99 Point Audit Checklist - Under RBI Act, 1934

on

99 Point Audit Checklist - Under RBI Act, 1934


The RBI Act, 1934 Audit Checklist contained - 

🔹 1. Governance & Structure (10 Points)

  • Requirements related to authorized capital, constitution of the Central Board, appointment of Governor/Deputy Governors, and conduct of board meetings.

  • Ensures proper legal framework and structural alignment under Sections 4, 8, and 13.

Key Risk: Misgovernance or invalid board decisions
Mitigation: Legal vetting, appointment protocols, board calendars

🔹 2. Monetary Policy & Note Issuance (12 Points)

  • Includes CRR maintenance, issue of bank notes, management of currency chests, and note denomination rules.

  • Sections 17, 22–25, 33 govern this domain.

Key Risk: Monetary instability or legal breaches in note issue
Mitigation: Automated CRR tracking, segregation of departments, compliance audits

🔹 3. Financial Reporting & Surplus (6 Points)

  • Weekly statements, reserve fund maintenance, and surplus transfer to GoI.

  • Section 46, 47, and 53 compliance.

Key Risk: Misreporting or fiscal irregularities
Mitigation: Regular reconciliations and audits

🔹 4. NBFC Regulation (20 Points)

  • Registration, capital adequacy, KYC/AML, risk classification, fraud reporting, digital lending, outsourcing.

  • Sections 45-IA, 45S, RBI Master Directions & Circulars.

Key Risk: Cancellation of license, reputational risk
Mitigation: Licensing tracker, internal control systems, partner due diligence

🔹 5. KYC/AML & Consumer Protection (10 Points)

  • Compliance with PMLA, name screening, grievance redressal, non-coercive recovery, and privacy.

Key Risk: Criminal prosecution, consumer lawsuits
Mitigation: Real-time KYC, audit trails, TAT-based grievance SOP

🔹 6. Digital Compliance & Cybersecurity (10 Points)

  • Compliance of digital lending apps, consent-based data use, co-lending & FLDG norms, cybersecurity protocols.

Key Risk: App suspension, data theft
Mitigation: App compliance audits, ISO 27001 framework, encryption policies

🔹 7. Risk Management & Basel Norms (12 Points)

  • ALM, ICAAP, CAR, stress testing, exposure norms, and off-balance-sheet monitoring.

Key Risk: Capital erosion or liquidity crisis
Mitigation: Scenario testing, daily dashboards, board risk reviews

🔹 8. Returns & Regulatory Filings (10 Points)

  • NBS-1, NBS-2, ALM returns, fraud reporting, wilful defaulters, RBI inspection compliance.

Key Risk: Penalties or blacklisting
Mitigation: Filing calendar, automated submission systems

🔹 9. Forex & Overseas Transactions (6 Points)

  • ECB, ODI, FEMA reporting, Nostro reconciliation, foreign remittance reporting.

Key Risk: FEMA breach or FX misstatements
Mitigation: FX tracker, dual validation of Form A2 & FIRC

🔹 10. Audit, Disclosure & Policy Update (4 Points)

  • Internal audits, suspense accounts, unclaimed deposits, policy alignment with new RBI directions.

Key Risk: Regulatory censure, fraud
Mitigation: Quarterly reviews, real-time tracking, document management systems

📊 Checklist Summary Table

CategoryNo. of CheckpointsKey Provisions Covered
Governance & Structure10Sec 4, 8, 13
Monetary & Note Issue12Sec 17, 22–25, 33
Financial Reporting6Sec 46, 47, 53
NBFC Regulations20Sec 45-IA, 45S, RBI Master Circulars
KYC/AML & Consumer10PMLA, RBI KYC
Digital & Cyber10RBI Digital Lending & Cybersecurity
Risk & Basel12RBI Basel III, ALM
Regulatory Filings10NBS, Fraud, Inspection
Forex & FEMA6FEMA, ECB, ODI
Audit & Disclosure4Suspense, Unclaimed Deposits


