The Board appointed Audit Committee comprises three Independent Non-Executive Directors. The Committee is chaired by P M B Fernando who is a Fellow Member of The Institute of Chartered Accountants of Sri Lanka and possesses considerable experience in the field of finance and auditing.
The members of the Board appointed Audit Committee are as follows:
P M B Fernando – Chairman
Ms Hiroshini Fernando
Brief profiles of the members are given in the section on Board of Directors.
The Terms of Reference of the Committee, which is subject to review periodically by the Board of Directors, clearly defines the mandate and role of the Committee. The Terms of Reference of the Committee was last reviewed and approved by the Board in October 2018. The Committee is responsible to the Board of Directors and reports on its activities regularly. The Committee assists the Board of Directors in fulfilling its general oversight of financial reporting, internal controls, internal and external audits.
The Committee has discharged the responsibilities assigned by Rule No. 3 (6) (ii) of the Corporate Governance Direction No. 11 of 2007, issued by the Central Bank of Sri Lanka. Where appropriate, more details are provided under separate headings in this Report.
The Head of Group Internal Audit functioned as the Secretary to the Committee for the year ended 31 December 2018. During the year, 12 Audit Committee meetings were held and proceedings of the Audit Committee meetings were reported regularly to the Board.
Attendance by the Committee members at the meetings is given in the section on Corporate Governance of this Annual Report.
The Chief Executive Officer, Chief Financial Officer, and Chief Operating Officer attend meetings by invitation. Senior Management also attend the meetings on invitation in order to brief the Audit Committee on specific matters. The Committee held two meetings with the External Auditor; KPMG independently, without the presence of Executive Management, to discuss the progress and conclusion of the audit.
The Committee reviewed the effectiveness of the Financial Reporting system in place, to ensure reliability of information provided to the stakeholders. The Committee reviewed that to the best of its knowledge and belief, the Financial Statements issued for external purposes by DFCC Bank PLC (the Bank), complied with generally accepted principles of accounting as enunciated in Sri Lanka Accounting Standards, and complies with the statutory provisions of Companies Act No. 07 of 2007 and Banking Act No. 30 of 1988 and subsequent amendments thereto.
The Committee assisted the Board of Directors to discharge their responsibility for the preparation and presentation of true and fair Financial Statements in accordance with the books of accounts and Sri Lanka Accounting Standards. In carrying out the overseeing responsibilities, the Committee reviewed:
The Audit Committee assessed the effectiveness of internal control over financial reporting as at 31 December 2018 as it is required to comply with Section 3 (8) (ii) (b) of the Banking Act Direction No. 11 of 2007 on Corporate Governance for Licensed Commercial Banks, issued by the Central Bank of Sri Lanka. This process assesses the adequacy and effectiveness of the internal controls and the processes for controlling business risks to ensure compliance with laws and regulations. The Committee ensures that appropriate action is taken by the Management on the recommendations of the Internal Auditors to improve the effectiveness of the internal control system of the Bank. The Board of Directors performs its responsibilities on the basis of the internal control framework, which enables the Board to pursue its functions and take necessary measures. The Board’s statement on effectiveness of the Bank’s internal control mechanism is published in the section on the Directors’ Statement on Internal Control.
The Audit Committee ensures that the Internal Audit function is independent of the activities it audits and that it is performed with impartiality proficiency and due professional care. The Audit Charter authorises and guides the Head of Group Internal Audit (HGIA) in carrying out independent audit functions of the Bank and its subsidiaries. The HGIA enjoys operational independence in conducting duties and has the authority to initiate, carry out and report on any action, which is considered necessary. For the performance of duties, the HGIA and audit staff shall have unrestricted, unlimited, direct and prompt access to all records of the Bank and subsidiaries, officials or personnel holding any contractual status of the Bank and subsidiaries, and to all the premises of the Bank and subsidiaries. The Committee had necessary interactions with the Head of Internal Audit throughout the year. The Audit Committee monitored and reviewed the scope, resources, extent, and effectiveness of the activities of the Bank’s Internal Audit Department.
