Microfinance Internal Audit Checklist

Narendra Kumar

04 Jun, 2019

Internal audit is a self-governing and objective assurance activity designed to add value and improve an organization’s operations.

What is Internal Audit?

• As defined by Institute of Internal Auditors, Internal Audit an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.
• The internal audit is a systematic activity which helps an organization achieve its objectives by bringing the disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
• It’s a duty of an Internal Audit to provide an unbiased and objective view.
• The internal audit activity has undergone by qualified, skilled and experienced people who can work in accord with the Code of Ethics and the International Standards.
• Internal Audit is a very critical function in the overall risk management system.

Internal audit of Micro Finance Institutes (MFIs)

• Internal audit is an independent check on the performance of the MFI.
• An internal audit shall be the independent function which should be free from operations. Independence is ensured by having completely separate staff team and the department reporting directly either to the Board of Directors or to the organization’s head.
• Many MFIs are of the opinion that by having an internal audit department one has managed most of its risk. However, risk management or overall internal control is a much larger job and internal Audits is only a part of it.
• The objective of Internal Audit is not to catch frauds or malpractices but more constructive, i.e. to add value and efficiency to the organization by mitigating the possibilities of malpractices.

An objective of Internal Audit:

• To detect fraud or misappropriation regardless of its size, magnitude other staff involved in
• To confirm if operational policies/processes are being adhered to all levels and to detect deviations
• To detect any malpractice, collusion or action on part of employees that is against the organizational policies/culture or can bring disrepute to the institution
• To check unethical staff behavior and to get a sense of organizational image as perceived by clients
• To provide feedback/opinion related to operational risks such as staff dissatisfaction, competition inappropriate policies or areas of potential conflict.

The requirement of Internal Audit of MFIs:

All MFIs shall be undergone for Internal Audit. MFIs shall appoint an Internal Auditor to conduct the internal auditor. An internal auditor should report directly to the Board of Directors and not to the Director or the senior management of the MFI. The finding of the audit may concern management at various levels, reporting to the same persons would create a potential conflict of interests. The audit report itself should be written in such a way that the identity of all contributors to the findings is protected. Otherwise, it will be increasingly difficult for the auditor to gather sensitive, critical information in future audits. Finally, an individual should never serve as an internal auditor for a unit(s) for which he or she has any direct operational or managerial responsibility.

Role of Internal Auditor:

Internal auditors work varied from the function to function. Below are some key areas of auditing:

• Assessing the management of risk:

The internal auditor shall evaluate an organization’s management of risk. All organization faces various risks, the auditor shall analyze the same. Since the success of any organization is depending on how they manage those risks effectively. The auditor shall assess the risk management processes, systems of internal control and corporate governance processes, across an organization.

• Assisting management in the improvement of internal controls:

An internal auditor shall intimate discrepancy in an organization to manage. An auditor also helps management in improving organization practice. If a manager is concerned about a particular area of responsibility, the internal auditor can help to identify improvements.

• Evaluating controls and advise all level managers:

An internal audit is covered from mailroom to the boardroom is involved in internal control. The internal auditor shall evaluate the risk and report on the effectiveness of the implementation of management policies.

• Evaluating risks:

It is the duty of Management to identify risks affects the organization’s growth and indicate to the internal auditors which helps them to expect possible future concerns and opportunities providing assurance, advice, and insight where it is most needed.

• Analysing operations and confirm information:

A systematic audit helps in attaining objectives and managing valuable organizational resources. Internal auditors work diligently with line managers to review operations then report their findings.

• Working with other assurance providers:

Any guarantee provided to executive management and the board’s audit committee that risks are being managed effectively is not covered under the scope of an internal audit. There are likely to be other assurance providers who perform a similar role.

The Scope of Audit:

It is a common feeling that audit means just checking of books of accounts and vouchers. Since we know the scope of an internal audit is very large, which is also evident from the objectives that the function has to achieve. Following are the border functions of Internal Auditor:

Financial reports and records:

Scrutinise all the receipts, vouchers, ledgers, cashbooks, client passbook, MFIs bank passbooks, cash balances.

Loan documents:

Loan applications, promissory notes and other documents required as per policy related data entered into Excel spreadsheets or software.

Client visits:

Scrutinise meeting discipline on timing, conduct, staff and client discipline, check passbooks interact with clients can also check loan utilization.

Other observation:

Staff discipline, hygiene, file arrangements and cataloging.

The scope of an Internal audit is wide to cover and to cross-check various reports. The basic idea is to check any kind of policy deviation or identify any situation, which can be a risk for the organization.

Conclusion:

Internal audit plays the vital role in managing risk of an MFI and allows feedback to the top management. An internal audit can significantly control MFIs risk and is, therefore, it is an indispensable function.