ms - bank branch audit in cis environment
TRANSCRIPT
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
1/79
1
Actually I have nothing to say, so my presentation
should last only two to three hours
CA. Mukesh
Saran,
M.Com.,FCA,DISA(ICAI)
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
2/79
An investment
in knowledgealways pays thebest interest.- Benjamin Franklin
There will be only one break during my presentation!Please pace your boredom accordingly
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
3/79
3
US Defence department has said it is forbidding Google from filming anddepicting in details its Military bases.
Govt connectivity with other universities across the globe. to upgradehospitals to Meet Medical Council of India norms by developing softwarewhich would enable better access to books on medicines.
Thinking of what to gift that special women in your life on International
Womens day? Forget Diamonds, give her a high-tech Gadget instead
---- So when we are living in aSo when we are living in a ComputerisedComputerised EnvironmentEnvironment
.... we have no option but to.. we have no option but to
carry out the audit in the samecarry out the audit in the same CompterisedCompterised EnvironmentEnvironment
Almost entire dubbing of the movie Racewas erased when a hard disk crashed atSound city. So our heroes Anil & Saif had toredo the complete sound recording again.
This is just what we could read fromThis is just what we could read from
scrolling through the papersscrolling through the papers ----------------
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
4/79
4
AGENDA
Developments in the BankingSector
Information System Audit V/sFinancial Annual Audit
Auditing in CIS Environment - AAS
29 Effect of CIS Environment on Audit
Potential Risk Areas in
Computerised Branches Risk Assessment & Internal Control
in CIS Environment
Practical Approach for EffectiveAudit of Computerised Branches
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
5/79
5
Developments in the Banking Sector
The IT saga in Indian Banking commenced from
the mid eighties of the twentieth century whenthe Reserve Bank took upon itself the task ofpromoting automation in banking to improve
customer service, book keeping, MIS andproductivity. This role played by the ReserveBank has continued over the years.
Introduction of MICR based cheque processing a first for the region, during the years 1986-88
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
6/79
6
Developments in the Banking Sector
Computerisation of branches of banks in the
late eighties with the introduction of ledgerposting machines (LPMs), advanced ledgerposting machines (ALPMs), which have paved
the way for installation of Core Bankingsolutions.
The setting up of the Institute for Development
and Research in Banking Technology (IDRBT),Hyderabad in the mid nineties, as a researchand technology centre for the Banking sector;
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
7/79
7
Developments in the Banking Sector
The commissioning in 1999, of the Indian
Financial Network as a Closed User Group. Thenetwork supports applications having featuressuch as Public Key Infrastructure (PKI) whichinternational networks such as S.W.I.F.T. arenow planning to implement ;
Commencement of Certification Authority (CA)functions of the IDRBT for ensuring thatelectronic banking transactions get the requisitelegal protection under the InformationTechnology Act, 2000;
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
8/79
8
Developments in the Banking Sector
Ensuring Information Systems Audit (IS Audit) in
the banks for which detailed guidelines relatingto IS Audit were formulated and circulated;
Enabling IT based delivery channels which
enhance customer service at banks, in areassuch as cash delivery through sharedAutomated Teller Machines (ATMs), card based
transaction settlements,
NEFT, RTGS, etc.;
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
9/79
9
Developments in the Banking Sector
BRANCH
COMPUTERISATIONMANUAL
BANKINGCBS BRANCH BANKING, ATM,INTERNET BANKING ETC.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
10/79
10
Information System Audit
v/s Financial AuditFINANCIAL AUDIT
Audit Opinion onFinancial Statement
Postmortem Exercise
Financial Accuracy
Financial Audit is neverPart of IS Audit.
I S AUDIT
Verification of System Control& Security
Ongoing & Forward lookingExercise
System Accuracy Output Analyser, Firewall,
Vulnerability assessment tool
CAAT available - ACL, IDEA,Excel
IS Audit to some extent Part
of Financial Audit
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
11/79
11
Auditing in Computerised Information
System (CIS) Environment - AAS 29 Mandatory Nature of AAS
Effect of CIS Environment on Audit Sufficient knowledge (Skill & Competence) CIS
System
Plan Supervise Control - Review
AAS - 9 Using work of an Expert
AAS - 6 Risk Assessment and Internal Control
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
12/79
12
Satisfaction about:
Adequate Procedure exist to ensure datatransmitted (entered) is correct and complete.
