CITIZENS DEVELOPMENT BUSINESS FINANCE PLC

ANNUAL REPORT 2020/21

Independent Auditor’s Report

To the Shareholders of Citizens Development Business Finance PLC

Report on the audit of the Financial Statements

Opinion

We have audited the financial statements of Citizens Development Business Finance PLC (the “Company”), which comprise the statement of financial position as at 31 March 2021, and the statement of profit or loss and other comprehensive income, statement of changes in equity and statement of cash flows for the year then ended, and notes to the financial statements, including a summary of significant accounting policies.

In our opinion, the accompanying financial statements of the Company give a true and fair view of the financial position of the Company as at 31 March 2021, and of its financial performance and cash flows for the year then ended in accordance with Sri Lanka Accounting Standards.

Basis for opinion

We conducted our audit in accordance with Sri Lanka Auditing Standards (SLAuSs). Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of our report. We are independent of the Company in accordance with the Code of Ethics issued by CA Sri Lanka (Code of Ethics) and we have fulfilled our other ethical responsibilities in accordance with the Code of Ethics. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Key audit matters

Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the financial statements of the current period. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.

1. Impairment of loans and receivables to customers

Refer to the “Note 2.12” (Use of Judgements and Estimates), “Note 12” (Impairment of loans and receivables to customers) and “Note 24” (Loans and receivables to customers) to the Financial Statements.

Risk Description	Our Responses
As at 31 March 2021, 80% of its total assets of the Company consisted of loan and receivables to customers totaling to Rs. 75 Bn, net of impairment allowance of Rs. 3.74 Bn. Impairment of loans and receivables to customers is a subjective area due to the level of judgment applied by management in determining impairment allowances. From the Company’s perspective, the portfolios which gave rise to the greatest uncertainty in determining impairment allowances for loans and receivables to customers were those where impairments were derived from internally developed statistical models, where the loans and receivables to customers were unsecured or where the loans and receivables to customers were subject to potential collateral shortfalls. The determination of the allowance for expected credit losses is heavily dependent on the external macro environment and reliant on data and a number of estimates related to statistical models. The Company’s expected credit losses for loans and receivables to customers are derived from the statistical models which are based on internally computed data comprising qualitative and quantitative factors including past due information and also incorporating forward looking information. The COVID-19 pandemic has meant that assumptions regarding the economic outlook are more uncertain which, combined with varying government responses, increases the level of judgement required by the Company in calculating the ECL, and the associated audit risk. The disclosures regarding the Company’s application of SLFRS 9 and SLFRS 7 are key to explaining the key judgements and material inputs to the SLFRS 9 ECL results. We identified assessing impairment of loans and receivables to customers as a key audit matter because there is a high degree of complexity and judgment involved for the Company in estimating individual and collective credit impairment provisions against these loans. These features resulted in significant audit effort to address the risks around loan recoverability and the determination of related provisions.	Our audit procedures included: Assessing the design, implementation and operating effectiveness of key internal controls over the approval of new lending facilities against the Company lending policies, recording, monitoring of counter party credit quality and restructuring of loans and receivables to customers, the process of the measurement of impairment allowances for loans and receivables to customers; Challenging the validity of the models used and assumptions adopted in Company calculation of the impairment allowances by critically assessing: Input parameters involving management judgment; the overdue statistical data for the loan and receivable portfolios; and Historical loss parameters used. Considering, as part of the procedures above, the nature of and reasons for any revisions to the key assumptions and input parameters in the models, the consistency of judgment applied in the use of economic factors and forward looking information and assessing key internal controls over the input of underlying data into the models; Assessing the economic factors used in the models to market information to assess whether they were aligned with market and economic development; Assessing the ongoing effectiveness of the significant increase in credit risk criteria and independently calculated the loans’ stage; Assessing the reasonability of the Company’s treatment of COVID-19 payment relief to customers (moratorium / debt concession) considering the significant increase in credit risk perspective; Working with KPMG specialists, we assessed the reasonability of the adjustments made by the Company to the forward-looking macroeconomic factors and assumptions used in the ECL model; Assessing the completeness of additional allowance overlays by checking the consistency of risks we identified in the portfolios against the Company’s assessment. Evaluating the appropriateness of the accounting policies based on the requirements of the accounting standards, our business understanding and industry practice; Assessing the appropriateness of the Company’s disclosures in the financial report using our understanding obtained from our testing and against the requirements of the Sri Lanka Accounting Standards.

