1.2. Problematic of research:..............................................................................................2
1.3. Research objectives:....................................................................................................2
1.4. The questions are posed in the study:..........................................................................2
1.5 Object of research:.......................................................................................................2
CHAPTER II: THEORETICAL FRAMEWORK.................................................................4
2.1 Some concepts and theories of internal audit...............................................................4
2.1.1. Internal audit definition.......................................................................................4
2.1.2. Some theories of internal audit in commercial bank............................................7
2.1.3The function of internal audit.................................................................................9
2.1.4 Basic principles of internal audit activity...........................................................10
2.1.5 Content of internal audit.....................................................................................11
CHAPTER 3: RESEARCH METHODS AND ORGANISATION.....................................13
3.1. Research method.......................................................................................................14
3.1.1. Data collection method......................................................................................14
3.1.2. Data analysis method:........................................................................................16
I. The objective of the audit credit activitiess......................................................................16
II. Requirements of internal audit credit activities...............................................................17
III. Scope of audit credit activities.......................................................................................17
IV. The main audit methods.................................................................................................17
V. Content audit credit activities..........................................................................................18
Part A. Audit at the audited units.........................................................................................18
1. Risk assessment related to credit activities..................................................................18
2. Assessing the performance of the audit statute............................................................18
3. Quality assessment activities of the credit control system in the unit audited.............19
4. Perform audit procedures, regulations........................................................................19
Part B. Check to compare directly with borrowers..............................................................25
1. Debt validation.............................................................................................................25
2. Check the use of loan...................................................................................................26
3. Check the status of assets to ensure debt.....................................................................26
4. Inspection of the project and repayment of the business (clients are business loans). 27
VI. Prepare and submit audit report.....................................................................................28

1. Establish an audit report:..............................................................................................28
2. Send an audit report:....................................................................................................28
VII. Follow up audit.............................................................................................................29
VIII. Form audit credit operations.......................................................................................29
CHAPTER IV: CONCLUSIONS AND RECOMMENDATIONS......................................43
4.1 Conclusions and recommendations............................................................................43
4.1.1 Proposals and recommendations:.......................................................................43


1.2. Problematic of research:
From those reasons I mentioned above, I choose the research project:
“Sureying the internal creadit audit in Petrolimex group commercial joint stock
bank”.
1.3. Research objectives:
Research objectives are to clarify the theory of internal audit work in enterprises in
general, banks in particular and the actual situation of internal creadit audit works in
Petrolimex group commercial joint stock bank.
1.4. The questions are posed in the study:
What is the theory of internal audit work in enterprises in general and in banks in
particular?
Is internal creadit audit of Petrolimex group commercial joint stock bank reliable?
Is internal audit process, regulations and administration in Petrolimex group
commercial joint stock bank lose?
Is organization of internal audit work in Petrolimex group commercial joint stock
bank.
In compliance with basic principles? What are shortcomings?

Specifically as

follows:

How the internal creadit audit look like?
Organizational structure of internal auditing like?
The internal creadit audit process is closely organized?
Organized testing, quality control, internal creadit audit?
1.5 Object of research:
Petrolimex group commercial joint stock bank
1.6 Scope of research
Although internal audit is an essential tool for all types of organizations, the topic
only focuses on internal creadit audit work organization in Petrolimex group commercial
joint stock bank.
1.7. Research methodology:
1.8. Contribution of research
The topic helps clarify the perception of internal audit work in general and internal
creadit audit work organization in Petrolimex group commercial joint stock bank.in


particular. Assessment of the situation of internal creadit audit work in Petrolimex group
commercial joint stock bank is to synthesis and makes some proposals for improvement of
internal creadit audit work in Petrolimex group commercial joint stock bank.
1.9. Structure of thesis
Besides thanks, contents, list of diagrams and references, structure of thesis include
four chapters. Specifically:
Chapter 1:

Overview research on internal audit

Chapter 2:

Some basic theory on the organization of internal audit work


Chapter 3:

Research Methodology and organisation of internal creadit
audit at Petrolimex group Commercial Joint Stock bank.

Chapter 4:

Conclusions, discussions and recommendations to improve the
internal creadit audit system at Petrolimex group Commercial Joint
Stock bank.


