciation Entries • What to verify? • Verify Calculation of Depreciation (mostly done out of the system) • Entries passed in FA Accounts • Check Repairs & Maint. A/c and other relative account for entries pertaining to Purchase of New Fixed Asset • When to verify? • During verification of Income Tax Compliance CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Logical Access Controls: • Creation / Deletion / Amendment in User Profile, Powers done centrally. If not, verify the compliances as follows. • Records for User – ID Creation properly maintained? • Records for Deletion of user-ID with proper authorisation available? • Other issues like security of password, compulsory change of password, Transaction Limit for employees etc. CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Output Controls: • Whether Hard copies of Accounts available? • Whether such reports are signed? • Security of Data: • Whether the encryption software is available in Server / Backup Server (If data is stored) • Whether the computers are having Antivirus Software? • Whether the AV Software is updated on regular basis? CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Backups • Important Activity for Non CBS Branches • Backup should be stored on Off-site Location • Backup should have been tested at periodical intervals • Backup Register should be maintained CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Auto Generated Reports • Exception Report: • Reports for the month end and two days prior and after month end should be verified. • Exceptions of following natures should be closely verified. • Balance exceeded Account Limit • Manual debits to Income Account • Value Dated Transactions • Manual entry for SI Failure cases • Instrument passed against Clearing CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Irregularity Report: • Reports for the month end and two days prior and after month end should be verified. • Report contains details of Accounts where Balance in Accounts are greater than the Limits Sanctioned. Check whether the same is due to, • Application of Interest • Granting of Intra Day TOD • Passing of Instruments against Clearing Effects CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Accounts where Interest Code is ‘0’: • Interest will not be charged from Accounts where Interest Code is selected as ‘0’. Hence, a detailed checking is required. Possible reasons can be, • Whether NPA Account • Accounts with Moratorium? • Interest Collection Flag as “No”: • If Interest Collection Flag is selected as “No”, Software will not consider the account for calculation and entry for Debit Interest. CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Debit Interest SI Failed Report: • Failure of Standing Instruction for Debit Interest should be closely verified. If the SI is failed the Account will not be debited for Interest. SI Failure can be for any reason like • Non availability of Balance in Account (In case of TOD in Operative Account) • Non availability of Limit in Account • Technical Snag in execution • Whether Branch has manually passed the entry for all such cases should be verified. • Loan Installment SI Failed Report: • Same as above CA. Kuntal Shah, Ahmedabad
Audit Activity through CBS • Report containing all Advance Accounts with Limits: • Generally, CBS Software generate a Report wherein details of all Advance Accounts are listed. • Excel can be used to verify cases of DP > SL, Margin Requirement etc. CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Finacle – Core Banking Software • Overview and Implementation Structure • Some features of Transaction processing • Audit Procedures and Menu Codes • Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad
Finacle in IDBI Bank CA. Kuntal Shah, Ahmedabad Source: www.infosys.com
Finacle - Overview • Some of the Banks using Finacle are • Bank of Baroda • Bank of India • Union Bank of India • Canara Bank • Federal Bank • IDBI Bank • ICICI Bank • Axis Bank • ABN Amro • Vijaya Bank • UCO Bank CA. Kuntal Shah, Ahmedabad
Finacle – Core Banking Software • Overview and Implementation Structure • Some features of Transaction processing • Audit Procedures and Menu Codes • Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad
Finacle - Features in Transaction Processing • Features: • Each Transaction has unique Tran ID. • Combination of Tran ID and Date of Transaction is required to locate a Tran • Tran Type, Sub Type are useful to Identify Nature of Transaction (like Cash Deposit, Withdrawal) • Facility of exploring a Tran during Account Scrutiny [Drill Down Approach] - press CTRL + E on a Tran during scrutiny of Account. • Driven by various Inter-linked menus Cont… CA. Kuntal Shah, Ahmedabad
Finacle - Features in Transaction Processing (Cont…) • Pointing Type Office accounts (Useful in review of outstanding / part reversed Office Account entries) CA. Kuntal Shah, Ahmedabad
Finacle – Core Banking Software • Overview and Implementation Structure • Some features of Transaction processing • Audit Procedures and Menu Codes • Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad
Finacle – Audit Procedure CA. Kuntal Shah, Ahmedabad
Finacle – Audit Procedure CA. Kuntal Shah, Ahmedabad
Finacle – Audit Procedure The list is only for guidance and the menu codes may not be applicable in all the banks. CA. Kuntal Shah, Ahmedabad
Finacle – Core Banking Software • Overview and Implementation Structure • Some features of Transaction processing • Audit Procedures and Menu Codes • Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad
Finacle – Audit Procedure CA. Kuntal Shah, Ahmedabad
Table of Contents • Softwares used by Banking Industry • Traditional Auditing Approach • Auditing through CBS • What is Core Banking System? • Some basic concepts of CBS • Audit activity through CBS (Case Specific) • Audit through “Finacle” Software • Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad
Credit Risk / Risk Weighted Assets Computation • Various softwares for computation of Credit Risk / Risk Weighted Assets • CRisMAC by D2K Technologies • The software is used by • Bank of Baroda • Bank of Maharashtra • Punjab National Bank • The Bank of Rajasthan • SBICI • Vijaya Bank • Dena Bank • Deutsche Bank (Details as per Company’s website) CA. Kuntal Shah, Ahmedabad
Features of Credit Risk / Risk Weighted Assets computation softwares • Asset classification and provision computation as per IRAC Guidelines • Sectorwise Asset Classification • Credit Risk Calculation • Risk Weighted Assets / Capital Adequacy Calculation CA. Kuntal Shah, Ahmedabad
Inconsistencies generally observed • Data as per one statement do not agree with the other statement • E.g. Total amount of Advance figure as per Balance Sheet do not agree with Sectorwise or Classification of Advancewise Report • Change in Date of NPA leading to incorrect Provisions • Borrowerwise Asset Classification not followed. • Manual Intervention between CBS and Risk Computation Software • E.g. Security obtained for Advance Account needs to be entered manually CA. Kuntal Shah, Ahmedabad
Inconsistencies generally observed • Long Outstanding entries in Office Account / Sensitive Accounts • Routing of cash shortages / other manipulation through Office Account / Inter Branch / Sensitive Accounts • Improper reversal of entries of Sensitive Account leading to loss of Audit Trail • E.g. Partial Reversal / Doubly reversal / Reversal exceeding entry amount etc. • Restructured (other than CDR) proper updation not carried out in CBS / Risk Comp. Software CA. Kuntal Shah, Ahmedabad