Expert verified Statutory Audit in banking sector is a mandatory requirement that is a must to ensure accountability and transparency.
Learn with us all about statutory bank audits and branch audits, their importance, scope, guidelines and process.
What is a Statutory Audit in the Banking Sector?
A statutory audit in banking is a legal requirement where an independent auditor examines the bank’s financial records to ensure accuracy, transparency, and compliance with applicable laws.
This audit is mandatory under the following laws:
- The Banking Regulation Act, 1949
- The Companies Act, 2013
- Guidelines issued by the Reserve Bank of India (RBI).
Types of Statutory Bank Audits
- Statutory Branch Audits: Conducted at selected bank branches, especially large or high-risk ones.
- Central Statutory Audits: Performed at the head office to audit the bank’s complete financials.
For large banks (with assets ≥ ₹15,000 crore), joint audits are mandatory—meaning two or more independent firms conduct the audit to enhance scrutiny.
Importance of Statutory Audit for Banks
A statutory audit is a must for maintaining the integrity and trust of the banking system. Here’s why it matters:
1. Protects Public Funds: Banks manage vast sums of money from depositors and investors. A statutory audit ensures that these funds are properly accounted for and not misused.
2. Detects and Prevents Fraud: Auditors help uncover:
- Falsified accounts or transactions
- Under-reported losses
- Overstated profits
- Irregular lending or loan scams
3. Ensures Accurate Financial Reporting: Audits confirm that banks present a true and fair view of their financial position, important for stakeholders, investors, and regulators.
4. Supports Regulatory Compliance: Non-compliance can lead to penalties or operational restrictions from regulators. Auditors verify adherence to:
- RBI circulars and capital adequacy norms
- Loan classification rules
- Tax laws and accounting standards
5. Builds Public and Investor Confidence: A clean audit opinion from an independent professional boosts trust among customers, investors, and the financial community.
6. Improves Internal Controls: Auditors assess the strength of internal systems and recommend improvements, helping banks manage risks more effectively.
7. Contributes to Economic Stability: A strong and transparent banking system supports economic growth. Reliable audits ensure that banks remain financially sound and well-governed, safeguarding the economy.
Who Conducts the Statutory Audit in Indian Banks?
In India, statutory audits of banks are conducted by independent Chartered Accountants (CAs) or firms of Chartered Accountants.
However, these are not randomly chosen auditors, the entire process is regulated and overseen by the Reserve Bank of India (RBI) to ensure independence, expertise, and integrity.
Eligibility Criteria for Auditors:
Only the following CA or CA firms can be appointed to conduct statutory audits of banks, who:
- Are registered with the ICAI,
- Hold a valid Certificate of Practice, and
- Are empaneled and approved by the RBI
The RBI prepares and updates a panel of eligible audit firms annually, based on strict criteria such as:
- Experience in auditing banks or financial institutions,
- Number of full-time partners and qualified staff,
- No adverse disciplinary history.
- just to bank management.
Legal Framework for Statutory Audit in Indian Banking Sector
| Aspect | Summary |
| Main Laws | Banking Regulation Act 1949, Companies Act 2013, RBI Guidelines |
| Auditor Eligibility | Qualified Chartered Accountant firms, RBI/ICAI approved |
| Appointment Process | By banks with RBI approval; joint audits for large banks |
| Tenure | Up to 3 years; cooling-off period required |
| Coverage | Inclusive of all key branches and risk areas |
| Oversight | RBI, ICAI, Bank Board/Audit Committee |
Legal Framework for Statutory Audit in Indian Banking Sector
Statutory audits in banks are mandatory and governed by several legal and regulatory bodies including:
1. Banking Regulation Act, 1949
Under Section 30, all banks must prepare audited financial statements annually.
Audits must be conducted by qualified CAs, with reports submitted to the RBI.
The RBI also controls auditor appointments, audit formats, and can mandate additional audits.
2. Companies Act, 2013
As most banks are registered companies, they must comply with this Act.
Key requirements include auditor appointment at the AGM, audit firm rotation, and audits of all branches (domestic and foreign) under Section 143(8).