CHAPTER II: THEORETICAL FRAMEWORK
2.1 Some concepts and theories of internal audit
2.1.1. Internal audit definition
Internal audit has come a long way over the last two or three decades. In the past,
internal audit was seen as a mechanism to double – check the many thousands of financial
transactions that were posted to the accounts each week. In the 1950s and 60s, it pretty
much consisted of basic tests of the accounts with a view to isolated errors and
irregularities. Huge standardized audit work programs would be prepared that determined
the steps that had to be taken to verify figures in the main accounting ledger and feeder
systems. In contrast, today’s internal auditor facilitates the development of suitable
controls as part of a wider risk strategy as well as providing assurances on the reliability of
these controls. The move from detailed low-level checks of huge volumes of mainly
financial transactions to high-level input into corporate risk strategies has been
tremendous.
Other industries also expanded their internal audit programs, and in 1941 the Institute
of Internal Auditors was born to herald a distinctive a discipline quite apart from public
accounting.
The definition of internal auditing began to evolve. In Latin ‘auditor’ literally means

‘listener’. Nowadays, not that much has changed in the essential elements of auditing if we
follow the definition from Arens and Loebbecke (1997, 2): “Auditing is the accumulation
and evaluation of evidence about information to determine and report on the degree of
correspondence between the information and established criteria. Auditing should be done
by a competent independent person”.
Furthermore, internal auditing in the Standards for the Professional Practice is
defined in this way: “Internal auditing is an independent appraisal function established
within an organization to examine and evaluate its activation as a service to the
organization.”
Auditing Standard ASA 610 Considering the Work of Internal Audit, issued by the
Auditing and Assurance Standards Board (AUASB) defines internal audit as follows:
Internal audit” means an appraisal activity established within an entity as a service to the
entity. Its functions include, amongst other things, monitoring internal control”.


The objective of internal audit to assist members of the organization carries out their
responsibilities effectively. It equips them how to analyze, evaluate, suggestions,
recommendations and information concerning activities reviewed. The objective of internal
audit framework also gives effective control at reasonable cost.
- Loyal to the nature of the audit, independence in internal audit is given top priority.
Internal auditors are independent when they can perform their work in a free and objective
manner. In reality, as they are members of an organization, the meeting of this requirement
can be more difficult than State auditors and independent auditors. Therefore, this
independence is only relative. In fact, all cases, scope, progress and effectiveness of
internal audit work should not be limited by any things. If so, internal auditors can get the
desired results. To this end, internal auditors should have equal status and necessary
independence.
 To ensure the independence, first of all, internal auditors conduct a review of any
findings related to the organization. Based on surveys, initial research, their professional
skills, they consider and assess activities of the organization. Results obtained from the

review and assessment will form a basis for them to clarify and give consultations for the
next operations.
 Result of internal audit is a great support for members of organizations such as the
Board of Management, Board of Directors, shareholders, and all staffs. Therefore, the
scope of the work is very widespread and it affects all activities of the organization. It is
the reason why internal audit is established as a division of the organization.
According to the professional guidance of the Institute Internal Auditors
(IIA), public sector governance encompasses the policies and procedures used to
direct an organization’s activities to provide reasonable assurance that objectives are met
and that operations are carried out in an ethical and accountable manner. In addition, the
Institute of Internal Auditors (IIA) has developed the globally accepted definition of
‘internal auditing’ as follow: “Internal auditing is an independent, objective assurance and
consulting activity designed to add value and improve an organization. It helps an agency
accomplish its objectives by bringing a systematic, disciplined approach to evaluate and
improve the effectiveness of risk management, control and governance processes”.
According to this definition, an internal audit function could be viewed as a first line


defense” against inadequate organizational governance and financial reporting. With
appropriate support the Board of Directors’ and Audit Committee (if any), the internal
audit staff is in the best position to gather intelligence on appropriate accounting practices,
inadequate internal controls, and infective corporate governance. The scope of internal
audit activity embraces the wider concepts of corporate governance and risk – recognizing
that control exists in an organization to manage risk and promote effective governance.
The remainder of the IIA’s definition of internal auditing covers a number of
important terms that apply to the profession
 The term independent is used for auditing that is free of restrictions that could
significant limit the scope and effectiveness of any internal auditor review or the later
reporting of resultant findings and conclusions.
 The word appraisal confirms the need for an evaluation that is the thrust of

internal auditors as they develop their conclusions.
- The term established confirms that an internal audit is formal, definitive function in
the modern enterprise.
 The phrase examine and evaluate describe the active roles of internal audit work
that applies to all of the activities of the modern enterprise.
 The word service recalls that the help and assistance to the audit committee,
management, and other members of the enterprise are the end products of all internal audit
work.
 The phrase to the organization confirms that internal audit’s total service scope
pertains to the entire enterprise, including all personnel, the board of directors and their
audit committee, stockholders, and the owners.
For the banking and credit institution in Vietnam, aaccording to No.37/2006/QDNHNN, Decision of the governor of the State bank of Vietnam on the issuance of the
Regulation on internal audit of credit institutions, defined ““Internal audit” is an act of
independent, objective inspection, verification, assessment for the internal inspection,
control system; independent assessment of the appropriateness and compliance with
policies, procedures and process which are set up in the credit institutions, whereby the
unit performing internal audit shall provides proposals, advices for the purpose of
enhancing the operation effectiveness, efficiency of systems, processes, provisions, making
contribution to the assurance of the prudential, efficient and lawful operation of credit


institutions.
As such, according to this definition, internal audit is conducted in the organization
by its staff and ensured by independence and objectiveness. That is, it is not hindered by
any divisions or objects when determining work scope, work performance and work result
reporting. At the same time, internal auditors must be impartial, fair so as to not to be
dependent on or dominated by others.
The term “Internal Audit” itself expresses its particular characteristic and nature.
Based on the origin and different forms of internal audit, we can see that internal audit
appears and develops due to objective needs.

