Your SlideShare is downloading. ×
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
CGAP Training Operational Risk Management Participant Materials: Handouts
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CGAP Training Operational Risk Management Participant Materials: Handouts

1,194

Published on

Participant materials for CGAP's Operational Risk Management Training.

Participant materials for CGAP's Operational Risk Management Training.

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,194
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
105
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. RM1-H1 1 Risk Management – Precourse Skills Audit Name: _________________________ Organization: _________________________ Please answer these questions to the best of your ability, including any formulas or indicators as requested. This is not a test, but it will help us identify which topics to emphasize during the course. Use the reverse side of this paper if necessary to complete your answers. 1. Describe three major risk areas for an MFI. 2. Who is responsible for risk management in an MFI? 3. What does internal control mean to you? 4. Name four specific control techniques. 5. Why does fraud occur? 6. What are the most common types of MFI fraud? 7. Describe three types of social risk. 8. What are the differences between internal and external audits?
  • 2. RM1-H2 2 Risk Management Goal Improve the quality of risk management in microfinance institutions (MFIs) by:  understanding the importance of having a institutional culture of support for strong control systems  assessing and measuring the vulnerability of your own institutions to areas of risk  applying techniques for identifying and mitigating risks  monitoring effectiveness of risk management strategies Objectives  Define risk management as it applies specifically to microfinance  Identify risk areas (areas of vulnerability) for MFIs  Understand how client protection helps prevent and manage social and operational risks  Educate stakeholders on the importance of risk management strategy to an MFI  Develop internal controls for your MFI in conjunction with stakeholders  Install internal auditing in the internal control system for effective monitoring  Ensure that information systems play a critical role in the risk management system  Commission and use external audits effectively
  • 3. RM1-H3 3 MINI ACTION PLAN What have I learned? What are the important points for me? How can I apply this plan after training? How can I ensure that I use this plan?
  • 4. RM1-H4 4 Fraud Experience Form To get a head start on topics we’ll cover while we are here, please answer the following. From the following list, choose a situation and describe it. Has your MFI ever experienced a significant default crisis? Has your MFI ever been the victim of fraud? Has your MFI ever had problems when employees leave? Has your MFI ever experienced a problem with a major loss of clients? Has your MFI ever been the target of a negative publicity campaign? Has your MFI ever been accused of practicing usurious rates or of making poor decisions that penalize your clients? Have any employees in your IMF ever been accused of improper conduct with respect to clients? Has your MFI ever had to deal with cases of client overindebtness? Has your MFI ever had to deal with strong competition? Has your MFI ever had to deal with a natural catastrophe? Describe the incident. 1. Has your MFI experienced fraud or other kind of situation as per the list above? Describe the incident. 2. What conditions made your MFI vulnerable to this (or any other) incidents of fraud? 3. What have you done to try to reduce your vulnerability?
  • 5. 1 RM2-H1 Risk Assessment1 MFIs face a wide range of risks, categorized differently depending on the risk assessment frameworks. The course proposes a framework based on four major risk categories: operational, financial, social, and external, which can all lead to reputation risks for an MFI. The risks are linked: some can be the consequence of others, and especially, any of the risks can cause a reputation risk and risks for clients. Figure 1: Categories of Microfinance Risks 1 Adapted from the CARE Microfinance Risk Management Handbook (2001) Social risks Mission drift Negative impact on clients Vulnerability of clients Internal conflicts External risks Regulation Competition Natural environment Macroeconomics Financial risks Related to financial sustainability Asset-liability management Savings management Information quality Dependence Operational risks Credit Fraud Security Inefficiency Reputation risk
  • 6. 2 Social Risks A successful microfinance institution is financially and socially sustainable, provides appropriate financial services to large volumes of low-income persons to improve their welfare, and has human resources that adhere to core values and work in good conditions. For an MFI, social risk involves the risks relating to employees and clients. MISSION DRIFT MFIs have a dual mission. Missions can vary tremendously: providing appropriate financial services to large numbers of low-income people to improve their living standards; creating jobs; providing sustainable financial services to women or persons excluded from the formal financial system, to mention only a few. These different social missions are linked to various commercial objectives, ranging from covering costs to maximizing profits for stockholders. MFIs risk mission drift when the commercial objectives take precedence over the social mission (either because the commercial objectives or people involved change, or because the MFI lacks a well-defined target market and monitoring mechanisms to ensure that they are providing appropriate financial services to their intended clientele). NEGATIVE IMPACT ON CLIENTS Whatever the MFI’s social mission, at the minimum it should strive to have no negative impacts on clients. By adopting practices to protect their clients, MFIs build a foundation for good social performance. They protect their clients’ activities and, more generally, the sector’s reputation. To better serve their clients, MFIs must be fully transparent on their prices and on the terms and conditions of all financial products offered. They must ensure clients do not borrow more than they can pay back or subscribe to services they don’t need. They should offer products at affordable prices that ensure the institution’s financial viability. They should employ respectful collection practices, adhere to ethical guidelines when dealing with clients, make redress procedures available to them in case of loss, and ensure the confidentiality of all client data. By adopting such practices, MFIs also minimize their own institutional risks, e.g. minimizing the risk of client over-indebtedness minimizes delinquency, dissatisfaction and client drop outs. CLIENT VULNERABILITY A lot of MFIs target marginalized people from low-income communities, which is a high-risk target market. To assess the risks linked to client vulnerability, MFIs must take into account the consequences of events such as illness and death (including populations affected by HIV/AIDS), in addition to illiteracy, business experience, population mobility, social cohesion, and past borrowing and repayment history. INTERNAL CONFLICTS Many MFIs and particularly non-profit structures have long considered that staff commitment should compensate for relatively low wages and demanding work. Poor relations between staff and managers, insufficient incentives and lack of core values can lead to a tense work environment, labor movements and massive employee desertion as competition with banks or other economic sectors increases. Increasingly, institutions recognize their relationship with employees as a key aspect of their corporate social responsibility. They realize that demonstrating social responsibility to employees is often essential when it comes to motivating and holding on to first-rate, well-trained staff.
  • 7. 3 Operational Risks Operational risks are the vulnerabilities that an MFI faces in its daily operations, including concerns over portfolio quality, fraud and theft, all of which can erode the institution’s capital, undermine its financial position, and have a negative impact on clients. CREDIT The biggest risk for MFIs is lending money and not getting it back. Credit risk is a particular concern for MFIs because most microlending is unsecured. If an institution does not have tight control over its credit function, there can be negative impacts on the clients: over-indebtedness, abusive delinquent loan collection practices, and unethical staff conduct. To determine an institution’s vulnerability to credit risks that would also have disastrous consequences for clients, it is necessary to review the policies and procedures at every stage in the lending process to determine if they are designed to produce an acceptable level of loan delinquencies and loan losses. These policies and procedures include the loan eligibility criteria, the application review process and authorization levels, collateral or security requirements, as well as the “carrots and sticks” used to motivate staff and compel borrowers to repay in respectful conditions. Besides analyzing whether these policies and procedures are sound, it is also necessary to determine whether they are actually being implemented. The best policies in the world are meaningless if staff members are not properly trained to implement them or choose not to follow them. FRAUD Any organization that handles large volumes of money is extremely vulnerable to fraud, a vulnerability that tends to increase in poor economic environments. Exposure to fraud is particularly acute where money changes hands. These vulnerabilities in a microfinance institution can be exacerbated if the organization has a weak information system, if it does not monitor clearly defined policies and procedures, if it has high staff turnover, or if the MFI experiences rapid growth. The management of savings, particularly voluntary savings, creates additional vulnerability in that a failure to detect fraud could lead to the loss of clients’ very limited cash assets and to the rapid deterioration of the institution’s reputation. In the detection of fraud, timeliness is a critical factor to address the problem and send a sharp message to staff before it gets out of hand. SECURITY As with the vulnerability to fraud, the fact that most MFIs handle money also exposes them to theft. This exposure is compounded by the fact the MFIs tend to operate in environments where crime is prevalent. For example, in high volume branches the amount of cash collected on a repayment day can easily exceed the average annual household income in that community. Clients are also exposed to the risk theft of their personal data if MFIs do not do what is necessary to protect such data (i.e., access codes). INEFFICIENCY Efficiency remains one of the greatest challenges for microfinance institutions. It reflects an organization’s ability to manage costs per unit of output, and thus is directly affected by both cost control and level of outreach. Inefficient microfinance institutions waste resources and ultimately provide clients with poor and/or expensive products and services, as the costs of
  • 8. 4 these inefficiencies are ultimately passed on to clients through higher interest rates (or excessively high prices), higher client transaction costs, or the choice of unsuitable products and services. Financial Management Risks LINKED TO FINANCIAL SUSTAINABILITY The mission of an MFI is to provide financial services in such a way as to enable its long-term institutional viability. An MFI becomes vulnerable to sustainability risk when its interest rates are too low to cover costs and/or when it is poorly managed. The social and commercial missions are sometimes in conflict with each other. For example, it might be easier to become sustainable if the institution offered larger loans, which could undermine the social mission to serve low-income and harder-to-reach people who traditionally demand smaller loans. The challenge is to balance the social and commercial missions to achieve them both. ASSET AND LIABILITY MANAGEMENT The financial vulnerability of an MFI is summarized in asset and liability risks, which include interest rate, liquidity, and foreign exchange risks. Interest rate risk arises when the terms and interest rates of assets and liabilities (which fund assets) are mismatched. For example, if the rates on short-term liabilities rise before an MFI can adjust its lending rates, the spread between interest earnings and interest payments will narrow, seriously affecting the MFI’s profit margin. MFIs operating in inflationary environments are particularly vulnerable to this type of risk. In all cases, it is advisable to take care that interest rates and other credit costs are affordable for clients to avoid the risk of negative impacts on the clientele. Liquidity risk involves the possibility of borrowing expensive short-term funds to finance immediate needs such as loan disbursement, bill payments, or debt repayment. A financial institution must fulfill its commitments to third parties using the revenue it generates, in particular from credit repaid and from investments. If these resources are insufficient (lack of liquidity), it tries to attract new deposits as an additional source of liquidity and/or sell its short-term assets. Another solution could be to borrow in the financial/capital market or from the Central Bank, although often at an unfavorable interest rate. Liquidating long-term assets is the most costly source of liquidity and should be used only as a last resort. MFIs collect savings from their clientele, but they also have to manage their requests for withdrawals. Therefore, they need to have enough cash assets to deal with both. They also have to protect savings and uphold their value: savings are a particularly important asset, since they represent its clients’ resources. MFIs are most vulnerable to foreign exchange risk if they have to repay loans in a foreign currency that they have converted to local currency and therefore are earning revenue in the local currency.
