Вы находитесь на странице: 1из 35

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur



Submitted to: SBP BSC (BANK) SUKKUR

Submitted by: Muhammad Sarwar Shah MBA (Banking & Finance)

Sukkur Institute of Business Administration

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 1

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Table of content
Acknowledgement…………………………………………………………………..……… 01

Introduction of SBP BSC (Bank) Sukkur…………………………………………………. 02

Units of SBP BSC (Bank) Sukkur…………………………………………………………. 04

Internal Monitoring Unit and Internal controls……………………………………………14

Internal Monitoring Unit and Internal Audit Department………………………………...20

Restructuring of Internal Audit Department……………………………………………….23

Introduction of Internal Monitoring Unit…………………………………………………..24

Some qualities of Effective IMU……………………………………………………………25

Key work areas of IMU………………………………………………………………………26

Main duties and responsibilities of IMU…………………………………………………….26

Decision Making Authority of IMU…………………………………………………………27

Contacts/Work Relationships of IMU……………………………………………………….28




All thanks to Almighty ALLAH who has empowered my poured knowledge that made me able
to complete this report and made it possible. I would like to thanks management of SBP BSC
(Bank) Sukkur to appoint me as internee and giving me the opportunity to get the practical
exposure of banking sector. This report provides all the knowledge and experience that I got
during my internship in SBP. I would also thank to Sukkur IBA, who selects me for internship at
SBP BSC (Bank), Sukkur.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 2

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 3

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

State Bank of Pakistan Banking Service Corporation BSC (Bank) Sukkur


“To develop SBP BSC (Bank) into a strong and dynamic institution, equipped with efficient and
professional human resources base having necessary technology, fully capable of providing
quality services to stakeholders and complementing State Bank of Pakistan in achieving its


“To maintain an efficient currency management system, provide effective banking services
responsive to changing environment so as to command trust and respect of our stakeholders”.


SBP Banking Services Corporation, Sukkur is one of the field offices of SBP Banking Services
Corporation (Bank), which was created upon promulgation of Ordinance-2001 as an independent
subsidiary of the State Bank of Pakistan at Sukkur. Sukkur city is the hub of three Provinces viz;
Baluchistan, Punjab & NWFP. Sukkur city is also very important place which covers small &
medium enterprises, wide range of agricultural commodities’ market and also dry and fresh fruits
like Dates, Banana, vegetables etc. As such SBP BSC (Bank), Sukkur is playing a curious role in
the region. State Bank Banking Services Corporation Sukkur Office enjoys a long history of
central banking since its inauguration in 1994. The office gets further importance and increased
responsibilities in terms of serving to the government departments. Nevertheless, as a Field
office of BSC, it is committed towards providing customer oriented banking services to
government, financial institutions and the public, management of currency and National Savings
Schemes and channelizing efficient operations of the payment system. The main focus of the
bank is aimed at bridging the gap between the central bank and it stakeholders so that policies
are made that strengthen the financial system and provide and enabling framework for the
financial industry that fosters economic growth.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 4

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur


• To facilitate alignment of the Vision and Mission with the business operations and work
• To provide initiatives and facilitate head office in deriving solutions for projects, policies
and procedures.
• To provide strategic solutions to mitigate weak areas and to counter threats to
• To build an enabling environment, where employees are motivated to contribute to their
full potential.
• To modernize the systems in order to ensure cost-effective operations enhanced delivery
capability and high service standards.


• As an operational arm of the central bank, Sukkur Office is engaged in retail business,
which includes
• Receipts, supply and exchange of bank notes and coins
• Collecting revenue and making payments for and on behalf of and maintaining accounts
of the government, local bodies, authorities, companies, banks and other financial
• Disbursing of loans and advances to the government, banks, financial institutions and
local authorities and facilitating in inter-bank settlement system
• Operational work relating to management of debt and foreign exchange
• Performing agency functions while dealing in prize bonds and other saving
instruments of the government

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 5

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Units of Banking Services Corporation (SUKKUR OFFICE)

1- Prize Bond Unit (PBU)

2- Development Finance Support Unit (DFSU)

3- Public Account Unit (PAU)

4- Treasury Cash Unit (TCU)

5- Deposit Account Unit (DAU)

6- Foreign Exchange Operations Unit (FEOU)

7- General Services Unit (GSU)

8- Currency Management Unit (CMU)

9- Export Refinance Unit (ERU)

10- Internal Monitoring Unit (IMU)

1-PrizeBond Unit

Public finance is a field of economics concerned with paying for collective or Governmental
activities, and with the administration and design of those activities. Governments usually
borrow by issuing securities such as Government Bonds and Bills. Internal debt owed by a
Government as part of the country's national debt. It is a form of fiat creation of money, in which
the Government obtains cash not by printing it, but by borrowing it. The money created is in the
form of Treasury Securities Bonds or Securities borrowed from the Central Banks. These may be
traded but will only rarely be spent on goods and services. Prize Bonds are bearer type of
security and major instrument of internal source of financing source; through which Government
finance their expenses by issuing Bonds. Prize Bonds is in under of Ministry of Finance and
National Directorate. Funds raised through Prize Bonds are used to offset Government
borrowing and are refundable to the Bond holder (owner), on the demand. Prize Bonds carry no
interest, but have Prize Money through draw.
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 6
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 7