From the above analysis, we can draw the nature of Internal Audit is an independent
division of a organization performing examination, assessment work and giving
recommendations of improvements on its activities for managers’ objectives
2.1.2. Some theories of internal audit in commercial bank.
Theoretical framework for internal auditor in commercial banks is determined by the
provisions of the Institute Internal Audit (IIA), Basel Committee, Ministry of Finance, and
State Bank of Vietnam.
- The Institute of Internal Auditors (IIA) is the primary international professional
association, organized on a worldwide basis, dedicated to the promotion and development
of the practice of internal auditing. The IIA is the recognized authority, chief educator, and
acknowledge leaders in standards, education, certification, and research for the profession
worldwide. The Institute provides professional and executive development training,
educations products, research studies, and guidance to more than 122,000 members in
more than 100 countries. From 1941, IIA has been well equipped to help members to meet
generally accepted professional standards by:
 Issuing ethical law
 Approving an announcement on responsibility of internal auditors
 Establishing frequent training program
 Building general knowledge content
Approval of professional standards is one of important steps in the development
process of internal audit. Professional standards of internal audit are the result of great
efforts made by the Committee in three years. They are tools for professional activities in
all business fields at various levels of the Government and organizations where internal


audit appear.
Basel Committee established in 1974 by central bank governors of 10 countries, this
Commission to develop and publish standards relating to banking activities. Basel
Committee in 1988 issued measurement system which consists of 25 basic principles of
banking supervision (Basel I). However, after a period of application, the principles of

Basel I have shown some weakness. Specifically provides only a single measure of risk
capital for banks operating on international scale through its own capital indicators on
assets adjusted for risk (CAR ≥ 8%) without considering the different nature of the bank
risks, the loans and other factors. Also, the application of Basel I cannot help countries
prevent financial and monetary crisis.
Basel Committee issued the measure of risk framework (Basel II) on July 01 in 2001
and takes effect in late 2006, replacing the treaty of Basel I. Basel II consists of a series of
standards aimed at improving monitoring and risk management techniques and is
structured in three levels: (i) required minimum capital ratio for credit risks and operational
risks, (ii) give directions relating to the monitoring process, (iii) requires banks to provide
basic information related to the capital, to ensure that risks encouraging the principles of
the market.
Treaty of Basel II emphasis on methods of control, internal audits in the bank itself,
process monitoring and market rules, increase flexibility in the management of risk and
greater attention to risk sensitivity. Treaty showed specific concepts as well as other
measures of risk such as credit risk, market risk, and operational risks.
Basel Committee encourages each bank should develop a process to monitor and
manage operational risks and specific details. Should be conducted regularly to monitor all
operations, all the chains in the transaction process to make the report warned of defects,
errors or omissions in any business policies, operating procedures in bank.
Ministry of Finance: the main content of Decision No 832/TC-QD-CDKT dated on
28/10/1997 is the developing internal audit regulations for State enterprises. Circular No
52/1998-TT-BTC issued on 16/04/1998 guide apparatus internal audit in State enterprises,
Circular No 171/1998-TC-BTC replace Circular 52/1998-TT-BTC.
Based on the characteristics of the sector, State Bank issued QD37/2006/QD-NHNN


on 01/08/2006. Decision guides the internal audit regulations apply to credit institutions.
2.1.3The function of internal audit
Internal audit’s function is both to verify and express opinions, control and consult.

