. INTERNAL CONTROL AND COMPLIANCE POLICY & PROCEDURES-2016 [Risk Based Internal Audit Manual, Audit Compliance Manual, Audit Monitoring and Controlling Manual and IT Manual] (ApprovedAgrani in the 481th Board Bank of Directors‘ LimitedMeeting held on 28/11/2016 ) Agrani Bank Bhaban 9D, Dilkusha Commercial Area, Dhaka-1000, Bangladesh www.agranibank.org [As per 481th Board of Directors‘ meeting, dated: 28/11/2016 ratification on Audit Committee decision, memo no. , dated: 09/11/2016 regarding amendment in different section of this policy is formed and would be treated as ICC Policy and Procedures-2016.] Agrani Bank Limited Agrani Bank Bhaban 9D, Dilkusha Commercial Area, Dhaka-1000, Bangladesh www.agranibank.org 0 ICC Policy and Procedures 2016 Preface Banking has evolved into a diversified and complex financial activity which is no longer limited within the geographic boundaries of a country. The issues of effective internal control systems, corporate governance, ethical banking, transparency and accountability and regulatory compliance have become prime need for high-level performance. Banking operations involve both inherent and acquired risks in the pursuit of value creation. To avoid the complexities and risk arising out of those activities some sort of internal corrective measures must be there. Internal control is now being termed as an integral part of the daily activities of a bank assuring the Bank‘s management and stakeholders that the Bank‘s service delivery systems are efficient, safe and compliant with all their expectations. Further, audit activities are the most important means of reinforcing control systems through the regular review of operations. Effective Internal Control System results in better risk management practices in terms of identification, management, monitoring and mitigation of risks. This ensures reliable financial and managerial information that promote better strategic decision for a bank. Internal Control and Compliance (ICC) ensures compliance with laws and regulations, policies and procedures issued by both the bank management and the regulators. ICC enhances confidence over the bank and facilitates risk based bank examination. Risk management and control are not burden on business; rather this is one of the scientific means by which business opportunities are maximized and potential losses associated with unwanted events are reduced. In this manual the procedures, rules and guidelines are assembled in such a way that the related officials can easily use it as a reference manual in discharging their duties and responsibilities perfectly and efficiently. This manual will ensure uniformity and consistency in audit compliance procedure and establish a set of standard in this regard. This Manual reflects the hopes and aspiration of Bangladesh in ―Internal Control and Compliance‖ system of Agrani Bank Limited. Here nothing is new; rather everything is to fulfill the requirement of Audit. Considering the changing environment of banking business and requirement of Bangladesh Bank for reviewing the policy every year, ABL management has taken decision for the amendment in some 1 ICC Policy and Procedures 2016 paras of ICC Policy as well as Manuals. ABL‘s Board nominated Audit Committee has approved those amendments and is incorporated in ICC Policy and Manuals. I sincerely believe that this manual will strengthen Internal Control and Compliance system of our Bank. This will play a vital role towards achieving our goal for a modern and vibrant Agrani Bank Limited. Thanks are due to all concerned Executives and Officers who have put their sincere efforts to prepare this manual. 2 ICC Policy and Procedures 2016 INDEX Chapter Subjects Page No. A. Internal Control & Compliance (ICC)Policy Chapter One Universal Discussion of ICC 1.1 Mission Statement 07 1.2 Vision Statement 08 1.3 Executive Declaration 08 1.4 Preamble 09 Chapter Two Policy Guideline and Responsibilities 2.1 Internal Control 10 2.2 Components of Internal Control 10 2.3 Internal Control Environment 10 2.4 Objective of Internal Control 10 2.5 Control Activities and Segregation of Duties 10 2.6 Corrective measures to be taken by ICC 11 2.7 Scope of Internal Control and Compliance System 11 Chapter Three Policy Guide line for Internal Control 3.0 Policy Guide line 12 3.1 Responsibility of the Board of Directors 12 3.1.1 Responsibility and power of the Board of Directors 12 3.2 Structure & Responsibility of the Audit Committee of the Board 13 3.2.1 Organizational Structure 13 3.2.2 Qualification of the members of the Audit Committee 13 3.2.3 Roles & Responsibilities of the Audit Committee 13 3.3 Responsibility of the