Internal control is the process designed and effected by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of the DFCC Bank PLC’s (Bank) objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations and compliance with applicable laws and regulations.
Internal control consists of the following components:
The subset of this wider internal control system is the internal controls designed and implemented to provide reasonable assurance regarding the reliability of the financial reporting, and that the preparation of financial statements for external purposes has been done in accordance with relevant accounting principles and regulatory requirements.
The Board of Directors acknowledge their responsibility for the adequacy and effectiveness of the Bank’s system of internal controls which is designed to provide assurance on the maintenance of proper accounting records and the reliability of financial information generated, and safeguarding of the assets of the Bank. However, such systems are designed to manage the Bank’s key exposures to risk within acceptable risk parameters, rather than to eliminate the risk of failure to achieve the business goals and objectives of the Bank. Therefore, the system of internal controls can only provide reasonable and not absolute assurance against errors or material misstatement of management and financial information and records or against financial losses or fraud.
The Board has set up an ongoing process for identifying, monitoring and managing the material risks faced by the Bank. This includes establishment of a dedicated Risk Management Department that provides regular reports on various risks, subject to an oversight by the Internal Audit Department through Internal Audit Reports that enables the Audit Committee to review the adequacy and effectiveness of the system of internal controls continuously to match the changes in the business environment or regulatory guidelines. In making this assessment, all key processes relating to material or significant transactions capture and recording in the books of accounts are identified and covered on an ongoing basis that is compatible with the guidance for Directors of Banks on the Directors’ Statement of Internal Control issued by The Institute of Chartered Accountants of Sri Lanka.
The key processes that have been established in reviewing the adequacy and integrity of the system of internal controls include the following:
Although this process is carried out every year on a continuing basis, the Direction on Corporate Governance issued by the Central Bank of Sri Lanka requires the Board of Directors to provide a separate report on the Bank’s internal control mechanism that confirms that the financial reporting system has been designed to provide reasonable assurance regarding the reliability of financial reporting and that the preparation of financial statements for external purposes has been done in accordance with relevant accounting principles and regulatory requirements, supplemented with independent certification by the Auditor. The Auditors provide the Independent Assurance Report in accordance with Sri Lanka Standard on Assurance Engagements (SLSAE) - 3050 issued by The Institute of Chartered Accountants of Sri Lanka.
In order to facilitate the tasks of the Auditors to issue the Independent Assurance Report, the SLSAE - 3050 requires documentation of all procedures and controls that are related to significant accounts and disclosures of the financial statements of the Bank with audit evidence of checks performed by the Bank on an ongoing basis.
The risk-based Internal Audit Plan implemented by the Internal Audit Department in consultation with the Board Committee on Audit, specifically included on a sample basis, independent verification that the internal control process documented by the Bank and supported with audit evidence was in fact carried out on an ongoing basis.
Consequent to full convergence of Sri Lanka Accounting Standards with International Financial Reporting Standards and International Accounting Standards that became effective from the financial year to 31 March 2013, the Bank implemented a process to make required adjustments to the financial statements prepared under the previous accounting standards. The process for making necessary adjustments continue to be made based on excel software application. The process followed by the Bank for quantification of adjustments is continually reviewed and improvements were made during the current year. The testing of such process by the internal audit was carried out during the year. These processes will be further improved on an ongoing basis.
The comments made by the External Auditors in connection with internal control system in the financial year to 31 March 2014 were reviewed during the year and appropriate steps have been taken to rectify them. The recommendations made by the External Auditor, KPMG in the financial year to 31 March 2015 in connection with the internal control system will be addressed in future.
The Directors are of the opinion that these recommendations are intended to further improve the internal control system and they do not any way detract from the conclusion that the financial reporting system is reliable to provide reasonable assurance that the financial statements for external use are true and fair and complies with Sri Lanka Accounting Standards and the regulatory requirements of the Central Bank of Sri Lanka.
This assessment of internal control process is confined only to the Bank and did not include its subsidiaries. However, the Board of Directors of the 99.17% owned commercial banking Subsidiary, DFCC Vardhana Bank PLC (DVB) issued an affirmative assurance in their statement of internal control, on the adequacy and the effectiveness of the internal control system which was included in the DVB’s Annual Report for the year ended 31 December 2014. The said statement by the Directors was independently reviewed by KPMG, who are also the Auditors of the Bank.
Based on the above processes, the Board confirms that the financial reporting system of the Bank has been designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes is in accordance with Sri Lanka Accounting Standards and regulatory requirements of the Central Bank of Sri Lanka.
The External Auditors have reviewed the above Directors’ Statement of Internal Control for the year ended 31 March 2015 and their Independent Assurance Report is here.
By Order of the Board,
P M B Fernando
Chairman – Audit Committee
C R Jansz
Chairman – Board of Directors
A R Fernando
Chief Executive/Director
15 May 2015