Control is the first function of internal audit which is similar to verification function of
general audit. It is the control function that decides to the appearance of internal audit. It is
said that Internal Audit is an organized type whose function is to measure and assess the
effectiveness of other controls. An organization set objectives for divisions and follow up
them. The next work is to use internal audit to measure and assess other existent controls.
As such, internal auditor’s role is controller to understand the nature and scope of other
controls. Specifically, internal audit is to “assess and measure accurately the level of risks
relating to management systems, activities and information provision system of the
organization. Based on results of risk evaluation, internal auditors must assess the
propriety and effectiveness of activities and internal control system over these above
systems”
(Campbell and Timothy, 2003). Therefore, internal auditors both perform their tasks
and become experts in designing and performing other controls to get the best result. These
experts’ skills include their understanding of controls, relation and diversified co-operation
in the internal control system. Through controls, internal auditors consider and evaluate
activities of the organization. In fact, their professional fluency of internal auditors cannot
be compared to that of people who directly perform these tasks. However, they can help
related people to get better results by clarifying existent control works and making
improvements in the work.
With the development of internal audit, its function is expanded from control and
evaluates the internal control system to evaluate and make improvements in the
organization’s activities. From an analysis of definitions of internal audit, we see that
modern internal audit not only control but also more focus on consulting and assisting
audit division in risk management and improvement of work effectiveness. Expanded
function and role have created positive changes in role of internal audit. Internal audit
which was originally coercive by managers has become voluntary work of audited
divisions.
(Campbell and Timothy, 2003). Therefore, internal auditors both perform their tasks



and become experts in designing and performing other controls to get the best result. These
experts’ skills include their understanding of controls, relation and diversified co-operation
in the internal control system. Through controls, internal auditors consider and evaluate
activities of the organization. In fact, their professional fluency of internal auditors cannot
be compared to that of people who directly perform these tasks. However, they can help
related people to get better results by clarifying existent control works and making
improvements in the work.
With the development of internal audit, its function is expanded from control and
evaluates the internal control system to evaluate and make improvements in the
organization’s activities. From an analysis of definitions of internal audit, we see that
modern internal audit not only control but also more focus on consulting and assisting
audit division in risk management and improvement of work effectiveness. Expanded
function and role have created positive changes in role of internal audit. Internal audit
which was originally coercive by managers has become voluntary work of audited
divisions.
2.1.4 Basic principles of internal audit activity
According to Article 4 of Decision 37/2006/NHNN – QD, banks have to ensure the
following principles:
* Independence
The internal audit department shall operate independently compared with units,
managing, professional operation departments of the credit institution; the internal audit
activity shall be independent of activities of management, professional operation of the
credit institution. In the process of auditing or providing accounting services, auditors are
not dominated or influenced by any material or spiritual benefits which affect their
truthfulness and objectivity and professional independence. Auditors are not allowed to
perform the audit work at entities where their relatives are working for. In the audit
process, if there are any factors affecting their independence, the auditors must remove
them. If not removed, they must be clearly stated in the audit report.
* Objectiveness
The internal audit department, internal auditors must assure the objectiveness,

truthfulness, fairness, non-prejudice when they perform the task of internal audit.
Objectivity is to ensure not to leave out the mistakes, let their opinion on audit report


depend on others’ and occur any substantial agreement on quality.
* Specialty
Internal auditors shall be those who have necessary knowledge, standard and skills of
internal audit and do not concurrently undertake other posts and specialized works of the
credit institution. Internal auditors must be qualified at the working process
Three principles are in internal audit in banks of the Basel Committee, July 2000.
However, under this document, banks must comply with other following principles
* Continuity
Internal audit in banks must be regularly and continuously conducted. Therefore, the
management must provide the appropriate power and support internal audit department to
achieve its goals.
* Principle of operation scope
Every division and operation is subject to internal audit, regardless of branch or
subsidiary.
Overall, internal audit must consider and assess the appropriateness and effectiveness
of internal control activities.
2.1.5 Content of internal audit
It is the work that internal auditors have to perform in the internal audit process.
Organizing internal audit work includes the following: organizing internal audit
apparatus, process, inspecting and controlling internal audit work.
Organization of internal audit apparatus: Internal audit apparatus organized in line
with an entity’s scale will help the leaders closely and effectively control its business
activities. At the same time, it will help managers control the quality of internal audit
easily, appropriately assign tasks.
Setting up an internal audit department is based on the operation scale and scope of
operation, staff qualifications and operation fields.

In Vietnam, under Article 15 of Internal Audit Regulations applicable to State-owned
enterprises issued together with Decision No. 832 TC/QĐ/CĐKT dated 28 October 1997 of
the Minister of Finance, internal audit is organized directly under the General Director of
the enterprise. Under Article 7 – Decision No. 37/206/QĐ-NHNN dated 01 August 2006 of
Vietnam State Bank Governor on issuing Internal Audit Regulations, internal audit at credit


organizations and banks is consistently organized under the direct supervision of Board of
Control. As such, to ensure independence of internal audit, Internal Audit department is
often under the direct management of Board of Management (Board of Control) or
(General) Director.
Internal audit department often includes: manager, deputy manager (if any), group
leader, internal auditors and internal auditor assistants (if any). Internal auditors often
perform work with high pressure. Their work includes:
 Examine the true and fair view of financial information, business information and
use methods to identify, evaluate, classify and report such information.
-

Check the compliance with the policy, plan and rules.

