Report of the Board Audit Committee

Composition of the Committee

The Board Audit Committee (“the Committee”) appointed by and responsible to the Board of Directors (“the Board”) comprises three (03) Non-Executive, Independent Directors, and one (01) Non-Independent, Non-Executive Director.

The following members serve/served on the Board Audit Committee (BAC):

  • Mr Lakshman Abeysekera – Senior Director/Chairman –
    BAC – Independent, Non-Executive Director
  • Prof Sampath Amaratunge – Independent, Non-Executive Director
  • Mr K G Wijerathne – Non-Independent, Non-Executive Director (Appointed to the BAC w.e.f. 20 June 2018)
  • Mr Chaaminda Kumarasiri – Independent, Non-Executive Director (Appointed to the BAC w.e.f. 20 June 2018)

Mr Jayantha Kumara Newunhella – Independent, Non-Executive Director served in the Committee until 20 June 2018. We take this opportunity to place on record the Committee’s appreciation for the valuable service rendered by Mr Jayantha Kumara Newunhella as a member of the BAC.

The Chairman of the BAC Mr Lakshman Abeysekera is an Independent Non-Executive Director. Brief profiles of Mr Lakshman Abeysekera and other members of the BAC are given on pages 16 to 20 of the Annual Report.

The Chief Internal Auditor functions as the Secretary to the BAC.

Terms of reference

The BAC was functioned as per the Terms of Reference approved by the Board of Directors. The Board reviews the Terms of Reference once a year and as and when required and it ensures that new developments and concerns are adequately addressed. The Committee is responsible to the Board of Directors and reports on its activities regularly. BAC also assists the Board in its general oversight of financial reporting, internal controls and functions relating to internal and external audits.

Regulatory compliance

The roles and functions of the BAC are regulated by the Banking Act Direction No. 12 of 2007, the mandatory Code of Corporate Governance for Licensed Specialised Banks in Sri Lanka, issued by the Central Bank of Sri Lanka, the Rules on Corporate Governance as per the Section 7.10 of Listing Rules issued by the Colombo Stock Exchange and the Code of Best Practice on Corporate Governance issued jointly by the Securities and Exchange Commission (SEC) and The Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka).

Duties and Role of the Board Audit Committee

The BAC is responsible for:

  • Reviewing financial information of the Bank, in order to monitor the integrity of the Financial Statements of the Bank, its Annual Report, accounts and quarterly reports prepared for disclosure;
  • Reporting to the Board on the quality and acceptability of the Bank’s accounting policies and practices;
  • Assessing the reasonableness of the underlying
    assumptions for estimates and judgements made in preparing the Financial Statements.
  • Reviewing accounting and financial reporting, risk management processes and regulatory compliance;
  • Reviewing of the Financial Statements (including quarterly/interim statements) prior to publication to ensure compliance with statutory provisions, accounting standards and accounting policies which are consistently applied;
  • Reviewing internal audit reports and liaising with Corporate Management in taking precautionary measures to minimise control weaknesses, procedure violations, frauds, and errors;
  • Assessing the independence and reviewing the adequacy of the scope, functions and resources of the Internal Audit Department, including the appointment of the Chief Internal Auditor (CIA) and the performance of the CIA and senior staff members of the Internal Audit Department;
  • Overseeing the appointment, compensation, resignation, dismissal of the External Auditor, including review of the external audit, its scope, cost and effectiveness and monitoring of the External Auditor’s independence;
  • Reviewing adequacy and effectiveness of the Bank’s systems of internal control over financial reporting to provide reasonable assurance regarding the reliability of financial reporting and the preparation of Financial Statements for external purposes has been done in accordance with the applicable accounting standards and the regulatory requirements;
  • Monitoring and reviewing the procedures placed by the Bank to ensure that proper awareness is created on “Responding to Non-Compliance with Laws and Regulations (NOCLAR)” standard; and
  • Engaging independent advisors on specialised functions where it is deemed necessary.


For the purpose of discharging its duties, the BAC met Eighteen (18) times during the year. Attendance of the Committee members of each of these meetings is given in the table on page 113 of the Annual Report. The minutes of the meetings have been regularly reported to the Board of Directors. Chief Internal Auditor and Chief Financial Officer have normally attended meetings on invitation and Chief Executive Officer and the relevant Senior Management/Officers in other grades are also participated in the meetings on invitation. On the invitation of the Committee, the Engagement Partner and the Senior Officers of the Banks External Auditors, Messrs Ernst & Young attended for three (03) Committee Meetings during the year. The Committee continued guiding the Management with the selection of the new Accounting Policies which are required under the new Accounting Standards. In Four (04) out of Eighteen (18) meetings, it has been discussed and recommended the Quarterly and Annual Financial Statements for Board approval. The Committee met Chief Internal Auditor and other senior internal Audit staff in two (02) meeting without presence of the Management. The BAC met the External Auditors in three (03) occasions during the year and evaluated the independence of External Auditors and concluded that adequate independency has been maintained by them.