Cross verification of records
Reconciliation statements and control systembetween Primary & Subsidiary Ledger
Accuracy of computer compiled records are not
assumed.
AAS 29contd.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
13/79
13
Documentation
Audit Plan
Nature, timing and extent of Audit Procedureperformed
Conclusion drawn from evidences
Electronic audit evidences also needs to beadequately and safely stored.
Electronic evidences should be retrievable in its
entirety as and when required.
AAS 29contd.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
14/79
14
Processing is Concentrated
Audit Trails may be Undermined Human Judgment is bypassed
Data are stored in Device-Oriented rather than Human-
Oriented forms Invisible Data
Stored data are Erasable
Data are stored in a Compressed form
Stored data are relatively accessible
Computer Equipment is Powerful but Complex andVulnerable
Effect of CIS Environment on Audit
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
15/79
15
Effect of CIS Environment on Audit
Parameter Old Way New Way
Records Manual Computerised
Time to modify More Instantaneous
Audit Trail Exists and is Verifiable May or may not exist
Data Manipulation Difficult Very Easy
Evidence Can be collectedDifficult also fragile innature
Physical boundaries Were identifiable No limit
ExpertiseCommon DetectionTechniques
Additional technicalknowledge MUST
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
16/79
16
Evaluate the Following Factors
Extent to which the CIS Environment is used to Record Compile Analyse Accounting Info.
Internal Control in existence with regard to
Authorised, Correct and complete data (Input) Processing of data
Analysis & Reporting (Output)
Impact on Audit Trail of Transaction
Effect of CIS Environment on Audit
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
17/79
17
Typical Set-up of TBA Branches
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
18/79
18
Typical Set-up of CBS Branches
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
19/79
19
Risk involved in CIS Environment
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
20/79
20
Risk involved in CIS Environment
Branch Cmputerised
Auditor Computer expert
Branch Manual Auditor May or may
not be computer expert
Branch Computerised
Auditor not acomputer expert
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
21/79
21
Risk involved in CIS Environment
Lack of Transaction Trails e.g. Evidence of applicationof interest on deposit & advances System Generated
Entries Uniform Processing of Transactions- i.e. If Error occurs it
applies to all transaction
Lack of segregation of incompatible functions i.e.Same person makes-checks, Same person deals withcustomer & create the Account masters/ parameters
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
22/79
22
Risk involved in CIS Environment
Potential for Errors & Irregularities-
Due to invisibility of data.
No visible evidence for unauthorised access/alter todata (ledger written with pencils)
Errors in System Handled transaction No human
intervention/observation hence remains undetectedErrors in Designing or modification of Programs can
remain undetected.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
23/79
23
Risk involved in CIS Environment
Manual Controls in such system are dependent upon theComputer Generated Report. Any Error in Report will
affect even the manual control. CIS related Fraud
Unauthorised use to modify, copy or use the data
Internet fraudSystem Fraud
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
24/79
24
Risk Assessment & Internal Control
Exceptional Transaction Report is reviewed and verifiedby the respective department
Review that Alteration in System Parameters,Application Parameters by authorised person only.
Access to computer rooms is restricted to authorised
persons only Whether user logs out of terminal when leaving the
terminal / not on seat
General Maintenance of Computer hardware isreasonable
Whether daily, monthly, yearly , onsite , offsite backup istaken as per HO instruction
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
25/79
25
How to conduct Audit effectively
in CIS Environment
Practical Approach(indicative and not exhaustive)
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
26/79
26
CBS Software
Software Name Developed /Maintained by
Banks in whichImplemented
FINACLE INFOSYS PNB, OBC, ICICI etc.
FLEX-CUBE IFLEX Kotak Mahindra Bank,YES Bank etc.