-

Check asset protection and consider whether assets are actually existent or not?

 Internal auditors must examine whether the use of resources are economical or
cost-effective or not?
 Internal auditors must evaluate work or programs to confirm whether obtained
results are consistent with set objectives or work and programs are implemented as
scheduled or not?
Normally, internal audit department in enterprises in general and banks in

particular can be organized under the following models:
- Centralized model: Internal audit department is only set up at the head office, not at
units or branches… This model ensures the objectivity, independence of internal audit and
helps improve the profession of internal audit.
- Decentralised model: apart from the internal audit department at the head office, it
is also set up at dependent units, subsidiaries, branches, etc. The central internal audit
department will conduct the audit of all activities of the organization and perform complex
audit engagements. This model is usually applied to multinational companies having
operations in many geographically separated countries and territories.
- Combined model: apart from the internal audit department at the head office, the
enterprise can conduct the internal audit at an area and be responsible for a certain
geographical area.


CHAPTER 3: RESEARCH METHODS AND ORGANISATION
OF INTERNAL CREADIT AUDIT AT Petrolimex group commercial joint stock
bank
AN OVERVIEW OF PG BANK’S HISTORY
►History
Petrolimex Group Commercial Joint Stock Bank (PG Bank) was formerly Dong
Thap Muoi Rural Joint Stock Bank. Dong Thap Muoi Rural Joint Stock Bank’s operation
permit was issued by the State Bank’s Governor’s License No. 0045/NH – GP dated
November 13, 1992. Accordingly, the bank’s initial charter capital was 700,000,000 VND
(seven hundreds million Vietnam dong) and its operating district was Dong Thap province.
After 10 years of operation, PG bank‘s organizational system has constantly been
strengthened, achieving a steady growth rate with a low overdue debit and an annual
business result that always brings about high profits to its shareholders. The bank’s charter
capital has now reaches 5,000 million VND, which is seven times higher than the initial
charter capital.
In an effort to restructure its operation, in July 2005, Dong Thap Muoi Bank decided

to invite new shareholders to participate, making an increase of the charter capital to 90
billion VND. Among the new shareholders were financially potential and banking-business
experienced Vietnam National Petroleum Corporation (Petrolimex) and Sai Gon Security
INC (SSI).
With the contribution of big shareholders, the bank has made significant progress. In
September 2006, the bank increased its capital to 200 billion VND. Its total asset as of
December 31st, 2006 was 1,187 billion VND, the outstanding loan was 801 billion VND,
the total revenue in 2006 was 69 billion VND and its profit before tax was 17.49 billion
VND. The bank, in cooperation with a foreign consultant, was able to create a long-term
development strategy. It was also successful in the selection and deployment of the core
banking software by IFLEX, one of the most modern banking software presently.
In March 2007, PG Bank was authorized to be transformed into an urban joint stock


bank by State Bank Decision No. 125/QD-NHNN dated January 12, 2007 and to change its
name to Petrolimex Group Commercial Joint Stock Bank (PG Bank) by Decision No.
368/QD- NHNN dated February 8, 2007. Accordingly, PG bank was licensed to expand its
network nation-wide and to perform full banking services including international payment
and foreign currency trading.
► PG Bank’s Development Milestones
In May 2007, it was decided at PG Bank Annual Shareholder Conference to increase
the Bank’s capital to 500 billion VND in 2007 with a plan to increase the capital to at least
1,000 billion VND in 2008 and at least 3,000 billion in the period from 2008 to 2010. As of
May 31, 2007, PG Bank’s total asset was 1,632 billion VND, its outstanding loan was 900
billion VND and the profit before tax was 17,49 billion VND.
On June 26, 2007, PG Bank Hanoi Branch was officially inaugurated. This
significant event did not only denote the emergence of PG Bank in the active banking
market of economically imperative Hanoi, but also represented the commencement of PG
Bank’s development strategy of branch and transaction offices expansion nationwide.
3.1. Research method

3.1.1. Data collection method
Data collection method is a very important stage. To obtain the necessary data for the
writing of the topic, I used the following methods: investigation, interviews,.
a. Investigation method
 Investigation method is to use questionnaires for managers and people directly
relating to internal creadit audit.
 The content of the survey is to use test questions for surveyed people based on their
actual jobs. The content of questionnaires is close to the topic, especially to internal creadit
audit at Petrolimex group commercial joint stock bank.
 Investigation process:
 The first step is to issue questionnaire votes. The investigation process is
implemented within 1 month. The number of questionnaire votes is 24.
 The second step is to collect questionnaire votes. The obtained votes are 30,
equipment to the response rate of 90.9%.
 The third step is to summarize results and give conclusions. Summarization of


results and necessary conclusions after the end of the investigation process is shown in the
data summarization table.