Download - RBI Regulatory Compliance Audit Checklist 

RBI Act, 1934 Audit Checklist
Sr. No.RequirementCategoryProvisionConsequencesMitigation MeasuresStatus
1Maintain authorized capital ₹5 croreGovernance & StructureSec 4Legal breachAnnual capital review by finance✅/❌
2RBI Central Board formed properlyGovernance & StructureSec 8Governance lapsesLegal vetting of appointment orders✅/❌
3Governor, Dy Governors appointed as per lawGovernance & StructureSec 8(1)Appointment can be invalidAppointment policy and documentation✅/❌
4Meetings of Central Board held regularlyGovernance & StructureSec 13Operational inefficiencyCalendarized schedule with alerts✅/❌
5Maintain CRRMonetary & Note IssueSec 42Monetary penaltiesAutomated CRR reporting system✅/❌
6Report CRR to RBIMonetary & Note IssueSec 42(1)Penal interestDaily liquidity monitoring✅/❌
7Weekly balance sheet to Govt.Monetary & Note IssueSec 53Data compliance lapseInternal compliance team tracking✅/❌
8Segregation: Issue vs. Banking DeptMonetary & Note IssueSec 23Conflict of operationsSOP enforcement and segregation audit✅/❌
9Currency issued only by Issue DeptMonetary & Note IssueSec 22Illegal note issuanceSOP and internal control checks✅/❌
10Currency chest complianceMonetary & Note IssueSec 33Currency shortfallVault audit + central reconciliation✅/❌
11Backing currency with assetsFinancial ReportingSec 33Market distrustQuarterly FX/gold reserve review✅/❌
12No trading activity by RBIFinancial ReportingSec 21(2)Legal violationStaff training, internal audit✅/❌
13Only permitted lendingFinancial ReportingSec 17Regulatory breachLending policy mapped to RBI limits✅/❌
14Advance to Govt. per limitsMonetary & Note IssueSec 17(5)Fiscal indisciplineMOUs & statutory reporting✅/❌
15Note design approval by RBIMonetary & Note IssueSec 25Forgery riskRBI vetting of currency design✅/❌
16Separate reserve fund maintainedMonetary & Note IssueSec 46Balance sheet errorsYear-end reconciliation✅/❌
17Surplus transferred to GoINBFC RegulationSec 47Fiscal anomalyReview of audited P&L✅/❌
18Adherence to Note Issue LimitNBFC RegulationSec 22(1)Legal violationNote issuance audit✅/❌
19Follow denominations specified by RBINBFC RegulationSec 24Circulation confusionSOP + currency strategy doc✅/❌
20No issuance of bearer instrumentsNBFC RegulationSec 31Criminal actionCompliance memo in board minutes✅/❌
21NBFC registered with RBINBFC RegulationSec 45-IABan from operationCheck CoR status quarterly✅/❌
22Fit & proper directors (NBFC)NBFC RegulationRBI CircularDisqualificationKYC & conflict checks✅/❌
23Capital adequacy metNBFC RegulationRBI NormsRisk of insolvencyRegular CAR monitoring✅/❌
24Fair practices for lendingNBFC RegulationRBI FPCConsumer lawsuitsInternal compliance training✅/❌
25Risk classification accuracyNBFC RegulationRBI NormsNPA misreportingAutomated risk scoring✅/❌
26Quarterly RBI returnsNBFC RegulationRBI ReturnsFinesRegulatory calendar tracking✅/❌
27KYC norms followedNBFC RegulationRBI KYC MasterPMLA penaltyReal-time customer verification✅/❌
28AML systems in placeNBFC RegulationPMLA/RBICriminal actionSTR filing system✅/❌
29RBI audits conducted timelyNBFC RegulationSec 35Audit objectionsCalendarized external/internal audits✅/❌
30RBI inspection queries addressedNBFC RegulationSec 35BlacklistingCentral compliance cell✅/❌
31Disclosure of interest ratesKYC/AML & Consumer ProtectionRBI FPCCustomer dissatisfactionRate publishing via mail/website✅/❌
32Transparent lending agreementsKYC/AML & Consumer ProtectionRBI NormsCivil casesLegal vetting✅/❌
33Grievance redressal systemKYC/AML & Consumer ProtectionRBI Ombudsman SchemeCustomer complaints48-hour TAT policy✅/❌
34Data protection for clientsKYC/AML & Consumer ProtectionRBI CircularData theft lawsuitsEncryption and DLP controls✅/❌
35Loan provisioning norms metKYC/AML & Consumer ProtectionRBI IRACPPenaltyMonthly NPA report✅/❌