Financial reporting

The Committee, as part of its responsibility to oversee the Bank’s financial reporting process on behalf of the Board of Directors, has reviewed and discussed with the Management and the External Auditors with regard to the quarterly and the annual Financial Statements prior to their release for publication. The review included the quality and acceptability of accounting policies and practices, the clarity of the disclosures and the extent of compliance with Sri Lanka Accounting Standards (SLFRS and LKAS), the Companies Act No. 07 of 2007, the Banking Act No. 30 of 1988 and amendments thereto and other relevant financial and governance reporting requirements. To facilitate their review, the BAC considered reports from the Chief Financial Officer and also reports from the External Auditors on the outcome of their review and annual audit.

SLFRS – 9 “(Financial Instruments)” has been taken in to consideration by the Board and it is effective from 1 January 2018 by replacing the Sri Lanka Accounting Standard – LKAS 39 “(Financial Instruments: Recognition and Measurement)”. SLFRS – 9 uses a forward looking “expected credit loss model” compared to the previously applied “incurred credit loss model” under LKAS 39. The Bank has obtained the services of an External Consultancy for the implementation of SLFRS – 9. The models have been developed, tested and submitted for External Auditors for verification and implemented for the year ended 31 December 2018. The Board will continuously strengthen the processes required for validation and compliance with SLFRS – 9, with the support and recommendations made by the External Auditors.

In accordance with revised Sri Lanka Standards on Auditing, Independent Auditors’ reports for financial years ending on or after 31 December 2018 are required to incorporate the reporting of Key Audit Matters. As part of the Bank’s Audit Committee’s responsibilities, notably its review of financial results, reports from internal and external audit, finance and internal financial control reports, the Bank’s Accounting Policies, as well as the annual Financial Statements; the BAC took cognisance of the Key Audit Matters as reported in the Independent Auditors’ Report. In addition, the Committee reviewed Management’s judgements on significant accounting and external reporting issues and confirmed external audit’s agreement with the treatment thereof.

Internal Control Over Financial Reporting (ICOFR)

The Bank is required to comply with Section 3 (8) (ii) (b) of the Banking Act Direction No. 12 of 2007 on Corporate Governance for Licensed Specialised Banks issued by the Central Bank of Sri Lanka and assessed the adequacy and effectiveness of internal control over financial reporting as of 31 December 2018.

The Bank assessed the adequacy and effectiveness of its internal control over financial reporting as of 31 December 2018 based on the criteria set out in the Guidance for Directors of Banks on “The Directors’ Statement of Internal Control”, issued by The Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka) in 2010.

The Bank’s assessment was based on processes documented by the respective process owners with the guidance of the Bank’s Internal Audit and External Auditor (Ernst & Young). Based on Internal Auditors’ and External Auditors’ assessments, the Board has concluded that, as of 31 December 2018, the Bank’s internal control over financial reporting is effective. Directors’ Report on the Bank’s Internal Control over Financial Reporting is provided on pages 116 and 117 in the Annual Report. The Bank’s External Auditors have reviewed the effectiveness of the Bank’s internal control over financial reporting and have reported to the Board that nothing has come to their attention that causes them to believe that the statement is inconsistent with their understanding of the process adopted by the Board in the review of the design and effectiveness of the internal control over financial reporting of the Bank. External Auditor’s Report on the Bank’s Internal Control over Financial Reporting is provided on page 118 of the Annual Report.

Annual corporate governance report

As required by Section 3 (8) (ii) (g) of the Banking Act. Direction No. 12 of 2007, on Corporate Governance for Licensed Specialised Banks issued by the Central Bank of Sri Lanka, the Annual Corporate Governance Report for 2018 is provided on pages 72 to 94 in the Annual Report. The External Auditors of the Bank have performed procedures set-out in Sri Lanka Related Services Practice Statement 4750 issued by the Institute of Chartered Accountants of Sri Lanka (SLRSPS 4750), to meet the compliance requirement of the Corporate Governance directive. Their findings presented in their report addressed to the Board are consistent with the matters disclosed above and did not identify any inconsistencies to those reported by the Board on pages 72 to 94.

