I am writing to you to introduce my company to your organisation and also see if there is a need for risk based internal audit which can be outsourced to Riskpro India
Riskpro-India is a specialized Risk Management Consulting firm based in Mumbai, India and with offices at Delhi and Bangalore.
Our Internal Audit includes
• Risk assessment and development of risk based audit plan
• Full scope audits (across various sourcing options)
• Assessing the effectiveness of risk management & internal audit
• Authenticating monitoring functions and governance practices
• Appropriately assessing the security, integrity, availability and reliability of critical information – financial & operational
• Audit of compliance with laws and regulations.
Helping companies achieve their stated objectives through an enhanced understanding and management of risks
How we can help
Our internal audit services enhance processes and controls in our clients’ businesses by focusing on key value drivers. Through multiple sourcing options (co-source, out-source, staff augmentation) and flexible delivery platforms (onsite, offshore, combination) we offer our clients cross-spectrum internal audit services that are tailored to their specific requirements.
Brief description of our firm is mentioned below:-
RISKPRO INDIA
• Riskpro is India’s first national practice dedicated to risk management services and training, corporate governance, and global regulatory compliances.
• Risk can be defined as a prospect of loss or reduced gain that can adversely affect the achievement of an organisation’s objectives.
• When greed overtakes need, it spells trouble. Manifested as ‘bankruptcy’ in much of the developed world and ‘corruption’ closer to home, greed has clearly disrupted some major industrialised economies and enhanced the risks of doing business
• In today’s world, risks are not few. The reason companies so often fail to systematically manage their key risks is rooted in the way they define the risks they face. Risks are manageable and the answer to untapped business opportunities that lie dormant waiting for risk factors to turn favourable
• Riskpro was founded in 2009 with offices in Mumbai, Delhi, and Bangalore and it has already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad, Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and staffed with qualified professionals viz. CA, CWA, CS, CPA, CIA, CISA, CFA, and MBA
• Riskpro’s founders are qualified risk management specialists with extensive work experience in India, Middle East, Europe and USA in several industries and financial institutions
• Riskpro aims to be the preferred service provider for large and medium enterprises on risk protection, corporate governance, and global regulatory issues; delivering state-of-the-art quality and timely services at viable rates
3. Background - Who is Riskpro… Why us?
ABOUT US MISSION
Riskpro is an organisation of member firms
around India devoted to client service Provide integrated risk management
excellence. Member firms offer wide range consulting services to mid-large sized
of services in the field of risk management. corporate /financial institutions in India
Currently it has offices in three major cities Be the preferred service provider for
Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance
in other cities. (GRC) solutions.
Managed by experienced professionals with
experiences spanning various industries.
VALUE PROPOSITION DIFFERENTIATORS
You get quality advisory, normally delivered
by large consulting firms, at fee levels Risk Management is our main focus
charged by independent & small firms
Over 200 years of cumulative experience
High quality deliverables
Hybrid Delivery model
Multi-skilled & multi-disciplined organisation.
Ability to take on large and complex projects
Timely completion of any task due to delivery capabilities
Affordable alternative to large firms We Hold hands, not shake hands.
3
5. Your requirements
● You require a firm with not only demonstrable skills and experience in
your sector, but also the ability to deliver seamless compliance and
business support services that match your development plans;
● You also wish to work with a firm that is personable and easy to deal
with. While we operate in an environment that demands honed
technical ability and a degree of formality, arising from the
professional standards we observe, we regard ourselves as a flexible
and responsive team that has client relationships at its heart; and
● You, also wish to ensure that your auditors, consultants and advisers
are appropriate for tomorrow's environment.
5
6. Our commitment
We commit to you that we will:
● dedicate our best resources to ensure that your needs are met;
● provide an effective, efficient and smart consulting services;
● adhere to timeliness and reporting deadlines;
● provide constructive suggestions on improving processes and
controls;
● work closely with your management in a co-operative environment;
and
● keep you regularly updated on significant changes in regulatory,
accounting and other compliance sectors.
