LogoRegulatory Alerts
2013-08-29

Regulation on the External Audit of Microfinance Institutions

The Central Bank of the Republic of Kosovo has issued a regulation establishing a comprehensive framework for the external auditing of Microfinance Institutions (MFIs) and foreign branches operating in Kosovo. The rule mandates that approved external auditors maintain strict independence, conduct audits under International Standards on Auditing and IFRS, and submit detailed annual reports alongside management letters. It further outlines mandatory quality assurance reviews, re-auditing procedures, and enforcement mechanisms including written warnings and fines ranging from 1,000 to 20,000 euros for regulatory non-compliance.

Central Bank of the Republic of Kosovo logo

Kosovo

Central Bank of the Republic of Kosovo

Click to view thumbnail

1 Pursuant to Article 35, paragraph 1.1 of the Law No. 03/L-209 of the Central Bank of the Republic of Kosovo (Official Gazette of the Republic of Kosovo, No. 77/16 August 2010), and Articles 103 and 114 of the Law No. 04/L-093 on Banks, Microfinance Institutions and Non￾Bank Financial Institutions, (Official Gazette of the Republic of Kosovo, No. 11/11 May 2012), the Board of the Central Bank of the Republic of Kosovo at the meeting held on August 29, 2013 approved the following: REGULATION ON THE EXTERNAL AUDIT OF MICROFINANCE INSTITUTIONS Article 1 Purpose and Scope

  1. The purpose of this Regulation is to provide the regulatory framework related to external auditors of Microfinance Institutions (hereafter: MFIs) and to ascertain the quality of the services performed by these external auditors, in relation to the specific risks of MFI and financial sector in general. It determines the requirements for the approval of external auditors, the carrying out of the external audit of MFI and the relationship between external auditors, MFI and the CBK.
  2. This Regulation applies to all MFIs and branches of foreign MFIs that are registered by the CBK to operate in the Republic of Kosovo. Article 2 Definitions
  3. All terms used in this Regulation have the same meaning with the following definitions for the purposes of this Regulation: a. Branch of a foreign MFI or branch of other foreign Financial Institution (hereafter: branch of foreign MFI) means a legal person that is organized to operate microfinance activities within the Republic of Kosovo but its parent MFI or parent Financial Institution has its head office and holds a license to engage in the activities of microfinance in a jurisdiction other than the Republic of Kosovo; b. Audit Firm - means a legal entity or any other entity, without taking into consideration the legal form, which is licensed, in compliance with law No. 04/L-014 on Accounting, Financial Reporting and Auditing (Official Gazette of the Republic of Kosovo, No. 11 / 26 August 2011) (hereafter: Law on Financial Reporting) for performing statutory auditing jobs. c. Financial Statement – means statement of financial position, statement of comprehensive income, statement of cash flow, statement of changes in equity and additional notes and explanatory materials that are an integral part of a financial statement.

2 Article 3 General Conditions

  1. The external auditor of a MFI registered by the CBK to operate in Kosovo shall be licensed by the Kosovo Council for Financial Reporting (KFRC) and approved by the CBK.
  2. Based on a written application, the CBK shall grant approval as an external auditor of a MFI, only if fulfilled following conditions: a) An external auditor licensed in Kosovo in accordance with the Law on Financial Reporting. b) An external auditor who has at least 3 (three) years of experience in the field of auditing of financial statements of MFIs or other financial institutions or its participating staff which carries out the auditing shall have such an experience. Article 4 Specific Conditions and Requirements
  3. The approval granted to the external auditor is limited to one specific MFI and is valid for one financial year.
  4. Applications for approval must be submitted to the CBK before 30 June of each year.
  5. The MFI, together with the application for approval, shall provide the CBK with: a) The proposal for appointment of the external auditor; b) An audit program for the audit of the MFI; c) A description of the use of resources in the audit mission; d) External auditor’s letter of commitment or the contract of supplied service; e) A relevant document that proves sufficient experience of external auditor or its staff which carries out the auditing in the field of audit of MFIs or other financial institutions; f) A certificate issued from the Kosovo Council for Financial Reporting (KCFR) containing the recent external auditor’s result of the quality for the external auditor (this certificate will not be required by the CBK until the KCFR is able to issue such a certificate); and g) A written declaration of external auditor on meeting of the criteria set forth in article 7 of this Regulation.
  6. The audit program and use of resources in the audit mission shall be sufficiently adequate in relation to the character and size of the MFI.
  7. Continuous employment of the same external auditor is limited to three years or three consecutive audits.

3 Article 5 Good repute The CBK shall grant approval as an external auditor of a MFI to external auditors of good repute who are not engaging in any activity, which is incompatible with the external audit function. Article 6 Re-auditing CBK reserves the right to request re-auditing by a different external auditor, at the expense of the MFI, to the extent that existing external auditor of the MFI has carried out the auditing or has submitted a report which is inconsistent with the requirements of the Law no 04/L-093, CBK Regulations, International Standards on Auditing (hereafter ISA) and does not reflect the true and accurate financial situation of the MFI’s. Article 7 Professional Ethics External auditors shall be subject to principles of professional ethics defined by the International Federation of Accountants’ “Code of Ethics for Professional Accountants”. Article 8 Independence and objectivity

  1. When carrying out an audit, external auditors shall be independent from the audited entity and shall not in any way be involved in management decisions of the audited entity. External auditors shall not carry out an audit if there is any direct or indirect financial, business, employment or other relationship including the provision of additional non-audit services between the external auditors and the audited entity from which an objective, reasonable and informed third party would conclude that the external auditors’ independence is compromised.
  2. Approved external auditors shall also comply with the provisions of the European Union Commission Recommendation of 16 May 2002, Statutory Auditors’ Independence in the EU: A Set of Fundamental Principles. Moreover, the CBK will ensure compliance with Chapter IV of EU Directive 2006/43 on statutory audits of annual accounts and consolidated accounts.
  3. The external auditors shall document in the audit working papers, all interferences to their independence, as well as the safeguards applied to mitigate those interferences. Article 9 Independence and objectivity of auditors carrying out an audit on behalf of audit firms The owners or shareholders of an approved audit firm, as well as the members of the administrative, management and supervisory bodies of such a firm, or an affiliated firm, shall not intervene in the execution of an audit in any way that might jeopardize the independence and objectivity of the auditor who carries out the audit on behalf of the audit firm.

4 Article 10 Audit fees Fees for audit services: a) Shall be adequate to allow proper audit quality; b) Shall not be influenced or determined by the provision of additional services to the audited MFI; and c) Cannot be based on any form of contingency. Article 11 Requirements for External Auditors when Auditing Annual Accounts External auditors shall carry out the audit of annual accounts of MFI’s in accordance with ISA. Article 12 Audits content

  1. External auditors shall assess whether or not the annual accounts of the MFI have been prepared and finalized in accordance with International Financial Reporting Standards (hereafter IFRS), the Law no 04/L-093, and CBK Regulations, and whether or not the management of the MFI has fulfilled its obligation to ensure proper and clearly set out recording and documentation of the accounting information in accordance with the Law no 04/L-093 and CBK Regulations.
  2. External auditors shall assess whether or not information in annual reports pertaining to annual accounts, assumptions regarding continued operation and proposals concerning the utilization of surpluses or coverage of losses are in accordance with the the Law no 04/L-093 and CBK Regulations and whether or not the information is consistent with the annual accounts.
  3. External auditors should assess the adequacy of risk management systems of MFI, based on the assessment of: a) Compliance with the requirements for the organizational structures with regard to any special risk management; b) Policies and procedures on any special risk management and their implementation; c) Adequacy of identification, measure and monitoring of any special risk; d) Adequacy and efficiency of internal audit system regarding the management of any special risk.
  4. Specific risks include: credit risk, market risk, operational risk, liquidity risk and other risks to which MFI’s are exposed.
  5. External auditors shall ensure that MFIs have arranged for satisfactory asset management and that proper internal controls are in place.

5 6. Audit of MFIs should cover areas at least the loan portfolio, loan loss reserves, non￾performing assets, asset valuations, and the adequacy of internal controls over financial reporting. 7. External auditors shall, through audits, contribute to the prevention and disclosure of irregularities and errors. Article 13 External Auditors’ Duties

  1. External auditors shall execute audits to the best of their judgment, including assessing the risk that a material misstatement may be included in the annual accounts due to irregularities or errors.
  2. External auditors shall ensure that they have an adequate basis for assessing whether or not any contraventions of the Law no 04/L-093 and CBK Regulations have taken place that they are material to the annual accounts.
  3. External auditors shall check the adequacy, accuracy and completeness of the MFIs reports presented at the CBK in compliance with the applicable regulatory requirements approved by the CBK. Based on the audit performed external auditors shall valuate if the reports are conducted or not in line with the stipulations of the Law no 04/L-093 and CBK Regulations and if they reflect in realistic and objective terms the financial position of the MFI.
  4. External auditors shall point out the following circumstances in writing to the board of directors of the MFIs: a) Deficiencies regarding the duty to ensure proper and clearly laid out recording and documentation of accounting information; b) Errors and deficiencies in the organization and control of asset management; c) Irregularities and errors that may lead to erroneous information in the annual accounts; Article 14 Documentation of assignment As required by ISA 230, “Audit Documentation” External auditors must document how an audit was carried out, as well as the result of an audit in a sufficient manner. Matters that indicate that irregularities or errors may be present must be documented in special manner. Article 15 Maintenance of audit working papers Audit working papers shall be prepared and maintained in accordance with relevant ISA.

6 Article 16 External auditors’ report

  1. External auditors shall prepare an annual audit report with an audit opinion in accordance with IFRS and in cases when there are material differences, they shall also prepare an audit report with an audit opinion in accordance with the Credit Risk Management for MFI.
  2. The audit report shall confirm that the audit services have been carried out in accordance with the provisions in the Law no 04/L-093, this Regulation and other relevant CBK Regulations.
  3. The audit report shall verify and disclose the following matters: a) Whether or not the annual accounts have been prepared and finalized in accordance with IFRS, the Law no 04/L-093and relevant CBK Regulations, and present a true and fair view of the financial condition and activities of the MFI; b) Whether or not the management of the MFI has fulfilled its duty to ensure the proper and clearly laid out recording and documentation of accounting information; and c) Whether or not the information in the annual report related to the annual accounts, assumptions concerning continued operation, and proposals regarding the use of surpluses or coverage of losses, are in accordance with the Law No 04/L-093 and relevant CBK Regulations.
  4. If the accounts do not provide the information about the result and position of the MFI that ought to be provided, external auditors shall stress this, or stipulate the auditors reserve opinion and possibly provide necessary supplementary information in the audit report.
  5. If external auditors reach the conclusion that accounts should not be finalized in their current form, this shall be distinctly stated.
  6. External auditors should asses the implementation of recommendations provided by the external auditors for the previous financial year. Article 17 Management letter
  7. External auditors shall, in accordance with Regulation on the Reporting of MFI’s produce a final management letter to the MFI at the conclusions of the audit process. The management letter shall include any conclusions the external auditor may have reached on the activity or the financial situation of the MFI, and information on the diligences they have performed in the scope of the audit mission.
  8. In the final management letter, the external auditors shall make a specific statement concerning the internal controls system in order to provide specific assurance on, and for the purpose of disclosing material matters in the internal control structure. The specific statement shall also include the internal audit function. Article 18 Confidentiality

7

  1. External auditors and external auditors’ co-workers have a duty of confidentiality regarding everything of which they have gained knowledge, through their activities, unless otherwise stipulated by law, or the person the information concerns has consented to the duty of professional secrecy not applying. External auditors and external auditors’ co-workers may not use such information in their own activities or in the service or employment of others.
  2. Without limitations by the paragraph 1 of this Article or an agreed duty of confidentiality, external auditors are allowed to submit explanations and present documentations regarding an audit assignment, when required by the Legislation in force in Kosovo.
  3. The duty of confidentiality continues to apply after the assignment has been concluded. Article 19 Duty to Inform
  4. External auditor shall, within the framework of an assignment, provide information about matters regarding the MFI, that the external auditor has become aware of during the auditing when this is required by general meeting of shareholders, board of directors, senior management, an audit committee or by a person authorized by the CBK.
  5. The external auditor shall, immediately, report to audit committee or Board of Directors of the MFI and the CBK when during the performance of the audit of the MFI establishes that: a) A serious conflict exists within the decision-making bodies or a manager in a key function unexpectedly departed; b) Information exists that may indicate a material breach of Laws, Regulations, Instructions and Orders of CBK as well as charter and by-laws of MFI; or c) The intention of the internal auditor to resign or the removal of the internal auditor; and material or adverse changes in the risks of the MFI’s business and possible risks going forward.
  6. External auditor shall, upon request from the CBK, provide the CBK with any information, during the whole audit mission, concerning to its performance of audit services to a MFI.
  7. The CBK maintains regular contacts and can initiate meetings with external auditor of MFI in any time when such contacts are deemed necessary. Article 20 Quality Control and Its Review
  8. External auditors approved by the CBK shall apply adequate quality control policies and procedures that address all significant aspects of the audit.
  9. External auditors approved by the CBK shall be subject to quality assurance review from the CBK.
  10. The quality review of an approved external auditor shall cover one specific audit assignment, and shall be executed by the CBK or by one reviewer, designated by the CBK.

8 4. During the quality review, the CBK or the reviewer shall determine the extent to which the external auditor have adequate quality control policies and procedures that address all significant aspects of auditing. During the review, the CBK or the reviewer shall have access to the working papers of the external auditor, as far as necessary to conduct a sufficient and adequate quality control. 5. Concerning obligations on confidentiality, Article 18 of this Regulation applies equivalent to the CBK and the quality reviewer. 6. Aggregate results of the quality assurance review shall be published by the CBK, including recommendations, follow up of recommendations and, if the case arises, sanctions. Article 21 Dismissal and Resignation

  1. External auditors of MFIs may only be dismissed where there are proper grounds. Divergence of opinions on accounting treatments or audit procedures shall not be a proper ground for dismissal.
  2. Both the audited MFIs and the external auditors shall inform the CBK about the dismissal or resignation and shall give an adequate explanation of the reasons thereof. Article 22 Revoking of approval Approval of an external auditor shall be revoked if the good repute of that audit firm has been seriously compromised or any of the requirements of this Regulation are no longer fulfilled. Article 23 Enforcement, Remedial Measures and Civil Penalties
  3. If external auditors of MFIs have contravened the auditor’s duties pursuant to the Law no 04/L-093 this Regulation and other relevant CBK Regulations, the CBK can impose a written warning to the external auditor with a copy to the MFI.
  4. If the circumstance described with paragraph 1 of this Article, will be repeated, the CBK has the authority to: a) refuse the approval of the external auditor from performing audits of financial institutions licensed from the CBK to operate in the Republic of Kosovo; b) require the removal or replacement of an auditor,; c) directly appoint, remove, or replace an auditor, or d) Ask a re-auditing according to article 6 of this Regulation.
  5. The CBK may impose a fine from one thousand (1,000) to twenty thousands (20,000) Euros on the auditing firm for the following violations: a) failure to perform an audit according to this Regulation;

9 b) failure to prepare an auditor's report within time frame according to article 5 of the Regulation on the Reporting of MFI’s. c) failure to notify the Board of Directors on the facts or circumstances from paragraph 4 of Article 13 of this Regulation. Article 24 Entry in force This Regulation shall enter into force 15 days after its approval by the CBK Board. The Chairman of the Central Bank Board of the Republic of Kosovo

Mejdi Bektashi

Share