Updated on July 06, 2024 11:51:31 PM
The finance industry is among the industries with the highest level of regulation in the world. Financial institutions must be held to a high standard of accountability because they play a vital role in the economy. Financial institutions are able to comply with regulations and manage risks by implementing Internal audit in the Finance Sector.
Internal audit in Financial Services Industry plays a pivotal role in the finance sector by serving as a crucial function that ensures the integrity, compliance, and overall health of financial operations within organisations. In this dynamic and highly regulated industry, financial institutions, corporations, and other entities rely on internal audit teams to assess and monitor their internal controls, risk management practices, and financial reporting processes.
These audits provide a systematic and independent evaluation of an organisation's financial activities, helping to identify potential weaknesses, irregularities, and areas for improvement. Ultimately, internal audit in the finance sector serves as a cornerstone for maintaining transparency, accountability, and sound financial practices, thereby contributing to the stability and trustworthiness of the industry as a whole.
Investment firms are organisations that provide financial services to individuals and businesses. They offer a variety of services such as asset management, security trading, and investment banking.
Internal auditing in Investment Firms are crucial to ensure that the firm’s operations are in compliance with laws and regulations, and its financial reporting is accurate and reliable.
In order to evaluate the system of internal control relating to investments, the auditor should determine the nature, timing and extent of his other audit procedures.
To assess properly, the auditor should review following aspects of internal control:
It is the responsibility of the auditor to determine if the entity's investments are within its authority. In this regard, the auditor should examine whether the legal requirements governing the entity are related to investments and have been complied with. In addition, an auditor must make sure that any other covenants or conditions that restrict, qualify, or limit the right to own and dispose of investments are included.
It is important for the auditor to pay special attention to determining if the investments have been acquired or sold. The broker's contract note, bill of costs, receipts, and other similar evidence should be used to verify the acquisition/disposal of investments.
The auditor should assess that the investments have been valued and disclosed in the financial statements in accordance with the accounting policies and practices. Examine whether the method of valuation followed by the entity is being applied consistently.
Also, the auditor should verify if the expenditures incurred for transfer fees, stamp duty, brokerage, and other expenses are included in the cost of investments.
As a means of evaluating the overall reasonableness of the amounts assigned to investments, the auditor has the option to compare the amount of income received from investments with the corresponding figures of investments and compare that ratio with the similar ratio for previous years.
In the case of other securities, the auditor may review the schedule of dividend and other returns and schedules of investment prepared by the entity and judge their reasonableness.
For balance sheet purposes, the auditor should obtain a written statement from the entity management regarding the classification and valuation of investments. While such a representation letter serves as a formal acknowledgement of management’s responsibilities with regard to investments, it does not relieve the auditor of his responsibility for performing audit procedures to obtain sufficient appropriate audit evidence from the basis for the expression of his opinion on the financial information.
The payment service industry encompasses companies and technologies that aid in financial transactions, such as online payments, mobile wallets, and digital banking. To ensure secure and efficient payment processing, Internal auditing in the Payment Service Sector involves assessing financial controls, compliance, and risk management.
Parameters of Assessment
Internal audit focus areas for mitigating risk and increasing internal controls are as follow:
Legal and Statutory compliance is a critical aspect of the payment service sector. Payment service providers must comply with a variety of laws and regulations including, AML (anti-money laundering), KYC (know your client), data privacy and consumer protection.
Internal auditors needs to check the compliance of various enactments as mentioned below:
Compliance under direct Tax laws:
Compliance under Indirect Tax laws:
Compliance under other relevant Enactments:
Anti - money laundering (AML) - PSPs must have AML policies and procedures in place to prevent money laundering and terrorist financing. These policies and procedures should include customer due diligence (CDD), transaction monitoring, and reporting requirements.
Know Your Client (KYC) - PSPs must verify the identity of their customers in order to comply with KYC requirements. This typically involves collecting information such as the customer’s name, address, date of birth, and government issued ID number.