36No unauthorized deposit collectionKYC/AML & Consumer ProtectionSec 45SImprisonmentClient on-boarding checks✅/❌
37Customer identity properly verifiedDigital Compliance & CybersecurityRBI KYCLegal actionAadhaar + PAN mandate✅/❌
38RBI instructions for digital lendingDigital Compliance & Cybersecurity2022 GuidelinesSuspensionApp vetting & RBI checklist✅/❌
39Cybersecurity normsDigital Compliance & CybersecurityRBI Cybersecurity CircularData compromiseISO 27001 & audit trails✅/❌
40Controlled outsourcing practicesDigital Compliance & CybersecurityOutsourcing Master DirectionRegulatory breachSLA with vendors✅/❌
41Internal audit of NBFCsRisk Management & Basel NormsSec 45MAFinancial risksQuarterly IA review✅/❌
42Board risk oversight documentedRisk Management & Basel NormsRBI ExpectationsBoard audit remarksAnnual board workshops✅/❌
43Related party transactions monitoredRisk Management & Basel NormsGovernance CodeConflict of interestDisclosures + audit✅/❌
44Dividend declaration norms followedRisk Management & Basel NormsRBI CircularCapital riskRBI permission obtained✅/❌
45Liquidity coverage ratio maintainedRisk Management & Basel NormsRBI Basel NormsShortageDaily LCR dashboard✅/❌
46Follow moratorium guidelinesRegulatory FilingsSec 45Lawsuit riskRBI circular compliance✅/❌
47Avoid misleading advertisementRegulatory FilingsSec 58BPenalty ₹1LLegal content team review✅/❌
48Proper record retentionRegulatory FilingsRBI DirectionNon-traceabilityDMS + archival SOP✅/❌
49All returns filed with RBIRegulatory FilingsSec 45IBMonetary finesCalendarized filing alerts✅/❌
50Proper calculation of Net Owned FundsKYC/AML & Consumer ProtectionSec 45-IARejection of registrationChartered accountant certification✅/❌
51Timely response to RBI noticesNBFC RegulationSec 45LBlacklistingCompliance team SOP✅/❌
52Internal capital adequacy assessment processNBFC RegulationRBI GuidelinesCapital mismatchICAAP policy review✅/❌
53Compliance with Basel III normsNBFC RegulationRBI Basel IIICapital inadequacyQuarterly compliance certification✅/❌
54ALM policy implementationNBFC RegulationRBI ALM GuidelinesLiquidity riskMonthly ALM committee meeting✅/❌
55Stress testing frameworkNBFC RegulationRBI Risk Management GuidelinesCapital shocksScenario-based simulations✅/❌
56Market risk monitoringNBFC RegulationRBI Risk GuidelinesTrading lossVaR & sensitivity analysis✅/❌
57Operational risk loss databaseNBFC RegulationRBI ORM NormsInaccurate risk profilingLoss event data collection✅/❌
58Outsourced activity risk assessmentNBFC RegulationRBI Outsourcing GuidelinesVendor breachRisk-based vendor selection✅/❌
59Staff awareness on RBI complianceNBFC RegulationRBI NormsOperational lapsesRegular training calendar✅/❌
60Customer consent on data sharingDigital Compliance & CybersecurityRBI Digital Lending GuidelinesData misuseConsent-based digital flow✅/❌
61Audit of digital lending appsDigital Compliance & CybersecurityRBI NormsNon-complianceApp compliance checklist✅/❌
62Disclosure of bank/NBFC promoter holdingsNBFC RegulationRBI GuidelinesCorporate governance issueAnnual disclosure to RBI✅/❌
63Filing of FDI/FII dataNBFC RegulationFEMA + RBIPenaltyRegular submission via FIRMS portal✅/❌
64Proper classification of investmentsNBFC RegulationRBI AFS/HFT NormsInvestment lossMark-to-market controls✅/❌
65Adherence to SLR maintenanceNBFC RegulationBanking Regulation Act & RBIMonetary penaltyDaily SLR tracker✅/❌
66Correct accounting of forward contractsNBFC RegulationRBI Forex GuidelinesFX lossesTreasury policy enforcement✅/❌
67Monitoring ECB limitsNBFC RegulationFEMA/RBIRegulatory violationECB tracker & approval system✅/❌
68Repatriation reporting of foreign remittancesNBFC RegulationFEMA/RBIPenaltyForm A2 and FIRC validation✅/❌