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

2-Development Finance Support Department


Development of an inclusive financial system in the country that could ensure access to financial
Services to all segments/sectors of the economy is an important strategic objective of SBP. The
Establishment of Development Finance Group (DFG) in SBP in the recent past is aimed at
creating the necessary institutional capacity in SBP to achieve this strategic objective. While the
DFG is engaged in enhancing its capacity to catalyze and facilitate expansion of financial
services in un-banked/under-banked areas/sectors, the group based in Karachi, has no presence in
the field to continuously interact with grassroots level stakeholders and monitor banks’ progress
(at regional/district level) to develop and expand their development finance capacity. The
SBPBSC however has presence in 16 key areas/regions across the country with immense
potential for growth of development finance. The Development Finance Support Department
(DFSD) in the BSC is aimed at using the BSC field offices across the country to augment the
DFG capacity and its role for connecting the Unbanked/under-banked areas/sectors with the
country’s financial markets. The DFSD though group Based in BSC Head Office Karachi
(HOK), it has gradually established Units in 13 field offices. The Divisions/Units in the field
offices are the local contact points for continuous interaction with stakeholders.


The following are the key functions of DFSD; (all these functions would be undertaken by using
the BSC field offices network):


I. To coordinate and interact with DFG and banks to have region-wise and branch wise
plans/targets for financing to SMEs, Micro Enterprises (MEs)1, low cost housing and to
farming/rural communities.
II. To monitor banks’ performance towards achievement of their regional and branch-wise
targets of development finance using the BSC field offices.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 8

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

III. To collect regional and/or branch-wise data from Data Warehouse or DFG Departments, for
assessing banks’ performance as well as to study regional trends in growth and development
of SMEs, Micro and Rural Finance;
IV. To develop and maintain province-, region- and district-wise development finance database;
this will help us optimally target our resources to increase outreach of financial services in
un-banked/under-banked areas/sectors;
V. To monitor banks’ progress towards building and enhancing their retail capacity (in terms of
branch network, IT systems, human resources) to expand their development finance outreach
in different regions of the country;

Awareness and Information Dissemination

VI. To organize programs/field visits/workshops/seminars in consultation with DFG to create

awareness amongst the target population viz. the SMEs, MEs and farming community about
financial services being offered by banks and financial institutions; (the training and field visits
programs undertaken by ACD, being the field activity, could be transferred to the department;
the capacity at field offices would be built gradually to undertake such programs on more
frequent basis);

VII. To develop linkages with SMEDA, representatives/associations of SMEs and MEs, farming
community, chambers of commerce and agriculture, trade bodies for better and wider
dissemination of SBP Development Finance policies and approach;

VIII. To facilitate the DFSUs in conducting the meetings of Regional Focus Groups for
Agriculture, SME and Micro-finance. The Groups have been constituted in all BSC offices to
exclusively review the trends in each of these sectors and evolve operational strategies to
increase outreach of Agriculture, SME and Micro-finance in their respective regions;

IX. To develop linkages with provincial and District governments, agricultural research and
extension departments to explore synergies between their poverty alleviation and information
dissemination programs and the department’s goal for increasing outreach of financial services in
un-banked/under-banked areas/sectors;

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 9

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

X. To facilitate linkages/partnerships between technical and vocational institutes and

banks/MFBs for imparting technical/vocational training to the prospective clients of banks/MFBs
on cost sharing basis;

XI. To develop linkages with universities and colleges in the region to initiate development
finance courses/specializations/majors to cater to the growing demand for development finance.

Research & Surveys

XII. To conduct/arrange/sponsor regional surveys/empirical studies on key and burning issues
relating to expansion, growth and impact of development finance. (Linkages with research and
educational institutions will be developed for the purpose).
3-Public Account Unit (PAU)
SBP BSC (Bank) provides banking services to Government through PAU. PAU is responsible
for maintaining the account of Federal, Provincial, District and Zakat accounts Under section
21(1) of the SBP Act 1956 the Bank is obliged to accept money for account of the Federal, and
Provincial Government in Pakistan and to make payment on their account and to carry out their
exchange, remittances, and other Banking Operations including management of Public Debt. It
provides data on the Government accounts to the accountant General Pakistan Revenue, Pakistan
Railway, and SBP on daily basis. The position of Government balances is provided to Finance
Department of SBP for submission of Government Departments. Automation of business
processes and online data entry has provided an impetus of secured transmission and automated
of updating of data, and because of this integration among Field Offices System generated error
free reports; client statement and elimination of duplication of work have resulted in quality
based banking services to Government Departments. Another responsibility of PAU is the
ZAKAT collection and maintenance of its balances.

