NBFCs Internal Audit Policy: Scope and Objective

Shubham Chauhan

25 Jun, 2020

What is NBFC?

Non-Banking Financial Companies (NBFCs) are financial institutions registered under the Companies Act, 1956 which are engaged in the business of loans and advance, acquisition of shares/stocks/bonds/debentures/securities issued by Government or Local authority. NBFCs don’t include any institution whose principal business is that of agriculture activity, industrial activity, purchase or sale of any goods or providing any services and sale/purchase/construction of the immovable property. An institution which is a company and has the principal business of receiving deposits in one lump sum or installments or any other manner is also a Non-Banking Financial Company (NBFC). In this blog, we will discuss the Internal Audit of NBFCs.

Importance of NBFCs Internal Audits

NBFCs conduct an Internal Audit yearly. Internal Audits are critical to identify the problems in the functioning of the company and hence work upon the issues. It assures that all the business assets of the company are adequately secured and safeguarded from the threats. Internal Audit is essential as it improves the environment of an organization by analyzing the efficiency and effectiveness of the company.

Types of NBFC

NBFCs are further divided into the following types:

Classification of NBFCs

Objectives of Internal Auditing

• To find compliance with statutory and regulatory requirements
• To find compliance with  norms laid down by the company
• To verify whether the quality of assets is as per approved rules
• To determine, integrity, security, and controls in the information system are at acceptable standards
• To identify deficiencies in the internal control system and recommend procedures to plug the control gaps.

Scope of Internal Auditing

Scope of Internal Auditing includes the examination and evaluation of the effectiveness of the internal system and the quality of performance in managing responsibilities at an organizational, departmental, and functional level. Scope of Internal Auditing includes:

• Review of the reliability of financial and operating information
• Assessment of compliance with policies, plans, and procedures.
• Assessment of compliance with laws and regulations
• Verification of quality of assets
• Review of the efficiency with which resources such as IT Resources are employed.
• Evaluation of the effectiveness of the company’s operational risk management
• Assessment of the adequacy of internal controls for all new or slightly modified information systems.
• Review of specific operations, programs, functions or activities at the request of the Audit Committee or management.

The Internal Audit Department serves as a consulting resource for the review of policies and procedures, financial and administrative systems, and other related other administrative activities. Moreover, this department serves as a consultant for the development of new or significantly modified functional areas and computer-based financial and management information systems.

NBFCs Procedure of Internal Audit

Audit Plan

To get the audit done for an NBFC, the Head of the Audit Department prepares an audit plan at the start of the year and gets it approved by the Audit Committee of the Board. The frequency of audit of an activity/function is determined based on the risk perception. All the activities of a Company get audited at least once a year.

Audit Reporting

• The Auditor prepares an Audit Report after the conclusion of each audit. The report gets finalized after a discussion with the head of the department.
• The Report includes a time-frame for the completion of action to be taken for irregularities found in Audit.
• The Head of Internal Audit System reports to the audit committee as per frequency laid down by the board^[1].

Documentation of Internal Audit

Internal Audit has the authority to audit all the functions of the company and hence have complete access to all information, programs, database and all the documents required for audit. The Auditor prepares audit documentation based on all the reports collected by him. These documents may be kept in paper form or electronic form. Documents are recalled in case of any dispute on audit findings.

Responsibility of an Auditee

During an Audit, the department or service under review should provide full cooperation to the Internal Audit Department. In case of verification of valuables like gold, cash, etc, the auditee has no prior information about the audit. There are many occasions when the Audit is planned without any prior knowledge to the auditee. Even in such situations, the auditee unit has to provide all the information required by the Audit department.

Review of the Audit policy

The Internal Audit policy should be reviewed once in 3 years. The Audit Committee is responsible for the discussion and modifications of the internal Audit policy.

Conclusion

Internal Audit programs are essential for monitoring and assuring that all of your business assets have been properly secured and safeguarded from threats. By conducting an Internal Audit, a company can avoid penalties that might be imposed on them in case of discrepancies in the audit. NBFCs conduct Internal Audit every and follow the procedure mentioned above to safeguard the company from any threats.