To safeguard financial transactions and customer data, risk management in the payment service sector is crucial. The main sources of risk include cyber threats, fraud, regulatory changes and operational interruptions.
Payment Controls
Significant risk exposures are not escalated on a consistent basis to support the efficient allocation of financial resources.
A firm doesn’t have the necessary information to manage and monitor significant payment flows across schemes, merchants, vendors and customers. Managing payment flows requires a robust end to end process and associated systems and controls.
The current and target state of cyber risk exposure should be effectively displayed in a good cyber security report. It should also show how the target state level is achieved and remains within a certain level of risk appetite.
Some of the key risk faced are:
To alleviate these risks, the auditors focus on certain areas to maintain a level of accuracy such as;
General Data Protection Regulation (GDPR)/ Data Protection and Privacy (DPA) 2018 was the largest change to data protection legislation since 1995. Payment services may process large amounts of financial data, which may be sensitive/ personal data in nature.
Cash and Bank Balance are liquid assets that can be easily converted into cash. They are important assets for businesses and organisations, as they can be used to pay for expenses, make investments, and meet financial obligations. Internal Auditing in the Banking Sector results in increasing efficiency of internal controls.
Documentation refers to thorough record-keeping, ensuring accuracy and completeness of financial transactions, statements, and supporting evidence, facilitating transparency and accountability.
The documentation in bank are required at the time of cash and bank balance audit are:
Ensure that all financial transactions and records comply with the laws and regulations that govern financial operations and reporting.
Balances with banks: The amount held in bank accounts, which include savings, current, and fixed deposit accounts, as per Schedule III of the Companies Act, 2013.
Cheques/ Drafts on hand: Checks or drafts that have not been processed yet have not been deposited into a bank account.
Cash on hand: The company has a physical currency that can be used immediately in daily operations.
Other specific nature: Any other cash or cash equivalents that are not included in the previous categories, with a detailed description of their nature and purpose for legal compliance.
For effective internal control, the auditor must ensure and confirm the followings:
The balance sheet date requires the auditor to physically verify cash. It's important to check if the cash balance in the financial statements matches the physical verification results.
The auditor should also conduct surprise cash verification during the year, in addition to physical verification at or around the date of the balance sheet.
It is the responsibility of the internal auditor to check if currency notes that have been torn or mutilated are exchanged within a reasonable time.
If the cash on hand doesn’t match with balances as shown in the books, he should seek explanation from seniors in the entity.
Verification of cash balances brings transparency, accountability and accuracy within the entity.
The auditor should verify that the entity has:
To ensure compliance with recognized accounting policies, practices and relevant statutory requirements, the auditor must verify that cash and bank balances have been valued and disclosed in the financial statements.
Further cash and bank balances to be disclosed as ‘cash and cash equivalent’ as per Schedule III of Companies Act, 2013.
Further as per Companies act, 2013 the following additional disclosures are also required to be made:
Though the reports are generated as per the requirement of a particular organisation, following exceptional reports may be useful from internal audit point of view:
The objective of Audits of payables and purchases of goods/services is to determine whether they are presented fairly in the context of financial statements as a whole. The purchase is closely related to the payables, therefore, payables should be of equal amount to the value of goods/services of the organisation.
The following parameters helps in conducting an efficient internal audit:
Internal auditor should prepare the audit documentation so as to enable an experienced auditor, having no previous connection with the audit, to understand the basis of finalisation of the audit report.
To prepare audit report on a timely basis, one must consider the documentations that provides:
Internal auditors should ensure that the organisation has compiled with the legal requirements of the Central and State laws & regulations related to VAT Act, Service Tax, Excise Act, Micro, Small and Medium Enterprises Development Act,2006 (MSMED Act,2006) Limitation Act, 1963 and other laws.
Below given are the steps taken for internal audits of payables:
Trace payable report: Internal auditors trace accounts payable trial balance to general ledger.
Test Verification of Invoices: Internal auditor verifies accounts payable vouchers with supporting docs.
Confirm accounts payable: Auditor contacts customers to confirm unpaid accounts payable.