Senior Management 15 3.3.1 Function of the Senior Management Team 15 3.3.2 Management Reporting System 15 3.4 Role of External Auditors 15 3.5 Dispute Settlement 15 Chapter Four ICC Related Issues 4.0 Introduction 16 4.1 The Organizational Structure of ICC 16 4.2 Structure of ICC 16 4.3 Departmental Charter of ICC 18 4.4 Standards of the Best Professional Practices 18 4.5 Head of ICC 19 4.5 (a) Head of ICC 19 4.5 (b) Head of Audit 19 4.6 Roles & Responsibilities of Internal Auditors 19 4.7 Auditors‘ Ethics & Qualifications 19 4.7.1 Auditors‘ Qualifications 19 4.7.2 Internal Auditors‘ Ethics 19 4.8 Appraisal of ICC Officials 19 4.9 Training and Development 19 4.10 4.10.1 Home Training 20 4.10.2 Out Reach Training 20 4.10.3 Abroad Training 20 4.11 Job Rotation 20 4.12 Mandatory Leave 20 4.13 Recreational Leave 20 3 ICC Policy and Procedures 2016 Chapter Subjects Page No. Chapter Five General Matter of Audit 5.0 Definition of Audit 21 5.1 Objectives of audit 21 5.2 Auditors Right 21 5.3 Responsibilities of the Auditors 21 5.4 Auditors punishment 22 5.5 Basic Principles of Auditors 22 5.6 Types of audit 22 5.7 Internal Audit 22 5.7.1 Internal Audit 22 5.7.2 Principles of internal audit 22 5.7.3 Reporting 24 5.7.4 Importance of internal audit 24 5.8 External audit 24 5.8.1 Types of External audit 24 5.9 Concurrent Audit 25 5.10 TOR of Concurrent Audit 25 5.11 Reporting of Concurrent Auditors 25 5.12 Lapses 25 5.13 Punishment 26 5.14 Reward/Incentive for Auditors 26 5.15 System Audit Software 26 5.16 Wrap-up Meeting 26 Chapter Six IT Audit 6.1Definition of IT Audit 27 6.2Purposes/Objectives of IT Audit 27 6.3 Types of IT Audit 27 Chapter Seven Miscellaneous 7.1 Inspection Concluding meeting (Account finalization)-finalization of quick 28 summary report/annual accounts 7.2 Special Board Meeting on compliance of annual inspection report of 28 Bangladesh Bank 7.3Liaison meeting 28 7.4Self-assessment anti-fraud internal control of the bank 28 7.5 Sharia Based Audit 28 B AUDIT PROCEDURES [Risk Based Internal Audit Manual, Audit Compliance Manual Audit Monitoring and controlling Manual and IT Audit Manual] A. Risk Based Internal Audit Manual Chapter One Audit Procedures 1.0 Introduction 29 1.1 Audit procedures 29 1.2 Master Audit Plan 29 1.3 Preparation of Audit Plan 29 1.3.1 Prioritization for audit 29 1.3.2 Formation of Audit Team 30 Chapter Two Control Risk assessment 2.1 Assessing Business and Control Risk 31 2.1.1 Internal factors 31 2.1.2 External factors 31 2.2 Risk Model Construction 31 4 ICC Policy and Procedures 2016 Chapter Subjects Page No. 2.3 Risk Recognition & Assessment 31 2.4 Risk Analysis of Control Functions 32 2.5 Risks Based Internal Audit (RBIA) 32 2.5.1 Steps in adopting Risk Based Internal Audit 32 2.5.2 Development of Formats For Risk Assessment 32 2.5.3 Risk Assessment of Branch as a whole 32 2.6 Conduct of on-site Audit and Report findings 34 2.6.1 Conduct of offsite risk assessment of branch 34 2.6.2 Risk Rating Frequency Sample Volume 35 Chapter Three Core Risk Management 3.1 Core Risk 36 3.1.1 Credit Risk 36 3.1.2 Asset Liability Risk 37 3.1.3 Foreign Exchange Risk 38 3.1.4 Internal Control & Compliance Risk 38 3.1.5 Money Laundering Risk 39 3.1.6 Information and Communication Technology (ICT) Risk 39 3.1.7 Environmental & Social Risk 40 Chapter Four Concept of Inspection 4.1 Definition of Inspection 41 4.2 Objectives of Inspection 41 4.3 Types of Inspection 41 4.4 Functions of Inspection 41 4.5 Audit & Inspection Procedures used in Agrani Bank Ltd 41 4.6 Outline of Inspection function 41 4.7 Rules to be followed during inspection 42 4.8 Reporting procedures/ Rules 42 4.9 Follow up procedures of Inspection Report 42 B. IT Audit Manual Chapter One 1.1 IT Audit Process 43 1.2 IT Audit Role 43 1.3 Risk Assessment 52 C. Audit Monitoring and Controlling Manual Chapter One Introduction And Monitoring System 1.1 Monitoring 62 1.2 Monitoring Activities and Corrective Measures 62 1.3 Objectives of Monitoring Department 62 1.4 Application of monitoring system 62 1.4.1 Departmental Control Function Checklist (DCFCL). 63 1.4.2 Loan Documentation Checklist 63 1.4.3 Quarterly Operations Report 63 1.5 Annual ICC Report on the health of the Bank 63 1.5.1 Annual Integrated Health Report 63 1.5.2 Objectives of Annual Health Report 63 1.5.3 Methodology of Assessing Health 63 1.5.4 Frequency of Health Analysis 64 1.5.5 Reporting Line & Its Approval process 64 D. Audit Compliance Manual Chapter One Compliance 1.1 Definition 65 1.2 Overview 65 1.3 Compliance Process 65 5 ICC Policy and Procedures 2016 Chapter Subjects Page No.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages236 Page
-
File Size-