Risk Description

Our Responses

As at 31 March 2021, 80% of its total assets of the Company consisted of loan and receivables to customers totaling to Rs. 75 Bn, net of impairment allowance of Rs. 3.74 Bn. Impairment of loans and receivables to customers is a subjective area due to the level of judgment applied by management in determining impairment allowances.

From the Company’s perspective, the portfolios which gave rise to the greatest uncertainty in determining impairment allowances for loans and receivables to customers were those where impairments were derived from internally developed statistical models, where the loans and receivables to customers were unsecured or where the loans and receivables to customers were subject to potential collateral shortfalls.

The determination of the allowance for expected credit losses is heavily dependent on the external macro environment and reliant on data and a number of estimates related to statistical models. The Company’s expected credit losses for loans and receivables to customers are derived from the statistical models which are based on internally computed data comprising qualitative and quantitative factors including past due information and also incorporating forward looking information.

The COVID-19 pandemic has meant that assumptions regarding the economic outlook are more uncertain which, combined with varying government responses, increases the level of judgement required by the Company in calculating the ECL, and the associated audit risk.

The disclosures regarding the Company’s application of SLFRS 9 and SLFRS 7 are key to explaining the key judgements and material inputs to the SLFRS 9 ECL results. We identified assessing impairment of loans and receivables to customers as a key audit matter because there is a high degree of complexity and judgment involved for the Company in estimating individual and collective credit impairment provisions against these loans. These features resulted in significant audit effort to address the risks around loan recoverability and the determination of related provisions.

Our audit procedures included:

Assessing the design, implementation and operating effectiveness of key internal controls over the approval of new lending facilities against the Company lending policies, recording, monitoring of counter party credit quality and restructuring of loans and receivables to customers, the process of the measurement of impairment allowances for loans and receivables to customers;

Challenging the validity of the models used and assumptions adopted in Company calculation of the impairment allowances by critically assessing:

Input parameters involving management judgment;
the overdue statistical data for the loan and receivable portfolios; and
Historical loss parameters used.

Considering, as part of the procedures above, the nature of and reasons for any revisions to the key assumptions and input parameters in the models, the consistency of judgment applied in the use of economic factors and forward looking information and assessing key internal controls over the input of underlying data into the models;

Assessing the economic factors used in the models to market information to assess whether they were aligned with market and economic development; Assessing the ongoing effectiveness of the significant increase in credit risk criteria and independently calculated the loans’ stage;

Assessing the reasonability of the Company’s treatment of COVID-19 payment relief to customers (moratorium / debt concession) considering the significant increase in credit risk perspective;

Working with KPMG specialists, we assessed the reasonability of the adjustments made by the Company to the forward-looking macroeconomic factors and assumptions used in the ECL model;

Assessing the completeness of additional allowance overlays by checking the consistency of risks we identified in the portfolios against the Company’s assessment.

Evaluating the appropriateness of the accounting policies based on the requirements of the accounting standards, our business understanding and industry practice;

Assessing the appropriateness of the Company’s disclosures in the financial report using our understanding obtained from our testing and against the requirements of the Sri Lanka Accounting Standards.

2. IT systems and controls over financial reporting

Risk Description	Our Responses
Automated accounting procedures and IT environment controls, which include IT governance, controls over program development and changes, access to programs and data and IT operations, are required to be designed and to operate effectively to ensure accurate financial reporting. Key areas of importance are system calculations, logic regarding significant accounts, including interest calculations, interfaces between business management systems and accounting systems. We identified IT systems and controls over financial reporting as a key audit matter because the Company’s financial accounting and reporting systems are fundamentally reliant on complex IT systems and control processes which are driven by significant transaction volumes caused by the size of the customer base.	Our audit procedures included: We used KPMG IT specialists to perform audit procedures to assess IT systems and controls over financial reporting, which included: Assessing the design, implementation and operating effectiveness of key internal controls over the continued integrity of all major IT systems fundamental to dealing with the financial data, particularly financial reporting; Examining the framework of governance over the Company’s IT organization and the controls over program development and changes, access to programs and data and IT operations, including compensating controls where required; Evaluating the design, implementation and operating effectiveness of the significant accounts-related IT process controls by assessing the operating effectiveness of IT Application Controls, assessing the operating effectiveness of certain automated controls and system calculations which are relevant to the Company’s compliance activities and assessing the consistency of data transmission and data migration; Assessing the availability and stability of key operating systems, taking into consideration the rapid development of businesses types and transactions volumes as well as IT projects that have a significant impact on business continuity; Testing the access rights given to staff by checking them to approved records, and inspecting the reports over the granting and removal of access rights; Testing preventative controls designed to enforce segregation of duties between users within particular systems;