B@NKS24 TCS SBI Group
PROFILE SANCHEZ ING Vysya Bank
Laser Panacea Laser Soft Corporation Bank
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
27/79
27
Primary Steps of Audit in CIS Environment
Interview the System Executive
Ascertain whether the branch has migrated toCBS during the current year if yes checkmigration controls
To ascertain an overview of the systemincluding hardware and networkingconfigurations
Ascertain the nature and extent of ITinfrastructure, Policies and CIS controls
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
28/79
28
Whether officials, other than those of the branch,have authority to record transactions in it.
If so, what are the Branch Managersauthorities?
If so, when does the Branch become aware ofsuch transactions? Immediately /At predefined Intervals/End of Day
(EOD) /Start of Next Day (SOD)
Primary Steps of Audit in CIS Environment
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
29/79
29
How are the EOD/SOD processes managed?
Are communications problems faced whichdelay EOD/SOD processes?
What is the business impact of these
delays/discontinuity? What are offline periods?
How are the transactions in this period uploaded
onto the central server?
Primary Steps of Audit in CIS Environment
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
30/79
30
Primary Steps of Audit in CIS Environment
Ascertain
Whether the system is designed to automatically passentries for Income Recognition Norms?
Whether RBI norms of provisioning are incorporated
into the system, including the current amendments?Whether interest rate changes are incorporated
correctly?
Normal reply system is developed centrally at HOand branch has no control over it.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
31/79
31
Primary Steps of Audit in CIS Environment
Ascertain
About access control levels and the system toensure adherence to defined controls.
About SEs role in ensuring such adherence.
About the modality of year-end process & howbalances are carried forward
About this replies to the LFAR questions.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
32/79
32
Primary Steps of Audit in CIS Environment
Ascertain Management Practices
Are adequate summary-level reports available tomanagement to allow monitoring of:
Transactions volume?
System problem logs?
Exceptions?
Unreconciled transaction?Other customer or operational issues?
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
33/79
33
Primary Steps of Audit in CIS Environment
Take oral and written assurance that:-
System is implemented as designedNo modifications are made to the system.
All problems faced during implementation andpost implementation are resolved
Problems faced have not affected the
confidentiality, integrity and availability of thedata.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
34/79
34
Primary Steps of Audit in CIS Environment
Conclusions of DiscussionsDocument findings and conclusions.Assess whether control mechanisms
explained and demonstrated are adequate. Ifthey are not adequate then:
Traditional audit will have to be performed Due to the criticality of the data and reliance which
is placed on the system, the Audit Report or LFARwould need to be suitably qualified.
The conclusion should be based on the auditprocesses to be carried out by the auditor andnot only on the discussions.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
35/79
35
Review of Application Controls
Password Management and history
Unsuccessful log-on attempts Access Logs and reviews
Virus detection and protection
Inactive user-ids
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
36/79
36
Review of Physical Controls
Server Room (TBA,PBA) Router/Modem (CBS)
Whether entry is Restricted and where it islocated
Key should be with the manager
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
37/79
37
Review of Environmental Controls
Air Conditioner
Check the AMC Water seepage
Check the building condition
Fire Extinguisher
Date of refilling and expiry
Smoke Heat Detectors
Check the AMC
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
38/79
38
Review of Logical Controls
User id creation,
Entered in register duly signed by user User id deletion
Entered in register and signed by manager
User id of transferred staffDeleted and entered in register and cross
check it with attendance
User id and powers
Match it with office order
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
39/79
39
Review of Logical Controls
Vendor id-created or not
Cross verify with vendor register User ID for Master
When Branch is converted to verify fromregister
DBA having financial powers
Two user id should be given
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
40/79
40
Review of Logical Controls
PASSWORDS Check wheather users is required to change their
passwords periodically. Ideally it should be inbuilt within the software so no
need of checking, and it should not accept previouslyused password
Sharing of password.Declaration to be takenCross Verifying with attendance register and Access
Log Important passwords like DBA, Branch Managers arekept in sealed cover with Branch Manager Check by Physical Verification
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
41/79
41
Review of Output Controls
Hard Copy Print OutNormally Ignored
Screen Saver/Automatic Log Off Reports are signed
Normally Ignored
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
42/79
42
Review of Back up
Most Important Issue Qualification A simple activity ignored
Area CBS TBA PBA What to Check
Training Y Y Y Interview
Back Up N.A. Y Y Back up Register
Location N.A. Offsite Offsite Locker with banks
Back Up Tested N.A.. Y Y ????