Type of Account

Drawing Account
When an Officer of a Government Department is authorized to draw funds from Bank
without limit such an account is called Drawing Account.
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 10
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Assignment Account
In case of certain Department, Accountant General Authorizes the bank is to open Ledger
Deposit Accounts in favor of the head of these Departments and Army unit are called
Assignment Account.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 11

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Main Units of PAU

a) Payment Unit: Major Functions of payment unit are:

 To keep specimen signatures of drawers/DDO’s records up to date

 To maintain Cheques Series advice
 Stop Cheques
 To maintain schedule/advices
 Pass cheques/Bills e.t.c.

b) Receipts Unit

This unit is responsible for keeping accounts of money paid into SBP BSC (Bank) for credit to
Government Account (Central and Provincial). All money that are tendered at the bank for credit
to Government Account should be accompanied by Treasury Challan in the form of prescribed
by the Government concerned are permitted to be deposited by the member of the Public direct
into the Bank for credit to Government Accounts Such as: Income Tax and Sales Tax Deposits.
All Challan require to be counter signed by Treasury Officers or Head of the Government
Department on whose account the amount paid.

c) Clearing House

SBP BSC (Bank) among other things also acts as a Clearing House for Commercial Banks who
have to maintain Current Accounts with it. The SBP BSC (Bank) Offices supervise the working
of the Local Clearing House as all the important centers where the Bank has established its
offices through National Institutional Facilitation Technologies.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 12

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

4- Treasury Cash Unit (TCU)

Functions that are perform by TCU:

 Physically receipts/payments on behalf of Government and Commercial Banks.

 Sale/Encashment of National Prize Bonds.
 Sale/Encashment of Coins.

 Coin Counter: Sale/Encashment of Coins
 Government Counter: Receipts/Payment on behalf of Government
 Exchange Counter: Exchange of Currency Notes
 Defaced/Defective Counter: Exchange of Defaced/Defective Currency Notes
 Banking Counter: Receipts/Payments on behalf of Commercial Banks through
National Prize Bonds Counter: Sale/encashment of National Prize Bonds.

5- Deposit Account Unit (DAU)

The DAU is part of the Banking Service Corporation (BSC). The DAU is responsible for
maintaining the Bank’s Accounts and also provide the Remittance to Banks.

Types of services provided by SBP BSC (Bank) through its DAU are:

a) Current Account
b) SBP Remittances Facility Schemes;
Current Account

SBP BSC (Bank) provides facility to other Banks to open current in SBP BSC (Bank) without
any charges. Current Account is maintained by DAU that is entrusted with the work of opening
and maintaining the Current Account of Schedule and Non-Schedule Banks, Local Bodies and
Other Foreign Banks. There are two main reasons to open account in SBP BSC (Bank);

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 13

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

1- When they have excess amount above their holding capacity

2- For settlement of transactions with Other Banks or for Clearing purposes.

In order to facilitate movements of funds from one place to another place, SBP BSC (Bank)
provides Remittances facilities through, Demand Draft, Mail Transfer, Bank Draft, Government
Draft, and Telegraphic Transfer.

6-Foreign Exchange Operation Unit


On the formation of the Banking Services Corporation, Exchange Policy Department was
bifurcated into two parts. Policy side went to State Bank and the Operation side came under the
Banking Services Corporation. The later was named Foreign Exchange Operations Department

Scope of the FEOD consists of implementation of Foreign Exchange policies by monitoring and
overseeing the operations of the Authorized Dealers. The Core Functions of the Department are:

• Providing data collection support to SBP through different statements and


• Facilitating Importers and Exporters.

• Responding to the queries of the Field Offices and Authorized Dealers.
• Monitoring of Export Overdue Cases.
• Issuing show cause notices to the defaulting exporters and referring the cases to
Adjudication Department.
• Allowing private remittances on various accounts.
• Handling of Monthly Returns.
• Payment of Research and Development Support to Garment Industry
• Payment of Freight Subsidy on Import of Cement
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 14
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• Facilitating Government functionaries / Agencies in disbursement of the foreign

budgetary allocations.

In this context, FEOD, HOK performs dual functions:

• Oversee the operations of the field offices

• Functions as the Karachi field office

7-General Service Unit

Mission Statement

Our mission is to provide dedicated and high quality service to our stakeholders with a sense of
warmth and friendliness. Our continuous focus would be towards preparing dynamic policies,
adopting innovative methods to solve unsolved problems and ultimately become strategic
partner in achieving the organizational objectives.

Vision Statement
Our vision is to help the Bank transform into a model institution by inculcating high spirit of
service and extending unmatchable facilitation to our stakeholders.

About Us

As a part of restructuring plan, General Services Department has been established to provide an
efficient service to the BSC employees through one-window approach. It places a renewed vigor
of the management to resolve all employee-related issues with a proactive approach and higher
service delivery standards so that they could work with more devotion and commitment.

A brief profile of the department’s functions

1. Employee Benefits Division

• Disbursement of monthly salary and allowances

• Reimbursement of educational expenses
• Management of staff loan cases and assessment of properties
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 15
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• Maintaining PF/GPF accounts of Bank employees

• Payment of retirement benefits related to fund accounts
• Financing of life insurance policies against PF/GPF accounts

2. Procurement Division

• Procurement of goods and services as per PPRA Rules 2004

• Assisting departments and offices in the procurement process
• Preparation of bidding documents for standardized procurement practices
• Purchasing stationary for Bank

3. Services Division

• Development of Business Plan

• Preparation of annual budget
• Maintaining employee leave records
• Managing dark system

4. Printing Press

• Cater to the printing requirements of State Bank of Pakistan and its

• Ensure in-time and quality printing of jobs / publications
• Effectuate sufficient and timely procurement of printing material
• Printing and subsequent delivery of printed stuff as per set out priorities

5. Medical Division

• Issuance of confinement letters.

