The Board Audit Committee (the BAC) consists of the following members whose profiles are given in the section on Board of Directors and Profiles.
Board membersMr S Swarnajothi*
Prof A K W Jayawardane*
Mr K Dharmasiri*
Ms N T M S Cooray*
Justice K Sripavan*
Regular attendees by invitationMr S Renganathan
(Managing Director/Chief Executive Officer)
Mr S C U Manatunge
(Director/ Chief Operating Officer)
Mr K D N Buddhipala
(Chief Financial Officer)
Mr S K K Hettihamu
(Chief Risk Officer)
Mr V S Rajasooriyar
(Assistant General Manager – Compliance)
Mr J Premanath
(Assistant General Manager – Management Audit)
Mr Reyaz Mihular
(Senior practicing Chartered Accountant, serves the BAC in the capacity of a Consultant and is invited to attend meetings)
Independent Consultant appointed to the Committee to provide necessary assistance and enable the Committee to discharge its functions properly
Secretary to the CommitteeMr J Premanath
(Assistant General Manager – Management Audit)
*Independent Non-Executive Director
Attendance at Meetings
|Name||Eligible to attend/ Attended|
|Mr S Swarnajothi||08/07|
|Prof A K W Jayawardane||08/08|
|Mr K Dharmasiri||08/08|
|Ms N T M S Cooray||08/08|
|Justice K Sripavan||08/08|
|Mr S Renganathan||08/08|
|Mr S C U Manatunge||08/08|
The Committee reviewed the risk-based audit approach adopted for assessing the effectiveness of the internal control procedures in place to identify and manage all significant risks.
The Charter of the BAC (the Committee) approved by the Board, clearly defines the Terms of Reference of the Committee and is annually reviewed to ensure that new developments relating to the Committee’s functions are addressed. The Charter of the Committee was last reviewed and approved by the Board in September 2019.
The Committee assists the Board in discharging its responsibilities and exercises oversight over financial reporting, internal audit, internal controls and external audit.
The Committee has full access to information, cooperation from Management and discretion to invite any Director or Executive Officer to attend its meetings.
The Banking Act Direction No. 11 of 2007 on “Corporate Governance for Licensed Commercial Banks in Sri Lanka” and its subsequent amendments (hereinafter referred to as the Direction), “Rules on Corporate Governance under Listing Rules of the Colombo Stock Exchange” and “Code of Best Practice on Corporate Governance”, issued by The Institute of Chartered Accountants of Sri Lanka further regulate the composition, roles and functions of the Committee.
The Committee is empowered by the Board to:
The Committee held eight (08) meetings during the financial year ended December 31, 2019. Proceedings of these meetings with adequate details of matters discussed are regularly reported to the Board.
Representatives of the Bank’s External Auditors, Messrs Ernst & Young also participated in seven (07) meetings during the year by invitation. The Committee also invited members of the Senior Management of the Bank to participate in the meetings from time to time on a need basis.
Reporting of financial position and performance:
The Committee assisted the Board in its oversight on the preparation of Financial Statements to evidence a true and fair view on financial position and performance. This process is based on the Bank’s accounting records and in accordance with the stipulated requirements of the Sri Lanka Accounting Standards. In fulfilling its oversight responsibilities, the Committee reviewed and discussed the Interim and Consolidated Financial Statements, including the acceptability of the accounting principles, the reasonableness of significant estimates and judgements.
The Committee reviewed the Tax Assessments outstanding and action initiated for follow up for resolution through regular reports submitted by the Chief Financial Officer.
The prevailing Internal Controls, systems and procedures were assessed by the Committee and it expressed the view that adequate controls and procedures were in place to provide reasonable assurance to the effect that the Bank’s assets are safeguarded and the financial position of the Bank is well monitored and accurately reported.
Progress of implementation of SLFRS 9:
The Committee continuously monitored the progress of implementation of SLFRS 9 as per the requirements of Sri Lanka Accounting Standard – SLFRS 9 on “Financial Instruments” that has been issued with effective date being January 1, 2018.
The Committee reviewed the Policy Manual on principles and methodologies including Expected Credit Losses (ECL) computation under SLFRS 9 – “Financial Instruments” adopted by the Management during the year 2019.
Internal Capital Adequacy Assessment Process (ICAAP):
The Committee reviewed the effectiveness of internal control mechanism in place to meet the regulatory requirements on ICAAP and the mechanism in place to ensure integrity, accuracy and reasonableness in capital assessment process of the Bank for the year 2018, as per the Section 10 of Banking Act Direction No. 01 of 2016 on “Regulatory Framework on Supervisory Review Process”.
Oversight on regulatory compliance:
The Committee also ensured that the Bank complies with all regulatory and legal requirements and closely scrutinised compliance with mandatory banking and other statutory requirements and the systems and procedures that are in place. The quarterly reports submitted by the Compliance Officer were used by the Committee to monitor compliance with all such legal and statutory requirements. The Bank’s Inspection Department has been mandated to conduct independent test checks covering all regulatory compliance requirements, as a further monitoring measure.
The Committee monitored the progress on implementation of the recommendations made in the Statutory Examination Reports of Central Bank of Sri Lanka (CBSL) through regular follow up reports tabled during the year 2019.
Identification of risks and control measures:
The Bank has adopted a risk-based audit approach towards assessing the effectiveness of the internal control procedures in place to identify and manage all significant risks and that these are being reviewed by the Committee.
