Purpose :
The purpose of this policy is to establish a systematic and disciplined approach to the internal audit process and to provide guidance to the internal audit department, external auditors, management, and staff. The objectives of the audit are to:
- Ensure compliance with applicable laws and regulations.
- Ensure the reliability and accuracy of financial statements.
- Detect and prevent fraud.
- Improve the efficiency and effectiveness of business processes.
- Provide independent assurance to the board of directors and stakeholders.
Scope :
The scope of the audit will cover the company's financial and operational activities, including but not limited to:
- Financial reporting and accounting processes.
- Banking and payment systems.
- Customer data management and protection.
- Information technology systems and security.
- Marketing and advertising activities.
- Human resources and payroll processes.
- Regulatory compliance.
The frequency of audits will be determined by the internal audit department based on the risks and complexities of the business, but at a minimum, an annual audit will be conducted.
Responsibilities :
- Internal Audit Department : The internal audit department will be responsible for planning, executing, and reporting on internal audits. The department will report directly to the Managing Director and will have unrestricted access to all company records and personnel.
- External Auditors : The external auditors will be engaged as necessary to supplement the work of the internal audit department. The external auditors will be responsible for conducting audits in accordance with generally accepted auditing standards and reporting their findings to the board of directors.
- Management : Management will be responsible for providing the necessary resources, including personnel and information, to support the internal audit process. Management will also be responsible for implementing the recommendations of the internal and external audits.
- Staff: All staff will be expected to cooperate with the internal and external auditors and to provide them with the necessary information and access to company records.
Auditing Standards : Audits will be performed in accordance with generally accepted auditing standards and relevant laws and regulations, including the Companies Act, 2013 and the Reserve Bank of India (RBI) guidelines for fintech companies in India.
Documentation : The internal audit department will maintain complete and accurate records of audit findings and recommendations, including evidence of corrective actions taken. The findings and recommendations will be communicated to management and the board of directors in a timely manner.
Follow-up : The internal audit department will follow up on audit recommendations to ensure that appropriate corrective actions have been taken and that the recommendations have been effectively implemented. The results of the follow-up will be reported to the board of directors.
Confidentiality : Audit information will be considered confidential and will be restricted to authorized personnel only. Access to audit information will be limited to those who have a legitimate business need.
This audit policy will be reviewed annually and updated as necessary to reflect changes in the company's operations, business environment, and regulatory requirements.