3. RBI Guidelines
The RBI regulates the audit process through detailed guidelines. Highlights include:
- Eligibility and tenure rules for auditors
- Joint audit mandates for banks with assets over ₹15,000 crore
- Cooling-off periods
- Focused branch audit coverage based on risk and value
4. ICAI Standards
The Institute of Chartered Accountants of India provides the technical backbone through:
- Standards on Auditing (e.g., SA 700, 705, 706)
- Guidance Notes for bank audits
- Templates for audit standardization
5. Other Applicable Laws
Auditors must also consider compliance with laws like:
- Income Tax Act
- PMLA (for KYC and suspicious activity reporting)
- FEMA (foreign transactions)
Scope of Statutory Audit in Banks in India
The scope of statutory bank audits is guided by the Banking Regulation Act, Companies Act, RBI directives, and ICAI standards.
Here’s what it covers:
Audit of Financial Statements
This is the core focus of the statutory audit. Auditors examine:
- Balance Sheet
- Profit & Loss Account
- Cash Flow Statements
- Schedules, disclosures, and notes to accounts
They assess:
- Accuracy and completeness of financial records
- Compliance with Indian Accounting Standards (Ind AS)
- Disclosure of significant accounting policies
- Presentation in line with RBI and ICAI norms
The below explains Important Aspects that will be covered in the Financial Statements,
1. Verification of Advances and Asset Quality
Since loans and advances are key banking assets, this area receives detailed scrutiny:
- Loan documentation and approval process
- Sanction terms, disbursement procedures, and end-use checks
- Collateral verification and valuation
- Classification of NPAs (Non-Performing Assets) per RBI norms
- Provisioning adequacy for bad loans
- Restructured or stressed loans and their treatment
Auditors must also check for any divergences between bank-reported NPAs and RBI inspection reports.
2. Review of Deposits and Liabilities
Auditors examine:
- Accuracy and classification of savings, current, and term deposits
- Interest computation and adherence to contractual terms
- Compliance with KYC norms and AML (Anti-Money Laundering) procedures
- Treatment of unclaimed deposits and dormant accounts
3. Audit of Income, Expenditure & Revenue Recognition
- Interest income on loans and investments
- Fee-based income from services (e.g., ATM charges, forex, remittances)
- Expenses related to staff, administration, IT systems, and overheads
- Proper application of revenue recognition principles
Auditors confirm that income is not overstated and expenses are genuinely incurred.
Other Aspects Covered in Bank Audits
Some of the other aspects covered in the Bank Audits are as follows :
1. Internal Control Systems and Risk Management
This includes a review of:
- Internal checks and authorizations (segregation of duties, access rights)
- MIS (Management Information Systems) and reporting accuracy
- IT system controls, including CBS (Core Banking System) validations
- Cash verification and inventory control at branches
- Detection and reporting of frauds or unusual transactions
Weak controls in these areas could indicate operational risks or potential fraud.
2. Branch Audit and Coverage Requirements
RBI mandates branch-level audits, especially in banks with large networks.
- Top branches covering at least 15% of total gross advances must be audited
- Many banks voluntarily aim for 90%+ coverage of advances for better risk oversight
- A representative mix of rural, urban, and semi-urban branches must be included
- Service branches, centralized processing units, and data hubs are also audited
3. Regulatory and Legal Compliance
Auditors verify compliance with:
- RBI guidelines and circulars (e.g., capital adequacy, PSL, asset classification)
- Statutory requirements like CRR, SLR, and reporting norms
- Companies Act, 2013 – especially Section 143 for auditor responsibilities
- Income Tax Act, GST, FEMA, and PMLA provisions
- Basel III norms, particularly Capital to Risk-weighted Assets Ratio (CRAR)
Special compliance areas include:
- Reporting of frauds above ₹1 crore within 21 days
- Adherence to priority sector lending (PSL) targets
- Foreign exchange operations and FEMA compliance (for forex banks)
4. Reporting and Documentation Requirements
Statutory auditors are responsible for preparing:
- Independent Audit Report with audit opinion
- Long Form Audit Report (LFAR): A detailed, RBI-prescribed report on operations, internal controls, compliance, and governance
- Reporting on matters under Section 143 of the Companies Act, except for those exempted.
Auditors must report irregularities, suspected frauds, and material misstatements directly to both the bank’s Board and RBI.
How Can PKC Help With Statutory Bank Audits?