The Committee reviewed the progress of the risk-based audits carried out in accordance with the Internal Audit plan approved by the Committee for the year 2018. During the year, the Internal Audit Department has reviewed business lines, critical operational processes, risk and compliance functions, branches, and subsidiary operations. Further, the Department has conducted thematic audits focusing on particular audit objectives across the audited units/branches. The Potential Fraud Monitoring Unit under Internal Audit carry out testing and data analytics related to potential fraud risk areas on a continuous basis. The Internal Audit Department suggested simplified and efficient business processes where it was deemed necessary.
In 2018, the Internal Audit Department carried out 333 audits and reviews of branches, departments, Information System Audits, Thematic Audits, Process Audits, and special investigations of the Bank. The Committee reviewed the Internal Audit Reports of the Bank’s subsidiaries as well. The Board Audit Committee advised the Corporate Management to take precautionary measures on significant audit findings and obtained required assurances through affirmative confirmations from business units on the remedial action with respect to the identified risks, to maintain the effectiveness of the internal control system.
The Group Audit function is governed by the Group Audit Charter which defines the Internal Audit’s purpose, authority, independence, reporting, responsibility, and access in order to assist Group Audit to discharge its function independently. The Group Audit Charter and Audit Manual were revised and approved in October 2018 by the Board Audit Committee/Board.
The Committee reviewed and monitored the External Auditors’ independence and objectivity and the effectiveness of the audit process, taking into consideration relevant professional and regulatory requirements. The Committee approved the policy in place on non-audit services provided by the External Auditors in October 2018.
The Committee ensured that the lead audit partner was rotated every five years in accordance with the Banking Act Direction No. 11 of 2007 on Corporate Governance for Licensed Commercial Banks in Sri Lanka. The Committee discussed with the Auditors their audit plan, scope, and the methodology they propose to adopt in conducting the annual audit prior to its commencement. The Auditors were also provided with the opportunities to meet the Audit Committee separately, without the presence of Executive Management, to ensure that the Auditors had the independence to discuss and express their opinions on any matter. There was no limitation of scope and the Management has fully provided all information and explanations requested by the Auditors. The Committee also met the Auditors to review the Management Letter with the responses from the Management.
The Committee performed an evaluation of the Bank’s External Auditor Messrs KPMG based on certain key areas and recommended to the Board of Directors that KPMG Chartered Accountants should be reappointed for the financial year ending 31 December 2019, subject to the approval of shareholders at the Annual General Meeting.
The Committee received periodic updates from the external consultants and Management on the process of adoption of SLFRS 9 and the related financial implications on day one as at 1 January 2018 and during the year ended 31 December 2018.
The assumptions used to construct the models for the computation of Expected Credit Loss (ECL) and the estimates made by the Management were reviewed by the Committee.
The Committee continuously emphasised on sustaining ethical conduct amongst staff members. In this regard, a Code of Ethics and Whistleblowing Policy was put in place and all members of staff were educated and encouraged to practice Whistleblowing if they suspect any wrong-doing.
The Whistleblowing Policy of the Bank and its subsidiaries was reviewed and recommended by the Audit Committee during the year 2018 in order to further strengthen the policy as a communication channel to raise any genuine concerns. All appropriate procedures and techniques are in place to conduct independent investigations into incidents reported through Whistleblowing or identified through other channels. The Whistleblowing Policy guarantees the maintenance of strict confidentiality of the identity of the Whistleblowers. The Policy is subject to annual review in order to further improve its effectiveness.
The effectiveness of the Committee is self-evaluated annually by its members. An independent evaluation of the effectiveness of the Committee was carried out by the other members of the Board and the Committee has been found to be effective.
P M B Fernando
Chairman - Audit Committee
18 February 2019