The audit is classified into many different types and levels of assurance according to the objectives, scopes, purposes, and procedures of how auditing is performed.
The financial statement auditing is done normally in accordance with International Standards on Auditing (ISA) as well as other local auditing standards. An operational audit involves checking the efficiency of routine operations of the bank, assessment of the reliability and accuracy of the financial records and reports, implementation of policies and procedures, and ensuring its effectiveness.
There are many types of audits including financial audits, operational audits, Forensic Audits, Legal Audit, Statutory Audit, Revenue Audit, Credit Audits, Compliance audits, Stock audits, and so on. Here is the list of 14 types of bank audits you need to know;
- Forensic Audit: A forensic audit is an examination of a company’s financial records to derive evidence that can be used in a court of law or legal proceeding. The forensic auditor’s report may help to nail and prosecute the parties involved in fraud, embezzlement, or other types of financial misappropriations.
To know more click “What is a forensic audit in banks?”
- Legal Audit: The scope of the legal audit by the banks is different from the legal audit of other sectors. RBI vide its circular No.2012-13/524 /DBS.FrMC.BC.No.7/23.04.001/2012-13 dated Jul 07, 2013, directed the banks that they should also subject the title deeds and other documents in respect of all credit exposures of Rs.5 crore and above to periodic legal audit and re-verification of title deeds with relevant authorities as part of regular audit exercise till the loan stands fully repaid.
To know more read “What is a legal audit?”
- Stock Audit: Every bank has a ‘stock audit policy’ under which all its branches shall arrange a ‘stock audit’ of the accounts that are enjoying working capital facilities beyond certain limits. According to the stock audit policy of the banks, the external auditors appointed by the bank shall inspect assets charged to the bank once or twice a year as desired by the bank. This is in addition to a routine stock inspection carried out by the concerned branch. To know more read “What is a stock audit?”
- Revenue Audit: The revenue audit of bank branches is the audit of items governing the income & expenditure of banks. The audit is conducted to verify the accuracy, and relevance of expenditure incurred & Incomes earned by the banks according to applicable latest notification and circulars.
To know more read:” How Revenue Audit carried out in banks?”
- Concurrent Audit System in Banks: All scheduled bank branches and urban co-operative banks with deposits over Rs. 50 crore were required to introduce the system of concurrent audit. The audit aims at reducing the gap between the occurrence of a transaction and its examination which helps in preventing fraud. Thus, the audit is essentially a management process integral to the establishment of sound internal accounting functions and effective controls and setting the tone for a vigilance internal audit to preclude the incidence of serious errors and fraudulent manipulations.
To know more read: “Concurrent Audit System in Banks”
- Risk-based internal audits in banks: The primary focus of risk-based internal audits should be to provide reasonable assurance to the Board and top management about the adequacy and effectiveness of the risk management and control framework in the banks’ operations. Accordingly, every bank has to put in place a risk-based internal audit policy developed under a Board-approved internal audit policy, that focuses on risk identification, prioritization of audit areas, and allocation of audit resources by risk assessment instead of full-scale transaction testing. To know more read”The objectives and scope of Risk-based Internal audits in Banks”
- Statutory audit of banks: Statutory Audit is a type of audit carried out by charted accountants who are mandated by a Law or a Statute to ensure the books of accounts presented to different regulators and the public are true and fair. Such audit is mandatory for certain criteria prescribed by different statutes like the Reserve Bank of India, Income Tax, Companies Act, 2013, or any other statute governing the organization.
To know more read: “Statutory Audit of banks explained”
- Long Form Audit Report (LFAR): The LFAR which applies to statutory central auditors (SCA) and branch auditors of banks has been updated keeping in view the large-scale changes in the size, complexities, business model, and risks in the banking operations. The overall objective of the Long Form Audit Report (LFAR) is to identify and assess the gaps and vulnerable areas in the business. The area of LFAR is mandated to cover areas of ‘Credit risk’, ‘market risk’, assurance functions and operational risk areas’, ‘capital adequacy, and ‘going concerned and liquidity risk assessment’, among others. This may also involve commenting on various risks to which the banks are exposed like credit, market, operational, and liquidity risk and risk management efficacy, assessment of the appropriateness of procedures for preparation of supervisory returns, KYC/AML/CFT issues, cybersecurity, business performance, business strategy including very high growth / high ROE accompanied with high risks, etc.
To know more read” What is a Long Form Audit Report (LFAR)?
- Credit Audit: We might have come across numerous instances of parties indulging in various types of frauds and forgeries to cheat banks and avail finance. Banks can avoid most such instances by sticking to the principles of KYC (Know Your Customer) in letter and spirit. An auditor should look into the loan transaction covering the process of sanction, documentation, and operation of the loan account. Such credit audit can bring out the lacunas, if any, in the processing and sanctioning of loans as well as the problems in documentation and monitoring of loan accounts.
To know more read: How the credit audit is conducted in banks?
- Investment / Treasury Audit: Banks are required to follow specific guidelines issued by RBI on the investments to be made by the banks including the CRR & SLR requirements. For the above purpose, many banks appoint auditors to check that the Investment policy is correctly followed and all the investments are done according to the RBI directives. These reports are required to be submitted at predetermined frequencies.
- Snap Audit: In certain inevitable situations, banks may appoint an auditor to conduct a Snap Audit to check and verify certain specific aspects within the bank or branches and report to the top management on specified matters or issues or matters in respect of certain borrowers.
- IT Audit (Information System Audit): Practically all banks in the country use core banking solutions that cover almost all of their branches across the country and the majority of the banks use ERP systems. ERP (Enterprise resource planning) refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management, compliance, and supply chain operations, where the operational reportings are also integrated with the accounting system. In all these cases, the system Auditors assess and check the information security structure, and integrity of the system so that the output that the system produces is reliable. CA firms are well suited to carry out System Audits. Read: COMPUTER AUDIT/IT AUDIT
- Compliance Audit: In the banking sector there are many kinds of regulations to be followed by the bankers and comply with. As per RBI directions, commercial banks are required to set up a complaint review (assessment) or compliance audit to make sure that they comply with the laws and regulations set. The bank may assign its internal audit function to review whether the entity’s internal policies and procedures comply and are effectively followed.
- RBI Inspection of Bank Branches: The Banking Regulation Act, of 1949 empowers the Reserve Bank of India to inspect and supervise commercial banks. These powers are exercised through on-site inspection and off-site surveillance. On-site inspection of banks is carried out on an annual basis. Besides the head office and controlling offices, certain specified branches are covered under inspection to ensure a minimum coverage of advances. The primary objective of off-site surveillance is to monitor the financial health of banks between two on-site inspections, identifying banks that show financial deterioration and would be a source for supervisory concerns. This acts as a trigger for timely remedial action. To read the full article, read: ‘RBI inspection of commercial banks‘
- IS SECURITY AND IS AUDIT: An information security (IS) audit, also known as a security audit or cybersecurity audit, is a comprehensive evaluation of an organization’s security posture. It examines an organization’s security systems, data protection policies, and safety procedures to identify vulnerabilities and recommends areas for improvement to security measures. An information security (IS) audit, also known as a security audit or cybersecurity audit, is a comprehensive evaluation of an organization’s security posture. It examines an organization’s security systems, data protection policies, and safety procedures to identify vulnerabilities and recommends areas for improvement to security measures. To know the details read: UNDERSTANDING IS SECURITY AND IS AUDITd Post: