Bank of Ceylon

Chairman

Report of the Auditor General on the Financial Statements and Other Legal and Regulatory Requirements of the Bank of Ceylon and its subsidiaries for the year ended 31 December 2022 in terms of Section 12 of the National Audit Act, No. 19 of 2018.

1. Financial Statements

1.1 Opinion

The audit of the Financial Statements of the Bank of Ceylon (the “Bank”) and the Consolidated Financial Statements of the Bank and its subsidiaries (the “Group”) for the year ended 31 December 2022 comprising the statement of financial position as at 31 December 2022 and the statement of profit or loss, statement of comprehensive income, statement of changes in equity and statement of cash flow for the year then ended, and notes to the Financial Statements, including a summary of significant accounting policies, was carried out under my direction in pursuance of provisions in Article 154 (1) of the Constitution of the Democratic Socialist Republic of Sri Lanka read in conjunction with provisions of the National Audit Act No. 19 of 2018. The Bank has been exempted from the provisions of Part II of the Finance Act, No. 38 of 1971 by an Order of then Minister of Finance published in the Government Gazette No. 715 of 14 May 1992 by virtue of powers vested in him by Sections 5 (1) of the said Finance Act. My report to Parliament in pursuance of provisions in Article 154 (6) of the Constitution will be tabled in due course.

In my opinion, the accompanying Financial Statements give a true and fair view of the financial position of the Bank and the Group as at 31 December 2022, and of their financial performance and their cash flows for the year then ended in accordance with Sri Lanka Accounting Standards.

1.2 Basis for Opinion

I conducted my audit in accordance with Sri Lanka Auditing Standards (SLAuSs). My responsibilities, under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of my report. I believe that the audit evidence I have obtained is sufficient and appropriate to provide a basis for my opinion.

1.3 Key Audit Matters

Key audit matters are those matters that, in my professional judgement, are of most significance in my audit of the Financial Statements of the Bank and the Consolidated Financial Statements of the Group of the current period. These matters were addressed in the context of my audit of the Financial Statements of the Bank and the Consolidated Financial Statements of the Group as a whole, and in forming my audit opinion thereon, and I do not provide a separate opinion on these matters.

Key audit matter	How my audit addressed the key audit matter
Provision for impairment on financial assets carried at amortised cost Provision for impairment on financial assets carried at amortised cost as stated in Notes 28 and 29 is determined by Management in accordance with the accounting policies described in Notes 4.4.11, 28 and 29. This was a key audit matter due to the materiality of the reported provision for impairment which involved complex calculations; degree of judgements, significance of assumptions and level of estimation uncertainty associated with estimating future cash flows management expects to receive from such financial assets. Key areas of significant judgements estimates and assumptions used by Management in the assessment of the provision for impairment included the following: management overlays to incorporate the current economic contraction. the incorporation of forward-looking information such that expected cash flows reflect current and anticipated future external factors, in the multiple economic scenarios and the probability weighting determined for each of these scenarios.	In addressing the adequacy of the provision for impairment on financial assets carried at amortised cost, my audit procedures included the following key procedures. I assessed the alignment of the Bank’s provision for impairment computations and underlying methodology including responses to market economic volatility with its accounting policies, based on the best available information up to the date of my report. I evaluated the internal controls over estimation of impairment, which included assessing the level of oversight, review and approval of provision for impairment policies and procedures by the Board and Management. I checked the completeness and accuracy of the underlying data used in the impairment computation by agreeing details to relevant source documents and accounting records of the Bank. In addition to the above, the following procedures were performed: For loans and advances assessed on an individual basis for impairment: I evaluated the reasonableness of credit quality assessments. I checked the arithmetical accuracy of the underlying individual impairment calculations. I evaluated the reasonableness of key inputs used in the provision for impairment made with particular focus on current economic contraction. Such evaluations were carried out considering the value and timing of cash flow forecasts particularly relating to elevated risk industries, debt moratoriums and status of recovery actions of the collaterals. For financial assets assessed on a collective basis for impairment: I tested the key inputs and the calculations used in the provision for credit impairment. I assessed whether judgements, assumptions and estimates used by the Management when estimating future cash flows, in the underlying methodology and the management overlays were reasonable. My testing included evaluating the reasonableness of forward-looking information used based on available market data, economic scenarios considered, and probability weighting assigned to each of those scenarios. I assessed the adequacy of the related financial statement disclosures set out in Notes 28 and 29.
Information Technology (IT) systems and controls over financial reporting Bank’s financial reporting process is significantly reliant on multiple IT systems with automated processes and internal controls. Further, key financial statement disclosures are prepared using data and reports generated by IT systems, that are compiled and formulated with the use of spreadsheets. Accordingly, IT systems and related internal controls over financial reporting were considered a key audit matter.	My audit procedures included the following key procedures: I obtained an understanding of the internal control environment of the processes and test checked relevant controls relating to financial reporting and related disclosures. I identified and test checked relevant controls of IT systems related to the Bank’s financial reporting process. I involved my specialised resources to check and evaluate the design and operating effectiveness of IT systems and relevant controls, including those related to user access and change management. I also obtained a high-level understanding, primarily through inquiry, of the cybersecurity risks affecting the Bank and the actions taken to address these risks. I checked source data of the reports used to generate disclosures for accuracy and completeness, including review of the general ledger reconciliations.

Key audit matter

How my audit addressed the key audit matter

Provision for impairment on financial assets carried at amortised cost Provision for impairment on financial assets carried at amortised cost as stated in Notes 28 and 29 is determined by Management in accordance with the accounting policies described in Notes 4.4.11, 28 and 29. This was a key audit matter due to the materiality of the reported provision for impairment which involved complex calculations; degree of judgements, significance of assumptions and level of estimation uncertainty associated with estimating future cash flows management expects to receive from such financial assets. Key areas of significant judgements estimates and assumptions used by Management in the assessment of the provision for impairment included the following:

management overlays to incorporate the current economic contraction.
the incorporation of forward-looking information such that expected cash flows reflect current and anticipated future external factors, in the multiple economic scenarios and the probability weighting determined for each of these scenarios.

In addressing the adequacy of the provision for impairment on financial assets carried at amortised cost, my audit procedures included the following key procedures. I assessed the alignment of the Bank’s provision for impairment computations and underlying methodology including responses to market economic volatility with its accounting policies, based on the best available information up to the date of my report.

I evaluated the internal controls over estimation of impairment, which included assessing the level of oversight, review and approval of provision for impairment policies and procedures by the Board and Management.
I checked the completeness and accuracy of the underlying data used in the impairment computation by agreeing details to relevant source documents and accounting records of the Bank.
In addition to the above, the following procedures were performed:

For loans and advances assessed on an individual basis for impairment:

I evaluated the reasonableness of credit quality assessments.
I checked the arithmetical accuracy of the underlying individual impairment calculations.
I evaluated the reasonableness of key inputs used in the provision for impairment made with particular focus on current economic contraction. Such evaluations were carried out considering the value and timing of cash flow forecasts particularly relating to elevated risk industries, debt moratoriums and status of recovery actions of the collaterals.

For financial assets assessed on a collective basis for impairment:

I tested the key inputs and the calculations used in the provision for credit impairment.
I assessed whether judgements, assumptions and estimates used by the Management when estimating future cash flows, in the underlying methodology and the management overlays were reasonable. My testing included evaluating the reasonableness of forward-looking information used based on available market data, economic scenarios considered, and probability weighting assigned to each of those scenarios.
I assessed the adequacy of the related financial statement disclosures set out in Notes 28 and 29.

Information Technology (IT) systems and controls over financial reporting

Bank’s financial reporting process is significantly reliant on multiple IT systems with automated processes and internal controls. Further, key financial statement disclosures are prepared using data and reports generated by IT systems, that are compiled and formulated with the use of spreadsheets. Accordingly, IT systems and related internal controls over financial reporting were considered a key audit matter.

My audit procedures included the following key procedures:

I obtained an understanding of the internal control environment of the processes and test checked relevant controls relating to financial reporting and related disclosures.
I identified and test checked relevant controls of IT systems related to the Bank’s financial reporting process.
I involved my specialised resources to check and evaluate the design and operating effectiveness of IT systems and relevant controls, including those related to user access and change management.
I also obtained a high-level understanding, primarily through inquiry, of the cybersecurity risks affecting the Bank and the actions taken to address these risks.
I checked source data of the reports used to generate disclosures for accuracy and completeness, including review of the general ledger reconciliations.

1.4 Other Information Included in the Group’s 2022 Annual Report

The other information comprises the information included in the Group’s 2022 Annual Report, but does not include the financial statements and my auditor’s report thereon, which is expected to be made available to me after the date of this auditor’s report. Management is responsible for the other information.

My opinion on the financial statements does not cover the other information and I do not express any form of assurance conclusion thereon.

In connection with my audit of the financial statements, my responsibility is to read the other information identified above when it becomes available and, in doing so, consider whether the other information is materially inconsistent with the financial statements or my knowledge obtained in the audit or otherwise appears to be materially misstated.

When I read the Bank’s 2022 Annual Report, if I conclude that there are material misstatements therein, I am required to communicate that matter to those charged with governance for correction. If further material uncorrected misstatements are existed those will be included in my report to Parliament in pursuance of provisions in Article 154 (6) of the Constitution that will be tabled in due course.

1.5 Responsibilities of Management and those Charged with Governance for the Financial Statements

Management is responsible for the preparation of Financial Statements that give a true and fair view in accordance with Sri Lanka Accounting Standards, and for such internal control as Management determine is necessary to enable the preparation of Financial Statements that are free from material misstatement, whether due to fraud or error.

In preparing the Financial Statements, Management is responsible for assessing the Group’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless Management either intends to liquidate the Group or to cease operations, or has no realistic alternative but to do so.

Those charged with governance are responsible for overseeing the Bank’s and the Group’s financial reporting process.

As per Section 16 (1) of the National Audit Act No. 19 of 2018, the Group is required to maintain proper books and records of all its income, expenditure, assets and liabilities, to enable annual and periodic Financial Statements to be prepared of the Group.

1.6 Auditor’s Responsibilities for the Audit of the Financial Statements

My objective is to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes my opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with Sri Lanka Auditing Standards will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with Sri Lanka Auditing Standards, I exercise professional judgement and maintain professional scepticism throughout the audit. I also:

Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for my opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.
Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Bank’s internal control.
Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by the Management.
Conclude on the appropriateness of the Management’s use of the going concern basis of accounting and based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Group’s ability to continue as a going concern. If I conclude that a material uncertainty exists, I am required to draw attention in my auditor’s report to the related disclosures in the Financial Statements or, if such disclosures are inadequate, to modify my opinion. My conclusions are based on the audit evidence obtained up to the date of my auditor’s report. However, future events or conditions may cause the Group to cease to continue as a going concern.
Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

I communicate with those charged with governance regarding, among other matters, significant audit findings, including any significant deficiencies in internal control that I identify during my audit.

2. Report on Other Legal and Regulatory Requirements

2.1 National Audit Act, No. 19 of 2018 includes specific provisions for following requirements.

2.1.1 I have obtained all the information and explanation that required for the audit and as far as appears from my examination, proper accounting records have been kept by the Bank as per the requirement of Section 12 (a) of the National Audit Act, No. 19 of 2018.

2.1.2 The Financial Statements presented is consistent with the preceding year as per the requirement of Section 6 (1) (d) (iii) of the National Audit Act, No. 19 of 2018.

2.1.3 The Financial Statements presented includes all the recommendations made by me in the previous year as per the requirement of Section 6 (1) (d) (iv) of the National Audit Act, No. 19 of 2018.

2.2 Based on the procedures performed and evidence obtained were limited to matters that are material, nothing has come to my attention;

2.2.1 to state that any member of the governing body of the Bank has any direct or indirect interest in any contract entered into by the Bank which are out of the normal course of business as per the requirement of Section 12 (d) of the National Audit Act, No. 19 of 2018;

2.2.2 to state that the Bank has not complied with any applicable written law, general and special directions issued by the governing body of the Bank as per the requirement of Section 12 (f) of the National Audit Act, No. 19 of 2018;

2.2.3 to state that the Bank has not performed according to its powers, functions and duties as per the requirement of Section 12 (g) of the National Audit Act, No. 19 of 2018;

2.2.4 to state that the resources of the Bank had not been procured and utilised economically, efficiently and effectively within the time frames and in compliance with the applicable laws as per the requirement of Section 12 (h) of the National Audit Act, No. 19 of 2018.

W P C Wickramaratne
Auditor General

Finacial Reports

Report of the Auditor General