Directors' statement on internal control over financial reporting


In line with the Section 10 (2)(b) of the Finance Companies Direction No. 03 of 2008 as amended by the Direction No. 06 of 2013, and principle D1.5 of Code of Best Practice on Corporate Governance 2017 issued by The Institute of Chartered Accountants of Sri Lanka, the Board of Directors presents this report on Internal Control mechanisms of Citizens Development Business Finance PLC (“the Company”) over Financial Reporting.


The Board of Directors (“Board”) is responsible for the adequacy and effectiveness of the Internal Controls in place at Citizens Development Business Finance PLC. However, such a system is designed to manage the Company’s key areas of risk within an acceptable risk profile, rather than to eliminate the risk of failure to achieve the business objectives and policies of the Company. Accordingly, the system of internal controls can only provide reasonable but not absolute assurance against material misstatement of management and financial information and records or against financial losses or fraud.

The Board has established an ongoing process for identifying, evaluating and managing the significant risks faced by the Company and this process includes enhancing the system of Internal Controls as and when there are changes to the business environment or regulatory guidelines. The process is regularly reviewed by the Board in accordance with the guidance for Directors of the Company on the “Directors Statement on Internal Control” issued by The Institute of Chartered Accountants of Sri Lanka . As per the said guidance, significant processes affecting significant accounts of the Company were assessed along with the key areas of the Company.

The Board is of the view that the system of Internal Control over Financial Reporting in place is sound and adequate to provide reasonable assurance regarding the reliability of Financial Reporting and that the preparation of Financial Statements for external purposes is in accordance with relevant accounting principles and regulatory requirements.

The Management assists the Board in the implementation of the Board’s policies and procedures on risk and control by identifying and assessing the risks faced, and in the design, operation and monitoring of suitable internal controls to mitigate and control these risks.

Key features of the process adopted in applying and reviewing the design and effectiveness of the Internal Control System over Financial Reporting

The key processes that have been established in reviewing the adequacy and integrity of the system of internal controls with respect to financial reporting include the following;

  • Establishment of Board Subcommittees to assist the Board in ensuring the effectiveness of the Company’s day-to-day operations and to ensure that all such operations are carried out in accordance with the corporate objectives, strategies and the annual budget as well and the policies and business directions that have been approved.
  • Policies/Procedures are developed covering all functional areas of the Company and these are approved by the Board or Board – approved committees. Such policies and procedures are reviewed and approved periodically.
  • The Internal Audit Department of the Company checks for compliance with policies and procedures and the effectiveness of the Internal Control system on an on-going basis using samples and rotational procedures and highlights significant findings in respect of any non- compliance. The annual audit plan is reviewed and approved by the Board Audit Committee. Audits are carried out on a majority of departments, functions, branches including IT General Controls, IT Application Controls and Cyber Security Reviews. The frequency of these audits are determined by the level of risk assessed. The findings of the audits are submitted to the Board Audit Committee for review at their periodic meetings.
  • The Board Audit Committee of the Company reviews Internal Control issues identified by the Internal Audit Department, the External Auditors, Regulatory Authorities and the Management, and evaluates the adequacy and effectiveness of the risk management and internal control systems. The Board Audit Committee reviews the effectiveness of internal audit functions with particular emphasis on the scope of audits and the quality of the same. The Minutes of the Board Audit Committee meetings are forwarded to the Board on a quarterly basis. Further, details of the activities undertaken by the Board Audit Committee are set out in the Board Audit Committee Report of this
    Annual Report.
  • The Board Integrated Risk Management Committee (BIRMC) is established to assist the Board to oversee the overall management of principal areas of risk of the Company.
  • Operational Committees have also been established with appropriate empowerment to ensure effective management and supervision of the Company’s core areas of the business operations. These Committees include the Assets and Liability Management Committee, Credit Committee, Treasury Committee and Information Technology Steering Committee.

In assessing the Internal Control System over Financial Reporting, identified officers of the Company were assigned to collate all procedures and controls that are connected with significant accounts and disclosures of the financial statements of the Company. These in turn were observed and checked by the Internal Audit Department for suitability of design and effectiveness on an ongoing basis.

The Company has adopted SLFRS 9 – “Financial Instruments” which was issued in 2014 with a date of initial application of 1 April 2017. Since adoption of this standard, progressive improvements on processes to comply with new requirements of classification, estimation of expected credit losses and disclosure were made whilst, further strengthening of processes will take place pertaining to expected credit loss estimation and financial statement disclosures. During the financial year existing processes were further refined to incorporate the potential implication of COVID-19 pandemic and the moratorium schemes introduced to support the recovery of the economy. The Board Audit Committee reviewed the amendments made to the policies and methodologies and the underlying assumptions during the financial year taking into consideration the potential implications of the COVID-19 pandemic situation.

Further, adequate training and awareness sessions have been conducted for the Board and the Senior Management with regard to Accounting Standards.

The Comments made by the External Auditors in connection with internal control system over financial reporting during the previous financial year were reviewed during the year and appropriate steps have been taken to implement the recommendations.


Backed by the Internal Audit, Information System Audit, and Risk Management Division’s continued review and verification of the suitability and effectiveness of pre-existing procedures and controls, the Board of Directors confirms that the financial reporting system of the Company has been designed to provide a reasonable assurance of the reliability of the financial reporting system and the preparation of financial statements for external purposes has been done in accordance with Sri Lanka Accounting Standards, and comply with regulatory requirements including the Companies Act No. 07 of 2007 and the Finance Business Act No. 42 of 2011.

Review of The Statement By External Auditors

The External Auditor, Messrs KPMG, has reviewed the above Directors’ Statement on Internal Control over Financial Reporting for the year ended 31 March 2021 and reported to the Board that nothing has come to their attention that causes them to believe that the statement is inconsistent with their understanding of the process adopted by the Board in the review of the design and effectiveness of the Internal Control System over Financial Reporting of the Company. Their independent assurance report on the “Directors’ Statement on Internal Control over Financial Reporting” is given on page 127 of this Annual Report.

By order of the Board

J R A Corera

P R W Perera
Chairperson – Board Audit Committee

W P C M Nanayakkara
Managing Director/CEO

T M D P Tennakoon
Executive Director/Deputy CEO/CFO

10 June 2021