  • 9. 5 QUALITY OF THE INFORMATION Another aspect of financial management risk is the integrity of the information system, including the accounting and portfolio management systems. An assessment of this risk involves checking the quality of the information entering the system, verifying that the system is processing the information correctly, and ensuring that it produces useful reports in a timely manner. DEPENDENCY Dependency risk is more pronounced for MFIs that were started and supported by international organizations, particularly when the microfinance activities are operated as a project rather than as an independent organization. These MFIs are vulnerable to dependency on the strategic, financial, and operational support provided by the external organization. While this support may seem like an advantage at first, it can significantly undermine efforts to build an independent institution that will exist for the long-term. External Risks Although they have less control over this type of risk, MFI officers should also assess exposure to external risks to prevent them as much as possible. A microfinance institution could have relatively strong management and staff, and adequate systems and controls, but still be prone to major problems stemming from the environment in which it operates. Even if external risks are due to realities/events external to the MFI, it should be constantly alert for potential risks and take advantage of opportunities that crop up. REGULATORY Policy makers, banking superintendents and other regulatory bodies have defined regulations and laws for microfinance institutions. Their concern is heightened when MFIs are involved in financial intermediation—taking savings from clients and then lending out those funds. In many jurisdictions, policy makers are regulating the activities of microfinance institutions, occasionally with policies that can threaten the institution, such as usury laws, provisioning for agricultural loans, or loans without physical collateral. Other regulations that can create vulnerability in an MFI include restrictive labor laws, contract enforcement policies, and political interference. COMPETITION Microfinance is becoming increasingly competitive, in particular in urban areas, due to new players entering the market, such as MFIs, microfinance banks, or cell phone companies. Competition risks stem from MFIs not being sufficiently familiar with the services of others to position, price, and sell their own institution’s services. Competition risk can be exacerbated if MFIs do not have access to information about applicants’ current and past credit performance with other institutions, due to the lack of a credit bureau (e.g. taking out a loan to pay another, which can lead to over-indebtedness). ENVIRONMENT Some areas are prone to natural calamities (floods, cyclones or drought) that affect households, enterprises, income streams, and microfinance service delivery. In addition, the physical infrastructure—such as transportation, communications, and the availability of banks—in the MFI’s area of operations can substantially increase its vulnerability.
  • 10. 6 MACROECONOMICS Microfinance institutions are especially vulnerable to changes in the macroeconomic environment such as devaluation, inflation, economic or financial crises, and price/market trends for the specific products their clients rely on. This risk has two aspects: 1) how these conditions affect the MFI directly and 2) how they affect the MFI’s clients, their business operations, and their ability to repay their loans. REPUTATION RISK The reputation risk concerns the potential impact of a management error on an organization’s image2 . It arises in particular from poor management of previous risks, especially social and operational risks. Reputation is a strategic asset for an MFI’s development (recruiting clients, building client and employee loyalty, entering markets, relations with regulators, investors, etc.). The microfinance sector has recently been the target of criticism. Accused of over indebting its clients, using unethical debt collection methods, charging excessively high rates, and a lack of transparency on their rate practices, the sector is faced with a rapidly growing reputation risk, as shown in the Microfinance Banana Skins 20113 survey of microfinance risk. Eloquently titled “Losing its fairy dust”, the survey emphasizes that the spell has been broken and that the sector’s future growth depends on addressing the criticism. Since 2009, reputation risk has moved from 17th to 2nd place in the biggest change since the survey was first put out. The top five risks are credit, reputation, competition, corporate governance, and political interference. The best way to manage reputation risk is to set up a corporate governance structure that includes proactive risk management, receptivity to stakeholders, and direct communication on the problems the MFI has with respect to stakeholders – not only stockholders, but also staff, clients, regulators, and the members of civil society who are the most directly concerned. 2 Adapted from Wikipedia 3 http://www.lamicrofinance.org/content/article/detail/27870?PHPSESSID=adc6da65d40058431d6aa429c 00b5c76
  • 11. 7 Risk Category Example of Risk R E P U T A T I O N R I S K Social – risks linked to relations with clients and staff Clients: • Mission drift • Vulnerable clients • Negative impact on clients (over-indebtedness, breakdown of social ties, imbalanced gender relationships), drop outs Staff: • Internal conflicts • Employee dissatisfaction/movements Operational • Fictitious credit • Overbilling • Fraudulent withdrawal • Cash theft • Data manipulation • IT risk • High staff turnover • Inefficiency (resulting from “irresponsible” rates or unsuitable services) • Security • Negative impact on clients (over-indebtedness, inappropriate loan collection practices, unethical practices) Financial • Insufficient revenue to guarantee financial sustainability • Liquidity risk • Exchange risk • Information quality • Dependency on subsidies • Resource instability External • Regulation • Competition (potentially leading to over-indebtedness) • Inappropriate political interference • Natural disasters/ climate risk/ infrastructure • Macroeconomic
  • 12. 8 RM2-H2 List of the risks identified in Microfinance Banana Skins 2011 1 Credit risk (1) 2 Reputation (17) 3 Competition (9) 4 Corporate governance (7) 5 Political interference (10) 6 Inappropriate regulation (13) 7 Management quality (4) 8 Staffing (14) 9 Mission drift (19) 10 Unrealizable expectations (18) 11 Managing technology (15) 12 Profitability (12) 13 Back office (22) 14 Transparency (16) 15 Strategy (-) 16 Liquidity (2) 17 Macroeconomic trends (3) 18 Fraud (20) 19 Product development (24) 20 Ownership (17) 21 Interest rates (11) 22 Too much funding (25) 23 Too little funding (6) 24 Foreign exchange (8) Credit risk is still at the top. The survey’s main finding is that credit risk constitutes the worst threat to the sector over this turbulent period. While this result hasn’t changed since 2010, the underlying reasons have considerably. Previously, the causes were linked to difficulties brought on by the economic crisis. In 2011, the causes were broader than just the crisis. Stakeholders are reporting a situation of growing and persistent competition, poor credit management, growing cynicism among clients, and increasing political interference in credit procedures. Credit risk is above all considered indicative of a growing problem with over-indebtedness in some larger markets where poor people have accumulated debts that they will never be able to reimburse, often due to pressure on the part of MFIs. Some MFIs even talk of the high probability of heavy losses in specific markets, which would be a radical change in an industry that prides itself on its “99%” reimbursement rate. http://www.csfi.org.uk/Microfinance%20Banana%20Skins%202011.pdf
  • 13. 9 RM2-H3 Risk Management Process Feedback Loop 3. Design policies and procedures to mitigate risks 6. Revise policies and procedures 2. Develop strategies to measure risk 1. Identify, assess, and prioritize risks 4. Implement and assign responsibility 5. Test effectiveness and evaluate results Adapted from Campion, Anita. 2000. Improving Internal Control: A Practical Guide for Microfinance Institutions. Technical Guide No. 1, MFN/GTZ International. http://www.microfinancegateway.org/content/article/detail/2587.