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
43/79
43
Operations
Read Only Access
Ask for an access to view data ofbranch
If access can not be given, then the fact
should be documented and reported inthe Audit Report / LFAR.
Use assistance of the SE to run any
query on a situation If the SE is not able to provide assistance
then decide whether mention is required inthe Audit Report/LFAR
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
44/79
44
Operations
Activity and Transaction LogsLogs-Time, activity, user idClock Synchronisation
Operating System LogsFirewall logsApplication System logs
SQL LogsATM Terminal access ID and Log
Peruse transaction logs of heavy days(mostly, afterconsecutive bank holidays) and ascertain whether there were
any noticeable errorsReview Exception Transaction ReportBased on the review Auditor can decide on the areas
which need greater verification.Discuss the action taken on the events noted as
exceptional.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
45/79
45
Operations
Exception ReportDebit /Credit balance change
Maturity record deleted
Inactive accounts reactivated
Excess allowed over limit
Debits to Income head accounts
Overdue bills and bills returned
Withdrawal against clearings
Deposits accounts debit balance
Temp O/D beyond sanction limit
Standing instruction failed in day
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
46/79
46
Operations
Income
Obtain interest rates keyed into system andmatch with rates prescribed by Management
Obtain log of interest rate changes and match
with changes prescribed by ManagementEnsure that interest rate changes are duly
authorised.
Test-check few calculations.Obtain cases of interest defaults and ensure
that reversals have been properly accounted.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
47/79
47
Operations
Advances
Master FileChecking of the Parameters
Interest Rate
Drawing PowerPenal Interest
Standing Instructions
Stock Statement submission (some software)
Who Creates and who is authorised (done by sample)
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
48/79
48
Operations
Fresh Advances
Trace the data entry of sanctioned loan parametersand conditions into the system.
Ensure that rate of interest and due date of interestare properly entered. Test a few transactions.
Review Control over Documentation through thesystem.
Inquire whether the system prompts for actionsufficiently before renewal date. Test a fewtransactions.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
49/79
49
Operations
Identification of Potential NPAsAudit list of customers /accounts with
high deposits within last week/ fortnight
Audit list of accounts with one due-datedefault and deposits within last
week/fortnight.Audit list of accounts with deposits
within last week /fortnight andwithdrawals in first week of April.
Trace whether these deposits are fromfacilities given at other branches.
This is possible if access is available to
the data of other branches.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
50/79
50
Operations
ProvisioningObtain report of cases of defaults of principal and
ensure that accounting entries are passed forprovisioning.
Obtain exception reports to satisfy that no NPAs are
missed / omitted by the Branch.Obtain list of cases of
Re-rolling of advances
Sanctioning of advances in branches Utilising packing credit advances to clear border level NPAterm loans and other advances through current accounts/overdrafts/ cash credit accounts.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
51/79
51
Operations
NPA Analysis
Issues Is the classification correct Is the calculation correct
Is the provisioning correct Is the revenue charged on such accounts
How do we check
Going through each account or sample Applying Various criteria of classification
Relying on information provided by Branch
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
52/79
52
Operations
NPA Analysis
How Computerisation can help If it is in built in the software at the master level
which is difficult
So what should we do to save time
Import the files in excel ( PBA,TBA)
Convert the files in required format (Delimit)Apply Vlook up to match data
Apply Filter, Sort, Mathematical Functions
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
53/79
53
Operations
Frauds
Obtain list of frauds that have taken place atbranches.
Many frauds occur in new technology areas
ATM
Net Banking
Credit Card
Cash Management
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
54/79
54
Operations
Control over Impersonal/ Office Accounts
Accounts which are open by the bank for theirown operational purposes and are of impersonalnature.
