Bank Branch Audit under Core Banking System Hosted by Hyderabad Branch of SIRC of ICAI Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 2 Softwares used by Banking Industry Base Software: Core Banking Software Add-on Softwares for, Credit Risk Calculation as per Basel – II Norms Risk Weighted Assets / Capital Adequacy Computation Asset Classification and NPA Provisioning computation Classification of Priority / Non-priority / Sensitive Sector Advances CA. Kuntal Shah, Ahmedabad 3 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 4 Traditional Auditing Approach Verification of Documents Physically Availability of Hard Copies for each transaction Number of Transactions for Audit In nutshell “Computerization does not affect Audit objectives. It only requires change in Audit Methodology.” CA. Kuntal Shah, Ahmedabad 5 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 6 Auditing through CBS Understand the Core Banking Software Review Internal Controls in CBS Carry out Risk Assessment (viz. Manual Interventions in transaction processing, Modification of Master Data without proper documentations, Lack / non availability of Audit Trail) Review Transaction Flow & Audit Trails Apply Exception Approach Determine Sample Size based on review Carry out substantive procedures in & around CBS Documentation of Audit Procedures Prepare report on Audit Findings and prepare final Report CA. Kuntal Shah, Ahmedabad 7 What is Core Banking System? Centralised Database Transactions take place at various locations Updation of Central Database on Real Time Basis Report Generation at Back-End Access Control CA. Kuntal Shah, Ahmedabad 8 What is CBS – An Overview ATM Switch Back Office Central Server Branch Data Warehouse Credit-Card System CA. Kuntal Shah, Ahmedabad Mobile Banking Internet Banking Phone Banking 9 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 10 Core Banking System - Concepts Master Level Configuration Account Level Configuration Separate series of Account Nos. for different Types of Accounts E.g. An Account No. 0099 05 014678 – is made up of Branch Code i.e. “0099”, Account Type – “05” say Current Account and Account No. – “014678” Auditor should seek details of formation of Account No. during discussion with Branch Head. Cont… CA. Kuntal Shah, Ahmedabad 11 Core Banking System - Concepts Interest Calculation and Application Maker – Checker Concept (Different Stages for a Transaction) Created by, Entered by, Authorised by, Posted by, Modified by, Deleted by SOL ID & SET ID Concept (SOL – Service OutLet ID i.e. Branch, Back Office etc.) (SET ID – Branch / Back Office who initiated the transaction) Pointing Type Office Accounts Auto generation of Exception Reports at EOD Generation of various Tailor-made Reports from Back-End / MIS Server CA. Kuntal Shah, Ahmedabad 12 What is CBS – Auditors’ Checklist Document list of Softwares, Applications and interface details associated with CBS Review Usage Manual (if available at Branch) or Document Software navigation options and Menu Codes. Document list of Reports available in CBS and its menu codes. Review Exception Reports generated by Data Center. CA. Kuntal Shah, Ahmedabad / MIS Reports 13 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 14 Audit Activity through CBS Customer Master Level and Account Level Updations for Loans / CC Accounts What to verify? Interest Parameters (Regular & Penal Interest) Repayment Instructions Standing Instructions (SI) Parameters DP / SL monitoring Customer wise Limit Lookup Stock / Debtors Statements Tracking and calculation of DP When to verify? At the time of verification of Documents for Advance CA. Kuntal Shah, Ahmedabad 15 Audit Activity through CBS Analysis of Advance Accounts What to verify? Turnover of CC Account based on Borrower’s Business profile In case of Loan accounts ACTUAL recovery of Installments and Interest When to verify? After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad 16 Audit Activity through CBS NPA Analysis What to verify? Reports on NPA and Probable NPA generated (if any) from CBS or CIS (Credit Information System) NPA Account, Probable NPA Account, Other Advance Accounts with some irregularities: Transactions & Account Scrutiny for Correct Classification When to verify? After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad 17 Audit Activity through CBS NPA Account Verification What to verify? Classification of NPA Date of NPA Calculation of Provisioning System) Reversal of Revenue charged (out of When to verify? After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad 18 Audit Activity through CBS Security details updation What to verify? Whether Lien is marked in System for Fixed Deposits