## Conducting a Bank Audit — 18 Key Considerations

Bank audit involves a structured set of steps. These are grouped under Initial Considerations and Risk Assessment & Response.

---

### Phase 1: Initial Considerations (Steps a–i)

#	Step	Key Point
a	Declaration of Indebtedness	Auditor declares any indebtedness to the bank to identify independence issues
b	Communication with Previous Auditor	Mandatory before accepting engagement (SA 210 / professional ethics)
c	Assessment of Engagement Risk	Evaluate risk before accepting the engagement
d	Internal Assignments	Statutory auditors should not simultaneously hold internal audit assignments of the same bank
e	Terms of Audit Engagement	Agree and document scope, objectives, responsibilities (Engagement Letter)
f	Establishment of Engagement Team	Assign team with requisite banking expertise
g	Planning	Overall audit strategy and detailed plan
h	Initial Engagement	Specific procedures for first-year audits (opening balances)
i	Understanding the Bank and its Environment	Industry knowledge, regulatory environment, business model

---

### Phase 2: Risk Assessment & Response (Steps 1–18)

1. Identify and assess risks of material misstatement

2. Understand the bank and its environment including Internal Controls

3. Understand the bank's accounting process

4. Understand the risk management process — includes:

Involvement of TCWG (Those Charged with Governance) in controls
Identification, measurement and monitoring of risks
Control activities
Monitoring activities
Reliable Information Systems

5. Engagement team discussions

6. Establish overall audit strategy (SA 300)

7. Develop the audit plan

8. Audit Planning Memorandum

9. Determine audit materiality

10. Consider Going Concern

11. Assess risk of fraud including money laundering

12. Assess specific risks (e.g., credit risk, market risk, operational risk)

13. Risks associated with outsourcing (e.g., IT outsourcing)

14. Response to assessed risks (design substantive procedures)

15. Stress testing (evaluate bank's resilience under adverse scenarios)

16. BASEL III Framework (capital adequacy, liquidity ratios)

17. Reliance on / review of other reports (e.g., concurrent audit reports, internal audit reports)

> Steps are frequently tested in exams — remember both Phase 1 (a–i) and Phase 2 (1–17) components.

Worked example

### Example 1

Scenario: An auditor is appointed as statutory auditor of a bank. The same firm is also conducting the internal audit of the same bank. Is this permissible? No — Step (d) prohibits statutory auditors from holding internal assignments of the same bank simultaneously.

### Example 2

Scenario: The bank has outsourced its core banking system to a third-party IT vendor. What audit consideration applies? Step 13 — 'Risks associated with outsourcing of activities.' The auditor must assess whether outsourcing creates additional audit risk and whether controls at the service organisation are adequate.

### Example 3

Exam Q: What is the purpose of an 'Audit Planning Memorandum' (Step 8)? It documents the entire audit plan, risk assessment results, materiality levels, and allocation of work among team members — it is the formal record of audit planning.

⚠️ Common exam mistakes

Listing only the Phase 2 steps and missing Phase 1 initial considerations (a–i) — exams test both.
Treating BASEL III as only a banking regulation topic and not connecting it to audit risk — the auditor must verify the bank's compliance with BASEL III capital adequacy norms.
Forgetting that 'stress testing' is an audit consideration — the auditor reviews management's stress testing results as evidence of going concern assessment.
Confusing 'engagement risk assessment' (Step c — whether to accept the engagement) with 'risk of material misstatement' (Step 1 — audit risk during fieldwork).
Overlooking money laundering as a component of fraud risk (Step 11) — PMLA obligations are directly relevant.

Reference:

Now that you've read this — what's next?

Move from understanding → mastery in 3 clicks. Each option below picks up from this lesson's topic.

🔥 Drill 5 Qs on this → ✍️ Adaptive practice →