6
7. About Mehrotra and Mehrotra, Chartered Accountants
Mehrotra & Mehrotra is a firm of Chartered Accountants based at New Delhi.
It is also having offices at Jaipur and Kanpur. The firm was established in
the year 1962 by Mr. M.P. Mehrotra.
Our team of professionals including Chartered Accountants, Certified
Internal Auditors, Lawyers, Solicitors, Engineers and MBA's are engaged in
developing and refining new processes and methodologies to offer
excellent quality services to our esteemed clients.
The firm has provided a wide gamut of services like Accounting Services,
Auditing Services, Taxation Services to the clients both within and outside
India.
7
8. Our differentiating factors
● Adding value to the client and protecting their business is paramount and our
logo symbolizes that bond of protection
● Unique combination of International, senior, hands on industry experience,
across all areas of the requirement.
● Mature and deep domain expertise, along with current involvement in strategic
business growth activity.
● Strengths in relation to Business Model and Objectives - Track Record of
Ethical Practice
● Strengths in relation to Implementation Plan - Proven Success in taking
businesses from Vision to Reality through tactical Implementation across all
aspects of the plan
● Strengths in relation to Requirements- Track Record in geographical,
Professional and Business areas.
● Value for money
● Building enduring relationships with all our clients as a trusted business
partner 8
9. Riskpro Clients Our Clients
*Any trademarks or logos used throughout this presentation are the property of their respective owners
9
10. Team Experiences Our Experiences
Our team members have worked at world class Companies
Any trademarks or logos used throughout this presentation are the property of their
respective owners
10
11. Quality assured
We place great emphasis on quality control and quality management.
Our quality process Direction and supervision
Our Quality Process is designed to provide a quality The firm provides for appropriate direction and
culture, to analyze the processes used to hire, train and supervision at all levels, together with appropriate
retain staff, to develop and deliver services to our clients
and to administer our own business. consultation procedures, to give reasonable assurance
that the work performed meets the highest standards.
We:
CONTINUOUS IMPROVEMENT employ and retain only those persons with the
intelligence, education, character and diligence
necessary to assume professional responsibility;
Human
Leadership Information Resource
Measure Client
and Quality Analysis and Processes Service Satisfaction assign engagement responsibility to only those
Culture Planning External Delivery and Business persons sufficiently trained and supervised to
`
Service
Processes
Business
Results discharge those responsibilities;
not accept or continue a client relationship in
Processes circumstances incompatible with the firm’s
integrity;
adopt promptly policies necessary to realise the
Skills and competence objective of professional standards and applicable
Personnel in the firm adhere to the standards of regulatory requirements;
independence, integrity, objectivity and confidentiality. maintain policies to ensure that the firm and its
The firm is staffed by personnel who have attained, and professionals are free of conflicts of interest and
who maintain, the skills and competence required to
that professional excellence is achieved;
enable them to fulfill their responsibilities. To assist in
maintaining these skills the firm has procedures for: not tolerate any act that can damage the firm’s
training of staff at all levels, through both formal credibility.
courses and on-the-job experience;
continuing professional education;
assigning work to personnel who have the degree Confidentiality
of technical training and proficiency required in the We are well aware of the importance that you place on
circumstances; and confidentiality requirements and we have a proven
evaluating the performance of staff and counseling record of maintaining a strict code of confidentiality.
staff as to their progress and career opportunities. Our firm policy requires that affairs of clients be
confidentially kept at all times.
11
12. Clear and continuous communication
At Riskpro India, open and honest communication is a Core Value. Our experience
leaves us in no doubt that a successful relationship is based on trust and candid,
proactive communication.
Regular and open two-way communication is fundamental to all aspects of our service
to you. As an initial priority, we will agree with you an annual Communication Plan for
all our key meetings. This will help ensure there are formal and informal opportunities
for all key stakeholders to be kept informed of the issues that matter, and that there will
be “no surprises”.