Review payment receipts: Auditors unable to confirm accounts payable may verify payment through cash or bank records.
Review credit/debit notes: Auditors review credit/debit notes to verify authorization, timing, and potential problems.
Bills and hold purchase: In bill-and-hold transactions, auditors will examine supporting docs to determine liability & credit.
The internal auditor must ensure that all purchases of goods/services transactions must be recorded in books of account and should be cross checked with goods inward memo with invoices received from the customers.
Preliminary Audit Report
The preliminary report consists of the draft audit report after all comments have been resolved. It should be sent to a designated partner/ MD/ COO as a confidential document. They have to provide a formal response to the recommendations in the report within a specified time.
Final Audit Report
This is the combination of the preliminary audit report and response in one document. The final audit report to be sent to the proprietor/ designated Partner/MD/ Chairman of the Audit Committee and should be discussed at their next regularly scheduled meeting.
Audit recommendations are not implemented until they are followed up and action plans are determined.
The main objective of auditing accounts receivable and sales/service revenue is to cross-check the fairness of financial statements as a whole. The sales/ services/ revenue account is closely related with accounts receivables, therefore, value of all receivable should be equal to sales/ services/ revenue of the organisation.
An auditor should prepare a list of documentation required, such as credit policy of organisation, proforma invoice, purchase order of customer, sales order, copy of invoice and documents evidencing the delivery to customer, to provide:
A documented authorisation matrix is desirable and should be recommended. Compliance to the authorisation matrix should be checked at the time of vouching. It covers the following:
The following procedure may be followed for internal audit of receivables:
Investigate reconciling items: The documentation for larger journal entries in accounts receivable should be reviewed by auditors.
Match invoices to dispatch log: Internal auditors ensure that sales are recorded in the correct period by matching invoice and shipment dates.
Confirm receivable balance: Auditors verify unpaid accounts receivable by reaching out to customers directly, particularly for larger balances but also for some minor ones.
Review payment receipts: In the event that it is not possible to confirm accounts receivable, auditors can verify customer payments using cash or bank records.
Sales/ Services/ Revenue return: Sales returns will be reviewed by internal auditors to detect any unusual patterns that could indicate inflated sales
Related party receivable: Internal auditors are capable of reviewing receivables from related parties to confirm their validity and ensure that they are recorded properly.
The internal auditor must ensure that all revenue transactions must be recorded in books of account as per AS9 “Revenue Recognition” and as per accounting policy it should be cross reconciled with goods dispatched/ challan issued with invoices issued to the customers.
Preliminary Audit Report
The preliminary audit report consists of the draft audit report after all comments have been resolved. It should be sent to the Proprietor/ Designated Partner/ MD/ CEO as a confidential document. They will have to provide a formal response to the recommendations in the report within a specified time.
Approval of proprietor/ designated partner/ MD/ CEO’s response to the preliminary audit report, the final report is prepared. The final report should be sent to the Proprietor/ Designated Partner/ MD/ Chairman of the Audit Committee and should be discussed at their next regularly scheduled meeting.
Internal auditing in the finance sector is essential to ensure the accuracy and reliability of financial information, the effectiveness of risk management and control process and compliance with applicable laws and regulations. By providing independent and objective assurance, internal auditors can help to protect the interests of stakeholders and promote the efficient and effective operations of the finance functions.
At Professional Utilities, we leverage our industry knowledge and expertise to help businesses navigate complex regulations, minimize risks, and optimize operations for maximum efficiency and profitability.
In order to ensure accuracy, transparency, and regulatory adherence, the finance department's internal audit involves independent examination of financial processes, controls, and compliance.
In the finance sector, an internal auditor is responsible for assessing financial processes, controls, and compliance, ensuring accuracy and integrity
Annual audits are the typical frequency, with more frequent audits for high-risk areas or significant changes in operations.
For cost-effectiveness and specialised expertise, some firms choose to outsource internal audit services to independent audit firms or consultants.
Speak Directly to our Expert Today
Reliable
Affordable
Assured