For the revised LFAR to work, all stakeholders — including the RBI’s nominees on bank boards — must play their part effectively.
The revised Long Format Audit Report (LFAR) that the RBI has asked banks to implement from 2020-21 is welcome and long overdue. The current version of the LFAR — that bank auditors have to submit to the bank management and the RBI — was devised way back in 2002. Those were relatively innocent times, with banking transactions and record keeping done manually to a large extent, and risk management not as big a focus area as it is now. Over the past nearly two decades, banking has undergone a sea-change with digital banking, core banking systems and risk management at the fore now. It is just as well that audit report formats keep up with the times, address the requirements of technology-driven new-age banking systems and do away with some questions that are no longer relevant. The revised LFAR has sought to do that. The revision also seems to have been accelerated by the seemingly unending crises in the banking system over the past few years — from the mountain of non-performing assets, partly a result of weak credit assessment, to the many frauds in the banking sector such as those at PNB, YES Bank and PMC Bank.
Among the positive changes in the revised LFAR are an increased focus on a spectrum of risk management at banks, specific queries on credit assessment, information systems, data integrity, internal financial control, and compliance with regulations. For instance, the check on whether a bank branch is following the system of classifying borrower accounts into standard (including SMA-0, SMA-1, and SMA-2) or sub-standard or doubtful or loss assets, is welcome. So also is the requirement for auditors to comment on adverse features considered significant in the top 50 standard large advances and which need the management’s attention. Queries on capital adequacy, resolution of stressed accounts, initiation of IBC process, KYC, anti-money laundering, countering of financing of terrorism and cybersecurity are welcome. Also, there is more coverage of potential fraud areas. Besides, a specific time-window of 60 days to submit the LFAR to the RBI should help reduce the element of ritualism associated with the report and pave the way for more seriousness about it. Hopefully, all this along with a focus on red-flagged accounts and early warning signals should translate into robust LFARs by both statutory central auditors and branch auditors, and help identify frauds and NPAs in a timely manner.
On the flipside, the revised LFAR could mean longer processes and increased responsibilities for auditors. There could be limitations on conducting ‘going concern’ assessments, especially in these Covid-troubled times. Besides, the ongoing problem of limited time to branch auditors could continue to pose challenges to the effectiveness of the LFAR. There could perhaps have been more focussed questions on areas such as new-age banking security. All said, the revised LFAR seems to be more than old wine in new bottle. But for it to work, all stakeholders — including the RBI’s nominees on bank boards — must play their part effectively.