Table 3.1: Summing up of investigation data

No.

1
2
3
4
5

6

Object of
investigation
Board of director
Internal auditor

Knowledge of internal audit

Number of

Number of

people to

investigation

investigate

card

Excellent
(%)

Good
(%)

Average
(%)


Excellent
(%)

Good
(%)

Average
(%)

3

3

90

10

0

80

20

0

Knowledge of bank

work

members

Auditors

3

3

80

20

0

78

20

2

10

10

55

35

10

65


25

10

Other departments

17

17

50

40

10

34

51

15


 Interviewing method:
 Interviewing was conducted through direct interviews or through phone interviews
of some managers as well as those directly conducting the internal audit work at banks and
some concerned departments.
 The content of the interview is prepared, not overlapped among the interviewed and
focused on internal audit. In addition, during project implementation, if questions arise out
of the interviewed content, the interviews will be conducted via phone.

Table 3.2: List of interviewee

No.

Name

Job title

1
2
3
4
5

3.1.2. Data analysis method:
After interviewing and studying materials, I synthesize and analyze information. The
method focuses on the information obtained from Petrolimex group commercial joint stock
bank , then referring to the situation and giving conclusion on internal creadit audit. After
all, I study proposals for completion of internal creadit audit work in line with the general
and particular regulations of Petrolimex group commercial joint stock bank . This method
is used when I write chapter 3 and 4 for this thesis.
3.2
I. The objective of the audit credit activitiess
Audit activities to assess the true credit status, credit quality, detect loopholes in
credit operations, potential risks and operational risks of the bank credit, has been
proposed, consulting the Board, General Director, Director of the member units of
measures, measures to reduce risks in the credit activities of banks.


II. Requirements of internal audit credit activities

1. Assess compliance with policies, regulations, operating procedures current credit.
2. Assessing risks in credit operations.
3.

Assess the appropriateness, effectiveness of control procedures in credit

activities.
4. Assess the truthfulness and reliability of the information on credit activities.
5. Assess compliance with the objectives of the program credit activities.
6. Check the security measures for credit operations.
7.

Evaluation of loan classification and provisioning risks under the current

regulations.
8. Recommendations on the editing issues identified through audit work.
III. Scope of audit credit activities
1. Whole loan sales, debt collection, outstanding time of the audit or the time
specified in the audit decision.
2. The entire credit file is available at the office or at branches of Bank System
PGNghe Scope of audit credit operations
IV. The main audit methods
1. Analysis methods: on the basis of analysis of a general indicator of the credit
activities such as: total loans, bad debt, debt structure by industry, the structure of debt in
the form of credit .. . auditors to conduct reviews and evaluate the volatilities in each item
in two aspects of nature and thereby determining the focus of the audit credit operations,
identify types of loans and lines focused audit, the audit selected number of samples,
record the number of audit sampling.
2. Audit sampling methods: selecting representative samples for each customer
group / group credit products, industry groups .... make sure the records are sufficiently

representative sample for the overall basis for testing evaluation to draw general
conclusions for the overall.
3. Survey methodology: collecting confirmation of balance from the borrower,
ensuring the consistency of data stored on file at the bank and borrowers.


V. Content audit credit activities
Part A. Audit at the audited units
1. Risk assessment related to credit activities
According to 3 levels (high, medium and low). When analyzing and evaluating risks
in credit operations need to go into the following key risks:
a) Client records are incomplete.
b) The evaluation of information about customers and the loan is not fully and
accurately.
c) Failure to comply with the decentralization process authorized in lending to customers.
d) The information in the credit contract, mortgage contract, pledge not match with the
decision to approve loans and information on FLEXCUBE system.
e) The registration of security transactions and make inventory of original papers
related properties securing loans are not made according to regulations.
f) Based on incomplete and disbursement regulations.
g) The following customers to check loan is not timely, quality assurance and may
not be strictly controlled.
h) The management of debt collection has not been close.
i) The debt structure (extending term debt and adjusted) is not sufficient grounds.
j) The classification of liabilities to be carried out strictly according to regulations. The risk
provisioning is not factually correct classification of debt.
k) The customer reviews have not been conducted periodically in time and in full.
l) The management and distribution module access to credit in the system of regulations
PLEXCUBE ...
2. Assessing the performance of the audit statute

Overall evaluation of the implementation of the credit limit of the audited unit and
overall assessment of the operation, the credit quality of the unit.
Auditors conducting counter reporting system to collect, examine and analyze the
overall targets through a number of times, including:
- Total outstanding debt:
+ The proportion of short-term debt, medium and long term total outstanding loans
compared to planned targets.