• Grant of permission for treatment at offices other than place of duties.
• Activation /deactivation of medical facilities of employees/ex-employees
and their dependents

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 16

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• Issuance of approval letter for treatment/pathological tests etc. from un-

approved hospitals/laboratories.
• Arrange purchase of high quality medicines against approved indent and
ensure short expiry medicines are replaced on timely basis.
• Financial scrutiny and arrange re-imbursement of individual claims in
respect of medical facilities lodged by in service or ex-employees.
• To arrange advance in respect of any emergency/costly treatment like
cancer, hepatitis, angiography, angioplasty and CABG etc.
• Process the cases of enlistment of hospitals, consultants, laboratories etc.
• Payment/Settlement of bills of approved hospitals, consultants,
laboratories according to approved rates.

6. Health Clinic

• Examine the patients and prescribe treatment and medicines as per

Medical Attendance Rules and Regulations.
• Issue referral letters, where required, to patients for external
consultants/specialists, pathological tests, diagnosis and hospital admission etc.
• Process request for issuance of medicines prescribed by the external
consultants/specialists for treatment to the patients.
• Visit different hospitals for ensuring provision of best services by them to
the admitted patients and also looking to the provision of on the spot approval for
any required specialized investigation/treatment/test e.g. MRI, CT scan,
angiography/ angioplasty, chemotherapy etc.
• Provide technical advice and recommendations to Medical Division on
determining the fitness or otherwise of the candidates selected for SBP and its
subsidiaries and provide their reports directly to PMD or HRD.

8- Currency Management Unit (CMU)

Being the Prime Controller of Currency in the Country, the BSC has put in special efforts in reviewing
currency procedure, practices, rules and regulations for various internal and external functionaries
through CMU.
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 17
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Main function of this unit is to create awareness among common public about:

 Forecasting that how much currency will be needed in coming year

 Issue and Distribution of Fresh Notes and Coins
 Inventory Management and Accounting
 Withdrawal of Soiled Notes from circulation and their destruction
 Note exchange facilities and Anti-counterfeit measures

9-Export Refinance

Export Refinance Scheme was introduced with an aim to boost exports of non-traditional items
in Pakistan. The scheme is bifurcated in two parts i.e. Part I & Part II. Under Part-I, the finance is
given on pre as well as post shipment basis for export of eligible commodities. This facility is
provided on a case-to-case basis. Under Part-II, an exporter may avail the export finance limit,
based on his last year’s export performance in respect of eligible commodities.

The process of disbursement of credit through export refinance schemes is operationally carried
out through the field offices of the Bank. These offices have meaningfully contributed towards
disbursement of export finance at industrial centers of the country through commercial banks.
The various sectors of business facilitated by this scheme include textile, carpets,
telecommunication, IT, electronics, leather, frozen seafood etc.


Internal Monitoring Unit and Internal Control

Internal Monitoring Unit is basically established at SBP BSC (Bank) to monitor and control the
functionality of the BSC Bank so that Bank can operate in an effective way. Before going to
explain Internal Monitoring Unit, first I would like to explain internal control of any

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 18

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

What are Internal Controls and who is Responsible for Them?

Internal control is defined as a process affected by an organization's structure, work and authority
flows, people and management information systems, designed to help the organization
accomplish specific goals or objectives.[1] It is a means by which an organization's resources are
directed, monitored, and measured. It plays an important role in preventing and detecting fraud
and protecting the organization's resources, both physical (e.g., machinery and property) and
intangible (e.g., reputation or intellectual property such as trademarks). At the organizational
level, internal control objectives relate to the reliability of financial reporting, timely feedback on
the achievement of operational or strategic goals, and compliance with laws and regulations. At
the specific transaction level, internal control refers to the actions taken to achieve a specific
objective (e.g., how to ensure the organization's payments to third parties are for valid services
rendered.) Internal control procedures reduce process.

Internal Controls can be categorized as either accounting controls or administrative controls.

Accounting controls are designed to safeguard Bank assets and ensure the accuracy of financial
records. Administrative controls are designed to promote operational efficiency, effectiveness,
and adherence to Bank policies and procedures. Bank management is responsible for designing
and maintaining an adequate system of internal control. Internal Audit independently reviews
and evaluates the adequacy of the system of internal controls and makes recommendations to
management to improve these controls based on system testing and control analysis.

Everyone in an organization has responsibility for internal control to some extent. Virtually all
employees produce information used in the internal control system or take other actions needed
to effect control. Also, all personnel should be responsible for communicating upward problems
in operations, noncompliance with the code of conduct, or other policy violations or illegal
actions. Each major entity in corporate governance has a particular role to play:

Management: The Chief Executive Officer (the top manager) of the organization has overall
responsibility for designing and implementing effective internal control. More than any other
individual, the chief executive sets the "tone at the top" that affects integrity and ethics and other
factors of a positive control environment. In a large company, the chief executive fulfills this
duty by providing leadership and direction to senior managers and reviewing the way they're
Sukkur Institute of Business Administration: Muhammad Sarwar Shah 19
State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

controlling the business. Senior managers, in turn, assign responsibility for establishment of
more specific internal control policies and procedures to personnel responsible for the unit's
functions. In a smaller entity, the influence of the chief executive, often an owner-manager is
usually more direct. In any event, in a cascading responsibility, a manager is effectively a chief
executive of his or her sphere of responsibility. Of particular significance are financial officers
and their staffs, whose control activities cut across, as well as up and down, the operating and
other units of an enterprise.

