Composition

The Board appointed Audit Committee comprises three Independent Non-Executive Directors.

The Committee for 2023 is chaired by Mr H A J de Silva Wijeyeratne as the Chairman of the Audit Committee with effect from 1 July 2022. He has extensive experience in the fields of general management, financial management and auditing and is an Associate Member of The Institute of Chartered Accountants of Sri Lanka and a Fellow Member of the Chartered Institute of Management Accountants (UK).

The present members of the Board appointed Audit Committee are as follows:

Mr H A J de Silva
Wijeyeratne – Chairman
Ms L K A H Fernando
Ms H M N S Gunawardana

There were no changes in the membership of the Committee during the year. Brief profiles of the members are given on Board of Directors section.

Mandate and Role

The Terms of Reference of the Committee, which is subject to review periodically by the Board of Directors, clearly defines the mandate and role of the Committee. The Terms of Reference of the Committee was last reviewed and approved by the Board in November 2023. The Committee is responsible to the Board of Directors and reports on its activities regularly.

The Committee assists the Board of Directors in fulfilling its general oversight of financial reporting, internal controls, internal and external audits.

Further the functions of the Committee are structured and regulated in line with the Rule No. 3 (6) (ii) of the Corporate Governance Direction No. 11 of 2007, issued by the Central Bank of Sri Lanka, the Rules on Corporate Governance as per revised Section 9 of Listing Rules issued by the Colombo Stock Exchange and the Code of Best Practice on Corporate Governance 2017 issued by the Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka). Where appropriate, more details are provided under separate headings in this Report.

Meetings

The Head of Group Internal Audit functioned as the Secretary to the Committee for the year ended 31 December 2023. During the year, 10 Audit Committee meetings were held and proceedings of the Audit Committee meetings were reported regularly to the Board.

The meetings during the year were regularly attended and the attendance by the Committee members at the meetings is given in the table on Corporate Governance section of this Annual Report.

The Chief Executive Officer, Chief Financial Officer, Chief Operating Officer and Chief Information Officer attend meeting by invitation. Senior Management also attends the meetings on invitation in order to brief the Audit Committee on specific matters. The Committee held two meetings with the External Auditor; KPMG independently, without the presence of the Executive Management, to discuss the progress and conclusion of the audits.

Principal Activities Conducted During 2023

Review of Financial Reporting

The Committee reviewed the effectiveness of the Financial Reporting System in place, to ensure reliability of information provided to the stakeholders. The Committee reviewed that to the best of its knowledge and belief, the Financial Statements issued for external purposes by DFCC Bank PLC (the Bank), complied with generally accepted principles of accounting as enunciated in Sri Lanka Accounting Standards, and complies with the statutory provisions of the Companies Act No. 07 of 2007 and Banking Act No. 30 of 1988 and subsequent amendments thereto.

The Committee assisted the Board of Directors to discharge their responsibility for the preparation of true and fair Financial Statements in accordance with the books of accounts and Sri Lanka Accounting Standards. In carrying out the overseeing responsibilities, the Committee reviewed.

• The adequacy and effectiveness of the internal control system and procedures to provide reasonable assurance that all transactions are accurately and completely recorded in the books of accounts.
• All critical accounting policies, practices, related changes thereto, alternative accounting treatments, major judgement areas, material audit adjustments, compliance with accounting standards, going concern assumptions, financial reporting controls and compliance with applicable laws and regulations that could impact the Bank’s Financial Statements, its Annual Report and its Quarterly Financial Statements prepared for publication in conjunction with the Management, Internal Auditors and where relevant, External Auditors. Special attention was made to discuss and decide on the changes in accounting treatments necessitated from the Circulars issued by the Regulator and Accounting Profession from time to time. The Committee reviewed the revised impairment policy document on adoption of the Sri Lanka accounting Standard – SLFRS 09 on Financial Instruments during the year 2023 and made recommendations for further improvements and implementation.
• During the year the Audit Committee placed additional focus on the assessment of adequacy of provision for Expected Credit Loss (ECL) recognised in the Financial Statements based on the internal models, management overlay computed based on stress testing the exposures to risk elevated sectors, to address the ongoing implications from previous years with the continuing moratorium schemes and also the impacts resulting from the political and economic crisis of the country.
• All quarterly Unaudited Interim Financial Statements and Financial Statements for the year ended 31 December 2023, together with supporting information that included significant assumptions and judgments made in the preparation of Financial Statements.
• Internal Audit Reports, Management Letter issued by the External Auditor and the responsibility statements in relation to the Financial Statements issued by the Chief Financial Officer and Chief Executive Officer in making an overall assessment on the integrity of the Financial Reporting System.
• The operations, future prospects, and sustainability indicators of the Bank and discussed with the Management regularly to ensure that all relevant matters have been taken in to account in the preparation of the Financial Statements and that the 2023 Financial Statements are reliable and presents a true and fair view of the state of affairs of the Bank.