  • 14. 10 RM2-H4 Risk Management (Technical Notes) Operational risk management is a systematic approach to identifying, measuring, and mitigating operational risks in an MFI. Internal Controls (ICs) Internal controls are all of the resources and procedures used by managers to properly control their activities. Using the process allows the management and its personnel to be reasonably sure that their objectives have been met. ICs help correct contradictions and detect anomalies that occur between the different decision centers, which have varying degrees of autonomy. Internal controls can be • Preventive – designed and installed to prevent undesirable outcomes before they happen. • Detective – designed to identify the undesirable outcomes when they do happen. Detective ICs identify errors after they occur. • Corrective – designed to make sure that corrective action is taken to reverse the undesirable outcomes or to see that they do not recur. Corrective ICs are exercised to correct the identified errors. All of them, in concert, function to ensure that some management objective or goal will be met. Internal Audit Internal auditing is an independent appraisal function that is established within an organization to examine and e valuate its activities. The objective of internal auditing is to provide a service to the organization by assisting members of the organization in the effective discharge of their responsibilities. To this end, internal auditing furnishes them with analyses, appraisals, recommendations, counsel, and information concerning the activities reviewed. The audit objective includes promoting effective control at reasonable cost. At some levels it serves to monitor and evaluate the applications of established controls. Occasionally an MFI may contract an external auditor or firm to conduct its internal audit function. External Audit An external audit is conducted by an individual or firm that is independent of the company being audited. These independent auditors audit the books of a company generally once per year after the completion of the company's fiscal year. Their role is to give an opinion of the financial statement's reflection of the status and operations of the company being audited. Depending on what they witness during the audit, external auditors will also produce a management letter for use by management and the board,. Although a financial statement audit is the most common type of external audit, external auditors may also conduct special purpose audits, which might include performing specific tests and procedures and reporting on the results, performing a less intensive review (donors commonly request such a review), and doing compilations. External Audit Risk Management Internal Control Internal Audit
  • 15. Risk management: Integrating SPM into microfinance capacity building Introduction Risk management is a systematic approach to identifying, measuring, monitoring and managing the various risks faced by an institution. Within microfinance institutions (MFIs), risk management systems and capacity building initiatives have mostly focused on financial and operational risks. But other unmitigated risks, such as reputation risk, can result in serious financial risk and loss of goodwill towards an MFI. The following risks, which relate to social performance, have until now often been overlooked in risk management capacity building materials. This briefing shows the importance of integrating a social lens into risk management strategies and capacity building in microfinance. It provides a quick overview of the main non-financial and operational risks typically overlooked by MFIs. It discusses the key institutional questions raised and the importance of analysing existing practices to assess how the MFI may be overlooking some of these risks. It also presents emerging practices that MFIs are finding useful to help them integrate social performance into their risk management activities. Reputation risk Reputation risk can be defined as ‘the current and prospective impact on earnings and capital arising from negative public opinion’1 . Essentially, reputation is about responsible finance: ethics, trust, relationships, confidence and integrity. Organisations may not fully realise how significant reputation is until it is lost or damaged. Some MFIs have suffered damage to their reputations, whether real or perceived, from coercive loan collection practices and questionable human resources (HR) practices (see Box one). Reputation, though an intangible asset, has far- reaching consequences for an institution’s ability to secure resources and function effectively. Mission drift risk Mission drift risk can be defined as a lack of institutional alignment with social goals (derived from the mission), or even a lack of clearly Guidance Note Box one: Headlines highlight reputation risk Headline: ‘Child taken hostage for loan’ The Telegraph (India), 6 June 2008 Focusing only on financial performance, MFI man- agers are often unaware of the approaches that some of their employees use to achieve their tar- get results. One can imagine that the MFI that was the target of this headline suffered from the following unintended consequences: lost a significant number of good clients had more difficulty attracting new clients (especially those with children) faced increased costs in trying to do damage control through the media lost income, as the portfolio shrank and costs increased. Given all these potential effects, one has to ask: was collecting that one bad loan worth it? Written by Rashmi Ekka and the EDA Rural Systems team (R. Chaudhary and F. Sinha). Contributions from A. Campion, V. Thiel, A. Simanowitz, C. Linder, S. Naik, B. Simmes, W. Tounytsky, J. de Wit, C. Ben Mboho, O.Torres, T.Cherikov, Dr J. Bald, N. Agarwal, J. Bliek, C. Velasco and C. Loupeda. 1 Large Bank Supervision, Bank Supervision and Examination Process, Comptroller’s Handbook, Washington DC, 1998
  • 16. Page 2 Risk management: Integrating SPM defined social goals. It can also, therefore, have implications for reputation risk. Mission drift can occur when an MFI: fails to define its target market(s) as part of its mission fails to stay focused on its target clients, or lacks monitoring mechanisms to ensure that it is providing appropriate financial services to its intended clientele focuses narrowly and strongly on growth and profitability fails to contribute to positive change. Mission alignment is about ‘walking the talk’ – doing what microfinance is intended to do. A typical example of mission drift is when an MFI bypasses more vulnerable clients, often in remote areas, and moves ‘up market’. A degree of ‘up market’ diversification may be necessary to institutional sustainability. The challenge is to include different client segments, so that the poor are not completely bypassed. Client vulnerability risk Poor people face ongoing risks or sudden shocks resulting, for example, from ill health, natural disasters, and irregular or uncertain incomes. Risks that reduce clients’ incomes, or sudden large expenses, are risks to the MFI as well. MFIs should take measures to protect their clients against shocks, and to respond to ongoing risks. Such measures must stem from understanding client livelihoods and cash flows. They include appropriate financial product design (credit and insurance) and adjusting the loan repayment schedule. They should help to protect clients and, at the same time, help to protect the institution’s reputation and mission. Figure one sets out the key categories of risk that MFIs face, including financial management, operational, reputation and external risks. It also shows how the different t y p e s o f r i s k a r e interconnected. The reputation of an MFI is the central factor, and is affected by all other types of risk. A comprehensive risk management strategy and capacity building initiatives must be developed using a social performance lens so that social performance risks are addressed together with other risks. Figure one
  • 17. Page 3 Risk management: Integrating SPM Key questions How do current risk management practices address the institutional risks faced by MFIs? How can an MFI protect itself from a reputation crisis? Once a crisis has occurred, what can the MFI do to redeem itself? What should an MFI do to prevent mission drift, and how can it address the specific needs of vulnerable clients? What is the role of governance in the risk management environment, within MFIs in general, and towards institutional risks in particular? How can an MFI protect itself from operational risks? Consider your audience when building capacity Few MFIs have dedicated risk management departments, so the responsibility often falls on the chief financial officer or the accounting or internal control department. Therefore, those most closely involved in microfinance risk management usually have strong financial and accounting backgrounds, and as such, might consider social performance management to be more of a ‘soft’ skill, better left to the sociologists and die-hard ‘do -gooders’. One way to start to engage these key staff, and build buy-in, lies in the language we use. Trainers and others engaged in building capacity should use phrases such as ‘responsible finance’ and ‘balanced performance management’ that will appeal to managers whose orientation is focused on ‘harder’ financial skills. They should also use practical examples that highlight the importance of mitigating institutional risks for long-term financial sustainability. Existing practices may overlook social or institutional risks MFIs should review their strategies with regard to reputation and mission to see whether existing practices that support conventional microfinance at the institutional level may be overlooking some important client-level risks. For example: Loan size limits: these mitigate an MFI’s exposure, especially to new clients who do not have collateral. But depending on the type of client being reached, there may be a very significant mismatch with clients’ credit needs/ capabilities. In competitive environments, clients may end up borrowing from other MFIs and run the risk of becoming over-indebted. Standardised (simple) loan terms: these make it easier (for staff and clients) to monitor repayments, but might represent a significant mismatch with different livelihood cash flows. ‘Zero tolerance on delinquency’: this defines a culture of repayment, but could backfire (especially in the context of standardised loan terms), leading to aggressive staff behaviour (see Box one), and possibly pushing clients into multiple borrowing and over-indebtedness. Group-based lending: although this methodology is used by many MFIs, it may exclude some of the poorest clients, who find it difficult to join a group (self-
  • 18. Page 4 Risk management: Integrating SPM selection principle) or may be pushed out from their group by their peers (peer pressure principle). Emerging good practices A number of good practices have emerged that promote responsible and inclusive lending. They relate to several aspects of institutional management and governance, which MFIs need to implement as part of effective risk management. Implement the Client Protection Principles Coordinated by the Smart Campaign, a consensus has emerged around six principles for client protection. These are the minimum standards a client should expect to receive when dealing with an MFI: 1. Avoidance of over-indebtedness 2. Transparent and responsible pricing 3. Appropriate collections practices 4. Ethical staff behaviour 5. Mechanisms for redress of grievances 6. Privacy of client data The Smart Campaign now has 1,000 endorsers, including 250 MFIs, nearly 100 investors/donors, 70 support organisations and 45 networks or associations, as well as individuals. MFIs are now working on ways to put these principles into practice. These include: improving loan appraisal methods sharing information through credit bureaus ensuring effective communication of loan terms to clients (and catering for low levels of literacy among clients) employing a clear, phased process in case of loan default, including careful guidelines and transparent accounting for loan rescheduling creating clear channels for customer complaints, with effective response monitoring processes as part of the internal audit (at institutional as well as field staff level). Know your client – collect and use client profile information MFIs collect valuable information from clients as part of the loan appraisal process, including information about the client’s family, asset base, income sources, access to other sources of finance, and level of poverty. But this information is rarely collated, analysed and used. If systematically collated, with careful selection of indicators, the data could be used to track outreach, and identify the different market segments and the products that would serve them best. The data could also serve as a baseline for tracking change over time, enabling the MFI to assess whether it is realising its mission and goals. For example, Fonkoze (Haiti) and Prizma (Bosnia and Herzegovina) have designed products for clients experiencing different levels of poverty. They also use a systematic approach to assessing poverty, such as the Progress out of Poverty Index. Client education Informing clients of their rights and responsibilities in the loan process is a critical preventive control. Basic training s h o u l d i n cl u d e : having an official
  • 19. Page 5 Risk management: Integrating SPM receipt, having passbooks regularly updated, and knowing the appropriate channels to use to voice concerns and complaints. Some MFIs are beginning to offer more broad-based financial literacy as a means of helping clients to plan their financial needs. Systematically collect and use client feedback An MFI needs to listen to clients’ views about its performance in order to improve its services and be responsive to clients’ needs. It should therefore ensure that channels exist to receive such feedback. Information can be collected through formal and informal channels. Formal channels include internal audit staff visits to a sample of clients, market research (including the ‘mystery shopping’ technique of researchers posing as clients, and providing feedback on the experience), client satisfaction surveys, and bi -annual or annual forums for clients or their representatives to raise issues. Informal channels include routine staff visits and meetings. By considering clients’ needs, an MFI can work towards reducing risks – both for its clients, and for the institution. Track and analyse exit rates MFIs have not usually tracked client exit. Nevertheless, high rates of growth in overall number of clients and portfolio can mask high levels of client exit. Client retention is a useful proxy indicator of client satisfaction, signifying loyal clients and a useful service. Client retention also contributes to more cost- effective institutional growth. Of course, some client exit is normal in any programme, especially perhaps after the first loan cycle, during which both clients and the MFI ‘try each other out’. But increasing levels of exit can represent a significant risk, reflecting client dissatisfaction, inappropriate products or effective competition from other local microfinance providers. MFIs are now beginning to define, measure and track dropouts through the management information system (MIS). But to do so, the MIS must have unique client identification systems and be able to distinguish between dropouts and clients who are simply resting between loans (and who eventually re-join) – as well as any who have graduated to formal institutions. Tracking and analysing the client exit rate is a useful tool for monitoring client dissatisfaction; asking ex-clients why they left and analysing their reasons is an important additional element of market research. Manage human resources and staff perceptions Satisfied, appropriately motivated staff are key to an MFI’s success. Its mission and core values need to be part of organisational systems and culture. A code of conduct for staff can be a useful way of ensuring this. But, more importantly, senior management need to demonstrate and reinforce the organisation’s mission and values through their own behaviour as well as through implementing relevant performance appraisals and incentives. If incentives are driven by disbursements and repayment performance, other critical aspects of outreach – such as ethical behaviour with clients, communication and debt collection practices – may be overlooked. Effective feedback mechanisms such as group or individual discussions with employees can help management understand any problems staff are experiencing at field level. Staff can be encouraged to identify and report risks, as well as offer suggestions about how to mitigate them.
  • 20. Page 6 Risk management: Integrating SPM MFIs can offer small rewards to reinforce positive behaviour in preventing social and financial risks. Assess whether clients’ enterprises have negative environmental or social effects MFIs should not support activities that could damage natural resources (e.g., chemical agriculture, over-fishing and charcoal burning) or community health (e.g., illicit manufacturing of ‘home-made’ liquor). There may also be health and safety issues around the working conditions of some activities. MFIs should develop their own policies, clearly stating activities for which they will not lend. For example, an environmental protection policy could steer loan officers away from lending to businesses known to create pollution. MFIs could also go further and develop a more proactive strategy, encouraging alternative approaches and livelihoods that could help microfinance clients and their communities in the long term. Communication and transparency MFIs need to routinely report on their performance to all stakeholders. This communication is largely through their annual report, reporting to the MiX2 , to investors and regulators. Social reporting, if it is included at all, is usually limited to a couple of anecdotal case studies in the annual report. MFIs need to systematically report on their social performance for their internal as well as external stakeholders. Recently, the MiX launched its online social performance standards matrix, and MFIs have now begun to report on these indicators, along with their financial indicators. Once social performance reporting is effectively in place and verified, transparency and reputation is enhanced. MFIs can also use their social performance reports (including information on clients) to help assess what progress they are making towards achieving their mission. A crisis situation, such as bad press, can affect the reputation of the entire microfinance industry. In such a situation, it becomes imperative for an MFI or a network of MFIs to develop a clear communications strategy to communicate with all stakeholders: staff and clients, the media, investors and competitors. Role of governance The role of governance is crucial. There has to be an effective board to ensure that all systems (including risk management policies and practices) are fully aligned with the MFI’s mission and values. The extent to which the board can effectively carry out its role depends on the balance of experience and perspective of directors. Typically, an MFI board has an audit committee, and others dealing with HR, borrowing or loans. Some MFIs are now appointing a social performance committee, whose role is to monitor information and reports that relate to mission and reputation, and to ensure that all operations are seen through a social performance lens – an essential feature in implementing a comprehensive risk management framework. Role of internal auditors MFIs usually focus primarily on financial and operational risks (e.g., credit or fraud), and their management systems (accounting, MIS, etc) are usually designed to mitigate these types of risk. Internal auditors also have a key role in terms of verifying how well these risks are being managed and mitigated, and whether a n y n e c e s s a r y adjustments are b e i n g m a d e . 2 The MiX (Microfinance Information eXchange) provides detailed financial and social performance data from MFIs, as well as business information from market facilitators and leading donors and investors. For more information, visit: www.mixmarket.org
  • 21. Page 7 Risk management: Integrating SPM Similarly, procedures must be developed to equip the internal auditors to verify the management of risks pertaining to social performance (mission drift, reputation risk, etc). Managing risk is something that should concern all levels of an MFI; every member of the organisation has a role to play. Staff must work together to develop effective risk management procedures at all levels, and for all types of risk– financial as well as social performance risks. Conclusion It is important for MFIs to remember that it takes a long time to build a good reputation, but only a short time to destroy it. Therefore, being proactive about how to mitigate reputation risks before they occur can also be one of the best ways to reduce the risk of financial loss. Defining the mission and applying it to all operations ensures that the MFI does not risk mission drift, and this, in turn, is critical to reputation. The challenge for MFIs is to manage growth while ensuring that there are adequate institutional systems to support mission and values. When several MFIs are growing rapidly in the same geographical area, there is also the challenge of managing competition. Very rapid growth could dilute both an MFI’s mission and values, and possibly increase client vulnerability (e.g., through over- indebtedness). MFIs need to put clients first, especially their target clients. Ultimately, being customer-focused is one of the best risk management strategies. References Bald, Dr J. (2009) Training on ‘Fundamentals of Asset and Liability Management’, Germany: Frankfurt School of Fi- nance and Management Campion, A. and Linder, C., with K. Knotts (2008) Putting the 'Social' into Performance Management: A Practice- Based Guide, Brighton: Institute of Development Studies CGAP (2009) Operational Risk Management for Microfi- nance Institutions, www.cgap.org --- (2003) Operational Risk Management, Participant Course, materials (presentation) www.cgap.org Comptroller of the Currency, Administrator of National Banks (1998) Large Bank Supervision, Bank Supervision and Examination Process, Comptroller’s Handbook, Wash- ington DC EDA (2009) ‘Using SPM to Mitigate Institutional Risks’, www.edarural.com (accessed 1 March 2010) FMO, Social and Environmental Management Guidance for Micro Finance Institutions, www.fmo.nl (accessed 11 November 2010) Economist Intelligence Unit (2005) ‘Four out of Five Com- panies Say Threats to Corporate Reputation are Rising’, 8 December, www.eiuresources.com/mediadir/ default.asp?PR=850001885 (accessed 11 November 2010) Resnick, J.T. (2006) Reputational Risk Management: A Framework for Safeguarding Your Organization’s Primary Intangible Asset, Princeton, NJ: Opinion Research Collabo- ration
  • 22. Page 8 Risk management: Integrating SPM Imp-Act Consortium: Learn, connect, share A range of online resources are available to help you improve your SPM practice: The SPM Resource Centre offers step-by-step guidance on integrating a social lens into MFI performance management systems, including an interactive SPM self-assessment tool. Head to: www.spmresourcecentre.net The SPM Network connects individuals and organisations who are committed to managing and achieving social performance in microfinance. The Network is a virtual space for practitioners to share experiences and information, and debate new ideas in SPM. Join in today! www.spmnetwork.net The SPM Practice Guide offers step-by-step guidance on integrating SPM into your MFI along- side real MFI case studies. Download today in English, French, Spanish or Arabic. Fulfilling the Promise is a new film by the Imp-Act Consortium that captures the SPM experi- ence of two mission-driven MFIs, SEF (South Africa) and AMK (Cambodia). Short and long ver- sions are available in English, French, Spanish and Arabic. Learn more about the Imp-Act Consortium and its work by visiting www.Imp-Act.org. About this series This series of Guidance Notes emerges from a collaboration between the Imp-Act Consortium and key industry technical experts. Recognising that the ongoing support to MFIs from funders and support organisations is critical to ensuring a balanced approach to performance management, this series aims to help them integrate the missing “social lens” into existing MFI training materials. The notes provide targeted guidance on critical issues, as well as details on further resources available. Development process The Integrating social performance management into mainstream capacity building initiative, led by the Imp-Act Consortium, involves a three-part strategy: Linking SPM experts with experts in key technical areas: Consortium members and associates join forces with industry experts to apply a social lens to key technical areas. Reviewing existing mainstream training materials: Through online workshops between project partners, gaps in training currently provided to MFIs are identified and prioritised. Facilitating online knowledge sharing discussions: Each technical area is addressed in a facilitated discussion on the SPM Network in order to add to the rich experience base of these Guidance Notes.