For instance:Sundry credit accountsSundry deposit accounts
SuspenseH.O. Account
Check whether these transactions are scrutinised by thebranch for correctness and for prompt adjustment.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
55/79
55
Operations
Office Accounts
Review Suspense / Sundry/ Inter BranchAccounts.
Scrutinise list of Outstanding Entries
Many of the new products offered on the basis ofTechnology are dependent on the controls inthese Office Accounts.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
56/79
56
Operations
ATM Transactions
Whether ATM cash has been verifiedperiodically.
Whether ATM transactions are
reconciled periodically. Whether adequate control over
physical inventories of ATM cardshas been exercised.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
57/79
57
Operations
Whether all accounts (Opening & Closing) are duly authorised. Whether all the GL accounts codes authorised by H.O. and
are in existence in the system? Whether Beginning of the Day and End of the Day registermaintained? Whether Time is properly entered and time anddate are normal and during office hours only?
Whether the Account Master and balance cannot be modified/amended /altered except by the authorised personnel? Whether the records of errors arising during daily operations
are reported? And how they are rectified?
Whether dummy accounts created using master creation stillexist in the Branch A sample verification of SDRs / FDRs should be carried out to
ascertain whether lien is marked on such deposit receipts inthe system.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
58/79
58
Operations
Dont Miss this!!!
Have the figures, as at the year-end,in the control and subsidiaryrecords been reconciled?
Balance reports e.g. GLConsistency report should beverified for balancing of books. And
for those heads, which are not madelive, balancing should still be verifiedwith the help of balance books.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
59/79
59
Miscellaneous Issues
RegistersUser id register
Floppy register
Checksum register
Software problem register
Machine breakdown
Asset register containing details of hardware
Manuals, guidelines
Media stock movement register
Hardware /software Register
Parameter updation register
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
60/79
60
Miscellaneous Issues
Insurance
Must be fully insured against all potential risks
Normally done at RO / ZO
AMC
AMC should be in force with contact no. of serviceprovider.
Normally done at RO / ZO
Anti VirusLicensed and updated version installed in all PCs
Normally done at RO / ZO
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
61/79
61
Miscellaneous Issues
Internet
PC having internet connection should be
separate from those used for banking
operations.
Vendor
Vendors contact number should be available and heshould pay visits as agreed.
Vendors support should be ensured by Branch / RO /
ZO.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
62/79
62
Miscellaneous Issues
Other Programmes
No extraneous software, games software, freeware
should be loaded on PCs
This responsibility has to be shouldered by BranchIncumbent.
Floppy / CD / USB and other Removable MediaThey should be disabled in all PCs except those used
for backups or that of Manager.
Here too, the Manager should ensure this.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
63/79
63
Miscellaneous Issues
If there is a system break-down, has the branch madestandby arrangements?
If there is a software bug which results in wrongcalculation of interest charges or service charges ? If so,is that program deactivated and manual processing is
taking place to ensure adherence to rules. If a crucial report such as GL Tally report is not getting
generated by the system, is the branch checking for data
consistency by tallying total of account level balance listwith respective account heads either manually or throughuse of SQL ?
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
64/79
64
Audit Conclusions
Document all
findings
Take adequate
oral & written
representations Discuss
findings Submit report
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
65/79
65
Last but not the least
The procedure listed herebefore is not exhaustive but issuggestive. Stress has been
given to those procedure,which has some connection
with computerised accounting/ CBS environment. Otherprocedures are generally
same under CIS and Non CIS / Manual environment
and hence not listed.
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
66/79
66
Appreciation is a
wonderful thing; itmakes what is
excellent in others
belong to us as
well - Voltaire
Any Questions?
IDRBT
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
67/79
67
IDRBThttp://www.idrbt.ac.in/
In the year 1994, the Reserve Bank of India formed acommittee on "Technology Upgradation in the PaymentSystems". The committee recommended a variety ofpayment applications which can be implemented withappropriate technology upgradation and development of areliable communication network.