Accounts? Whether details of security obtained are mentioned in Master Details? When to verify? After / during verification of Advances Documentation CA. Kuntal Shah, Ahmedabad 19 Audit Activity through CBS Office Accounts (Inter Branch) Accounts What to verify? Entries outstanding in Office Accounts as on date. Long Outstanding entries. Improper reversal of Office Account entries When to verify? During verification of LFAR Compliance CA. Kuntal Shah, Ahmedabad 20 Audit Activity through CBS TDS Related Records What to verify? Debit to Charges Accounts and relevant entries to TDS Account. Reversals in TDS Account. Whether by Constructive Payment or otherwise? Account Code List / Name of Expense (charges) accounts Liable for TDS should be obtained from BM When to verify? During verification Compliance of CA. Kuntal Shah, Ahmedabad Income Tax 21 Audit Activity through CBS Fixed Assets & Depreciation Entries What to verify? Verify Calculation of Depreciation (mostly done out of the system) Entries passed in FA Accounts Check Repairs & Maint. A/c and other relative account for entries pertaining to Purchase of New Fixed Asset When to verify? During verification Compliance of CA. Kuntal Shah, Ahmedabad Income Tax 22 Audit Activity through CBS Logical Access Controls: Creation / Deletion / Amendment in User Profile, Powers done centrally. If not, verify the compliances as follows. Records for User – ID Creation properly maintained? Records for Deletion of user-ID with proper authorisation available? Other issues like security of password, compulsory change of password, Transaction Limit for employees etc. CA. Kuntal Shah, Ahmedabad 23 Audit Activity through CBS Output Controls: Whether Hard copies of Accounts available? Whether such reports are signed? Security of Data: Whether the encryption software is available in Server / Backup Server (If data is stored) Whether the computers are having Antivirus Software? Whether the AV Software is updated on regular basis? CA. Kuntal Shah, Ahmedabad 24 Audit Activity through CBS Backups Important Activity for Non CBS Branches Backup should be stored on Off-site Location Backup should have been tested at periodical intervals Backup Register should be maintained CA. Kuntal Shah, Ahmedabad 25 Audit Activity through CBS Auto Generated Reports Exception Report: Reports for the month end and two days prior and after month end should be verified. Exceptions of following natures should be closely verified. – – – – – Balance exceeded Account Limit Manual debits to Income Account Value Dated Transactions Manual entry for SI Failure cases Instrument passed against Clearing CA. Kuntal Shah, Ahmedabad 26 Audit Activity through CBS Irregularity Report: Reports for the month end and two days prior and after month end should be verified. Report contains details of Accounts where Balance in Accounts are greater than the Limits Sanctioned. Check whether the same is due to, – Application of Interest – Granting of Intra Day TOD – Passing of Instruments against Clearing Effects CA. Kuntal Shah, Ahmedabad 27 Audit Activity through CBS Accounts where Interest Code is ‘0’: Interest will not be charged from Accounts where Interest Code is selected as ‘0’. Hence, a detailed checking is required. Possible reasons can be, – Whether NPA Account – Accounts with Moratorium? Interest Collection Flag as “No”: If Interest Collection Flag is selected as “No”, Software will not consider the account for calculation and entry for Debit Interest. CA. Kuntal Shah, Ahmedabad 28 Audit Activity through CBS Debit Interest SI Failed Report: Failure of Standing Instruction for Debit Interest should be closely verified. If the SI is failed the Account will not be debited for Interest. SI Failure can be for any reason like – Non availability of Balance in Account (In case of TOD in Operative Account) – Non availability of Limit in Account – Technical Snag in execution Whether Branch has manually passed the entry for all such cases should be verified. Loan Installment SI Failed Report: Same as above CA. Kuntal Shah, Ahmedabad 29 Audit Activity through CBS Report containing all Advance Accounts with Limits: Generally, CBS Software generate a Report wherein details of all Advance Accounts are listed. Excel can be used to verify cases of DP > SL, Margin Requirement etc. CA. Kuntal Shah, Ahmedabad 30 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 31 Finacle – Core Banking Software Overview and Implementation Structure Some features of Transaction processing Audit Procedures and Menu Codes Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad 32 Finacle in IDBI Bank Source: www.infosys.com CA. Kuntal Shah, Ahmedabad 33 Finacle - Overview