Professional Documents
Culture Documents
Group Members
Iqra shaikh
Hina Awan
Ramsha Aftab
Talia Iqbal
Ali Raza Jaffry
Awais Mumtaz
Introduction
An audit is an objective examination and evaluation of the financial
statement of an organization to make sure that the records are fair and
accurate representation of the transactions they claim to represent. (Ref)
Audit objectives
Primary Objective
To produce a report by the auditor of his opinion of the truth and fairness of
financial statements so that any person reading and using them can belief
in them.
Secondary Objective
To detect Error and Fraud
To prevent Errors and fraud by the deterrent and moral effects of Audit
History of Auditing
Timeline (Inshort)
Types of Audit
]
Internal
audit
Internal Audit in banking Sector
Internationally
In Pakistan
External audit
Audit process
Literature Review
Types of Risks faced by banks
Best practices in internal audit
Relationship b/w internal audit characteristics and
risks
Empirical researches
Market risk
Systemic risk
Operational risk/fraud risk
Liquidity risk
Credit risk
Reputational risk
Market risk
Market risk is the risk that the value of an investment will
decrease due to moves in market factors.
The four standard market risk factors include:
Equity risk, or the risk that stock prices will change.
Interest rate risk, or the risk that interest rates will change.
Currency risk, or the risk that foreign exchange rates will
change.
Commodity risk, or the risk that commodity prices (i.e. grains,
metals, etc.) will change.
Systemic risk
OPERATIONAL RISK
Operational risk is the prospect of loss resulting from inadequate or failed
procedures, systems or policies. Any event that disrupts business
processes.
Types of Operational risk.
Internal fraud
External fraud
Employment practices and workplace safety
Clients, products, & business practice
Damage to physical assets
Business disruption and systems failures.
Fraud risk
Bank fraud is the use of potentially illegal means to obtain money, assets, or
other property owned or held by a financial institution, or to obtain money
from depositors by fraudulently posing as a bank or other financial
institution.
The four biggest fraud in banks
Electronic fraud.
Identity theft
Credit/Debit card fraud
Cheque fraud.
Reputational Risk
Reputational risk, often called reputation risk, is a risk of loss resulting from
damages to a firm's reputation, in lost revenue; increased operating, capital
or regulatory costs; or destruction of shareholder value, consequent to an
adverse or potentially criminal event even if the company is not found guilty.
Adverse events typically associated with reputation risk include ethics,
safety, security, sustainability, quality, and innovation.
Liquidity Risk
Credit Risk
credit risk refers to the risk that a borrower may not repay a loan and
that the lender may lose the principal of the loan or the interest
associated with it.
Credit default risk
A credit risk is the risk of default on a debt that may arise from a
borrower failing to make required payments. In the first resort, the risk is
that of the lender and includes lost principal and interest, disruption to
cash flows, and increased collection costs.
Concentration risk
Concentration risk is a banking term denoting the overall spread of a
bank's outstanding accounts over the number or variety of debtors to
whom the bank has lent money.
Country risk
Country risk is the risk that a foreign government will default on its bonds or
other financial commitments. Country risk also refers to the broader notion
of the degree to which political and economic unrest affect the securities of
issuers doing business in a particular country.
Sovereign Risk
Sovereign risk is the risk that a foreign central bank will alter its foreign
exchange regulations, significantly reducing or completely nullifying the
value of its foreign exchange contracts.
Counterparty Risk
Best
Practices
Best Practices
Following are the possible best practices of internal audit department, which can
mitigate all the possible risks faced by commercial banks of Pakistan:
Mandate
Clear objectives and enterprise-wide authority.
Authority to carry out its responsibilities independently.
Right of access to the institutions records.
A requirement to express an opinion on the effectiveness of controls.
Authority to follow-up.
The mandate is communicated within the institution.
Organizational Structure
Stature and authority of the function head to be effective in fulfilling its
mandate.
Direct access to the CEO and the Board (or Audit Committee).
Internal Audit department structure.
Independence of activities and day-to-day internal control processes.
Resources
Level of resources necessary to carry out responsibilities.
Qualifications and competencies of staff.
Continuing professional development programs to enhance staff
competencies.
Planning
Adequacy of policies and practices to review audit cycles in response to
changes in the institutions environment and risk profile.
Extent to which the annual audit planning process clearly identifies audit
objectives and scope of work.
Reporting
Adequacy of policies and practices to report audit findings and
recommendations to management.
Adequacy of policies and practices to follow-up on the resolution of audit
findings and recommendations.
Quality Assurance
Adequacy of policies and practices for monitoring of audit staff to ensure
that they comply with standards of professional practice and utilize
approved methodology in executing their reviews.
Board Oversight
Extent to which Board (or Audit Committee) approval is required for the
appointment and/or removal of the Audit head.
b) The internal auditing mandate, resources and the annual work plan.
Adequacy of policies and practices to report periodically to the Board (or
Audit Committee) on audit findings, recommendations and progress in
meeting annual audit plan.
CHARACTERISTICS OF BEST
PRACTICES OF INTERNAL AUDIT
Mandate
.
