Launch offer — 25% off with code LAUNCH-25 See plans →
Try now → N
📚 Learn/ Paper 5 — Auditing & Ethics/ Core Audit Concepts
Microlesson · 5-min read

Regulatory Framework for Bank Audit

## Regulatory Framework Governing Banks

Bank auditors must understand the multi-layered legal framework that governs banking operations:

LegislationKey Relevance
Banking Regulation Act, 1949Primary legislation governing banking companies; powers of RBI
State Bank of India Act, 1955Governs SBI specifically
Companies Act, 2013Applies where banks are incorporated as companies (audit, accounts, internal controls)
Banking Companies (Acquisition & Transfer of Undertakings) Act, 1970/1980Governs nationalised banks
Information Technology Act, 2000Governs electronic banking, cyber security
Prevention of Money Laundering Act (PMLA), 2002AML obligations; KYC norms
SARFAESI Act, 2002Securitisation and enforcement of security interest; NPA recovery
Credit Information Companies Regulation Act, 2005Credit bureau reporting
Payments and Settlements System Act, 2007Payment infrastructure regulation

> Audit implication: The auditor must verify compliance with all applicable statutes. Non-compliance is a reportable matter.

Worked example

### Example 1

Scenario: A bank has not reported NPA accounts to a credit bureau as required. The relevant legislation is the Credit Information Companies Regulation Act, 2005, and this is a compliance finding in the audit report.

### Example 2

Scenario: A nationalised bank's auditor checks eligibility for appointment — the Banking Companies (Acquisition and Transfer of Undertakings) Act governs the bank, but Section 141 of the Companies Act, 2013 criteria still apply for auditor eligibility.

⚠️ Common exam mistakes

  • Assuming Companies Act, 2013 does not apply to nationalised banks — provisions like S.143(3)(i) on internal financial controls apply to banks registered as companies.
  • Overlooking PMLA obligations when assessing fraud risk — AML is a key specific risk in bank audits.
  • Conflating SARFAESI Act (recovery/enforcement) with the Banking Regulation Act (general regulation).
Bare-Act text Section 143(3)(i) · Companies Act, 2013 · click to expand
The auditor of a company shall make a report to the members of the company on the accounts examined by him and on every financial statement which are required by or under this Act to be laid before the company in general meeting and the report shall after taking into account the provisions of this Act, the accounting and auditing standards and matters which are required to be included in the audit report under the provisions of this Act or any rules made thereunder or under any order made under sub-section (11) and to the best of his information and knowledge, the said accounts, financial statements give a true and fair view of the state of the company's affairs as at the end of its financial year...
← Previous
Regulatory Disclosures – Loans
Next →
Related Parties – SA 550: Spec
Now that you've read this — what's next?
Move from understanding → mastery in 3 clicks. Each option below picks up from this lesson's topic.
🔥 Drill 5 Qs on this → ✍️ Adaptive practice →
Start 15-min diagnostic