The committee also suggested setting up of an InformationTechnology Institute for the purpose of Research andDevelopment as well as Consultancy in the application oftechnology to the Banking and Financial sector of the
country. As recommended by the Committee, the Institutefor Development & Research in Banking Technology[IDRBT] was established by the Reserve Bank of India in1996 as an Autonomous Centre for Development andResearch in Banking Technology.
Back to Slide 6
SWIFT
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
68/79
68
SWIFT
http://www.swift.com/SWIFT is the Society for Worldwide Interbank FinancialTelecommunication, a member-owned cooperative
through which the financial world conducts itsbusiness operations with speed, certainty andconfidence. More than 9,000 banking organisations,securities institutions and corporate customers in 209countries trust us every day to exchange millions ofstandardised financial messages.
Back to Slide 7
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
69/79
69
RTGS
The acronym 'RTGS' stands for Real Time GrossSettlement, which can be defined as the continuous
(real-time) settlement of funds transfers individually onan order by order basis (without netting). 'Real Time'means the processing of instructions at the time theyare received rather than at some later time. 'GrossSettlement' means the settlement of funds transferinstructions occurs individually (on an instruction byinstruction basis). Considering that the fundssettlement takes place in the books of the ReserveBank of India, the payments are final and irrevocable.
Back to Slide 8
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
70/79
70
NDS
http://www.investopedia.com/terms/n/negotiated_dealing_system.asp#axzz1dDhPsm25Negotiated Dealing System NDS
An electronic trading platform, operated by theReserve Bank of India, used to facilitate the exchangeof government securities and other money marketinstruments. The negotiated dealing system will alsobe responsible for hosting new issues of governmentsecurities.
Back to Slide 6
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
71/79
71
CFMS
http://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdf
The Centralised Funds Management System (CFMS), is asystem set up, operated and maintained by the ReserveBank of India (hereinafter referred to as the Bank) toenable operations on current accounts maintained atvarious offices of the Bank, through standard message
formats in a secure manner.The CFMS comprises two components the CentralisedFunds Enquiry System (CFES) and Centralised FundsTransfer System (CFTS). These have been made available
through the following subsystems:- the Apex Level Server (ALS),- the Local Funds Management System (LFMS),- the Bank Level Funds Management System (BLFMS), and,
- the Local Banks Funds Management System (LBFMS).
Back to Slide 6
http://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdfhttp://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdf -
7/30/2019 MS - Bank Branch Audit in CIS Environment
72/79
72
NSS
http://nationalsettlementsolutionsllc.com/
National Settlement Solutions - Welcome to NationalSettlement Solutions (NSS), a national title insuranceand title services company. From title insurance andescrow services to home loan settlements and
refinancing, National Settlement Solutions combinesthe latest online technology with unparalleledpersonalized customer service to ensure successful,efficient transactions.
Back to Slide 6
http://nationalsettlementsolutionsllc.com/http://nationalsettlementsolutionsllc.com/ -
7/30/2019 MS - Bank Branch Audit in CIS Environment
73/79
73
SFMS
http://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfStructured Financial Messaging System (SFMS) is a secure
messaging standard developed to serve as a platform for intra-bank and inter-bank applications. It is an indian standard similarto SWIFT (Society for World-wide Interbank FinancialTelecommunications) which is the international messagingsystem used for financial messaging globally. SFMS can be usedpractically for all purposes of secure communication within thebank and between banks. The SFMS was launched on December14, 2001 at IDRBT. SFMS has a number of special features and it isa modularized and web enabled software, with a flexiblearchitecture facilitating centralized or distributed deployment. Theaccess control is through Smart Card based user access andmessages are secured by means of standard encryption andauthentication services conforming to ISO standards. RBIapplications like Real Time Gross Settlement (RTGS), NegotiatedDealing System (NDS), Security Settlement System (SSS) andIntegrated Accounting System (IAS) have interface with SFMS andRTGS uses SFMS for messaging.
Back to Slide 6
CMS
http://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdf -
7/30/2019 MS - Bank Branch Audit in CIS Environment
74/79
74
CMShttp://www.unionbankofindia.co.in/cms_corporate_bank.aspxCash Management Services (banking)
CMS is a product under which collection and payments areeffected at a high speed.