Business risk
Credit Risk
Operational risk
Market Risk
Systemic Risk
Organization Structure
2.1 Appropriateness of the stature and
authority of the function head within
the organization for the function to be
effective in fulfilling its mandate.
2.2 Extent to which the function head
has direct access to the CEO and the
Board (or Audit Committee).
2.3 Appropriateness of the functions
organization structure.
2.4 Extent to which the function is
independent of activities it audits and
day-to-day internal control processes.
Resources
3.1. Adequacy of the functions
processes to determine the required:
a) Level of resources necessary to
carry out responsibilities;
b) Qualifications and competencies of
staff; and
c) Continuing professional
development programs to enhance
staff competencies.
3.2 Adequacy of the functions
resources and appropriateness of its
collective qualifications and
competencies for executing its
mandate.
3.3 Sufficiency of staff development
programs
Reporting
6.1. Adequacy of policies and
practices to report audit findings and
recommendations to management.
6.2. Adequacy of policies and
practices to follow-up on the
resolution of audit findings and
recommendations.
Quality Assurance
7.1 Adequacy of policies and practices
for monitoring of audit staff to ensure
that they comply with standards of
professional practice and utilize
approved methodology in executing
their reviews.
Empirical Researches
Name of Paper
Robert P.
LIFO-FIFO,
Derstine and
Accounting Ratios
Ronald J. Huefner and market risk
Thomas J.
Linsmeier, Daniel
B. Thornton,
Mohan
Venkatachalam
and Michael
welker
The Effect of
Mandated Market
Risk Disclosures on
Trading Volume
Sensitivity to
Interest Rate,
Exchange Rate, and
Commodity Price
Movements
Year
Objective
Methodology
Results
1974
The summary
statistics for market
studies, Beaver,
sample size: 90
risk are similar to
Kettler, and Scholes companies
those reported by
attempted to relate
other studies.'4 The
some accounting
sampling combined sample
ratios which can be technique: convenient mean of 0.917 is
viewed as measures , Moody's Industrial close to the value of
of the riskiness of a Manuals
1.0 which represents
firm's securities to the
the "average"
familiar "beta"
country/state:
riskiness of all New
market risk measure.
Chicago
York Stock Exchange
firms that comprise
Fisher's index.
2002
Systemic risk
Name of
Author
Name of
Paper
Year
The
Determinants
Pasquale di
of Systematic
Biase&Elisa
Vol. 4, No. 11;
Risk in the
bettaDApoli
2012
Italian
to.
Banking
System.
Objective
Methodology Results
Results indicate
that bank
equity beta
correlates
We use a
positively with
Provides an
number of
bank size and
insight to the
regression
with the relative
main
models to test volume of loans
determinants
the statistical
and intangible
behind the
significance of a assets. We find
systematic risk wide range of no evidence
of banks.
bank-specific
that lower
risk factors.
leveraged
banks may be
exposed to
lower
systematic risk.
Liquidity Risk
Name of
Author
Name of
Paper
The Effect of
Liquidity Risk
Naser Ail
on the
Yadollahzade
Performance
h Tabari,
of Commercial
Banks
Year 2Objective
Methodology Results
In this research,
the
performance of
fifteen Iranian
banks is
examined (Note
The result
2) during an
shows that
eight-year
liquidity risk
period from
has a
2003 to 2010
significantly
using of panel
negative effect
data.
on both criteria
The required
of the
data is drawn
performance
from the studied
i.e. return on
banks and the
asset and
data related to
return on
Macro economic
equity. It
variables
means that
including the
liquidity risk
growth of gross
will cause to
domestic
weaken the
product,
performance of
consumer price
bank.
index are drawn
from central
Credit Risk
Name of Author
Name of
Paper
The Impact of
the Internal
Audit in
Reducing
Shqipdona
Hashani Siqani & Credit
Edona Sekiraca Risk in
Commercial
Banks in
Kosovo
Effect of
internal
Ellis Kofi Akwaa controls on
Sekyi & Jordi
credit risk
Moreno Gene
among listed
Spanish
Year
Objective
January,
2016
The paper
examines the
effectiveness of
internal control
systems, credit
default risk as a
result of internal
control systems
and establishes
Methodology
Results
The results
showed that
This research
credit risk is the
was conducted
dominant risk in
by surveys and
which the
the
banking system
questionnaires,
in Kosovo is
which were filled
exposed.
by directors of
Therefore, any
audit
commercial bank
departments of 7
operating, in
commercial
Kosovo, must
banks. (27
have a system
Questions)
for managing
credit risk.
Findings showed
that there is
significant effect
of internal
controls on credit
Quantitative
risk especially
research
the control
approach is used environment,
to test
risk
hypotheses on
management,
the relationship control activities
between internal and monitoring.
controls and
The non-
Name of Author
Name of
Paper
Year
Objective
Methodology
Results
Operational Risk
Name of
Author
Name of Paper
Year
Methodology
Results
The Determinants
of Operational
ANNA
Risk in U.S.
2011
CHERNOB
Financial
AI
Institutions
1) Sample: 30 U.S.