  • 23. RM3-H1 Mission Statement and Core Values Worksheet 1. A mission statement is a statement that describes the purpose or reason for the existence of the organization. It provides the strategic orientation of the organization. The mission statement of _________________________, my MFI, is…. 2. Our core values are: 3. Who decided on the core values for your MFI? Or Who/how do you think the core values should be established for your MFI? 4. Provide an example of how core values can affect operations. 5. We do or need to do the following in order to ensure that everybody (staff, clients, Board, investors, etc.) understands and believes in our mission and values and stays committed to implementing them:
  • 24. ©CGAP/World Bank, 2007 RM3-H2 MISSION DEFINITION A clear mission is the key to shaping a successful strategy. Employees need to understand both the institution’s operations and values. Without such understanding, they will not feely strongly committed to the organization’s success. A mission statement reinforces the sense of purpose and incorporates a vision of future accomplishment, with specific reference to: THE OBJECTIVE • What is the institution’s objective or vocation? • Have growth and profit objectives been set? Has the strategy for using profits been clarified? How will the strategy benefit clients? VALUES • Why is this objective(s) important? • What beliefs guide the MFI’s behavior/attitude? SERVICES PROVIDED • What will the institution DO to fulfill its objective(s)? • How will it make sure to fulfill the various needs of its clients, their families and their enterprises, with appropriate quality services? CLIENTS • Who does the institution serve? • What type of targeting strategy does the institution want to define: rural or urban areas, client type (women, small or medium-sized business, level of poverty?), diversity, etc.? BENEFITS • How will the institution benefit its stakeholders? • How will it make sure that clients obtain maximum benefit from the services provided, and that they are satisfied? • Will it restrict its efforts to the economic impacts, or does it also want to foster social reinforcement for its clients?
  • 25. RM3-H3 Smart Note – Compartamos: Building Institutional Culture around a Code of Ethics See attached pdf document.
  • 26. RM3-H4 Smart Note – Ethical Staff Behavior at Alalay Sa Kaunlaran, Inc. (ASKI) See attached pdf document.
  • 27. RM3-H5 EXCERPT FROM INTERNAL CONTROLS AND FRAUD PREVENTION IN MICROFINANCE INSTITUTIONS1 1 Institutional Values and Accountability 1.1 Values – Entrench the Vision To be successful, microfinance institutions must recognize the importance of having organizational values and be committed to a process of developing those values. Staff is the most critical factor for success, and each one must catch the vision and mission of the institution and commit to those stated values. Values are the core of effective capacity building. Stated values lead to policies that lead to goals, objectives and strategies for implementation. This in turn leads to hiring people who will commit to these values. These people are worthy of the resources committed to their training, equipping and facilitating. With this planning cycle, the “Capacity Building” is more likely to be sustained. MODEL FOR SUSTAINABLE CAPACITY BUILDING 1. Begin with stating the core values of the institution: justice/fairness, integrity, quality, commitment, respect, etc. 2. Set policies and procedures consistent with the values 3. Set strategies and objectives for implementation 4. Hire staff who share the core values 5. Train and equip staff Each MFI must determine what values are appropriate for their institution and constantly seek to have those values internalized by every board member, manager, and staff member. 1.2 Accountability A key principle undergirding accountability is that of interdependence. To reach full maturity, every person, organization and nation must move through the periods of dependence and independence to the recognition that we need others. We need a partnership with others whose strengths make up for our weaknesses and who enable us to build on our strengths. But with such a partnership comes the requirement that we be accountable to each other. Interdependence recognizes the essence of accountability. 1 Lehman, Joyce, 2000. MEDA Consulting Group, 155 Frobisher Drive, Suite I-106; Waterloo, ON N2V 2E1 Canada. CORE VALUES
  • 28. Having been entrusted with resources and a purpose, it is obligatory to account for how and when those resources were used and those tasks accomplished. 1.2.1 Forms of accountability Personal accountability is the starting point for all other forms of accountability, whether managerial, political, or multiple. Each individual has a personal code of conduct against which he or she brings himself or herself to account. Managerial accountability requires managers to carry out their tasks in accordance with agreed criteria and with satisfactory results. It includes: ∃ Financial accountability – the obligation to ensure and report that money has been spent as agreed, ∃ Effectiveness accountability – the obligation to ensure that intended program outcomes have been achieved, ∃ Efficiency accountability – the obligation to ensure that value for money has been achieved in the process, ∃ Legal accountability – the obligation to ensure that the organization’s policies, procedures, laws and regulations have been observed in decision making, and ∃ Professional accountability – the obligation to ensure that professional ethics are observed in rendering service and in the way we conduct ourselves. 1.2.2 Delegation Delegation moves responsibility and authority from a senior person to a less senior one and then demands accountability in return. With that delegation of authority for a task goes the responsibility to get it done and the accountability to the one who delegated. Delegation and accountability are two-way processes. Delegation is NOT abdication.
  • 29. RM3-H6 EXCERPT FROM IMPROVING INTERNAL CONTROL: A PRACTICAL GUIDE FOR MICROFINANCE INSTITUTIONS2 (from chapter 2, concerning mission risk)3 Institutional risks come in two types. The first type involves the institution’s mission, which has two aspects of its own: the social and commercial. Microfinance is a powerful development strategy because it has the potential to be a long-term means for fighting poverty and inequity. One of the greatest challenges in designing and running microfinance operation is to balance the dual mission so that your MFI: a) provides appropriate financial services to large volumes of low-income persons to improve their welfare (social mission); and b) provides those services in a financially viable manner (commercial mission). Too heavy a focus on one or the other, and microfinance will not live up to its potential. The second institutional risk is the dependency of a microfinance program on international support organizations such as CARE. MFIs that rely on strategic, financial, and operational support from international organizations are at risk because the longer those links continue, the harder it is to break them—yet no one should be under the illusion that those links can continue indefinitely. Microfinance programs that were created as CARE projects, rather than separate institutions, are particularly vulnerable to dependency risk. 2.1 Social Mission Risk The social mission of microfinance institutions is to 1) provide appropriate financial services 2) to large volumes 3) of low-income persons 4) to improve their welfare; these four elements are highlighted in the left-hand column in Figure 1. The right-hand column lists the four Ms: controls and monitoring tools that MFIs need to mitigate social mission risk. Figure 1: The Four Ms of Controlling Social Mission Risk Social Mission Controls and Monitoring Provide Appropriate Financial Services Market Research To Large Volumes Managing Growth Of Low-Income Persons Mission Statement To Improve Their Welfare Measuring Impact 2.1.1 Mission Statement The process of controlling social mission risk begins by identifying the target market. In its mission statement, the governing body of the MFI has to clearly articulate who the institution wants to serve and why it wants to serve them. The mission statement should also indicate that the organization intends to serve this market for the long term as an independent and self-sufficient institution. This mission statement then serves as a guiding light for managers and employees as they apply it in their daily activities. 2 Excerpted from Campion, Anita. 2000. Improving Internal Control: A Practical Guide for Microfinance Institutions. Technical Guide No. 1, MFN/GTZ International. 3 Churchill, C., and D. Coster. 2001. CARE International and Pact Publications, 2001.
