LogoRegulatory Alerts
2018-12-27

Regulation on the External Audit of Non-Bank Financial Institutions

The Central Bank of Kosovo’s Board approved this Regulation to establish a comprehensive framework governing the external audit of non-bank financial institutions (NBFIs). It mandates that external auditors obtain CBK approval, maintain strict independence and professional ethics, conduct audits under International Standards on Auditing and IFRS, and submit detailed annual reports alongside management letters. The CBK enforces compliance through mandatory quality assurance reviews and retains direct enforcement powers, including issuing warnings, suspending approvals for up to three years, mandating re-audits, and revoking licenses when statutory criteria are breached.

Central Bank of the Republic of Kosovo logo

Kosovo

Central Bank of the Republic of Kosovo

Click to view thumbnail

1 of 9 Pursuant to Article 35, paragraph 1, subparagraph 1.1 of the Law No. 03/L-209 on Central Bank of the Republic of Kosovo (Official Gazette of the Republic of Kosovo, No. 77 / 16 August 2010), as well as Article 103, paragraph 1, and Article 114 of the Law No. 04/L-093 on Banks, Microfinance Institutions and Non-Bank Financial Institutions (Official Gazette of the Republic of Kosovo, No. 11 / 11 May 2012), the Board of the Central Bank, in its meeting held on 27 December 2018, approved the following: REGULATION ON THE EXTERNAL AUDIT OF NON-BANK FINANCIAL INSTITUTIONS Article 1 Purpose and scope

  1. The purpose of this Regulation is to establish the regulatory framework related to external auditors of non-bank financial institutions (hereinafter NBFIs) and to define the quality of services provided by external auditors in relation to the specific risks of NBFIs and of the financial sector in general. This Regulation defines the requirements for the approval of external auditors, the conduct of external audit of NBFIs and the relations between external auditors, NBFIs and the CBK.
  2. This Regulation applies to all NBFIs registered with the CBK to operate in the Republic of Kosovo, with the exception of NBFIs registered with a single activity of currency exchange, for which the provisions of this Regulation apply only upon a special request by the CBK for auditing the financial statements or if the audit of the financial statements is required by the applicable law on financial reporting. Article 2 Definitions
  3. All terms in this Regulation shall have the same meaning as the terms defined in Article 3 of the Law No. 04/L-093 on Banks, Microfinance Institutions and Non-Bank Financial Institutions (hereinafter: the Law on Banks, MFIs and NBFIs) and/or as defined below for the purpose of this Regulation: 1.1. Audit firm means a legal entity or any other entity, regardless of its legal form, which is licensed, in accordance with the Law on Accounting, Financial Reporting and Auditing, to perform statutory audit.

2 of 9 1.2. Financial statement means statement of financial position, income statement, cash flow statement, statement of changes in equity, supplementary notes and explanatory material of financial statements. Article 3 General conditions

  1. The external auditor of a NBFI registered with the CBK to operate in Kosovo shall be licensed by the Kosovo Council for Financial Reporting (KCFR) and approved by the CBK.
  2. Based on a written application, the CBK shall grant approval to an external auditor of a NBFI only if the following conditions are met: 2.1. The external auditor is licensed in Kosovo in accordance with the Law on Accounting, Financial Reporting and Auditing. 2.2. The external auditor has at least 3 (three) years of experience in the field of audit of financial statements of NBFIs or of other financial institutions, or its participating staff which carries out the audit has such an experience. Article 4 Specific conditions and requirements
  3. Approval granted to the external auditor shall be limited to one specific NBFI and shall be valid for one financial year.
  4. Applications for approval shall be submitted to the CBK before 30 June of each year.
  5. The NBFI, together with the application for approval, shall provide the CBK with: 3.1. The proposal of its Audit Committee and its Board of Directors for appointment of the external auditor; 3.2. An audit program for the audit of the NBFI; 3.3. A description of the use of resources in the audit mission; 3.4. External auditor’s letter of commitment or the contract of supplied service; 3.5. A relevant document that proves sufficient experience of external auditor or its staff which carries out the auditing in the field of audit of NBFIs or other financial institutions; 3.6. A certificate issued by the Kosovo Council for Financial Reporting (KCFR) regarding the results of the latest quality control for the external auditor (this certificate shall not be required by the CBK until the KCFR begins to issue such a certificate); and 3.7. A written declaration of the external auditor for meeting the criteria set forth in Article 7 of this Regulation.
  6. The audit program and the use of resources in the audit mission shall be appropriate in relation to the character and size of the NBFI.
  7. Continuous employment of the same external auditor shall be limited to three years or three consecutive audits.

3 of 9 Article 5 Good repute The CBK shall grant approval as an external auditor of a NBFI to external auditors of good repute who are not engaging in any activity which is incompatible with the external audit function. Article 6 Re-auditing CBK shall reserve the the right to request a re-audit carried out by another external auditor, at the expense of the NBFI, in cases when the existing external auditor of the NBFI has carried out an audit or has submitted a report which is inconsistent with the requirements of the Law on Banks, MFIs and NBFIs, the CBK regulations, the International Standards on Auditing (hereinafter: the ISA) and do not reflect the true and accurate financial position of the NBFI. Article 7 Professional ethics External auditors shall be subject to principles of professional ethics defined by the International Federation of Accountants’ “Code of Ethics for Professional Accountants”. Article 8 Independence and objectivity

  1. When carrying out an audit, external auditors shall be independent from the audited entity and shall not in any way be involved in the decisions of the management of the audited NBFI. External auditors shall not carry out an audit if there is any direct or indirect financial, business, employment or other relationship, including the provision for additional non-audit services, between the external auditors and the audited NBFI from which an objective, reasonable and informed third party would conclude that the independence of the external auditors is compromised.
  2. Approved external auditors shall also comply with the provisions of the Commission Recommendation of 16 May 2002 - Statutory Auditors’ Independence in the EU: A Set of Fundamental Principles. Moreover, the CBK will ensure compliance with Chapter IV of Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts.
  3. The external auditors shall document in the audit working papers all the interference to their independence, as well as the safeguards applied to mitigate such interference. Article 9 Independence and objectivity of auditors carrying out an audit on behalf of audit firms The owners or shareholders of an approved audit firm, as well as the members of the administrative, management and supervisory bodies of such a firm, or of an affiliated firm, shall

4 of 9 not interfere in the execution of an audit in any way that might jeopardize the independence and objectivity of the auditor who carries out the audit on behalf of the audit firm. Article 10 Audit fees Fees for audit services:

  1. Shall be adequate to allow proper audit quality;
  2. Shall not be influenced or determined by the provision of additional services to the audited NBFI; and
  3. Shall not be based on any form of contingency. Article 11 Requirements for external auditors when auditing annual accounts External auditors shall carry out all audits of NBFIs in accordance with the ISA. Article 12 Audits’ content
  4. External auditors shall assess whether or not the annual accounts of the NBFIs have been prepared and finalized in accordance with International Financial Reporting Standards (hereinafter: the IFRS), the Law on Banks, MFIs and NBFIs, and CBK regulations, and whether or not the management of the NBFIs has fulfilled its obligation to ensure proper and clear recording and documentation of the accounting information in accordance with the Law on Banks, MFIs and NBFIs and the CBK regulations.
  5. External auditors shall assess whether or not information in annual reports pertaining to annual accounts, assumptions regarding continued operation and proposals concerning the utilization of surpluses or coverage of losses are in accordance with the Law on Banks, MFIs and NBFIs and the CBK regulations, and whether or not the information is consistent with the annual accounts.
  6. External auditors shall assess the adequacy of risk management systems of the NBFIs, based on the assessment of: 3.1 Compliance with the requirements for the organizational structures with regard to the management of any special risk; 3.2 Policies and procedures on the management of any special risk and their implementation; 3.3 Adequacy of identification, measurement and monitoring of any special risk; 3.4 Adequacy and efficiency of internal audit system regarding the management of any special risk.
  7. Specific risks include: credit risk, market risk, operational risk, liquidity risk and other risks to which NBFIs are exposed.

5 of 9 5. External auditors shall ensure that NBFIs have arranged for satisfactory asset management and that proper internal controls are in place. 6. Audit of NBFIs shall cover areas such as the loan portfolio, loan loss reserves, nonperforming assets, asset valuations and the adequacy of internal controls over financial reporting. 7. External auditors shall, through audits, contribute to the prevention and disclosure of irregularities and errors. Article 13 External auditors’ duties

  1. External auditors shall carry out audits to the best of their judgment, including assessing the risk that a material misstatement may be included in the annual accounts due to irregularities or errors.
  2. External auditors shall ensure that they have an adequate basis for assessing whether or not any contraventions of the Law on Banks, MFIs and NBFIs and the CBK regulations have taken place and whether they are material to the annual accounts.
  3. External auditors shall check the adequacy, accuracy and completeness of the NBFI reports presented at the CBK in compliance with the applicable regulatory requirements approved by the CBK. Based on the audit performed, external auditors shall assess whether or not the reports are conducted in line with the Law on Banks, MFIs and NBFIs and the CBK regulations, and whether or not they reflect in realistic and objective terms the financial position of the NBFI.
  4. External auditors shall point out the following circumstances in writing to the Board of Directors of the NBFI: 4.1 Deficiencies regarding the obligation to ensure proper registration, clear disclosure and documentation of accounting information; 4.2 Errors and deficiencies in the organization and control of asset management; 4.3 Irregularities and errors that may lead to erroneous information in the annual accounts. Article 14 Documentation of assignment As required by ISA 230, “Audit Documentation,” external auditors shall document how an audit was carried out, as well as the result of the audit. Matters that indicate that irregularities or errors may be present shall be documented separately. Article 15 Maintenance of audit working papers Audit working papers shall be prepared and maintained in accordance with relevant ISA.

6 of 9 Article 16 External auditors’ report

  1. External auditors shall prepare an annual audit report with an audit opinion in accordance with IFRS and, in cases when there are material differences, they shall also prepare an audit report with an audit opinion in accordance with the CBK regulations.
  2. The audit report shall confirm that the audit services have been carried out in accordance with the provisions in the Law on Accounting, Financial Reporting and Auditing, this Regulation and other relevant CBK regulations.
  3. The audit report shall verify and disclose the following matters: 3.1 Whether or not the annual accounts have been prepared and finalized in accordance with IFRS, the Law on Accounting, Financial Reporting and Auditing and the relevant CBK regulations, and present a true and fair view of the financial position and activities of the NBFI; 3.2 Whether or not the management of the NBFI has fulfilled its obligation to ensure the proper and clear recording and documentation of accounting information; and 3.3 Whether or not the information in the annual report related to the annual accounts, assumptions concerning continued operation, and proposals regarding the use of surpluses or coverage of losses, is in accordance with the Law on Accounting, Financial Reporting and Auditing and the relevant CBK regulations.
  4. If the accounts do not provide the information about the result and position of the NBFI that ought to be provided, external auditors shall stress this, or stipulate the auditor’s reserves and possibly provide necessary supplementary information in the audit report.
  5. If external auditors conclude that accounts should not be finalized in their current form, this shall be explicitly stated.
  6. External auditors should assess the implementation of recommendations provided by the external auditors for the previous financial year. Article 17 Management letter
  7. External auditors shall, in accordance with CBK's primary and secondary legislation, produce a management letter to the financial institution regarding the conclusions of the audit process. The management letter shall include any conclusions the external auditor may have reached on the activity or the financial position of the financial institution, and information on the diligence they have performed in the scope of the audit mission.
  8. In the management letter, the external auditors shall make a specific statement concerning the internal controls system in order to provide specific assurance on, and for the purpose of disclosing material matters in, the internal control structure. The specific statement shall also include the internal audit function. Article 18

7 of 9 Duty of confidentiality

  1. External auditors and external auditors’ co-workers have a duty of confidentiality regarding everything of which they have gained knowledge through their activities unless otherwise stipulated by law, or the person the information concerns has consented the duty of professional secrecy does not apply. External auditors and external auditors’ co-workers may not use such information in their own activities or in the service or employment of others.
  2. Without limitations by the paragraph 1 of this Article or an agreed duty of confidentiality, external auditors are allowed to submit explanations and present documentation regarding an audit assignment when required by the legislation in force in the Republic of Kosovo.
  3. The duty of confidentiality continues to apply after such assignment has been concluded. Article 19 Duty to inform
  4. External auditor shall, within the framework of an assignment, provide information about matters regarding the NBFI that the external auditor has become aware of during the audit when this is required by general meeting of shareholders, Board of Directors, senior management, an audit committee or by a person authorized by the CBK.
  5. The external auditor shall immediately inform the Audit Committee or the Board of Directors of the NBFI and the CBK when the auditor, while carrying out the audit of the NBFI, establishes that: 2.1. A serious conflict exists within the decision-making bodies or a manager in a key function unexpectedly departed; 2.2. Information exists that may indicate a material breach of laws, regulations, instructions and orders of CBK as well as of the statute and by-laws of the NBFI; or 2.3. the intention of the internal auditor is to resign or that there are intentions to dismiss him/her; that there are negative or material changes that pose a risk to IFJB's work and that there is a possibility that the risk continues.
  6. External auditor shall, upon request from the CBK, provide the CBK with any information, during the full audit mission, concerning to its performance of audit services to a NBFI.
  7. The CBK shall maintain regular contacts and may initiate meetings with external auditor of the NBFI in any time when such contacts are deemed necessary. Article 20 Quality control and its review
  8. External auditors approved by the CBK shall apply adequate quality control policies and procedures that address all significant aspects of the audit.
  9. External auditors approved by the CBK shall be subject to quality assurance review from the CBK.

8 of 9 3. The quality review of an approved external auditor shall cover one specific audit assignment, and shall be executed by the CBK or by one reviewer designated by the CBK. 4. During the quality review, the CBK or the reviewer shall determine the extent to which the external auditor has applied the adequate quality control policies and procedures that address all significant aspects of auditing. During the review, the CBK or the reviewer shall have access to the working papers of the external auditor as far as necessary to conduct a sufficient and adequate quality control. 5. Concerning obligations on confidentiality, Article 18 of this Regulation applies equally to the CBK and the quality reviewer. 6. Aggregate results of the quality assurance review shall be published by the CBK, including recommendations, follow up of recommendations and, if the case arises, sanctions. Article 21 Dismissal and resignation

  1. External auditors of NBFIs may only be dismissed where there are proper grounds. Divergence of opinions on accounting treatments or audit procedures shall not be a proper ground for dismissal.
  2. Both the audited NBFIs and the external auditors shall inform the CBK about the dismissal or resignation and shall give an adequate explanation of the reasons thereof. Article 22 Revoking of approval Approval of an external auditor shall be revoked if the good repute of that audit firm has been seriously compromised or any of the requirements of this Regulation are no longer fulfilled. Article 23 Enforcement, remedial measures and civil penalties
  3. If external auditors of the NBFIs have contravened the auditor’s duties pursuant to the relevant legal framework in force, the provisions of the this Regulation and other relevant CBK regulations, the CBK can impose a written warning to the external auditor, with a copy of it being sent to the audited NBFI.
  4. If the violations described in paragraph 1 of this Article are repeated, the CBK shall have the right to: 2.1 refuse the approval of the external auditor to engage in carrying out an audit of financial institutions licensed by the CBK to operate in the Republic of Kosovo; the prohibition for the approval of the external auditor may last up to three (3) years; 2.2 require the removal or replacement of an auditor; 2.3 directly appoint, remove or replace an auditor, or 2.4 Require re-auditing according to Article 6 of this Regulation.

9 of 9 Article 24 Abrogation Upon the entry into force of this Regulation, the Amended Rule on External Auditing and External Auditors of Financial Institutions, adopted on 18 February 2008, shall be abrogated with respect to the external audit of NBFIs. Article 25 Entry into force This Regulation shall enter into force 15 days after its adoption. Flamur Mrasori Chairman of the Board of the Central Bank

Share