+ The proportion of outstanding loans under the economic component of total
outstanding loans compared to planned targets.
- Credit quality:
+ Delinquency rate, loans over total loans outstanding at the time of inspection.
The rate of loan interest income in the comparable period real interest loan receivables in
the period.
3. Quality assessment activities of the credit control system in the unit audited
a) Consider the division of the Board of Directors, Sales, Support Credit and other
departments involved in the process of credit in the branch (in writing) on the credit has
not used reasonable? the assignment of a right is not defined?
b) Review and assess the organizational model of the unit, the proportion of staff on
customer relations personnel in total units, the number of records and have outstanding
management of a Customer Relations Officer , changes in personnel in the organizational
structure, particularly in management positions.
c) The implementation of the lending regulations, the provisions relating to credit
operations of PG Bank, Bank of Agriculture ... at the branch have been no adequate and
timely?
d) The implementation amend the shortcomings of the first test, inspection and
auditing have timely and complete?.
e) Measures to improve unit operations and growth in credit outstanding.
4. Perform audit procedures, regulations

a. Checking system data on FLEXCUBE
Check the consistency of the outstanding loans (including loans and debt qualify
unqualified) report on balancing G / L and balance statement detailing each customer.
Inspect and analyze the data and parameters to detect credit customer data
irregularities, errors and violations on the system:
(I) A borrower may borrow money or time in excess of the credit authorization
decision of the branch.
(II) has a level of interest rates is not normal, ceiling or floor rates prescribed head
office.
(III) Term loans are not appropriate for the type loan.
(IV) Do not overdue in the following cases:


- Timeout rescheduling maximum prescribed but continue to extend.
- Never pay interest on time or a long time no see interest arising under the
regulations.
- Other cases are subject to overdue but not overdue.
(V) Identify potential risks to customers:
- There overdue debts or outstanding loans overdue rate on total outstanding debt.
- A long time is not incurred debt principal and interest.
- Has been overdue for too long.
- Customer is overdue but worth little or no guarantee of security assets.
- Customers have been paid interest for big loans.
- Customers have more than one of CIF.
- Customers frequently change organizations, managers apparatus
- The expression can lead to risk: As the rapid credit growth, credit growth exceeded
the average system ...
(VI) Accounting for the wrong loan product code of the customer.
(VII) The data value of the property to ensure there is unreasonable.
(VIII) Classification of the debt is incorrect.

(IX) Identify the access code (USER ID) transactions and the inspectors who
conducted the transaction is flawed.
(X) The data and parameters show abnormal screen to check on FLEXCUBE system
and credit record.
b. Check details of credit records
(I) Check credit record details of a customer:
Based on data analysis through detailed files on the system FLEXCUBE, the auditor
will determine the object to be inspected in detail by credit profile:
 These clients have unreasonable data, they need to complete verification.
Customers have the potential risks and delinquency.
Customers can check the balance of debt.
 Check representative sampling of each customer group / product group credit.
Customers who have credit relations with many branches. For a borrower:


 Check the total outstanding debt of clients at the time of inspection included in the
term debt, overdue and check account status of each loan contract.
 Detailed examination of credit files include legal documents and financial records,
loan records, property records to ensure process credit before lending, while lending and
after lending.
(II) The appraisal before the loan:
- Legal documents
• Check the completeness, validity and legality of the records (the reference list of
legal documents stipulated in the credit process in PG Bank). The documents are
considered valid when the photo has been authenticated. The documents provided to banks
under the control of the units issued loans must be originals or copies certified by the seal
unit. Inspection process to note the amendment of current legislation and internal
regulations for the application accordingly.
• To compare the consistency of customer information on file for legal information in
the CIF module FLEXCUBE system and check the changes and update information about

customers.
- Financial Profile
• Check the adequacy of financial records (the reference lists of financial records
specified in the credit process in PG Bank).
• Check for evidence of the charter capital contribution of loan units and assess the
legality and validity of the form of capital contributions (eg for limited liability companies,
joint stock companies receiving capital contributed by property, such property shall be
transferred to the ownership of the company.)
• Check the financial capacity of borrowers through analyzing financial statements,
and check the classified assessment borrower's periodic branch, the application of
appropriate policies to customers in accordance Bank of PG.
- File loans
• Assess the adequacy and legality of the project documents, the loan (the reference
portfolio loan documents specified in the credit process in PG Bank).
• For borrowers there is a unit of business registration, check that the investment
project / business plan is within the scope of business has registered or not.