Meeting/stakeholders Key objectives
Bi-annual meetings (or as requested) with the Present annual audit plan
Board / Audit Committee Report key findings
Updated assessments of key risks, including emerging risks
Discuss new regulatory and corporate governance requirements
Quarterly meetings with the Chief Executive Discuss strategy
Officer Discuss operational matters and performance
Raise and consider emerging issues
Regular meetings with Head of Financial Discuss operational matters and financial performance
Control Discuss implications of changes to the reporting and internal control framework
Meetings with operational management Discuss operational and business matters
12
13. Our fees
Our aim is to build a long-term relationship with you. We believe that the essence of
building such a relationship is the quality of the service and expertise that we provide.
We also believe that the combination of our international expertise with local market
knowledge enables us to propose a fee that provides value to you.
Accordingly our fee will be structured as a fixed fee which would be payable in two
equal instalments, on commencement of the engagement and on submission of the
draft report.
No Particulars Per Diem Rate - INR
1 Staff Category
Partner 8,000 - 30,000
Manager 4,000 - 6,000
Staff Accountant ~ Rs 2,000
2 Expenses
Travel and Conveyance Actual Cost
Board and Lodging ex Delhi, and ex Mumbai
13
14. RESUMES – Our team Credentials
Co-Founder - Riskpro
CA, CPA, MBA-Finance (USA), FRM (GARP)
Manoj Jain
Over 10 years international experience – 6 years in Bahrain and 4 years USA
15 years exp in risk management consulting and internal audits, Specialization in
Operational Risk, Basel II, Sox and Control design
Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain),
Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)
Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)
Co- Founder - Riskpro
CA (India), MBA (Netherlands), CIA (USA)
Rahul Bhan
Over 15 years of extensive internal and external audit experience in India and
abroad.
Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young
Kuwait, Deloitte Netherlands and KPMG India.
Worked with clients in a wide variety of industries and countries including trading,
retail and consumer goods, NGO, manufacturing and banking and finance. Major
clients include banks, investment companies, manufacturing organizations,
aviation etc.
14
15. RESUMES - Our team Credentials
Co-Founder - Riskpro
Casper Abraham
PGD (Electrical & Electronics & Computer Programming)
30 years of experience in Information & Communications Technology (ICT) Solutions
for Retail, Garments, Manufacturing, Services Industries.
Has created Companies, Divisions, Products, Brands, Teams & Markets.
Consulting in Business, Technology, Marketing & Sales & Strategic Planning.
Advisory, Training, Workshops & Implementation in Systems Thinking, Systems
Modeling & Balanced Scorecard
Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,
Senior Vice President – Risk Management (Fraud Risk, BFSI)
MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A
Hemant Seigell
Professional with 17 years of rich experience into diverse Consumer finance/ Lending
operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting &
Housing finance in BFSI industry having successfully led key business strategic
engagements across multi-product environment in APAC, Australia and US regions.
Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank
Highly skilled and expert Trainer in Fraud Risk areas across Credit, Corporate Risk
management.
Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance.
15
16. RESUMES - Our team Credentials
Head – Taxation Risk Advisory
Rajesh Jhalani
B.Com, FCA
Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra
and Mehrotra
Over 19 years of experience in the field of Audit, Taxation, Company law matters.
Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of
India etc.
President – Banking & Financial Services
A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics),
Sivaramakrishnan
CWA, CAIIB
Combined experience of 25+ years in corporate banking, risk management,
international trade finance, development of risk rating models, project finance, credit
monitoring and NPA management
Since 2006 conducting open / in-house training on the above domains to all Top
public/ new and old private sector banks, top MNC banks (India and abroad), leading
NBFCs and corporates in manufacturing and financial services space; Worked on IFC
(World Bank) funded projects for MSMEs in India and abroad
Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Award
continuously two years during his tenure; widely travelled abroad for business
relations, seminars, offering training, investor meetings, NYSE listing and for
processes involving establishment of representative Office in USA
16
17. RESUMES - Our team Credentials
Executive Vice President – Risk Management ( Banking & Financial Services)
A hands-on banking professional {BSc (Mathematics), CAIIB} with considerable
domestic and international experience
Kashi Banerjee
An aggregate experience of 24+ years across industry, mainly BFSI in several
functional areas including Retail and Commercial Banking, Corporate Lending, team
member of the Business Process Re-Engineering project (BPR); conceptualizing and
setting up shared services centres for centralized operations for the Bank in India.