Review of Internal Control System

The Audit Committee assessed the effectiveness of internal controls over financial reporting as at 31 December 2023 as required to comply with Section 3 (8) (ii) (b) of the Banking Act Direction No. 11 of 2007 on Corporate Governance for Licensed Commercial Banks, issued by the Central Bank of Sri Lanka. This process assesses the adequacy and effectiveness of the internal controls and the processes for controlling business risks to ensure compliance with laws and regulations.

The Audit Committee obtained the assurance from the CEO and other key management personnel who are responsible for adequately designing and effectively implementing the Entity's risk management and internal control systems as part of this process.

Further the Committee monitored the progress on implementation of the recommendation made in the Statutory examination reports of the Central Bank of Sri Lanka (CBSL) through regular follow up reports tabled during the year 2023. The Committee ensures that appropriate action is taken by the Management on the recommendations of the Internal Auditors, External Auditors and in Statutory examinations conducted by the Central Bank of Sri Lanka (CBSL) to improve the effectiveness of the internal control system of the Bank. The Board of Directors performs its responsibilities on the basis of the internal control framework, which enables the Board to pursue its functions and take necessary measures. The Board’s statement on effectiveness of the Bank’s internal control mechanism is published on Directors’ Statement of Internal Controls.

Group Internal Audit

The Audit Committee ensures that the internal audit function is independent of the activities it audits and that it is performed with impartiality, proficiency and due professional care. The Audit Charter authorises and guides the Head of Group Internal Audit (HGIA) in carrying out independent audit functions of the Bank and its subsidiaries. The HGIA enjoys operational independence in conducting duties and has the authority to initiate, carry out, and report on any action, which is considered necessary. For the performance of duties, the HGIA and audit staff shall have unrestricted, unlimited, direct and prompt access to all records of the Bank and its subsidiaries, officials or personnel holding any contractual status of the Bank and its subsidiaries, and to all the premises of the Bank and its subsidiaries. The Committee had necessary interactions with the Head of Internal Audit throughout the year. The Audit Committee monitored and reviewed the scope, resources, extent, and effectiveness of the activities of the Bank’s Internal Audit Department.

The Group Audit function is governed by the Group Audit Charter which defines the internal audit’s purpose, authority, independence, reporting, responsibility and access in order to assist Group Audit to discharge its function independently. The Group Audit Charter and Audit Manual were revised and approved in October 2023 by the Board Audit Committee.

The Committee reviewed the progress of the risk-based audits carried out in accordance with the Internal Audit Plan approved by the Committee for the year 2023. During the year, the Internal Audit Department has reviewed business lines, critical operational processes, risk and compliance functions, branches, and subsidiary operations. Further, the Department has conducted thematic audits focusing on particular audit objectives across the audited units/branches. Process Audits were conducted on specific business processes to review the adequacy, efficiency and effectiveness of the procedures, processes, related controls and further to ensure that the intended objectives and benefits are derived from the related processes of the Bank. The Potential Fraud Monitoring Unit under Internal Audit carried out testing and data analytics related to potential fraud risk areas on a continuous basis while undertaking special reviews and investigations as required from the management and also resulting from feedback received as whistleblowing and incident reporting from time to time.

The Group Internal Audit Department carried out the internal control testing on each audit assignment during the year 2023 and a special review on Internal Control Testing was carried out at the year end on all significant processes of the Bank and as a result additional Risk and Control Matrices for 10 significant processes were identified and added to further strengthen the internal control system of the bank by respective business and process owners after the intimation of the Group Internal Audit.

