CA Ravi Taori
         2.  Risk-based  Internal  Audit:  Risk-based  Internal  audit  is  conducted  based  upon  the  risk  assessment  of
         business and control risks of branches.
         2A. Identification of Business Risks: The risk assessment process includes: -
         Identification of inherent business risks in various activities undertaken by branches (Business risk)
         2B. Assessment of Control Systems: Assessment of effectiveness of control systems for monitoring inherent
         risks of business activities of branch (Control risk)
         2C. Assessment of Risk Areas: Making an assessment of level and direction of various risk areas and assess
         level and direction of overall business risk and control risk.
         2D. Drawing up of Risk Matrix: Drawing up of risk matrix taking into account factors viz. Risk of branch

         (CNO-BA.260) Examples of Internal Controls in a Bank
         General Controls
         Story to Remember Points
         1  Character – Bank Manager performing his duties.
          st
         Financial powers: The financial powers of officers of different grades should be clearly defined.
         Rotation:  The  staff  and  officers  of  a  bank  should  be  shifted  from  one  position  to  another  frequently  and
         without prior notice.
         Insurance: The bank should take out insurance policies against loss due to all the risks such as fire, natural
         calamities, theft and employees’ infidelity.
         Cooperating  in  Surprise  Inspection:  There  should  be  surprise  inspection  of  head  office  and  branches  at
         periodic  interval  by  the  internal  audit  department.  The  irregularities  pointed  out  in  the  inspection  reports
         should be promptly rectified.

         2  Character – Store In-charge performing his duties.
          nd
         Bank forms: All bank forms (e.g. Cheque books, demand draft/pay order books, travellers cheques, foreign
         currency cards etc.) should be kept in the possession of an officer, and another responsible officer should verify
         the issuance and stock of such stationery.
         Confidential  Books:  The  signature  book  and  the  telegraphic  code  book  should  be  kept  with  responsible
         officers and access should be allowed only to authorised officers.

         3  Character – Dedicated Employee performing his duties.
          rd
         Checked by another: The work of one person should always be checked by another person (usually by an
         officer) in the normal course of business.
         Mail: The mail should be opened by a responsible officer. Signatures on all the letters and advices received
         from other branches of the bank or its correspondence should be checked by an officer with the signature
         book.
         Arithmetical accuracy: The arithmetical accuracy of the books should be proved independently every day.
         Cash
         1. Custody and Management of Cash:
         - Joint custody of cash by two responsible officers.
         - Daily test-checks and occasional full counts by an officer other than cash handlers. Agreement of actual cash
         with Day Book balance.
         -  Verification  of high-value  transactions by  a  higher  officer  and  remittance of excess  cash to  currency  chest
         daily.
         2. Segregation of Duties:
         - Cashier's restriction from accessing customer’s ledger accounts and the Day Book.
         - Officer in Cash Department and receiving cashier to sign the counterfoil of cash receipt vouchers.
         - Payments made post voucher authorization and entry in customer’s account.
         3. Verification and Reconciliation:
        www.auditguru.in                                                                                      14.7