Stewardship

Directors’ Statement of Internal Controls

Introduction

Section 3 (8) (ii) (b) of the Banking Act Direction No. 11 of 2007 requires the Board of Directors (“the Board”) to report on internal control mechanism that confirms that the financial reporting system has been designed to provide reasonable assurance regarding the reliability of financial reporting, and that the preparation of Financial Statements for external purposes has been done in accordance with relevant accounting principles and regulatory requirements. This Report is prepared to be in line with the said regulatory requirements.

Internal control system

The Internal Control System is the process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of DFCC Bank PLC’s (“the Bank”) objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations.

The Internal Control System of the Bank consists of the following components:

  1. The control environment;
  2. The entity’s risk assessment process;
  3. The information system including the related business processes relevant to financial reporting and communication;
  4. Control activities; and
  5. Monitoring of controls.

The subset of this wider internal control system is the internal controls designed and implemented to provide reasonable assurance regarding the reliability of the financial reporting and that the preparation of financial statements for external purposes has been done in accordance with relevant accounting principles and regulatory requirements.

Responsibility

The Board acknowledges the responsibility for the adequacy and effectiveness of the Bank’s system of internal controls, which is designed to provide assurance on the maintenance of proper accounting records and the reliability of financial information generated and safeguarding of the assets of the Bank.

However, such systems are designed to manage the Bank’s key exposures to risk within acceptable risk parameters rather than to eliminate the risk of failure to achieve the business goals and objectives of the Bank. Therefore, the system of internal controls can only provide reasonable and not absolute assurance against errors or material misstatement of management and financial information and records or against financial losses and frauds.

Framework for managing material risks of the bank

The Board has set up an ongoing process for identifying, monitoring and managing the material risks faced by the Bank. This includes establishment of a dedicated Risk Management Department that provides regular reports on various risks subject to an oversight by the Internal Audit Department through Internal Audit Reports that enables the Audit Committee to review the adequacy and effectiveness of the system of internal controls continuously to match the changes in the business environment or regulatory guidelines. In making this assessment, all key processes relating to material or significant transactions captured and recorded in the books of accounts are identified and covered on an ongoing basis that is compatible with the guidance for Directors of Banks on the Directors’ Statement of Internal Control issued by The Institute of Chartered Accountants of Sri Lanka.

Key internal control processes

The key processes that have been established in reviewing the adequacy and integrity of the system of internal controls include the following:

  • The Board has established Committees to assist them in exercising oversight on the effectiveness of the Bank’s daily operations and ensuring that they are in accordance with the corporate objectives, strategies and the budgetary targets as well as the policies and business directions that have been approved.
  • The Internal Audit Department of the Bank verifies compliance of operations with policies and procedures and the adequacy and effectiveness of the internal control systems and highlights significant findings in respect of any non-compliance. Audits are carried out on all units and branches, the frequency of which are determined by the level of risk assessed to provide an independent and objective report on operational and management activities of these units and branches. The annual audit plan is reviewed and approved by the Audit Committee and the findings of the audits are submitted to the Audit Committee for review at their periodic meetings.
  • The Audit Committee of the Bank reviews internal control issues identified by the internal audit, the External Auditors, regulatory authorities, and management and evaluates the adequacy and effectiveness of the risk management and internal control systems. They also review the internal audit function focusing on the scope of audits and the quality of reporting. The minutes of the Audit Committee meetings are tabled for the information of the Board on a periodic basis. Further details of the activities undertaken by the Audit Committee of the Bank are set out in the Report of the Audit Committee.
  • The Board Integrated Risk Management Committee (BIRMC) was established by the Board to assist the Board to oversee the overall management of principal areas of risk of the Bank. The BIRMC includes representation from all key business and operations areas of the Bank and assists the Board in the implementation of policies, procedures and controls identified by the BIRMC.
  • Operational Committees have also been established with appropriate mandates to ensure effective management and supervision of the Bank’s core areas of business operations. These committees include the Management Committee, Credit Committees, the Asset/Liability Committee, the Impairment Assessment Committee, and the Information Technology Steering Committee.