69Reporting of wilful defaultersNBFC RegulationRBI Master CircularReputational damageQuarterly board review✅/❌
70Reporting frauds to RBI within 3 daysNBFC RegulationRBI Fraud Reporting CircularRegulatory censureAutomated fraud escalation✅/❌
71Verification of PAN/Aadhaar linkageRisk Management & Basel NormsRBI DirectionsAccount freezingeKYC automation✅/❌
72Reporting of Non-Performing InvestmentsRisk Management & Basel NormsRBI Prudential NormsMisinformationPeriodic asset quality review✅/❌
73Sanction screening against watchlistsRisk Management & Basel NormsRBI AML/UNSCR GuidelinesLegal & reputational riskName screening tool✅/❌
74Adherence to NBFC governance codeRisk Management & Basel NormsRBI NBFC GuidelinesBoard censureAnnual governance audit✅/❌
75Due diligence before loan disbursementRisk Management & Basel NormsRBI Lending NormsCredit lossPre-sanction checklist✅/❌
76Non-coercive recovery practicesRisk Management & Basel NormsRBI GuidelinesLawsuits & complaintsTraining of recovery agents✅/❌
77Reporting to Credit BureausRisk Management & Basel NormsCICRA + RBIConsumer disputesAutomated monthly upload✅/❌
78Approval for overseas investmentsRegulatory FilingsRBI ODI NormsFEMA breachLegal and compliance validation✅/❌
79Renewal of NBFC license timelyRegulatory FilingsSec 45IACancellation of licenseAnnual calendar monitoring✅/❌
80Monthly return NBS-1 filedRegulatory FilingsRBI NBFC ReturnsMonetary penaltyMIS-based reporting process✅/❌
81Quarterly return NBS-2 filedRegulatory FilingsRBI NBFC ReturnsNon-compliance penaltyQuarterly compliance calendar✅/❌
82Half-yearly ALM return submittedRegulatory FilingsRBI NBFC GuidelinesLiquidity risk penaltyDedicated ALM MIS✅/❌
83Exposure norms followedForex & Overseas TransactionsRBI Exposure NormsCapital at riskExposure limit checks✅/❌
84Avoid conflict in lending to group entitiesForex & Overseas TransactionsRBI Corporate GovernanceConflict of interestBoard-level oversight✅/❌
85KYC updates for long-standing accountsForex & Overseas TransactionsRBI KYCAccount freezePeriodic KYC triggers✅/❌
86Central KYC registry complianceForex & Overseas TransactionsCKYCR + RBIReporting failureAPI-based upload✅/❌
87Audit trail of digital transactionsForex & Overseas TransactionsRBI CybersecurityFraud riskDMS + transaction logging✅/❌
88Monitoring of co-lending arrangementsAudit, Disclosure & Policy UpdateRBI Co-Lending GuidelinesOperational confusionPartner MoUs + MIS review✅/❌
89Monitoring of FLDG arrangementsAudit, Disclosure & Policy UpdateRBI Digital Lending GuidelinesContingent liabilityRisk assessment framework✅/❌
90Compliance with Loan Securitization normsAudit, Disclosure & Policy UpdateRBI GuidelinesAccounting issuesTransaction-level checklist✅/❌
91Classification of off-balance sheet exposuresAudit, Disclosure & Policy UpdateRBI NormsRisk concealmentOBS disclosures in financials✅/❌
92Reporting of Capital to Risk-weighted Assets RatioAudit, Disclosure & Policy UpdateRBI Basel NormsCapital adequacy concernsMonthly CAR review✅/❌
93Ensure RBI prior approval for change in controlAudit, Disclosure & Policy UpdateRBI NBFC NormsInvalid transactionM&A legal opinion✅/❌
94Reconciliation of Nostro accountsUncategorizedRBI Forex ControlReputational lossMonthly reconciliation process✅/❌
95Audit of suspense accountsUncategorizedRBI CircularFraud riskQuarterly suspense audit✅/❌
96Review of unclaimed depositsUncategorizedRBI CircularConsumer dissatisfactionAnnual dormant account reconciliation✅/❌
97Timely update of policies with RBI directionsUncategorizedRBI Master CircularsPolicy non-alignmentAnnual policy calendar✅/❌
98Ensure compliance with Inspection ReportsUncategorizedRBI InspectionRepeat audit flagsInspection tracking register✅/❌
99No delayed implementation of regulatory instructionsUncategorizedRBI Act Sec 45LPenaltiesInternal compliance reminders✅/❌

Comments

Post a Comment