✅Experienced professionals dedicated to banking compliance
✅100% RBI compliance accuracy with automated alerts
✅Advanced risk-based audit methodology for banks
✅Concurrent audit expertise for daily banking operations
✅FEMA/Foreign exchange compliance specialization for banks
✅Asset quality review with NPA classification expertise
✅Digital audit tools for enhanced efficiency reporting
✅Dedicated banking team with regulatory update knowledge
✅Business advisory integration beyond traditional audit scope
Process of Conducting Statutory Audit in Banks
A statutory audit process in Indian banks is a rigorous and regulated exercise. Here’s its step-by-step breakdown:
1. Pre-Audit Planning and Preparation
Auditors begin by understanding:
- Bank’s operations, size, and business segments
- Internal control systems, prior year audit reports, and significant regulatory observations
- Risk-prone areas, such as large loan accounts, foreign exchange transactions, or branches with high advances
They also:
- Prepare an audit plan and program
- Share an information request list/checklist with the bank
- Coordinate with branch managers and compliance officers
2. Collection of Documents and Preliminary Review
The bank provides key documents such as:
- Trial balance and general ledger
- Balance sheet and profit & loss statement
- Schedules for:
- Advances and NPAs
- Deposits and liabilities
- Interest income and provisioning
- Compliance reports, tax returns (TDS, GST), KYC records, and fraud statements
- Access to Core Banking System (CBS) and system-generated reports
3. On-Site Audit (Fieldwork at Branch Level)
Auditors visit selected branches to:
- Conduct cash verification as of March 31
- Inspect loan files:
- Sanction letters, disbursement records, security documents
- CIBIL scores, valuation reports, and post-disbursement monitoring
- Verify deposit balances and interest payouts
- Confirm locker operations, investment records, and asset classification
- Check KYC/AML compliance and suspicious transactions
Branches above a certain threshold are covered under Statutory Branch Audit.
4. Substantive Testing and Compliance Review
Auditors perform detailed testing of:
- Loan classification (Standard, Sub-Standard, Doubtful, Loss)
- Provisioning norms as per RBI guidelines
- Revenue recognition, including interest on NPAs and fee-based income
- Regulatory compliance with CRR/SLR, priority sector lending, and tax laws
- Internal control systems at both branch and centralized processing levels
Sampling or risk-based audit techniques are used to examine large data volumes.
5. Discussions and Clarifications
Before finalizing reports, auditors:
- Discuss findings with branch managers, finance teams, and internal auditors
- Seek clarifications or additional documents where discrepancies are observed
- Assess whether any issues rise to the level of material misstatement, regulatory breach, or potential fraud
6. Preparation and Submission of Audit Reports
Statutory auditors prepare and submit the following:
- Main Audit Report: Includes the auditor’s opinion on whether the financial statements present a true and fair view
- Long Form Audit Report (LFAR): A detailed RBI-prescribed format covering:
- Asset quality
- Loan documentation
- Internal controls
- Revenue recognition
- Fraud risk and compliance gaps
- Tax Audit Report (where applicable)
- Certificates or regulatory reports required under specific RBI circulars
Reports are submitted to:
- Bank management and audit committee
- RBI, as per the regulatory deadline
7. Post-Audit Follow-Up and Remediation
After submission:
- The bank’s Board or Audit Committee reviews audit findings
- Action is initiated on issues flagged, such as correcting misclassifications, strengthening internal controls, etc.
- RBI may conduct follow-up inspections or direct interventions based on audit outcomes
FAQs About Statutory Audit in Banking Sector
1. How often are statutory audits conducted in Indian banks?
Statutory audits are conducted once a year, typically at the end of the financial year or in the beginning of the next financial year. RBI sets deadlines for audit completion and report submission.
2. What documents are required for a bank statutory audit?
Auditors typically need balance sheets, P&L accounts, loan registers, deposit details, provisioning reports, and CBS data access. KYC documents and RBI circulars may also be reviewed.
3. What is the Long Form Audit Report (LFAR) in bank audits?
LFAR is a detailed audit report format prescribed by RBI covering operational and compliance checks. It highlights any irregularities, control weaknesses, or non-compliance issues.
4. Can a bank be penalized for issues found during a statutory audit?
Yes, serious audit findings can lead to penalties, increased RBI scrutiny, or even removal of management in extreme cases. Audit reports carry legal and regulatory weight.