Board of Directors: Management is accountable to the board of directors, which provides

governance, guidance and oversight. Effective board members are objective, capable and
inquisitive. They also have knowledge of the entity's activities and environment, and commit the
time necessary to fulfill their board responsibilities. Management may be in a position to
override controls and ignore or stifle communications from subordinates, enabling a dishonest
management which intentionally misrepresents results to cover its tracks. A strong, active board,
particularly when coupled with effective upward communications channels and capable
financial, legal and internal audit functions, is often best able to identify and correct such a

Auditors: The internal auditors and external auditors of the organization also measure the
effectiveness of internal control through their efforts. They assess whether the controls are
properly designed, implemented and working effectively, and make recommendations on how to
improve internal control. They may also review Information technology controls, which relate to
the IT systems of the organization. There are laws and regulations on internal control related to
financial reporting in a number of jurisdictions. In the U.S. these regulations are specifically
established by Sections 404 and 302 of the Guidance on auditing these controls is specified in
Auditing Standard No. 5 and SEC guidance, further discussed in . To provide reasonable
assurance that internal controls involved in the financial reporting process are effective, they are
tested by the external auditor (the organization's public accountants), who are required to opine
on the internal controls of the company and the reliability of its financial reporting.

Limitations of internal control

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 20

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Internal control can provide reasonable, not absolute, assurance that the objectives of an
organization will be met. The concept of reasonable assurance implies a high degree of
assurance, constrained by the costs and benefits of establishing incremental control procedures.

Effective internal control implies the organization generates reliable financial reporting and
substantially complies with the laws and regulations that apply to it. However, whether an
organization achieves operational and strategic objectives may depend on factors outside the
enterprise, such as competition or technological innovation. These factors are outside the scope
of internal control; therefore, effective internal control provides only timely information or
feedback on progress towards the achievement of operational and strategic objectives, but cannot
guarantee their achievement.

Describing Internal Controls

Internal controls may be described in terms of:

a) The objective they pertain to; and

b) The nature of the control activity itself.

Objective Categorization

Internal control activities are designed to provide reasonable assurance that particular objectives
are achieved, or related progress understood. The specific target used to determine whether a
control is operating effectively is called the control objective. Control objectives fall under
several detailed categories; in financial auditing, they relate to particular financial statement
assertions, [5] but broader frameworks are helpful to also capture operational and compliance

• Existence (Validity): Only valid or authorized transactions are processed (i.e., no invalid

• Occurrence (Cutoff): Transactions occurred during the correct period or were processed

• Completeness: All transactions are processed that should be (i.e., no omissions)

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 21

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• Valuation: Transactions are calculated using an appropriate methodology or are

computationally accurate.

• Rights & Obligations: Assets represent the rights of the company, and liabilities its
obligations, as of a given date.

• Presentation & Disclosure (Classification): Components of financial statements (or other

reporting) are properly classified (by type or account) and described.

• Reasonableness-transactions or results appear reasonable relative to other data or trends.

For example, a control objective for an accounts payable function might be: "Payments are only
made to authorized vendors for goods or services received." This is a validity objective. A
typical control procedure designed to achieve this objective is: "The accounts payable system
compares the purchase order, receiving record, and vendor invoice prior to authorizing

Management is responsible for implementing appropriate controls that apply to transactions in

their areas of responsibility. Internal auditors perform their audits to evaluate whether the
controls are designed and implemented effectively to address the relevant objectives.

Activity categorization

Control activities may also be explained by the type or nature of activity. These include (but are
not limited to):

Segregation of duties

Separating authorization custody and record keeping roles to limit risk of fraud or error by one

• Authorization of transactions - review of particular transactions by an appropriate person.

• Retention of records - maintaining documentation to substantiate transactions.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 22

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• Supervision or monitoring of operations - observation or review of ongoing operational


• Physical safeguards - usage of cameras, locks, physical barriers, etc. to protect property,
such as merchandise inventory.

• Top-level reviews-analysis of actual results versus organizational goals or plans, periodic

and regular operational reviews, metrics, and other key performance indicators (KPIs).

• IT Security - usage of passwords, access logs, etc. to ensure access restricted to

authorized personnel.

• Top level reviews-Management review of reports comparing actual performance versus

plans, goals, and established objectives.

• Controls over information processing-A variety of control activities are used in

information processing. Examples include edit checks of data entered, accounting for
transactions in numerical sequences, comparing file totals with control accounts, and
controlling access to data, files and programs.

Control precision

Control precision describes the alignment or correlation between a particular control procedure
and a given control objective or risk. A control with direct impact on the achievement of an
objective (or mitigation of a risk) is said to be more precise than one with indirect impact on the
objective or risk. Precision is distinct from sufficiency; that is, multiple controls with varying
degrees of precision may be involved in achieving a control objective or mitigating a risk.