Some of the Banks using Finacle are Bank of Baroda Bank of India Union Bank of India Canara Bank Federal Bank IDBI Bank ICICI Bank Axis Bank ABN Amro Vijaya Bank UCO Bank CA. Kuntal Shah, Ahmedabad 34 Finacle – Core Banking Software Overview and Implementation Structure Some features of Transaction processing Audit Procedures and Menu Codes Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad 35 Finacle - Features in Transaction Processing Features: Each Transaction has unique Tran ID. Combination of Tran ID and Date of Transaction is required to locate a Tran Tran Type, Sub Type are useful to Identify Nature of Transaction (like Cash Deposit, Withdrawal) Facility of exploring a Tran during Account Scrutiny [Drill Down Approach] - press CTRL + E on a Tran during scrutiny of Account. Driven by various Inter-linked menus Cont… CA. Kuntal Shah, Ahmedabad 36 Finacle - Features in Transaction Processing (Cont…) Pointing Type Office accounts (Useful in review of outstanding / part reversed Office Account entries) CA. Kuntal Shah, Ahmedabad 37 Finacle – Core Banking Software Overview and Implementation Structure Some features of Transaction processing Audit Procedures and Menu Codes Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad 38 Finacle – Audit Procedure Verification Menu Code Account Scrutiny ACLI Customer Master CUMM Account Level Inquiry Transaction Inquiry ACM / ACI TI / TM Fin. Tran. Inquiry – Criterion Search FTI Inquire on Transaction (Office Accounts) IOT Bills Module (Inland) BM Foreign Bills Module – Single Case FBM Foreign Bills Inquiry – Criterion Search FBI CA. Kuntal Shah, Ahmedabad 39 Finacle – Audit Procedure Verification Guarantee Inquiry Menu Code GI Query on Documentary Credits - Criterion Search DCQRY Docu. Credits (LC) Maintenance Module ODCM Account Search based on predefined Criteria – (May not be available or Slow) ACS TDS Inquiry TDSIP Pending Installment List PLIST Loan Overdue Position Inquiry LAOPI Account Turnover Report ATOR CA. Kuntal Shah, Ahmedabad 40 Finacle – Audit Procedure Verification Menu Code TOD Inquiry – Account specific ACTODI List of Pending and Dishonored Bills FBPADB The list is only for guidance and the menu codes may not be applicable in all the banks. CA. Kuntal Shah, Ahmedabad 41 Finacle – Core Banking Software Overview and Implementation Structure Some features of Transaction processing Audit Procedures and Menu Codes Generation of Reports through Finacle CA. Kuntal Shah, Ahmedabad 42 Finacle – Audit Procedure Report Generation Printing of Office Accounts Bill Balancing Report – Based on GL Code All Bills Balancing Report Foreign Bills Balancing Report Exception Report Menu Code ACLPOA BR BRBPR FBBR EXCPRT CA. Kuntal Shah, Ahmedabad 43 Table of Contents Softwares used by Banking Industry Traditional Auditing Approach Auditing through CBS What is Core Banking System? Some basic concepts of CBS Audit activity through CBS (Case Specific) Audit through “Finacle” Software Capital Adequacy / Risk Weighted Assets and Credit Risk Calculation Certification CA. Kuntal Shah, Ahmedabad 44 Credit Risk / Risk Weighted Assets Computation Various softwares for computation of Credit Risk / Risk Weighted Assets CRisMAC by D2K Technologies The software is used by Bank of Baroda Bank of Maharashtra Punjab National Bank The Bank of Rajasthan SBICI Vijaya Bank Dena Bank Deutsche Bank (Details as per Company’s website) CA. Kuntal Shah, Ahmedabad 45 Features of Credit Risk / Risk Weighted Assets computation softwares Asset classification and provision computation as per IRAC Guidelines Sectorwise Asset Classification Credit Risk Calculation Risk Weighted Assets / Capital Adequacy Calculation CA. Kuntal Shah, Ahmedabad 46 Inconsistencies generally observed Data as per one statement do not agree with the other statement E.g. Total amount of Advance figure as per Balance Sheet do not agree with Sectorwise or Classification of Advancewise Report Change in Date of NPA leading to incorrect Provisions Borrowerwise Asset Classification not followed. Manual Intervention between CBS and Risk Computation Software E.g. Security obtained for Advance Account needs to be entered manually CA. Kuntal Shah, Ahmedabad 47 Inconsistencies generally observed Long Outstanding entries in Office Account / Sensitive Accounts Routing of cash shortages / other manipulation through Office Account / Inter Branch / Sensitive Accounts Improper reversal of entries of Sensitive Account leading to loss of Audit Trail E.g. Partial Reversal / Doubly reversal / Reversal exceeding entry amount etc. Restructured (other than CDR) proper updation not carried out in CBS / Risk Comp. Software CA. Kuntal Shah, Ahmedabad 48 Thank You