  • 30. In developing the mission statement, it is important to strike a balance between the social and commercial mission. If the organization narrowly defines the target market, then it may have difficulty achieving sufficient scale and efficiencies to fulfill its commercial mission. For example, if the MFI only wants to serve refugees or people with AIDS, then the potential market for its services may not be large enough to create a sustainable institution, or it may be too expensive to identify and deliver services to a market that is geographically disparate, or the risks of serving a narrowly defined target group may be too high. The composition of the board of directors can contribute significantly toward ensuring that the institution has a good balance, both in its mission statement and how it goes about fulfilling its mission. It is difficult to find individuals who embody the dual mission of microfinance, so boards are often constructed to be balanced, with roughly half of the directors personifying a social bias and the other half with a commercial bias. This may create some tense board meetings, but it tends to produce appropriate microfinance policy. • Does your organization have a clear mission statement that balances the social and commercial objectives and identifies the target market? • Do employees know the organization’s mission statement and use it to help guide their actions? • Does the composition of the board reflect the dual mission of microfinance? 2.2 Commercial Mission Risk Although intended to serve the poor, microfinance is a business operation that must run on business principles. This means that a microfinance institution should make decisions based upon sound business rules, not on charitable sentiment. If an institution’s managers and board members do not share a business-like perspective, the MFI will be extremely vulnerable to commercial mission risk. It seems counter-intuitive that an organization dedicated to helping the poor needs to charge high interest rates and strives for profitability. The commercial approach makes sense, however, if you adopt a long-term view. Many of CARE’s development initiatives are short- term projects with a specific end date. Microfinance, on the other hand, has the unique ability to provide developmental services on an ongoing basis if it is designed and implemented properly. With microfinance activities, it is critical to adopt a long-term perspective because clients do not just want loans for the next three to five years. They want—and deserve—a safe place to save their money and a convenient place to borrow funds indefinitely. The only way to provide them with this extremely valuable service over time, and generate its important development benefits, is by fulfilling the commercial mission of microfinance. Controls for commercial mission risk include: setting interest rates, designing the capital structure, planning for profitability, and managing for superior performance. Commercial Banks and Social Mission Do all microfinance institutions have to have a social mission? Many commercial banks, including CARE’s partner in Zimbabwe, are beginning to serve the microenterprise market without a strong sense of social mission. Banks may be motivated to serve low-income persons because they have been pushed down market by increasing competition at the upper end, or because they see microenterprises as a profitable niche market, or for public relations reasons—but they are rarely concerned about alleviating poverty. It remains to be seen whether microfinance players who only have a commercial mission will be successful. It is logical though that an organization that deeply cares about its clients and serves them on a commercial basis will be more successful over the long term than an MFI that is purely profit-driven.
  • 31. EXCERPT FROM IMPROVING INTERNAL CONTROL: A PRACTICAL GUIDE FOR MICROFINANCE INSTITUTIONS4 2.3 Elements of Effective Risk Management MFIs with strong risk management maintain quality loan portfolios, avoid liquidity crises, reduce the risk of loss caused by fraud and human error, and minimize the effects of interest rate fluctuations over the long term. This section presents six key elements of effective risk management that are inherent in an MFI’s methodology or normal business operations. 2.3.1 Risk Management within the Methodology Most microfinance risk management strategies are those that are integrated directly into the methodology and operations, thereby systematically and proactively reducing risk. By anticipating the characteristics and motivations of its borrowers, MFIs minimize the potential for attracting high-risk borrowers, i.e., clients that would likely default on a loan. Table 1 lists a number of practices that incorporate risk management into microlending methodologies. In addition to risk management practices within the microfinance methodology, MFIs that effectively mitigate risk also integrate risk management strategies into their normal operations. There are five additional key elements prevalent in MFIs that can reduce risks: (i) a conducive environment, (ii) transparency, (iii) simplicity, (iv) individual accountability, and (v) security. Table 1: Risk Management within Microfinance Methodologies Common Risk Management Practices Inherent in Microfinance Methodologies • Peer lending – Peer or group lending reduces credit risk by spreading the risk of lending without collateral over a larger number of borrowers and transferring the burdens of encouraging repayment and collection from loan officers to clients. For example, several MFIs use a 2-2-1 disbursal mechanism, which encourages the clients in the group who have not yet received a loan to put pressure on the first two members to repay their loans, thereby ensuring their access to a loan. • Character assessment – Microfinance institutions develop expertise at assessing the character of borrowers and become familiar with those characteristics that reduce the risk of future loan default due to credit risk or fraud risk. For example, MFIs consider clients who have reputations for being honest and hard-working to be lower credit and fraud risks. • Forced savings or co-signature requirements – Forced savings and co-signature requirements act as collateral substitutes, which reduce the risk of default by transferring part of the risk to the borrower or third party. • Small loan sizes – By making many small loans, the microfinance institution reduces its credit and liquidity risk exposure by diversifying its loan portfolio. • Varied loan terms – By disbursing loans regularly or by issuing loans with different term lengths, the MFI reduces its liquidity risk exposure by having loans mature and renew frequently. • Limits on loan size increases – Microfinance institutions reduce credit risk by increasing loan sizes in strict increments to ensure that clients can manage gradually larger loan sizes. In addition, MFIs manage risk by basing loan sizes on clients’ demonstrated capacity to repay. 4 Excerpted from Campion, Anita. 2000. Improving Internal Control: A Practical Guide for Microfinance Institutions. Technical Guide No. 1, MFN/GTZ International.
