A financial institution audit is a routine check of its services to ensure compliance with legal and industry standards. Hence, the audit procedure is a standardized process set up by banks to assess their level of compliance with relevant rules and regulations. Also known as the technique of auditing, an audit procedure is carried out by an internal or external auditor and may be conducted on a continuous or periodic basis.
Auditors use audit procedures to test key banking activities or financial statements. They collect audit evidence and determine the strengths and weaknesses of internal controls, risk management, and other compliance management systems in place.
The audit evidence gathered from a bank’s audit procedure enables auditors to create reports that include their professional opinion and recommendations on the best way forward.
Audit evidence is often obtained through observation and communication with a bank’s management and other key staff, who can provide relevant information about controls. To facilitate an effective judgment process for auditing, The Public Company Accounting Oversight Board (PCAOB) says:
“Sufficient, competent evidential matter is to be obtained through inspection, observation, inquiries, and confirmations to afford a reasonable basis for an opinion regarding the financial statements under audit.”
6 Common Types of Testing Methods Used During Audit Procedures
The following are the most common types of methods of auditing, their benefits, and examples of when they are used during audit procedures for financial institutions. These methods are not mutually exclusive, and auditors often combine two or more of them when it’s suitable. For example, the inquiry method can be used during the examination phase of audit evidence and vice versa. It is also important to note that bank audit requirements determine the appropriate testing methods to be used.
Inquiry is regarded as one of the most basic and even weakest testing methods. It usually involves conducting interviews with accountants, managers, the board of directors, and other staff about their job responsibilities. The interviews are done to determine if they follow best practices.
Relying on inquiries as the only way to gather audit evidence is often discouraged because there is room for inaccuracy or inconsistency in the response given by interviewees. However, it can be very useful for quick understanding of bank audit requirements at the very beginning of an audit program.
Observation is one of the most cost-effective methods of auditing. It can be used to assess compliance with various financial regulations and policies, including those relating to safety, health, environmental protection, and ethical business practice.
In this method, an auditor observes the activities of the employees and their performance. It is a non-intrusive method where there is necessarily no direct contact with the employees doing the job. Instead, the auditor observes from a distance and notes any irregularities in how they perform their duties.
The observation method is particularly necessary when performing audits on activities that are not easily quantifiable and where it is difficult to measure the results using other methods. For example, an auditor may use this method to observe transactions at a bank teller window. The auditor may also observe employees performing specific tasks, such as entering data into a computer system or completing documentation for a customer complaint.
3. Examination or Inspection
The examination or inspection of audit evidence is crucial because it gives assurance that the financial statements are prepared by following Generally Accepted Accounting Principles (GAAP) and other applicable standards, policies, and procedures of a financial institution.
Examining audit evidence can be as simple as comparing signatures on checks to those on other documents, such as deposit slips or withdrawal slips. It could also be a complex tax, such as using an automated testing tool to test software programs that were developed by outside vendors. This automated process is considered a separate audit testing method for some financial institutions. It is widely known as the Computer-Assisted Audit Technique (CAAT).
4. Computer-Assisted Audit Technique (CAAT)
CAAT allows for auditing large, complicated computerized systems. Here, an auditor uses computers to record, maintain, and analyze information. The auditor’s observations are logged on the computer as they perform each test procedure. The auditor can then review any part of the audit or return to an earlier step in the procedure to perform additional tests since all details are already logged into the system.
There is audit software that allows different parameters to be selected. For example, an auditor may select one department within an organization for examination or choose particular data items in a program to check for errors. This feature helps prevent errors that might occur if test parameters were changed without recording the changes made.
CAAT is beneficial due to its speed and precision. In many cases, it can be completed within days or weeks, as opposed to months for other methods. Furthermore, it tends to be more accurate than other methods because human error is eliminated from the equation. Overall, CAAT provides auditors with a cost-effective way to check for errors in financial records.
It is impossible to completely eliminate the risk of certain types of errors, such as the omission of a step in a process or lack of documentation. Besides, there could be inconsistencies in audit evidence collected from different sources. Therefore, auditors must conduct re-performance to ensure that they have tested all business processes and determine whether each step has been performed and documented appropriately.
Auditors can also use computer systems to re-perform transactions. This is done when a client’s procedures lack sufficient detail or documentation. Some of these actions include choosing a command that is not in the standard method. The auditor will then take notes as they perform the transaction and ensure all criteria are being met.
6. Analytical review procedures
Analytical review procedures are used to evaluate the accuracy and completeness of accounts. The procedures are used to identify and assess the risks of material misstatement, with an emphasis on accounts that have a high probability of containing errors.
Analytical review procedures can be applied at least monthly or quarterly, depending on the frequency with which transactions occur. They can also be used as part of an ongoing audit plan to verify specific areas within the financial records.
RADD LLC offers a full suite of auditing services and access to unbiased third-party attestation reporting to meet all your auditing needs. Please contact us if you have questions about your bank’s audit procedure or need consulting services for SOX and FDICIA compliance, as well as consumer mortgage and commercial lending.