Management through ERM framework overseeing all key areas of the business
through various Operational Risk tools like KRI / RCSA matrices. Managing of major
project implementation of Basel II and Compliance risk framework
Directing, reviewing and advising Board of Directors on various compliance issues and
representing the bank to the Central Bank regulatory offices.
Worked for ANZ Grindlays Bank, Standard Chartered, Bahraini Saudi Bank and Dubai
Holdings ( subsidiary)
Consultant – Information Security & IT Governance
Anjay Agarwal
LLB, CA, CISA, CWA, CS, CFE and others
Over 15 years of experience in the field of Audit, Taxation, Investigations.
Specializing in the field of Systems Audit, Cybrex Audit, Computer Crime
Investigations, IS Forensics
International Committee Member of Governmental and Regulatory Agencies
Board and Academic Relations Committee of ISACA, USA
17
18. RESUMES - Our team Credentials
Vice President – Riskpro India
Phanindra Prakash
FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]
Over 16 years of extensive consulting experience which includes financial & systems audit,
process transformation, implementation of internal controls, SOX compliance, fraud audits
& due diligence, US-India taxation
Engaged in consulting roles as trusted advisor to finance, internal audit and information
technology executives of multiple Fortune 1000 companies with project sites in US,
Canada, Europe & Asia
Worked with E&Y and Deloitte Consulting in USA
Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton,
Imation, Albertsons,
EVP and Head – Telecom Risk Advisory
M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkpoing
University/Sweden; Lead Auditor (BVQI).
Asok Sit
Over 30 years on International experience in networks and mobile Handsets from top
global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and
based mostly in its head quarter locations in India, EU, USA.
Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for
competitive advantage, customer delight and sustainability; key skill sets are Engagement,
Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like
CMMI, TL9000, Six Sigma, ISO, SAS 70 etc.
18
19. RESUMES - Our team Credentials
Executive Vice President – Risk Management ( Banking & Financial Services)
Vijayan Govindarajan
Professional Risk Manager with considerable domestic and international experience
An aggregate experience of 30 + years across industry, mainly Banking in several
functional areas including Wholesale Credit Risk, Operational Risk, Trade Finance ,
Retail Banking and Islamic Financial Services.
Track record of setting up of excellence in the set-up, and management of credit and
operational risk, compliance and credit administration functions in retail, commercial ,
Islamic Banking and offshore banking entities in the Middle East.
Key strength includes Corporate Credits, Risk Management in IT, implementation of
Risk Management module in core banking Bank’s Policies, procedures, Country Risk.
Played an active role in 3 core banking software implementations
Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank Muscat
Bahrain and BMI Bank Bahrain as AGM Risk Management.
19
20. RESUMES - PARTNERSHIPS
Specialist Risk Consultant – Business Continuity
Andrew Hiles
Founder and 15-year Chairman of Survive, the first international user group for Business
Continuity professionals
Founding director and first Fellow of the Business Continuity Institute
Over 25 years international consulting expertise in Risk, Crisis, Emergency, Incident, and
Business Continuity and ICT Disaster Recovery Management
Multi-sector experience including Banking, Insurance, Finance, Oil, Gas, Energy,
Manufacturing, Retail, Hi-Tech & Telecom
Western Press Award for services to business, 1994; BCI/CIR nomination for
lifetime achievement in BC, 1999, London; inducted into BC Hall of Fame by CPM magazine,
2004, Washington DC.
Specialist Risk Consultant – Enterprise Risk Management
Chris E. Mandel
Highly skilled risk and insurance professional with 25 years of experience designing, developing and
implementing large, global corporate risk management programs for Fortune 500 firms.