  • 32. • Loan approval processes – Some MFIs require a credit committee to approve larger loans, which reduces the chance of poor loan decisions being made (operational or fraud risk) and increases the control for loans that pose a greater financial risk to the institution (credit risk). • Center collections – Some microfinance institutions transfer the risk associated with handling cash to clients by making clients responsible for collecting loan payments and depositing them at a formal financial institution. This simultaneously reduces operational and fraud risk. 2.3.2 Conducive Environment Consciously or not, management sets the tone for employees’ and clients’ tolerance and attitude toward risk. Management can create an effective control environment by communicating the MFI’s commitment to risk management through both words and actions. In a small microfinance institution, the example set by the managing director is perhaps the strongest form of communication. As the MFI grows, veteran employees communicate the MFI’s attitude toward risk, as well as corresponding appropriate behavior, to new employees. Many employees may have negative attitudes about internal control from past experiences with internal auditors whose focus was on identifying problems and assigning blame. Management can work to overcome negative perceptions by encouraging employee participation in the internal control system, stressing the benefits of risk mitigation, and emphasizing solutions to problems rather than placing blame. Creating a supportive atmosphere or culture that has a low risk tolerance is especially important for an MFI that operates in an environment with a high tolerance for fraud. If the MFI operates in a country that condones fraud, management must work hard to distinguish the culture of the MFI from the surrounding environment. In Kenya, a country where corruption is common, K-Rep has successfully employed this approach by screening employees and clients based on character and by strictly enforcing a policy by which employees are fired not only for stealing and other fraudulent acts, but for lying as well. Table 2 presents a summary of methods MFIs use to screen employees and clients for character traits. Table 2: Employee and Client Character Screening Methods for Screening Employee’s Character: Methods for Screening Client’s Character: • Conduct personality and psychological tests that assess the potential employee’s character • Check past employment and personal references, for example: – ask former employers whether they would hire the person again – ask personal contacts whether they would entrust their money with this person • Interview and ask employees questions to understand their ethics • Hire for a trial period to review employee’s character and behavior • Check personal and community references to assess the potential client’s reputation • Use peer groups in which clients select other group members who they believe are honest and reliable individuals • Maintain and check blacklist of past poor performers to avoid repeat lending to bad clients • Interview client to understand his or her motivation for borrowing money • Check client history with suppliers or with credit bureau, if available
  • 33. 2.3.3 Transparency Transparent operations facilitate effective risk management. Operations are transparent when information is clearly and accurately reported and readily available for all who need it to make decisions or to assess institutional performance. If an MFI’s operations are transparent, then staff and management can quickly and easily identify and control risks before they pose a significant threat to the institution. The following elements tend to increase the transparency of operations in a microfinance institution: To uncover hidden control issues, some MFIs rotate staff or use support staff to fill in for employees during vacation or sick leave. Rotating loan production staff to other branches can help to uncover employee errors and fraud identified by the employee’s replacement, or if management notices a pattern linked to the employee’s accounts. However, few microfinance institutions like to rotate field staff because they value the close relationship established between field officers and clients. As an alternative, ASA uses support staff to cover for employees on vacation and sick leave. ASA’s unit managers act as field officers when one of their field staff is out on leave. An effective management information system (MIS) is one that focuses on a few key indicators for each level of responsibility and produces accurate, timely and relevant information. Additionally, the MIS can incorporate early warning flags for management. For example, Mibanco branch managers receive daily reports on delinquent accounts per loan officer ranked by number of days delinquent. An aging report such as this allows the branch manager to monitor more closely the work of those loan officers whose portfolios are experiencing increasing delinquencies. Refer to CGAP’s Handbook for Management Information Systems for Microfinance Institutions for more information on good reporting.5 In general, microfinance institutions should follow standard accounting practices and make efforts to clarify non-standard practices. BRI uses a cash-based accounting system, which records income and expenses only when cash changes hands, because it considers it more transparent than the traditional accrual-based accounting. Accrual accounting records transactions when they come due as opposed to when the cash actually changes hands. MFIs that use the accrual method should be careful to record accrued interest in conjunction with delinquency to avoid reporting unrealistic income. Whether an MFI uses a cash or accrual system, or a hybrid of the two, the key is to ensure that the accounting method used is transparent and consistent. 2.3.4 Simplicity Microfinance institutions can reduce the chance for fraud and errors in operations if procedures are simple, clear and well communicated to employees and clients. To increase transparency and to reduce the need for sophisticated staff or advanced training, ASA has simple products and maintains simple procedures and systems for its operational staff. For example, ASA provides its units with interest rate sheets so field officers do not have to know how to calculate interest payments. In addition, ASA offers only standardized loan sizes and interest rates, so for each loan size the field officer simply identifies the appropriate interest payment and adds it to the loan principal to calculate the amount due. Since loan payments are constant, recording is simplified. At the end of each day, field officers only have to record the loan payments that were not made on time. MFIs should weigh the benefits of using simple procedures against the potential loss of flexibility and reduced customer satisfaction. 5 Waterfield and Ramsing, February 1998.
  • 34. As in traditional financial institutions, MFIs should develop and maintain operations manuals that detail the steps required for each transaction, explain how to handle exceptions and delineate lines of authority. Operations manuals can reduce confusion and conflict at the branch level by ensuring standard application of policies and procedures. To be effective, the operations manual should be clearly written, regularly updated and accessible to all employees. 2.3.5 Accountability Microfinance institutions enhance their risk management by ensuring employee accountability at all levels of authority. Several MFIs operate their units or branches as cost or profit centers to emphasize accountability at the operational level. Branches that operate as cost centers, such as those of ABA, have authority to make decisions on how the branch spends its budgeted allowance. Profit centers, such as the BRI units, have authority to make decisions on how they allocate revenues as well as expenses. BRI units catch 90 percent of all errors by simply requiring tellers and units to balance their transactions with account entries at the end of each day. By reconciling information in the portfolio management system with information in the accounting system MFIs can significantly reduce the risk of financial loss by closing the window of opportunity for employees to commit fraud. Other means of increasing employee accountability include: Upon hiring, MFIs should give all employees a clearly written job description. Employee job descriptions should indicate where employee authority begins and ends. Managers can refer to job descriptions to assess and discuss employee performance, which reinforces individual accountability. Microfinance institutions can increase an employee’s commitment to the goals of the microfinance institution by linking employee pay to performance. While some MFIs like to use team-based incentives to encourage team spirit, the use of individual incentives more strongly communicates the need for individual accountability. 2.3.6 Security Another important element of risk management is to protect physical assets from harm. The following security measures are common in microfinance institutions: Most microfinance institutions that store cash in the branch or unit office safeguard it by storing it in a safe or strong box. In Mali, Kafo Jiginew builds a safe directly into the branch office building so that thieves cannot steal the branch’s money by confiscating the entire safe. Like many institutions, BRI has a two-key system whereby the unit manager and one other unit employee each hold one of the two keys required to open the safe. Security measures should match the risk. For example, all BRI units have locks on doors and windows, security alarms and a night guard; but units that are located in cities where crime is prevalent, also have bars covering the windows. All microfinance institutions should have some system whereby branch information is protected from destruction or loss. MFIs that maintain a computerized database should create daily back-up files and store them off premises. MFIs can protect non-computerized information systems by storing duplicate copies in another location. ASA learned this lesson the hard way. One ASA unit lost all its records when the unit caught on fire. The field officers had to collect all the client passbooks to recreate the accounts. To protect from unanticipated loss, such as from fire or theft, microfinance institutions can take out insurance policies or can self-insure by making regular deposits into a reserve
  • 35. account that the MFI can use in case of emergency. In this way, the MFI protects itself from large unforeseen expenses by redistributing the cost of this protection over a longer period of time. MFIs that operate in environments that are prone to natural disaster, such as flooding in Bangladesh, should have some type of plan to protect themselves and their clients against excessive loss in any one year of operation. In response to the floods of 1998, ASA issued new loans to some clients and allowed others to withdraw their savings. This response facilitated ASA’s clients’ return to normal operations.6 In addition, ASA has a program in which its clients make weekly life insurance payments based on 0.30 percent of the loan.7 In the event of death, the insurance relieves the client’s family of the responsibility for repaying the remaining loan balance. 6 For more information on reducing risks related to natural disasters, refer to Microfinance in the Wake of Natural Disaster: Opportunities and Challenges by Geetha Nagarajan, April 1998. 7 ASA requires all borrowers of loans greater than 9,000 taka ($180) to purchase this insurance, which entitles the beneficiary to an amount equal to the initial loan amount. ASA insures loans under 9,000 taka at no additional cost.
  • 36. Compartamos: Building Institutional Culture around a Code of Ethics STAFF RECRUITMENT AND TRAINING EMPHASIZE VALUES AND ETHICS www.smartcampaign.org Ethical staff behavior begins at the top of an institution, with a commitment from senior management. When this commitment is successfully integrated in the institution’s strategy and systems, it permeates the institution. How the institu- tion treats its staff and builds its culture directly affects how the staff live the insti- tution’s values and treat their clients. Compartamos Banco derives its Code of Ethics from a set of six core values. The Person is the central value, and the institu- tion’s commitment to improving the lives of people is supported by Responsibility, Pas- sion, , Teamwork, and Service. Shortly after establishing a code of eth- ics, Compartamos created a department to review, monitor, and institutionalize the code throughout the institution. As a result, the bank’s emphasis on ethical behavior is evident throughout the institution. NUMBER 2 | MARCH 2010 Putting the Principles into Practice The six core values at Compartamos.