Banks
2) Sampling
Technique:
Convenient.
3) Country: United
States of America.
4)Questionnaire
5) Regression
Analysis: Poisson
Regression Model
JOS
FRANCIS
CO
MARTNE
ZSNCHEZ
A
1) Sample:
Commercial Banks
2) Sampling
Technique: Random
sampling technique.
3) Country: Mexico.
5) Regression
Analysis: Bayes
Theorem.
An analysis on
operational risk in
international
2016
banking: A
Bayesian
approach
Reputational Risk
Name of
Author
Walter, Ingo
Name of
Paper
Reputational
Risk and
Conflicts of
Interest in
Banking and
Finance: The
Evidence So
Far
Year
Objective
Methodology
Results
An analytical study
have been conducted
a. Define reputational
through this paper on
risk in financial
The loss of an
the case of The Bank
intermediation and to
institution's franchise
of Spain taking
identify the proximate
value can far outweigh
control of the
sources of reputational
an accounting loss when
country's fourth
risk facing financial
its reputation is called
largest bank, Banco
services firms. b. The key
into question.
Espaol de Crdito
drivers of reputational
Managements and
(Banesto) and
risk in the presence of
boards of financial
subsequently
transactions costs and
intermediaries must be
declining the shares
imperfect information in
convinced that a good
of JP Morgan & Co., a
financial markets,
defense is as important
U.S. bank holding
surveys empirical
as a good offense in
company closely
research in the literature
determining sustainable
involved with
2006 on the impact of
competitive
Banesto. They
reputational losses
performance. It is
created a sample
imposed on financial
probably leadership,
prediction of returns
intermediaries, and
more than anything
on Morgan stock and
presents some new
else, that separates
compared the
empirical findings. c. The
winners from losers over
predicted returns
link between reputational
the long term the
with actual returns
risk and exploitation of
notion that appropriate
on Morgan shares
conflicts of interest in
professional behavior
after the Banesto
financial intermediation.
reinforced by a sense of
event
d. Considers some
belonging to a quality
announcement. The
managerial requisites for
franchise constitutes a
difference was
dealing with both
decisive comparative
considered the
reputational risk and
advantage.
excess return
conflicts of interest.
attributable to the
Name of Author
Name of
Paper
Year
Objective
Methodology Results
draws heavily
on
To explore the
management
proposition that research.
The concept of reputation risk
corporate social Secondary
Corporate
management could assist in the
responsibility
data, drom
Social
understanding of corporate social
Bebbington, Jan;
reporting could various cases
Reporting and
responsibility reporting practice.
Carlos, Larrinaga;
2008 be viewed as
have been
Reputation
This paper explores the link
Moneva, Jose M.
both an outcome analytically
Risk
between reputation risk
of, and part of
studied to draw
Management
management and existing
reputation risk
out the scarce
theorizing in social accounting.
management
linkages
processes.
between
reputation and
CSR reporting.
Soh, Dominic
S.B.; Bennie,
Nonna
Martinov
Internal auditors
perceptions of their
role in
environmental,
social and
governance
assurance and
consulting
Year
Objective
Methodolog
y
a. To investigate the
nature and extent of
internal audit
functions(IAFs)
involvement in
environmental, social
and governance
assurance (ESG) and
consulting in Australia.
Data were
B.To identify emerging
collected from
priorities, and the
100 Chief Audit
professions capacity
Executives and
2015 to respond to these. c.
internal audit
explores internal audit
service provider
practitioners
partners through
perceptions of the
a survey.
current and future
importance of these
issues and the
adequacy of their skills
and expertise in
meeting the challenges
associated with their
involvement in these
areas.
Results
Methodology
Research Method
Qualitative & Quantitative Research
Data Collection
Primary Data
Interviews & Questionnaires
Secondary Data
Research Papers
Sample
Sample size 10 banks
List of banks
HABIB BANK LIMITED,
UNITED BANK LIMITED,
ALLIEDBANK OF PAKISTAN
SONERI BANK OF PAKISTAN
SUMMIT BANK
SILK BANK
ASKARI COMMERCIAL BANK OF PAKISTAN
MUSLIM COMMERCIAL BANK
ALFALAH BANK
FAYSAL BANK & HABIB METROPOLITAN BANK
Research Technique
Questionnaires filled by Head of Audit departments in Local Banks
Interviews
Data Analysis
Regression analysis using SPSS software
INTERVIEW
ANALYSIS
S.NO
Questions
Analysis
Does internal audit have clear objectives and HBL has well defined objectives and has authority to
enterprise-wide authority for its activities?
perform its activity.
S.
No
Questions
Analysis
S.NO
Questions
Analysis
10
11
12
How would you rate the adequacy of policies Audit methodologies in HBL conform to banking
and practices, in your organization, to ensure industry practices and current professional
that audit methodologies conform to generally standards. The adequacy of policies was rated at 3
accepted industry practices and current
on a 0 to 4 scale.
professional standards?
.
S.NO
Questions
Analysis
14
15
16
13
S.NO
Questions
Analysis
S.NO
Questions
Analysis