Customer/User Suitability and Appropriateness Policy
The auditor should obtain approved ‘Customer/User Suitability and Appropriateness Policy’ and verify that such policy is in line with the Comprehensive Guidelines on derivatives and is approved by the Board.
Auditor should also verify the process followed by the bank for classification of customer into different grades/classification.
Credit limits
For the selected samples, the auditor should check whether appropriate credit limits are in place for foreign exchange and derivative transactions. Additionally, the auditor should:
Check whether the name of the counterparty is in the approved counterparty list for the purpose of treasury transactions.
Check whether the credit limits are set for different customers and they are adhered to in a consistent manner and for any limit breaches, appropriate sanctions / ratifications are in place.
Check whether the counterparty exposure limit reports for all brokers, lenders, etc., are generated and monitored on a regular basis.
Check dealer limits- Maximum amount a dealer can transact without seeking higher-level approval and sanctions/ratifications for any breaches.
Check product limits- Maximum exposure the entity should have in a particular instrument or product.
Check sector limits – Maximum investment in a particular sector (for example, exposures to companies incorporated with limited liability in India).
For the selected samples, confirm and review signed and authorized ISDA agreement, signed and authorized collateral agreement, credit risk assessment of the customer and confirm, whether credit positions are within established limits for each customer.
Check whether the above limits are entered into the software system being used by the Branch for conducting the said transactions.
Deal Initiation and Recording
For the selected samples, the auditor should check whether deals carried out by the front office are appropriately recorded in the deal slips and whether the same is correctly entered in the front office deal recording system.
For the selected samples check whether the deal ticket is complete and accurate with respect to all transaction details like counterparty name, contract rate, notional amount, transaction date / maturity date, value date / settlement agent and buy / sell date.
Check whether deal tickets are generated automatically by front office systems, or trader should use sequentially numbered deal tickets.
Check whether the dealers use dedicated calling lines and all the telephone lines are linked to a voice recording machine.
Verify the recordings for few of the selected samples to ascertain that the recording machine is working in order.
Deal Authorisation
Following audit procedures may be followed by an auditor while checking the procedures for deal authoritisation.
Check whether proper authorization levels are set for treasury operations and observe and verify whether the prescribed procedure is followed.
For the selected samples, check whether deals entered in front office system are authorised by the back office team after verifying the deal details with external evidences like Reuters’ conversation, telephonic conversation with customers’ back office, etc.
Examine the selected deals from the front office and establish that they are confirmed by the back office operations.
Check that all sampled deals are authorised at the proper levels of authority against the deal slip.
Check whether alterations and cancellations on deal slips are duly authorised.
Segregation of Duties
For this, the audit procedure may include:
Checking and ascertaining that segregation of duties is in place. Under no circumstances staff involved in initiating deals should be involved in checking or receiving deal related documents.
Verifying that there is clear segregation, functionally and physically, between the front office, back office and middle office in respect of derivative transactions.
Checking that there is segregation between functions of authorisation, execution and recording of transactions.
In cases where management override has taken place, ascertain that satisfactory reasons for doing so were recorded and produced for audit verification.
Checking whether treasury personnel have availed minimum leave during the financial year.
Counterparty confirmations
For this, the auditor would inter alia:
Understand the process of sending and tracking the confirmations including follow – up procedures
Understand the process of MIS reporting to the senior management in respect of the non-receipt of counterparty confirmations.
Verify that confirmations from Bank to counterparty are sent within a reasonable time and there exists a mechanism for follow-ups for pending counterparty confirmations.
Determine the status of any missing / pending confirmations (currently in the Confirmation Tracking List) and assess whether there are any provisioning concerns on the trades
Check whether the format of the counterparty confirmation is as approved by the Local Legal Counsel of the Bank from time to time.
Verify controls implemented by banks to ensure completeness of all deal confirmations.
Inquire of any exception report or other mechanism of tracking missing confirmations.