Principal Consultant and Founder - Excellence in Risk Management, LLC. (Texas, USA) Co-founder
and EVP, Professional Services, rPM3 Solutions, LLC (Maryland, USA).
Past experiences include Head of Global Risk Management for USAA, PepsiCo/Tricon Global and
American National Red Cross
Additional risk and insurance experience at Verizon Corp,. Marsh USA and Liberty Mutual Insurance
Co.
2004 Risk Manager of the Year – 2007 recipient of the Alexander Hamilton Award for “Excellence in
ERM” (at USAA) – former President, Risk and Insurance Management Society, Inc.
20
21. RESUMES - Advisors Credentials
Founder partner of Mehrotra and Mehrotra, a 48 year old CA firm in India
Mr. MP Mehrotra
Bcom, FCA, LLB
Over 48 years of experience in audits, taxation, legal matters, loan syndication etc.
Trustee of Cochin Port Trust, Member of Task Force for MOUs, Ministry of Heavy
Industries & Public Enterprises, Govt. of India, Ex- Member of Central Board of
Trustees, Employees’ Provident Fund Organisation (EPFO), Ministry of Labour,
Govt. of India, New Delhi.
Ex - Director, Canara Bank
Practicing chartered accountant in Delhi
CA, ICWA
Mr. PK Gupta
Over 35 years of professional experience.
Trustee, Kargil Shaheed Smarak Samiti
Hon. Treasurer, World Academy of Spiritual Sciences (WASS).
Panel Arbitrator, International Centre for Alternative Dispute Resolution
Arbitrator, Cement Corporation of India
Arbitrator, Bombay Stock Exchange Limited
Arbitrator, Central Depository Services (India) Limited
Arbitrator’s Panel of Indian Council of Arbitration
21
25. Our audit methodology - Risk Based Internal Audit How we Do
Internal Auditing helps an organization
accomplish its objectives by bringing a Enterprise Risk
systematic, disciplined approach to evaluate Assessment
and improve the effectiveness of risk
management, control and governance
processes. Risk
Need of Organizations
Source: The Institute of Internal Auditors 1999 (IIA) Assessment
Process
Reviews
Fraud Benefits of Risk based Audit
Mitigation
• Traditional audit view value added
Control techniques
Reviews •Risk profile of Businesses
•Internal Controls & Ops Risk reviews
Transaction •Cost reductions recommendations
Audit •Review of Fraud Risk Controls
Increasing Enterprise Risk Focus
25
26. Our audit methodology
Our audit methodology is risk-based and systematic which focuses on the organizational
objectives and any impediment to achieving those objectives. We recognise fully the need to
provide assurance on your business operations. Equally, we recognise the importance of
managing compliance issues, particularly in today’s evolving regulatory environment.
Understanding of Business
The key benefits of our audit approach are:
●Risk-based, & systematic approach; Risk Assessment
●Focus on areas considered as potentially & most likely to
lead to material errors in financial statements;
Audit Strategy / Planning
●Our audit control procedures are based on project planning
techniques, including the use of automated processes and
document templates, and the agreement of objectives, Fieldwork
timetables, responsibilities and careful resource planning;
●The focus of our reports are to generate constructive and
value added advice; and Dealing with critical issues
●Identifies performance improvement and cost reduction
opportunities.
Reporting
26
27. Our audit methodology (cont..)
UNDERSTANDING THE BUSINESS
Our top-down risk-based approach ensures that the audit focus is on the issues that
are of greatest importance to you and that we are in the most appropriate position to
respond to them. Our audit starts with a detailed understanding of your industry and
business.
Our approach is based on a top-down examination of the key drivers of your business.
The output is a balanced picture of how the company interacts with customers and
external industry forces. We consider the audit implications of this analysis and use it
to identify significant audit risks.