External audit

With regard to the external audit function of the Bank, the role played by the Committee was as follows:

  • Conducting the annual evaluation of the independence and objectivity of the External Auditor and the effectiveness of the audit process.
  • Met with the External Auditors to discuss their audit approach and procedure, including matters relating to the scope of the audit and Auditor’s independence.
  • Reviewed the Audited Financial Statements with the External Auditor who is responsible for expressing an opinion on its conformity with the Sri Lanka Accounting Standards.
  • Reviewed the Management Letters issued by the External Auditor together with Management responses thereto.
  • Evaluated the independence of External Auditor and concluded that adequate independency has been maintained by them.
  • Reviewed the Non-Audit Services provided by the External Auditor and was of the view that such services were not within the category of services identified as prohibited under –(a) The guidelines issued by the Central Bank of Sri Lanka, for External Auditors, relating to their statutory duties in terms of Section 39 of the Banking Act No. 30 of 1988 and amendments thereto.(b) The Guideline for Listed Companies on Audit and Audit Committees issued by the Securities and Exchange Commission of Sri Lanka.
  • Reviewed the Letter of Representation issued to the External Auditors by the Board.
  • Reviewed the Independent Confirmation issued by the External Auditor as required by the Companies Act No. 07 of 2007, confirming that they do not have any relationship or interest in the Company, which may have a bearing on their independence within the meaning of the Code of Conduct and Ethics of the Institute of Chartered Accountants of Sri Lanka.

The BAC has recommended to the Board of Directors that Messrs Ernst & Young, Chartered Accountants, be reappointed for the financial year ending 31 December 2019 subject to the approval of shareholders at the Annual General Meeting.

Internal audit

The BAC monitored and reviewed the scope, extent and effectiveness of the activities of the Bank’s Internal Audit Department. This included reviewing of updates on audit activities and achievements against the Internal Audit Plan, advising Corporate Management to take precautionary measures on significant audit findings and assessment of resource requirements including succession planning of the Internal Audit Department. The BAC had necessary interactions with the Chief Internal Auditor throughout the year.

During the year, BAC reviewed the internal audit plan and monitored the implementation of same on regular basis. The Branches, Departments/Divisions covered and the priority and frequency of audits depended on the risk levels of each of them, with higher risk Branches, Departments/Divisions were audited more frequently.

The Committee reviewed the performance appraisal of the Chief Internal Auditor and other Senior Staff members of the Internal Audit Department.

The Chief Internal Auditor reports directly to the BAC. As per the best practices, the Committee also had independent discussions with the Chief Internal Auditor and the senior internal audit staff without the management team to ensure independence of the Internal Audit Department’s operations.

The Internal Audit Department comprises four (04) broad areas namely:

  • Branch Audits;
  • Departments/Divisions Audits, including Treasury,
    Risk Management and Regional Office Audits;
  • Information System Audits and;
  • Investigations.

Audit findings presented in the reports are prioritised based on the level of risks. The Committee followed up on internal audit recommendations with the Corporate Management regularly. Internal audit reports were made available to examiners of the Central Bank of Sri Lanka and External Auditors.

Branch Audits, Departments/Divisions Audits, including Information Technology Operations and Regional Offices were covered during 2018, as per the Risk-Based Audit Plan (RBAP) approved by the BAC. Also the investigations were conducted by the Internal Audit Department where necessary.

Progress of implementation of BAC decisions with agreed timelines to implement has been introduced and monitored through regular updates from CIA on the status of the implementation.

Along with the significant findings, the Internal Audit Department has engaged in sharing and providing knowledge through audit exit meetings to the Bank’s staff for better control awareness and identifying early warning signals. In keeping with BAC recommendations the internal audit has also provided inputs to the Corporate Management for effective control and prevention of frauds.

Internal Audit Charter and Internal Audit Manual

The internal audit function is governed by the Internal Audit Charter which defines the vision, mission, scope, authority and accountability, responsibility, independence, reporting, commitment, unrestricted access that assist the Internal Audit Department to discharge its function effectively. The Internal Audit Charter and the Internal Audit Manual were reviewed/revised and approved by the Board and BAC respectively.

Whistle blowing

SANASA Development Bank’s Whistle-Blowing Policy is intended to serve as a channel of fraud risk management. The policy allows any team member who has a legitimate concern on an existing or potential “wrong doing”, by any person within the Bank, to come forward voluntarily, and bring such concerns to the notice of an independent/ designated authority. Concerns raised are investigated and the identity of the person raising the concern is kept confidential, even anonymous complaints are looked at. A process has been established to track such whistle blowing and take necessary actions. This procedure is being monitored by the BAC.

Reporting to the Board

The Minutes of the BAC Meetings are tabled at the Board meetings enabling all Board members to have access to them.

Professional advice

The BAC has the authority to seek external professional advice on matters within its purview; and consultations were obtained when need arises.

Board Audit Committee Evaluation

The annual evaluation of the BAC was conducted by the Board of Directors during the year and concluded that its performance was effective.

On behalf of the Board Audit Committee (BAC),

Lakshman Abeysekera
Chairman/Senior Director
Board Audit Committee (BAC)

8 March 2019
Colombo, Sri Lanka