Customers can have their cheques/instruments collected
from several up country centers and pool funds at a singlepoint.
Customers can also use CMS to make payments at variouslocations all over the country.
How CMS Works Collection of cheques from customers/dealers place by
Banks courier or deposit of cheques by customersrepresentative at our CMS centres.
CMS centres transmit information of instruments depositedto CMS Central Hub via WAN.
Central Hub collates the information received from CMScentres and sends out payment advices as per agreedterms.
The CMS Central Hub also generates customized MIS inrespect of collections and payments and transmits the sameelectronically every day. Back to Slide 6
http://www.unionbankofindia.co.in/cms_corporate_bank.aspxhttp://www.unionbankofindia.co.in/cms_corporate_bank.aspx -
7/30/2019 MS - Bank Branch Audit in CIS Environment
75/79
75
NEFT
http://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPK
National Electronic Funds Transfer (NEFT) system is anation wide funds transfer system to facilitate transferof funds from any bank branch to any other bank
branch.
Back to Slide 8
How RTGS is different from National
http://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPK -
7/30/2019 MS - Bank Branch Audit in CIS Environment
76/79
76
How RTGS is different from National
Electronics Funds Transfer System (NEFT)?NEFT is an electronic fund transfer system thatoperates on a Deferred Net Settlement (DNS) basis
which settles transactions in batches. In DNS, thesettlement takes place with all transactions received tillthe particular cut-off time. These transactions arenetted (payable and receivables) in NEFT whereas inRTGS the transactions are settled individually. Forexample, currently, NEFT operates in hourly batches -there are eleven settlements from 9 am to 7 pm onweek days and five settlements from 9 am to 1 pm onSaturdays. Any transaction initiated after a designatedsettlement time would have to wait till the nextdesignated settlement time Contrary to this, in theRTGS transactions are processed continuouslythroughout the RTGS business hours.
Back to Slide 6
Auditing and Assurance Standard
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
77/79
77
Auditing and Assurance Standard
(AAS) 29Auditing and Assurance Standard (AAS) 29, "Auditing in aComputer Information Systems Environment" issued by theCouncil of the Institute of Chartered Accountants of India1. This
Standard should be read in conjunction with the "Preface to theStatements on Standard Auditing Practices" issued by theInstitute
The purpose of this Auditing and Assurance Standard(AAS) is to establish standards on procedures to befollowed when an audit is conducted in a computerinformation systems (CIS) environment. For the purposes
of this AAS, a CIS environment exists when one or morecomputer(s) of any type or size is (are) involved in theprocessing of financial information, including quantitativedata, of significance to the audit, whether those computers
are operated by the entity or by a third party.Back to Slide 4
CA
-
7/30/2019 MS - Bank Branch Audit in CIS Environment
78/79
78
CA
http://cca.gov.in/rw/pages/index.en.do
Controller Of Certifying Authorities - TheInformation Technology Act, 2000 was
enacted by the Indian Parliament in June,2000. It was notified for implementationin October, 2000 with the issuance of
Rules under the Act. The purpose of theAct is to promote the use of digitalsignatures for the growth of E-Commerce
and E-Governance. Back to Slide 7
IDEA
http://cca.gov.in/rw/pages/index.en.dohttp://cca.gov.in/rw/pages/index.en.do -
7/30/2019 MS - Bank Branch Audit in CIS Environment
79/79
IDEA
www.CaseWare-IDEA.com
IDEA (originally an acronym for Interactive Data Extractionand Analysis) provides auditors, accountants, and systemsand financial professionals with the ability to read, display,analyze, manipulate, sample, or extract data from data files
from almost any source - mainframe to personal computers,including reports printed to a file. IDEA extends your reachby providing unique functions and features not found ingeneric software.
IDEA combines considerable power of analysis with anextremely user-friendly Windows environment. This versatiletool is useful for any type of file interrogation and offersusers the benefits of the following and other functionality
http://www.caseware-idea.com/http://www.caseware-idea.com/