Risk Description

Our Responses

Automated accounting procedures and IT environment controls, which include IT governance, controls over program development and changes, access to programs and data and IT operations, are required to be designed and to operate effectively to ensure accurate financial reporting. Key areas of importance are system calculations, logic regarding significant accounts, including interest calculations, interfaces between business management systems and accounting systems.

We identified IT systems and controls over financial reporting as a key audit matter because the Company’s financial accounting and reporting systems are fundamentally reliant on complex IT systems and control processes which are driven by significant transaction volumes caused by the size of the customer base.

Our audit procedures included:
We used KPMG IT specialists to perform audit procedures to assess IT systems and controls over financial reporting, which included:

Assessing the design, implementation and operating effectiveness of key internal controls over the continued integrity of all major IT systems fundamental to dealing with the financial data, particularly financial reporting;
Examining the framework of governance over the Company’s IT organization and the controls over program development and changes, access to programs and data and IT operations, including compensating controls where required;
Evaluating the design, implementation and operating effectiveness of the significant accounts-related IT process controls by assessing the operating effectiveness of IT Application Controls, assessing the operating effectiveness of certain automated controls and system calculations which are relevant to the Company’s compliance activities and assessing the consistency of data transmission and data migration;
Assessing the availability and stability of key operating systems, taking into consideration the rapid development of businesses types and transactions volumes as well as IT projects that have a significant impact on business continuity;
Testing the access rights given to staff by checking them to approved records, and inspecting the reports over the granting and removal of access rights;
Testing preventative controls designed to enforce segregation of duties between users within particular systems;

Other information

Management is responsible for the other information. The other information comprises the information included in the annual report, but does not include the financial statements and our auditor’s report thereon.

Our opinion on the Financial Statements does not cover the other information and we do not express any form of assurance conclusion thereon.

In connection with our audit of the financial statements, our responsibility is to read the other information identified above when it becomes available and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit, or otherwise appears to be materially misstated. If, based on the work we have performed, we conclude that there is a material misstatement of this other information we are required to communicate that fact. We have nothing to report in this regard.

Responsibilities of Management and Those Charged with Governance for the Financial Statements

Management is responsible for the preparation of financial statements that give a true and fair view in accordance with Sri Lanka Accounting Standards, and for such internal control as management determines is necessary to enable the preparation of financial statements that are free from material

misstatement, whether due to fraud or error.

In preparing the financial statements, management is responsible for assessing the Company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless management either intends to liquidate the Company or to cease operations, or has no realistic alternative but to do so.

Those charged with governance are responsible for overseeing the Company’s financial reporting process.

Auditor’s Responsibilities for the Audit of the Financial Statements

Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with SLAuSs will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with SLAuSs, we exercise professional judgment and maintain professional skepticism throughout the audit. We also:

Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.
Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control.
Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by management.
Conclude on the appropriateness of management’s use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Company’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor’s report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor’s report. However, future events or conditions may cause the Company to cease to continue as a going concern.
Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

We also provide those charged with governance with a statement that we have complied with ethical requirements in accordance with the Code of Ethics regarding independence, and to communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards.

From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor’s report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.

Report on Other Legal and Regulatory Requirements

As required by section 163 (2) of the Companies Act No. 07 of 2007, we have obtained all the information and explanations that were required for the audit and, as far as appears from our examination, proper accounting records have been kept by the Company.

CA Sri Lanka membership number of the engagement partner responsible for signing this independent auditor’s report is 3272.

CHARTERED ACCOUNTANTS
Colombo, Sri Lanka
10 June 2021