Precision is an important factor in performing a SOX 404 top-down risk assessment. After
identifying specific financial reporting material misstatement risks, management and the external
auditors are required to identify and test controls that mitigate the risks. This involves making
judgments regarding both precision and sufficiency of controls required to mitigate the risks.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 23

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Risks and controls may be entity-level or assertion-level under the PCAOB guidance. Entity-
level controls are identified to address entity-level risks. However, a combination of entity-level
and assertion-level controls are typically identified to address assertion-level risks. The PCAOB
set forth a three-level hierarchy for considering the precision of entity-level controls.[6] Later
guidance by the PCAOB regarding small public firms provided several factors to consider in
assessing precision.[7]

Fraud and internal control

Internal control plays an important role in the prevention and detection of fraud.[8] Under the
Sarbanes-Oxley Act, companies are required to perform a fraud risk assessment and assess
related controls.[9] This typically involves identifying scenarios in which theft or loss could
occur and determining if existing control procedures effectively manage the risk to an acceptable
level.[10] The risk that senior management might override important financial controls to
manipulate financial reporting is also a key area of focus in fraud risk assessment.[11]

Internal Controls and Improvement

If the internal control system is implemented only to prevent fraud and comply with laws and
regulations, then an important opportunity is missed. The same internal controls can also be used
to systematically improve businesses, particularly in regard to effectiveness and efficiency.[13]

Continuous Controls Monitoring

Advances in technology and data analysis have led to the development of numerous tools which
can automatically evaluate the effectiveness of internal controls. Used in conjunction with
continuous auditing, continuous controls monitoring provides assurance on financial information
flowing through the business processes.

Internal Monitoring Unit and Internal Audit Department of BSC (Bank)

Internal Audit Department is replaced by Internal Monitoring Unit in 2008-09 during the major
restructuring/reorganization by the State Bank of Pakistan

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 24

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Introduction of Internal Audit Department

The Internal Audit Department was established for the purpose of providing management and the
Audit Committee of the State Bank of Pakistan Banking Services Corporation with reasonable
assurance that the management control systems throughout the SBPBSC (Bank) are adequate and
operating effectively. Internal Audit provides an independent and objective appraisal of activity
for management and assuring them that risks are held at bay. To this end the Internal Audit
provides the management with analysis, recommendations, counsel, and information concerning
the activities reviewed. To accomplish its threefold mission of Banking, Currency Management
and Customer Service, the Bank must maintain the confidence of its Stake Holders, Executives,
Staff, Public and SBP. Confidence in the institution is paramount if the Bank is going to achieve
its stated objectives. The Internal Audit Department provides valuable support in maintaining the
public's confidence by performing independent and objective reviews and reporting to the Audit
Committee and Managing Director on their findings so that corrective actions or enhancements
can be initiated. The Internal Audit Department has 17 Audit Units across the SBPBSC. Out of
these 17 Internal Audit Units, 16 Units exist at 16 Offices of SBP BSC and One Unit exists at
Head Office, Karachi for ongoing auditing the various offices / departments. The Internal Audit
Department assists operating management in achieving Banks financial and operating goals by
evaluating controls to ensure systems function adequately, by identifying weaknesses, and by
providing recommendations. Through complete and unrestricted access to records, property, and
personnel, Internal Audit provides the Bank with an additional resource in meeting these goals.
With the support of Bank management and the Audit Committee, the Internal Audit Department
provides the highest quality of auditing services, thus enhancing control at the Bank

Reporting Structure

The Internal Audit Department reports to the Office of the Managing Director and the Audit
Committee of the Board of Directors. This reporting structure allows the Internal Audit
Department to remain independent and report all items of significance to the Managing Director
and the Audit Committee. The Director of Internal Audit attends all Audit Committee meetings
and brings appropriate matters to the Committee's attention.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 25

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Types of Audits Performed

The Internal Audit Department is expected to perform the following wide range of audit services
including financial audits, compliance audits, operational audits, information technology audits,
and consulting services. Currently compliance audit is being done however very soon IT audit
will start operating

Financial Audits

Address questions regarding accounting and the propriety of financial transactions. Compliance
Audits determine the degree of adherence to laws, regulations, policies, and procedures

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 26

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Operational Audits

Review operating information and procedures to determine if any modifications of the operations
could result in greater efficiency and effectiveness.

Information Technology Audits

Evaluate system processing controls, data security, physical security, systems development
procedures, contingency planning, and systems requirements.

Management Audit

Review an independent and objective of management capability. It is used when institution is

planning for change and to evaluate executives’ skills and potential.

Consulting Services

Encompass a wide range of services, which allow the Bank community to utilize the
Department's financial and information technology expertise to address a known problem or

The Internal Audit Process

When an audit is scheduled, an announcement letter is sent to the responsible parties. An

entrance meeting is scheduled to discuss the objectives and scope of the audit. At the entrance
meeting, any concerns or questions about the audit process are discussed. A typical audit is
comprised of three stages: planning, fieldwork and reporting. The audit team will collect data
and document the procedures, controls and/or activities being reviewed. During the audit and at
the conclusion of the fieldwork, the audit team discusses with the appropriate staff of an area
being audited any findings and recommendations noted during the audit process. A formal exit
conference is held to discuss the audit findings and recommendations with the Chief Manager/
Departmental Head of the area being audited. Next the audit team will issue a draft report
summarizing the findings and recommendations. The draft report has limited distribution, and
the management of the audited department is provided approximately one week to draft written
management responses as to how they plan to address the recommendations. The management

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 27

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

responses are incorporated into the draft report along with any agreed upon changes, thus
becoming a final report. The final report is distributed to the appropriate Bank management. All
audit information is treated as confidential and is reported only to those within the Bank who
need to know.

