# Initial Considerations by the Statutory Auditor
Before beginning bank audit fieldwork, several initial considerations must be addressed:
## 1. Declaration of Indebtedness
Before appointing SCAs, banks must obtain a declaration of indebtedness from the auditor — i.e., the auditor declares they are not indebted to the bank beyond permitted limits.
## 2. Internal Assignments in Banks by Statutory Auditors
Audit firms should NOT undertake statutory audit assignment while they are associated with internal assignments in the bank during the same year (e.g., concurrent audits). This preserves independence.
## 3. Planning - SA 300, SA 210, SA 220
The statutory auditor must plan in accordance with:
- SA 300 — Planning an Audit of Financial Statements
- SA 210 — Agreeing the Terms of Audit Engagements
- SA 220 — Quality Control for an Audit of Financial Statements
## 4. Communication with Previous Auditor
The new auditor should obtain a No Objection Certificate (NOC) from the previous auditor.
## 5. Terms of Audit Engagement (SA 210)
Formalise the engagement letter with clear terms.
## 6. Initial Engagements (SA 510)
For first-time audits, refer to SA 510 — Initial Audit Engagements (Opening Balances).
## 7. Assessment of Engagement Risk
Assess the overall risk associated with the engagement before accepting it.
## 8. Establish Engagement Team
The team should have the requisite competence and capabilities.
## 9. Understanding the Bank and its Environment - SA 315
SA 315 — Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment.
## Risk Management Process at Banks
An effective risk management system in a bank generally requires:
### 1. Oversight & Involvement of TCWG
- TCWG should approve written risk management policies.
- Policies should be consistent with the bank's business objectives and strategies.
### 2. Identification, Measurement & Monitoring of Risks
- Risks that could significantly impact achievement of bank's goals should be identified, measured and monitored.
### 3. Control Activities
- The bank must have appropriate controls to mitigate its risks.
- This includes effective segregation of duties.
### 4. Monitoring Activities
- Risk management models should be regularly assessed and updated.
### 5. Reliable Information System (IS)
- Banks require reliable IS that provides adequate financial, operational and compliance information on a timely and consistent basis.
## Professional Skepticism & Anti-Money Laundering
- The auditor must maintain professional skepticism to recognise the possibility of misstatements due to fraud.
- RBI has framed guidelines on Prevention of Money Laundering and Know Your Customer (KYC) norms.
## BASEL III Framework
Basel norms are international banking regulations issued by the:
- Basel Committee on Banking Supervision and
- Financial Stability Board.
## Reliance on / Review of Other Reports
The auditor should take into account adverse comments on advances appearing in:
1. Previous year's audit reports
2. Latest internal inspection reports of bank officials
3. RBI's latest inspection report
4. Concurrent/Internal audit report
5. Report on verification of security
6. Any other internal reports specifically related to a particular account
7. Manager's charge-handing-over report when the incumbent (branch manager) is changed.