Bank Audit Approach

  • A- Annual Audit to Financial Statements of Banks
    Scope of work
    We will perform a full scope audit of the financial statements of the Bank. our principle objective as laid down by International Standards on Auditing to express an opinion on truth and fairness to the financial statements. The opinion will include whether the financial statements present fairly the financial position and results of operation of the Bank in accordance with the international accounting standards and comply with the central bank’s regulations
    Usually as required, our report indicates the financial reporting framework that has been used to prepare the bank’s financial statements.
    Our audit will be carried out in accordance with the international standards on auditing (ISA) and accordingly include such test of accounting records, selection of items on a test basis, evaluation of accounting policies adopted by the bank’s management and accounting estimates and such other auditing procedure that consider necessary in the circumstance

  • Management Responsibilities
    The financial statements are responsibility of the bank’s management. Management is responsible for properly recording transactions in the accounting records, adjusting records, maintaining and effective internal control structure over financial reporting and identifying and ensuring that bank complies with central bank regulation and pronouncement.
    Management is responsible to make available to us all information and explanation that we considered necessary for our audit.
    As required by International Standard on Auditing – we need to obtain written representation from management on matters material to the financial statements when other sufficient appropriate audit evidence cannot reasonably be expected to exist

  • Audit Report
    We will issue our audit report on Bank’s financial statements and related profit and loss account, changes in shareholder; equity and cash flow for the year. This report according to the ISA will contain:
    1. Opinion .
    2. Basis of opinion.
    3. Key Audit Matters.
    4. Responsibilities of Management and those Charged with Governance for the Financial Statements.
    5. Auditor’s Responsibilities for the Audit of the Financial Statements
    6. Report on Other Legal and Regulatory Requirements
    We will issue a management letter including our observation and recommendation to enhance the internal control structure and improve the accounting and operational procedure

  • Audit Approach to Financial Statement Audit (Audit Process) Planning the audit
    1.Obtaining a sufficient knowledge of the bank’s business’ and governance structure, and sufficient understanding of the accounting and internal control systems, including risk management and internal audit functions (Business risk appendix)
    2.Considering inherent and control risks, i.e
    - risk that material misstatement occur (inherent risk)
    - risk that bank bank’s system of internal control does not prevent or detect and correct such misstatement on a timely basis(control risk)
    3.Determining the nature, timing and extent of audit procedures to be performed.
    4.Considering going concern assumption i.e. bank ability to continue in operation for the foreseeable future.

  • Firm’s Familiarity with Bank’s audit
    1.Firm’s senior partner (Medani Malik) is the Fellow member of the Royal Chartered Association of Certified Accountant (FCCA) (UK)
    2. He is an initiator of the Auditor’s General Sudan policies and procedures regarding bank audit. Develop audit plans, programs, review system and reporting in line with standards and regularity bodies requirement i.e. Central Bank, stock exchange
    3.Our firm is familiar with the characteristic that generally distinguish banking business, these include
    - Banks have custody of large amount of monetary items, including cash and negotiable instruments, whose physical security has to be safeguarded during transfer and while being stored. Also have custody to other assets that are readily transferable in electronic form. The liquidity characteristic of these items make bank vulnerable to risks, so they need to establish formal operating procedure, well- defined limits for individual discretion and rigorous systems of internal controls.
    - Bank operate with very high leverage (Ratio of capital to assets is low)- which increase bank risks
    - Banks have assets can rapidly change in value. Consequently a relatively small decrease in assets value may have a significant effects on their capital.
    - Bank derive significant amount of their funding from short- term deposit. A loss of confidence by depositors in the bank’s solvency may quickly results in a liquidity crisis.
    - Banks have fiduciary duties in respect of the assets they hold that belong to other persons. This may give rise to liabilities for breach of trust. So they need to establish operating procedure and internal control to ensure that they deal with such assets only in accordance with the terms on which the assets were transferred to the bank.
    - Widespread use of information technology (I/T). need special audit (I/T Audit)
    - Bank operate through networks of branches and are geographically dispersed. This involve a greater decentralization of authority
    - Bank transaction may often be directly initiate and completed by customer without any intervention by the bank employees i.e. internet or through Automatic Teller Machine (A T M s).