Meet the Internal Audit Staff

The Internal Audit Department tries to regularly participate in professional development

programs to maintain and enhance their professional skills. Certified members of the staff
complete the required continuing professional education each year to maintain their professional
licenses. To find out more about audit, please contact any of the following. All other mail should
be sent to the Director of Internal Audit

Restructuring of Internal Audit Department

During 2008-09, the IAD has undergone a Major restructuring/ reorganization. It was realized
over the recent years that the Internal Audit Units (IAUs) had lost their effectiveness Due to
overlapping and duplication of work Between Internal Monitoring Units (IMUs) and IAUs,
automation of business processes and Administrative problems in supervision of these Units. The
existing set up of IAD was Accordingly revisited during the year and the 17 IAUs housed at field
offices and one at BSC HOK were consolidated into two Audit Hubs, One each at Karachi and
Lahore. Each Audit Hub has been allocated departments of HOK and field offices as given in to
periodically carry out audit, Enforcement and other functions as assigned to them from time to
time. The new Structure is aimed at improving monitoring, expanding efficacy of internal
controls and Enlarging breadth, width and timeliness of reporting to the senior management. The
Newly created Audit Hubs headed by the Joint Directors (OG-5) will functionally &
administratively report to the Director IAD. These Audit Hubs will also assist the Audit Teams
in carrying out Annual Audit of the departments/ field offices of BSC.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 28

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Internal Monitoring Unit (IMU)

Internal audit and control is a critically important function for large and operations intensive
organizations like BSC. It involves an objective and independent review of the year. The Internal
Audit Units (IAUs) operative at the BSC offices have been abolished business processes, the
control systems in place, and the compliance environment in various organs and departments of
BSC. The BSC’s Internal Audit Department went through major restructuring exercise during as
they had lost their effectiveness due to overlapping/ duplication of work between IMUs and
IAUs, automation of business processes and administrative problems in supervision of IAUs at
field offices. The IAUs have been replaced by two Audit Hubs at Lahore and Karachi. The Audit
Hubs to be headed by an officer of not less than joint director level will functionally and
administratively report to Director IAD of BSC. Each of the two Hubs has been allocated the
departments of HOK and field offices as given in Table 8.5 to periodically carry out audit,
enforcement, and other functions as assigned to them from time to time. The Audit Hubs are
likely to improve efficacy of internal controls, remove duplications and increase administrative
efficiency in the internal audit and control function of the BSC.
Risks Register for 22 business processes of field offices including Deposit Accounts, Public
Accounts, Export Refinance and Treasury Cash Units were developed during the year. The Risks
Register will identify the processes’ risks, their ranking as high, medium or low risk and their
mitigating controls.
On operational side, annual financial/operational audit of 16 field offices and 4 HOK
departments was carried out and the Audit Briefs containing major observations was submitted
to Deputy Governor/ Managing Director. A compliance officer attached with each Audit Team
ensures compliance of the Audit Reports and timely resolution of issues highlighted in Audit
Briefs. IT Audit of 15 field offices of BSC was also carried out and the internal controls
weaknesses in the system highlighted in the IT audit reports were sent to ISTD of SBP. Further,
the system audit of Globus System, Oracle and HRIS was also conducted to assess the risk
exposures and control weaknesses, etc. and the report was shared with ISTD.

The Off-site Surveillance Wing (OSW) of IAD monitors the adequacy and effectiveness of
internal control systems, operational efficiency and adherence to relevant policies and procedures
based on the reports/ monthly returns of IAUs. During FY09, 286 significant irregularities were

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 29

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

reported by IAUs in their monthly returns. The OSW analyzed the irregularities in depth and
categorized 188 of them as major irregularities. These irregularities along with the IAD’s
recommendations were sent to respective chief manager and head of department for initiating
necessary corrective and/or preventive measures.

The Audit Sub-committee of BSC Board also monitors the performance of IAD; the committee
met twice during the year to discuss the management letter issued by the External Auditors,
Business Plan of IAD and quarterly progress report on Audit Briefs of BSC.

Some qualities of effective IMU

• An internal monitoring unit should be explicitly designated within the project agency.
Internal monitoring should be conducted against detailed, specific terms of reference

• The staff of the internal monitoring unit should be familiar with the design of the
resettlement program.

• Staff from the internal monitoring unit should be adequately trained in the framework and
methodology of internal monitoring.
• Internal monitoring unit should regularly receive information and data updates from field
• IMU staff should participate in the project launch workshop where the key monitoring
benchmarks as well as the process of reporting should be discussed and agreed.
• Resettlement data should be available by household, categories of impact and should be
computerized to facilitate processing.
• Reports from internal monitoring should be submitted regularly, preferably semi-annually
to the project agency and the lending institution.
• The process by which monitoring reports would be factored into decision making at the
senior level should be explicitly agreed.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 30

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Common objective

Internal Monitoring Unit exit meant for monitoring all operational transactions and payment
cases of the Office and that office work is in accordance with prescribed manuals, instructions,
circulars issued from time to time and to provide guidelines and recommendations where

Key work areas of IMU

To check attendance and punctuality of staff of the bank through attendance registers and
conducting surprise checks periodically in the morning and evening.