In addition, the Group Internal Audit performed many certifications during the year as required by the CBSL including quarterly based certifications provided on interest reimbursements on senior citizen accounts and incentives paid on overseas worker remittances.

In 2023, the Board Audit Committee reviewed all the significant audit findings along with the management responses and rectification action plans related to the audit reports of branches and departments, Information System Audits, Thematic Audits, Process Audits, and Special Investigations of the Bank. The Committee reviewed the Internal Audit Reports of the Bank’s subsidiaries as well.

The Board Audit Committee advised Corporate Management to take precautionary measures on significant audit findings and obtained required assurances through affirmative confirmations from business units on the remedial action in respect of the identified risks to maintain the effectiveness of the internal control system.

By obtaining services from a consultant, Internal Audit conducted a special training on the importance of internal controls, risk and ownership culture among the management staff, Heads of the Departments and Branch Managers during the year considering the emerging risks and regulatory risk landscape changes.

Independence of External Audit

The Committee reviewed and monitored the External Auditors’ independence and objectivity and the effectiveness of the audit process, taking into consideration relevant professional and regulatory requirements and obtained a statement confirming the independence in accordance with the terms of all relevant professional and regulatory requirements. The Committee approved the policy in place as reviewed on non-audit services provided by the External Auditors in October 2023.

The Committee reviewed the details and related fees of all Audit and Non-Audit Services obtained from the External Auditor to ensure that the non-audit related fees do not exceed the combined fees and expenses payable for audit and audit related services of the year 2023.

The Committee ensured that the lead audit partner was rotated every five years in accordance with the Banking Act Direction No. 11 of 2007 on Corporate Governance for Licensed Commercial Banks in Sri Lanka. Accordingly, the audit partner rotation was last taken place in 2021. The Committee discussed with the Auditors their audit plan, scope and the methodology they propose to adopt in conducting the annual audit prior to its commencement. The Auditors were also provided with the opportunities to meet the Audit Committee separately, without the presence of Executive Management, to ensure that the Auditors had the independence to discuss and express their opinions on any matter. Further, additional meetings were held with the External Auditors from time to time to discuss the Bank’s interim audit findings and financial reporting improvements and changes required as a result of the regulatory and macroeconomic changes.

There was no limitation of scope and the Management has fully provided all information and explanations requested by the Auditors. The Committee also met the Auditors to review the Management Letter with the responses from the Management.

Reappointment of the External Auditor

The Committee performed an evaluation of the Bank’s External Auditor Messrs KPMG based on certain key areas and recommended to the Board of Directors that, KPMG Chartered Accountants, be re-appointed for the financial year ending 31 December 2024 subject to the approval of shareholders at the next Annual General Meeting.

Good Governance and Whistleblowing Policy

The Committee continuously emphasised on sustaining ethical conduct amongst staff members. In this regard, the existing Whistleblowing Policy of the Bank and its subsidiaries was reviewed during the year 2023 and all members of staff were educated and encouraged to practice whistleblowing if they suspect any wrong doing to further strengthen the policy as a communication channel to raise any genuine concerns. The Policy is subject to annual review in order to further improve its effectiveness.

All appropriate procedures and techniques are in place to conduct independent investigations into incidents reported through whistleblowing or identified through other channels. The Whistleblowing Policy guarantees the maintenance of strict confidentiality of the identity of the whistleblowers.

Further in alignment with DFCC Bank’s unwavering dedication to combat fraud, the internal audit department conducted knowledge sharing programmes throughout the International Fraud Awareness Week held on 12th to 18th of November 2023 to actively disseminate anti-fraud awareness among the DFCC Group employees and other stakeholders.

Training and Development of Committee Members

Members of the Committee attended presentations made by consultants and Key Management Personnel. Members also attended seminars, conferences and workshops as part of their continuous professional development.

Evaluation of the Committee

The effectiveness of the Committee is self-evaluated annually by its members. An independent evaluation of the effectiveness of the Committee was carried out by the other members of the Board and the Committee has been found to be effective.

Mr H A J de Silva Wijeyeratne
Chairman – Audit Committee

19 February 2024