• Assess business plans / investment projects established by the customer about the
aspects: the level of detail of plans and projects, the ability to calculate reasonable profit /
loss, the feasibility of the project, which own participation, input and output markets ...
- Measures to secure loans
• Consider the process of checking security properties, assess the value of collateral
assets before lending through the minutes of content, detailed assessment of the inspection
staff prior to loan. Dossiers debt secured assets in terms validity, legality, the ability to
trade ...
• Check if the loan meets the conditions prescribed by PG Bank to apply measures to
ensure that asset or not.
- Loan approval process
• Check the contents of the submission on lending and appraisal reports, evaluate the

adequacy, accuracy and detail for the opinions of loan officers / evaluation mentioned in
the reports / report aspects: evaluation of loan officers / evaluation of the financial
situation, plans and projects for a loan, the risk level of the plan / project ...
• Check the loan value, beyond authority has approved the decision of approval or
not, paying special attention to the case of loans, but many different customers with a
project investment, loans and more customers are ties related to each other (groups of
related clients.)
• Check the percentage of equity involved, the determination of debt maturity ...
(III) While lending:
• Check the contents of the terms of the contract at the record store credit, interest
rate applied in accordance with the provisions of PG BANK from time to time.
• Check the detailed information of the credit agreement in the FLEXCUBE system:
Loan amount, repayment amount and the current principal balance (including the debt has
been processed output tracking sheet).
Type of loan, the lender and approved.
Lending interest rate (if applicable floating rate compared with current interest rates
at the branch; times change, time change interest rates applied against the credit
agreement), the method of interest calculation, rate penalty interest rate ...
Principal

repayment

schedule,

interest

implementation under the credit agreement.

and


repayment

schedule

of

the


• Check the disbursement process is strictly for the purpose of the original loan and
are fully air base (economic contracts, invoices ...), paying special attention to the
disbursement of cash, disbursed into account deposit of the borrower or deposit accounts of
those who have a close relationship with the borrower; evaluate the reasonableness of the
allocation of functions between staff and customer relations staff Support Credit and staff
involved in the process of credit as prescribed.
(IV) After the loan:
• Check the monitor payment of principal, ensure timely payment of interest on time
committed on signed contracts, interest accrued (expected revenue or balance sheet)
including interest penalties to the time of check in FLEXCUBE system.
• Test and evaluate the test's use of the loan credit officers, paying special attention to
examining the use of loans for cash disbursements; assess the level of detail and
completeness the contents of the inspection report the use of loans.
• Check the records lending examination (according to form PG Bank has issued),
date of inspection and examination contents.
• Compare the repayment schedule on a credit agreement with the repayment
schedule and the entry of principal repayment, interest payment tracking system to ensure
consistency FLEXCUBE, the changes in time to match the profile structure it in fact.
• Check your records and debt restructuring overdue:
+ Check the performance of restructured debt repayment period, interest rate changes
through the viewing screen system is suitable for FLEXCUBE credit record is not

(compare with the submission extension of repayment period adjustments , on the basis of
changes in interest rates when the extension ...)
+ Evaluation process of checking borrower loan officers when an application for debt
restructuring, the causes have yet to be concrete evidence. (Example: the case of not
paying debts on time by customers who have not paid for the sale, there must be
comparison / validation of debts ...).
+ To consider the report of the debt restructuring loan officers: analysis, assessment
of reasonable cause customers not pay debts on time.
+ Evaluate the reasonableness of the time adjustment period or extension of debt
repayment, timely assessment of the overdue ...


• For customers who have overdue debts and repayment capability assessment of
customers, analyze the causes and propose treatment.
• Check the end of the credit agreement and clearance procedures to ensure contract
assets (bills to ensure the signature authority, minutes of delivery ...).
(V) Inspection of Collateral Debt:
• Check the parameters and data security properties on the system compared with
FLEXCUBE credit file:
+ Ensure total client assets mortgaged, pledged, in PG Bank Guarantee.
+ Status of the security property.
+ Asset value guarantee against the security contract, valuation minutes.
+ Security property is used for credit contracts, warranties.
+ The owner of the security property, who guaranteed.
+ Check other changes related to security property.
+ Determine the access code of dealers who perform data entry or data changes
related to security property (if necessary).
• Check the text-based documents filed at the Branch:
+ Check the legality and validity of the secured assets, the original filing of proof of
ownership and use rights of Collateral; for the pledged assets, the preservation of property

was close or not, capable of experiencing what the risks (which may require production of
collateral assets in stock to test). Where the loan security with properties formed from loan
after the certificate of ownership and use rights must be set up annexes to ensure the loan
contract.
+ Check the revaluation of assets to ensure a regular and reasonably consistent with
regulations or not, the lending rate on the value of assets to ensure policy is appropriate for
customers of PG or BANK .
+ Check the insurance guarantee for the property (for property to buy insurance),
the reasonable value of the insured and the insurance terms, the transfer of beneficiaries to
the bank insurance .
+ Check the notarization and registration of security transactions for security
properties.
c. Supervise the observance of discipline in the work of operating credit:
(i) Check limit a customer is using up the whole system of PG Bank (Customer