Assessment of the adequacy and effectiveness of internal control

Although this process is carried out every year on a continuing basis, the Direction on Corporate Governance issued by the Central Bank of Sri Lanka requires the Board to provide a separate report on the Bank’s Internal Control mechanism that confirms that the financial reporting system has been designed to provide reasonable assurance regarding the reliability of financial reporting and that the preparation of Financial Statements for external purposes has been done in accordance with relevant accounting principles and regulatory requirements supplemented with Independent certification by the Auditor. The Auditors provide the independent Assurance Report in accordance with Sri Lanka Standard on Assurance Engagements (SLSAE) – 3050 issued by The Institute of Chartered Accountants of Sri Lanka.

In order to facilitate the tasks of the Auditors to issue the Independent Assurance Report, the SLSAE – 3050 requires documentation of all procedures and controls that are related to significant accounts and disclosures of the Financial Statements of the Bank with audit evidence of checks performed by the Bank on an ongoing basis.

The risk and significance based Internal Audit Plan implemented by the Internal Audit Department in consultation with the Board Audit Committee specifically included on a sample basis independent verification that the internal control process documented by the Bank, which is supported with audit evidence was in fact carried out on an ongoing basis.

Continuous monitoring of application of Sri Lanka Accounting Standards – SLFRS 9 – Financial Instruments

The Bank adopted SLFRS 9 from 1 January 2018 and made an assessment of the objective of the business model classification of financial assets as it best reflects the way the business is managed and information is provided to management.

With the introduction of “expected credit loss” under SLFRS 9, the Bank developed models to calculate Expected Credit Losses (ECLs). Number of key assumptions were made by the Bank in applying the requirements of SLFRS 9 to the models including selection and input of forward looking information. These models are inherently complex and judgment is applied in determining the correct construction of the same. These models were developed over the past years and reviewed by the management and amendments were made to the initial assumptions where necessary to reflect the recent and updated data and such amendments made were independently reviewed by External Auditors.

The Bank continues to focus on strengthening the review and testing process of the models developed. The Bank has documented procedures and polices relating changes made to underlying assumptions during 2019 and obtained approval of the Board Audit Committee and the Board. The Bank’s Internal Audit Department commenced reviews and testing these processes in 2019 and will continue to do so with more focus and robust approach in 2020.

The computation of impairment losses from loans and receivables has not been automated yet. Considering the complexity and level of estimation involved in this process, the Board is in the process of evaluating the options available for automation. This evaluation process will also address the new parameter requirements, level of integration with the GL systems and minimising the manual intervention.

Adoption of Sri Lanka Accounting Standards – SLFRS 16 – Leases

Prior to 1 January 2019, the assets held under operating leases were not recognised in the Bank’s statement of financial position. Payments made under operating leases were recognised in profit or loss on a straight-line basis over the term of the lease. From 1 January 2019, the Bank adopted SLFRS 16 for the first time from 1 January 2019 which requires recognition of a right-of-use-asset and a lease liability at the lease commencement date. The Bank has carried out the required reviews of all lease agreements and has assessed the impact on Financial Statements. On initial application the Bank has opted for modified retrospective approach and has made all required adjustment to the opening balance as at 1 January 2019. Accordingly, the comparatives have not been re-stated.

Management information

The comments made by the External Auditors in connection with internal control system for the financial year ended 31 December 2018 were reviewed during the year and appropriate steps have been taken to rectify the same.

The recommendations made by the External Auditors in the financial year ended to 31 December 2019 in connection with the internal control system will be addressed in future.

The Directors are of the opinion that these recommendations are intended to further improve the internal control system and they do not in any way detract from the conclusion that the financial reporting system is reliable to provide reasonable assurance that the Financial Statements for external use are true and fair and complies with Sri Lanka Accounting Standards and the regulatory requirements of the Central Bank of Sri Lanka.

Confirmation

Based on the above detailed internal control mechanism and related processes of the Bank, the Board confirms that the financial reporting system of the Bank has been designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes is in accordance with Sri Lanka Accounting Standards and regulatory requirements of the Central Bank of Sri Lanka.

Review of the Statement by External Auditors

The External Auditors have reviewed the above Directors’ Statement on Internal Control for the year ended 31 December 2019 and their Independent Assurance Report of the Annual Report.

By Order of the Board,

P M B Fernando
Chairman – Audit Committee
J Durairatnam
Chairman – Board of Directors
L H A L Silva
Chief Executive/Director
18 February 2020
TOP
Close