The risk rating of Branches and certain business Units of the Bank has been reviewed to capture current risk profiles of such business units while providing insights to emerging and potential risks. Reviewed Risk Rating Methodology had been approved by the Committee during the year 2019 and adopted for assessing and measuring risks identified during audit assignments carried out by the Inspection Function.
The Committee seeks and obtains the required assurances from Business Units on the remedial action in respect of the identified risks to maintain the effectiveness of internal control procedures.
Internal audit and inspection:
The Committee ensured that the Internal Audit Function is independent of the activities it audited and that it was performed with impartiality, proficiency and due professional care.
The Committee approved the Programme of Inspection formulated by the Inspection Department and the Information Systems Audit Unit (ISAU) and reviewed its progress of implementation regularly. The scope of work was enhanced to include credit audits including that of credit administration at Corporate Banking Unit and Branches.
The Bank’s Inspection Department carried out, online and onsite inspection of business units including 04 subsidiaries in Sri Lanka and overseas operations namely Bangladesh and overseas subsidiaries Commercial Bank of Maldives Private Limited and CBC Myanmar Microfinance Co. Ltd. Commex Sri Lanka S. R. L. subsidiary incorporated in Italy was monitored through an offsite surveillance. With the concurrence of the Board, the Bank continued to engage the services of four (4) firms of Chartered Accountants approved by the CBSL in order to supplement Bank’s Inspection Department in carrying out inspection assignments.
ISAU conducted onsite/off site audits including monitoring through System based audit tools, reviews of change management activities and verification of compliance with industry standards such as ISO 27001:2013/ PCI-DSS/ Baseline Security Standards (BSS) to ensure safeguarding IT assets of the Bank. The work of ISAU included all Bank’s subsidiaries and Bangladesh operations. The Committee received the attention of significant findings and recommendations made in the reports submitted by ISAU. The Committee also reviewed the reports on findings relating to Business Continuity Planning and Roles Swap exercises conducted during the year 2019.
Six hundred and fifty-five (655) inspection reports on Business Units and Departments including subsidiaries and overseas operations received the attention of the Committee which highlighted the Operational deficiencies, risks and the recommendations. The Committee evaluated the Bank’s system of internal controls and duly reported its findings to the Board.
Major findings of internal investigations with recommendations of the management were considered and appropriate instructions issued. The Committee also invited representatives from the audit firms assisting in inspections to make presentations on their observations and findings.
The Committee reviewed the Inspection/Information Systems Audit operational manual and evaluated the Internal Audit Function covering key areas such as scope, quality of internal audits, independence and resources.
Members of the Committee also made periodic visits to the Branches personally to gather information in regard to the operations, controls implemented and follow up action taken for significant audit findings.
With regard to the external audit function of the Bank, the role played by the Committee is as follows:
The Auditors were provided with the opportunity of meeting Non-Executive Directors separately, without any executive being present, to ensure that the Auditors had the independence to discuss and express their opinions on any matter. It provided the assurance to the Committee that the Management has fully provided all information and explanations requested by the Auditors.
At the conclusion of the audit, the Committee also met the Auditors to review the Auditors’ Management Letter before it was submitted to the Board and CBSL.
The members of the Committee evaluated the Bank’s External Auditor, Messrs Ernst & Young covering key areas such as scope and delivery of audit, resources and quality assurance initiatives, during the year 2019.
Mechanism of internal controls:
Sections 3 (8) (ii) (b) and (c) of the Banking Act Direction No. 11 of 2007, stipulates the requirements to be complied with by the Bank to ensure reliability of the financial reporting system in place at the Bank.
The Committee is assisted by the External Auditor and Inspection Department to closely monitor the procedures designed to maintain an effective internal control mechanism to provide reasonable assurance that this requirement is being complied with.
In addition, the Committee regularly monitored all exceptional items charged to the Income Statement, long outstanding items in the Bank’s Chart of Accounts, Credit Quality, Risk Management procedures and adherence to classification of non-performing loans and provisioning requirements specified by the CBSL. The Committee also reviewed the credit monitoring and follow up procedures and the Internal Control Procedures in place to ensure that necessary controls and mitigating measures are available in respect of newly-identified risks.
Ethics and Good Governance:
The Committee continuously emphasised on upholding ethical values of the staff members. In this regard, a Code of Ethics and Whistle-Blower’s Charter was put in place and followed for educating and encouraging all members of staff to resort to whistle-blowing if they suspect wrong doings or other improprieties. Highest standards of Corporate Governance and adherence to the Bank’s Code of Ethics were ensured. All appropriate procedures were in place to conduct independent investigations into incidents reported through whistle-blowing or identified through other means. The Whistle-Blower’s Charter guarantees the maintenance of strict confidentiality of the identity of the whistle-blowers.
Sri Lanka Accounting Standards:
The Committee reviewed the revised policy decisions relating to adoption of new and revised Sri Lanka Accounting Standards (SLFRS/LKAS) applicable to the Bank and made recommendations to the Board. The Committee would continue to monitor the compliance with relevant Accounting Standards and keep the Board informed at regular intervals.
Evaluation of the Committee:
An independent evaluation of the effectiveness of the Committee was carried out by the other Members of the Board during the year. Considering the overall conduct of the Committee and its contribution on the overall performance of the Bank, the Committee has been rated as highly effective.
Board Audit Committee
February 20, 2020