  • Issues to be considered:
    - Specifically when developing an overall audit plan for Bank audit t we give particulars attention to:
    -Complexity of transaction
    - Contingent liabilities and off- balance sheet items
    - Regularity body regulation and pronouncement
    - Information Technology
    - Work of internal auditing
    - Assessment of audit risk
    -Materiality
    - Geographical spread of the bank
    - Existence of related party transactions
    - Going concerned

  • with all the above and other consideration our firm aware of
    - Particular nature of the risks associated with transaction undertakes by the bank
    - Scale of banking operation and the resultant significant that may arises in a short period
    - The extensive dependence on I/T to process transactions
    - The effect of Central Bank Regulation and pronouncement
    - The continuity development of new product and bank procedure
    - Credit review and expected credit loss (ECL) and compliance with the relevant international standards (IFRS) (IAS)
    - Compliance with regularity body regulation (CBOS)
    - Compliance with bank policies and procedure

  • Audit Approach
    Our audit approaches include:
    - Identification of business risk that may have a significant impact on the financial statements
    - Identification to the process for managing these business risks
    - Identification of significant classes of transaction and how the bank process them
    - Applying firm knowledge of banking industry to develop expectation about assumption
    embodied in the financial statement and compare with the financial results
    - Our understanding of risks include testing the design of the appropriate control.

  • Communication Process
    Medani Malik (FCCA) senior partner would be in charge of the bank’s audit and discuss all audit aspect with the top management. These include:
    a. Terms of engagements.
    b. significant audit findings
    c. draft management letter and recommendation before finalized
    d. draft auditor’s report before being finalized
    e. signing of audit report’s

  • Firm and Partner Experience in Bank‘s Audit
    Recently Medani & Co nominated as external auditor of :
    1. Eltdamon Islamic Bank (6 years) .
    2. banque sahelo saharienne (Sudan) (5 years).
    3. Alnile bank (4years).
    4. Qatar Islamic Bank (Sudan) (4 years).

  • Public Sector Audit
    - Public sector corporations ordinarily prepare financial to report on their financial position, results of the operations and cash flow for use by legislators, government departments. The audit of such financial statements is responsibility of National Audit Chamber (i.e. Supreme Audit Institution) (SAI).
    - However the chamber may nominate private audit firm to carry out such audit. Our office is highly qualified to do that audit as beside that the senior partner (Medani Malik) is ex- first deputy auditor general of Sudan responsible for government corporation banks and he who play a major role to standardize the financial reporting of the government's corporation in compliance with public sector information standard (IFAC) and legislator requirements.
    - Also our firm is well equipped with public sector accounting standards issued by IFAC and all Sudan government laws and regulations.
    - Our firm also aware that financial statements of governments enterprises may include information that is different from that contained in the financial statements of private sector entities. So we have an appropriate modification to nature timing and extent of audit procedure and audit report.
    - Our firm also, in compliance with stated objectives of government enterprise, look into additional information in the annual reports regarding performance indicate relating to such mattes on productivity levels, quality and volume of services and the extent to which particular services delivering objectives have achieved.
    - We also aware that public sector corporation may be required to report on:
    a. Compliance with legislative or regulatory requirement and related authorities.
    b. Adequacy of accounting and internal control systems.
    c. Economy, efficiency and effectiveness of program, projects and activities.

  • IT Environmental Audit
    1. Our office is fully acquainted with controls in a computerize system, and the procedure to test those controls.
    2. These controls may include use of passwords and specialized access control software such as on- line monitors that maintains control over the menus, authorization labels, password, files and programs, that user are permitted to access.
    3. Also controls may include physical controls such as the use of key locks in terminal devices locked computer rooms and in activity time- outs.
    4. Other aspect of controls in a computer system include:
    - controls of password
    - system development controls
    - programming controls
    - transaction logs
    - firewall
    - pre- processing authorization
    - terminal devices edit, reasonableness
    and other validation tests, programmed, routines that check the input data and processing result for completeness, accuracy and reasonableness. These entries include the following checks.
    5. Sequences
    6. Limit
    7. Range
    8. Reasonableness
    - input error reporting
    - cutoff procedures
    - file controls
    - master file controls
    - balancing
    9. Our firm is continuously improving the effectiveness and efficiency of the audit procedure by using computer as an audit tool.
    10. Thus by using computer assisted audit techniques (CAATS) to perform various auditing procedure include:
    - Test of details of transaction and balances
    - Analytical procedure
    - Test of general controls
    - Sampling (extraction of data for test)
    - Test of application controls
    - Reperforming calculations

  • Our audit procedure
    1. In compliance with international standards on auditing (ISA), we plan our audit work so that the audit will be performed in an effective manner.
    2. In compliance with international standards on auditing (ISA), we would obtain a preliminary knowledge of the industry and of the ownership management and operations of the entity to be audited and would consider whether a level of knowledge adequate to perform the audit can be obtained.
    3. Also in designing the audit plan our office established an acceptable materiality level so as to detect quantitatively material misstatement fraud and errors. In this content we consider materiality and it's relationship with audit risk when conducting an audit.
    4. When designing audit procedure, we determine appropriate means for selecting items for testing so as to gather audit evidence to meet the objective of audit test.

Contact us