We use industry specific business models to gain information on:
• industry background including major players, regulatory changes and trends,
• risks and drivers,
• geographic issues,
• descriptions of business processes,
• benchmarks and best practice and
• audit risks. 27
28. Our audit methodology (cont..)
RISK ASSESSMENT
In order to run your business, you develop processes to manage the factors that drive
performance and help control internal and external risks that could prevent you from meeting
your objectives. We focus on those processes where significant risks have been identified and
discuss with management its perception of how these risks are controlled. This phase of our
work enables us to obtain information on the processes supporting the achievement of the
company’s goals.
AUDIT STRATEGY AND PLANNING
Based on the understanding of business and risk assessment we devise the audit strategy. We
then develop detailed audit programs to test the transactions, processes and balances.
AUDIT FIELD WORK
The audit test work flows from strategic planning and risk assessment. The key element is to
review and test the high level controls embedded in your processes, as significant weaknesses
in your key processes could cost, both in terms of financial impact and reputational damage. We
also carry out necessary substantive audit procedures.
DEALING WITH CRITICAL ISSUES AND REPORTING
We identify and discuss all critical issues with management. We then determine whether the
Company’s financial statements and related disclosures meet our expectations.
We provide the audit report, management letter and any other deliverables and formally present
these to the Audit Committee / Board.
28
29. Our audit methodology (cont..)
IT AUDIT PROCESSES AND METHODOLOGY
We see IT as an enabler of the operational and financial processes and we
incorporate IT audit professionals into our audit to facilitate the identification and
testing of IT controls.
We use our focused IT audit methodologies and tools as part of our core audit
process to evaluate and test whether the Company’s information systems are
configured for data integrity, are secure and are effectively managing the business
needs. We work with key business and IT management to identify aspects of IT
that pose the highest risk to the Company. We then conduct a systematic, detailed
review of those areas in which we:
• identify appropriate IT control objectives that map to key business
processes;
• identify relevant IT policies and procedures and/or industry IT standards;
and
• evaluate the design of controls and test whether they are in place and
operating effectively.
29
30. Our audit methodology (cont..)
We use the following types of IT methodologies:
IT AUDIT METHODOLOGIES
Continuity management Process Documentation
System capacity and availability Control Risk Analysis
Back up and recovery Control Design & Implementation
Data storage
Network penetration testing Project risk assessment
Information security assessment Quality Assurance
Enterprise security architecture and Project management methodology
integration Programme management
Ongoing monitoring processes
30
31. Our audit methodology (cont..)
INTELLIGENT USE OF TECHNOLOGY
Technology is only one component of an integrated approach that combines
methodology, knowledge and technology into our tailored service to you.
We deliver our external audit services using a fully automated audit software. This
software is designed specifically to integrate knowledge management into the audit
process. Technology can never be a substitute for face-to-face communications and
we continue to rely on meetings with management to identify, resolve and
communicate issues.
Know ledge
Technology M ethodology
31
32. Strategic questions with regard to the engagement
• Have you had any personnel changes that have impacted your area?
• Have you had any computer system/computer software changes and are any projected
for your area?
• Has your area experienced any losses in recent years? If so, please describe.
• Do any third parties such as the external auditors or regulatory auditors review your
area? If so, please provide the report.
• Do you have any regulatory reporting requirements? Describe the frequency and
sensitivity of the filing.
• How much do you rely on manual processing in lieu of computer processing?
• What areas have you experienced poor performance?
• Has the volume of transactions processed in your area changed?
• What type of impact could your unit have on the Association’s reputation, if you did not
meet your mission?
• Do you have any Program performance issues that you want reviewed?
32
34. Legal compliance
Stage 1 – CAC
Preparation of Compliance Audit Checklist (CAC) covering all relevant laws
applicable to the target unit.
Stage 2 - Visit to location
Verification of relevant records and documents available.
Compilation of draft report based upon findings and observations of the audit
team
Review meeting with the unit head / work directors to discussion on the
finding of audit.
Stage 3 – Report
Submission of detailed Non Compliance (NC) report to the company (Board
of Directors or Compliance Head)
Follow up with the unit to verify action taken
34