To insure that all transactions, cases and related documents emanating from all
Units/Departments are audited before review/approval/sanction thereof and ascertain
rectification of irregularities if identified to safe guard the Bank interest.

Monitor and check all expenditures of the office as per expenditure regulations 1993, SBPBSC
(Bank) and prescribed rules.

Main duties and responsibilities of IMU

• To arrange periodical checking of Security Badges of all staff and uniform/liveries of

eligible staff and submit report thereof to the Chief Manager.

• To scrutinize admissibility of all bills to make sure that those are sanctioned by the
authorities with in prescribed limit and under prevailing rules and provisions.

• To ensure that the expenditure in any head is within budgetary allocation and recordation
thereof in the proper Head of Account.

• To keep eye on purchases that the expenditure incurred thereupon is made after following
prescribed drill and their entries are properly recorded in the appropriate Head of

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 31

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

• To check preparation of proper salaries of the staff and that necessary changes viz. leave
without pay, transfer, stop payments and have been incorporated therein by the Salary

• To check overtime bills and conveyance charges cases of officers to ascertain that they
approved by the concerned authorities and that calculations thereof is O.K.

• To ensure that different accounts of various Units/Divisions are maintained according to

the prescribed instructions and manuals.

• To audit all cases regarding staff loans, T.A/D.A Advances, GPF/PF/BF/GTA/BF Bank’s
maintenance, liveries, promotions, transfer/posting/export refinance and medical facilities

• To check monthly basis, the balances of various unit i. e Exchange Branch, Defective
Notes, e.t.c. and periodical surprise check of hand held balances of petty cash, postage
stamp account and other related accounts.

• To ensure compliance of irregularities pointed out by Annual Inspection Team (offices)

and provided feedback to the authorities concerned in this regard as and when required.

• Perform any other assignment being assigned time to time by the superiors

Decision Making Authority of IMU

IMU make decision with consultation and without consultation.

Decision with Consultation: Conduct surprise checks of Note Verification Unit and attendance
of Cash Staff in the morning in consultation with superior s.

Decision without Consultation: Depute Officials for surprise checks of uniform of Liveries
Staff/Security Badges/Attendance of entire Staff of Office/ Movement Registers/Cash Counters
and Examination Hall of Treasury (Cash) Division/Prize Bonds Counters e.t.c

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 32

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur

Contacts/Work Relationships of IMU

IMU have relationship with all concerned Units/Divisions of Sukkur Office. The purpose of this
relationship with other Units/Divisions is Pre-audit of all cases emanating all Units/Divisions
which are under the audit or monitoring of IMU.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 33

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur


Internal Monitoring is continues process and it is safe guard against the various risks (financial,
reputational, security e.t.c ), the Internal Monitoring Unit in SBP BSC (Bank), Sukkur was
started in the year 2008-09 after the restructuring of Internal Audit Department by the Head
Office Karachi (HOK) in which post audit was conducted of every transaction or process. Before
Internal Monitoring Unit (IMU), Internal Audit Department (IAD), people who were conducting
Internal Audit was experts, and they were conducting Audit according to instruction of HOK,
they were preparing the Audit program and receiving records from the Units through the
requisition letter and they were checking the records according to the manuals or instructions
given by the HOK, Internal Audit in the SBPBSC (Bank), Sukkur was conducted every month
but the Internal Audit system/process was not good due to improper distribution of percentage
(%) given to the different records for Audit purpose, all Units were not Audited every Month,
manual system, they were informing the ACM of the concerning Unit regarding the records
which comes under the Audit through the requisition letter and was possibility that the concern
person can make the correction only of those records which comes under the process that person
knows which record will be Audited through the requisition letter, most of the records were not
audited 100% and if they found any irregularity in the records they are informing to ACM
through the AU-1 register and give suggestion for the correction of that mistake or error but they
were checking very late.

SBP BSC (Bank) has established IMU in the Field Offices, so that above mistakes or errors
which done by the IAD should be removed. IMU check each and every transaction before
happening or occurrence of those transactions. IMU follow manuals and instructions which are
given time to time by HOK. In Field Office Sukkur staff which is working in IMU less than the
need of Unit.

Sukkur Institute of Business Administration: Muhammad Sarwar Shah 34

State Bank of Pakistan Banking Service Corporation (Bank) Sukkur


1- Mr. Sajid Ali Shah Chief Manager SBP BSC (Bank), Sukkur

2- Mr. Muktiyar Ahmed Ansari OG-2 SBP BSC (Bank), Sukkur

3- Mr. Munawar Assistant Chief Manager (IMU) SBP BSC (Bank), Sukkur

4- Mr. Muneer Ahmed Bhatti Assistant Chief Manager (Admin) SBP BSC (Bank), Sukkur

5- Internet




Sukkur Institute of Business Administration: Muhammad Sarwar Shah 35