  • 37. KEEPING THE ETHICAL CULTURE ALIVE www.smartcampaign.org
  • 38. TO PROMOTE ETHICAL BEHAVIOR, TREAT STAFF RIGHT www.smartcampaign.org BUILDING AN ETHICAL CULTURE AT COMPARTAMOS BANCO Staff recruitment procedures are aligned1. with the institutional philosophy. The “values tested during the hiring process. Staff induction training explains the code2. of ethics and the institution’s values. It uses examples from staff experience and role- playing to model appropriate responses, en- hancing the link between ethics and practice. All new staff members commit to honor3. the Code by signing a letter of agreement and undergoing mandatory annual recerti- Internal communications regularly address4. the Code of Ethics and the institution’s values, emphasizing how these help achieve the institution’s mission. Staff manuals set clear expectations of5. ethical performance, reporting policies, and sanctions for violations. 6. examples. An ethics committee has authority to su-7. pervise, enforce, and provide solutions to all complaints related to ethics. Performance evaluations take ethics into8. account for bonuses, incentives, and other performance-based compensation. 9. with management held accountable to the Code and the board required to approve revisions every year. The basics of…
  • 39. MONITORING AND ENFORCING THE CODE STRONG VALUES CREATE INSTITUTIONAL BENEFITS For additional information contact Claudia Brena, at cbrena@compartamos.com. By: Cara Forster With special thanks to Alexandra Annes da Silva and Nick Wolf for their invaluable assistance. www.smartcampaign.org
  • 40. Ethical Staff Behavior at Alalay Sa Kaunlaran, Inc. (ASKI): AN INTERVIEW WITH MARY JANE MACAPAGAL, RESEARCH AND TRAINING DIRECTOR Smart Campaign (SC): Thank you for taking the time to share ASKI’s experience with us. How does ASKI define “ethical staff behavior?” Mary Jane Macapagal (MM): It is behavior that en- sures that clients are always treated fairly and with respect, so that they receive the best services possi- ble. It is very important to uphold the right organiza- tional values, attitude, and standard of service so that the customer knows that they are truly valued by the organization. SC: How does ASKI promote a culture of ethical staff behavior? MM: In addition to our operational policies and pro- cedures, we have a Code of Conduct and Discipline, which explains what ASKI expects of each staff mem- ber. The code outlines the “dos” and “don’ts,” of staff behavior—as well as the consequences of violating the code. For example, a loan officer is suspended for three days upon his third offense related to discourte- ous behavior toward a client. All new staff members are trained on the code during their orientation. The training includes case studies to illustrate “real life” applications of the code. Af- ter staff and managers are trained, they must pass an exam that indicates their understanding of the code and its implications for their work. Additionally, in ASKI’s performance reviews, staff are evaluated on their “soft skills,” which includes ethical behavior. SC: What is included in the Code of Conduct and Discipline? www.smartcampaign.org resources and few - and maintain- - a Code of Conduct. Management and staff - - - - NUMBER 2 | Putting the Principles into Practice
  • 41. MM: The main focus is staff relations with cus- tomers. It outlines our core values like God- centeredness, integrity, stewardship, excellence, and commitment to serving the needy. It stresses ASKI’s expectation for client treatment—espe- cially the importance of maintaining high job performance, such as a quality portfolio, while also observing the highest standards of customer service. The code also covers practical matters such as being on time, maintaining client confi- dentiality, and avoiding conflicts of interest, such as receiving gifts from clients. SC: Who developed ASKI’s Code of Conduct and Discipline? MM: First, a Human Resources committee com- posed of senior managers and representatives from the Board of Directors developed a draft code. This initial draft reflected client feedback that ASKI had already collected using our cus- tomer complaint system. A draft of the document was then presented at our annual retreat. During a workshop breakout session, staff were able to review the code, comment on it, and ask any clar- ifying questions. For example, one question they asked was whether or not checking client credit history violated the principle of confidentiality. They also asked for specifics on how code viola- tions would be punished. After receiving staff feedback, the committee re- vised and finalized the code. ASKI also decided to review the code every five years, as we want it to reflect our ongoing learning about ethics and customer service. Our next review is scheduled for July 2011. SC: How do you monitor the implementation of the Code among staff? MM: We do this in several important ways: 1. Our internal audit team regularly checks staff compliance with anti-corruption policies and procedures as part of regular internal audits. www.smartcampaign.org
  • 42. Aside from reviewing a client’s credit documents (official receipts, collection report, loan repay- ment schedules, etc.), internal auditors interview clients, and use a process map and compliance checklist to ensure that correct processes have been followed. 2. ASKI informs employees on the proper pro- cedure to report any workplace ethics violations that they observe or hear about. 3. In 2010, ASKI started conducting client satis- faction surveys through a research team. During these interviews, the team asks clients if they receive respectful and ethical treatment from ASKI loan staff. This report is given to branch and senior management who use it to check staff service performance and improve on any weak- nesses. 4. To complement this feedback mechanism, we have a system called Komento mo…I-TEXT MO! (“Send us your comments by TEXT!”). This is another feedback system for clients to communi- cate with ASKI. We provide clients with a phone number, and they use it to send us text messages that include questions and complaints. Clients know that this is a confidential way for them to complain about employee behavior. Likewise, employees know that all clients are empowered to comment on staff behavior at any moment. Furthermore, with this system, ASKI can get immediate feedback and respond to problems within two weeks. In addition to providing bet- ter service to clients, the text system helps us to identify problems, enforce the Code of Conduct and Discipline and ensure that our employees keep their behavior in mind during all interac- tions with clients. SC: What happens when a staff member is suspected of violating the Code of Ethics? MM: When a violation on the Code of Ethics is suspected/identified through a report from co- workers, clients, supervisors, or internal audi- tors, we follow a set procedure. We call the pro- cess the ASKI Values Protocol. The case is documented by the immediate supervisor or auditor This documentation is presented to the employee’s manager for review, if appro- priate. If it is not appropriate to involve the immediate supervisor, the case is reviewed at a higher level, to ensure an objective assessment. The Internal Audit Team conducts and documents an initial investigation, and presents the findings to an Ethics Commit- tee, which is led by the Human Resources department. The Ethics Committee reviews the case and selects an appropriate sanction using the Code of Conduct and Discipline Man- ual as reference. Sanctions depend on the gravity of the offense. Senior management follows-up on the case to make sure appropriate steps were taken to resolve the issue. The outcomes are documented by the immediate supervisor (unless implicated, this is the Branch Manager) and presented to the Ethics Committee. If they are satis- fied with the outcomes, they declare the case closed. www.smartcampaign.org
  • 43. SC: How are staff rewarded and punished? MM: A staff member who receives any disci- plinary action is ineligible for promotion for one year. Of course, more serious offenses may result in employee probation or termination. On the other hand, positive feedback is reflected in the employee’s performance evaluation. The regu- lar staff performance appraisal report includes an item relating to staff policy compliance. ASKI also recognizes outstanding staff members and uses compliance on Code of Ethics policies as in- dicator for this award. SC: This sounds like a lot of work—is it worth it? MM: It is worth it, because it benefits our em- ployeesandclients.First,staffwanttoknowwhat is expected of them; since they understand what ethical standards they are expected to uphold, they are more composed and productive. Sec- ondly, our clients get better service. A third-party evaluation conducted last year showed that one of the top reasons our customers choose ASKI over competitors is that our staff treats them well and fairly. www.smartcampaign.org
  • 44. - 1 - RM4-H1 Job Description: Chief Internal Auditor Immediate Supervisor: Board of Directors / Audit Committee / Supervisory Committee / Chief Executive Officer Primary Responsibilities: The internal auditor is in charge of auditing XXXX’s management operations to ensure:  protected and backed-up assets;  high management data quality;  better performance. The internal auditor is not expected to have a working knowledge of everything, but to have an understanding of XXXX’s corporate activities, practices, policies, and procedures. In this capacity, he: 1. Works with the CEO and heads of department to prepare the draft budget and draw up budget plans; 2. Audits the budget: • performing periodic reconciliations of budget estimates and real outcomes provided by accounts; • verifying conformity with budget headings; • verifying compliance with supply and inventory management procedures; 3. Audits accounting operations: • auditing correctness of bookkeeping; • analyzing business days to identify in real time any inconsistencies or irregularities in the accounts; • performing reconciliations of statements for banks, Central Funds, etc.; • analyzing balance between loan and deposit accounts; • performing periodic reconciliations of bookkeeping data with that of the other departments (credit and collection, legal/claims, cash office), confirming balances by consulting member and third-party savings accounts; • performing year-end audits: inventory counts, estimating reserves, amortization accounting, etc.; • helping to prepare periodic financial statements and auditing them;
  • 45. - 2 - 4. Audits cash operations: • clearing up cash errors; • validating supporting documents for posting cash errors; • helping to audit cash holdings; • auditing official account statements before CEO signature; • auditing account closing procedures. 5. Audits credit, collection and legal/claims operations: • analyzing credit reports to verify compliance with credit policy, especially on indebtedness; • auditing service quality and procedures by visiting a sampling of clients; • monitoring the efficiency of collection procedures and verifying their compliance with MFI ethical code; • assisting the legal/claims department to draft and implement strategies for collecting loans under litigation; • auditing bailiff collection procedures; • conducting periodic debtor circularization procedures; • conducting periodic borrower circularization procedures. 6. Audits client redress procedures: • analyzing complaint reports to verify compliance with redress policy. 7. Audits XXXX’s overall operations: • identifying any bottlenecks in the circulation of management information within departments and proposing solutions where necessary; • identifying any incompatibilities in the way responsibilities are attributed, which could be a potential source of misconduct; • monitoring compliance with regulations (and with network criteria, if there is one) with respect to personnel hiring, benefits accounting, and overall personnel management; • auditing XXXX’s archive management. As one of the CEO’s key collaborators, the Internal Auditor produces a monthly report of his auditing activities. He is responsible for contacting all officers/agents, assessing each one’s performance, looking into any problems or lapses, and helping to find solutions, in a friendly, mutually understanding ambience. His mission is not at all coercive, but rather to help staff improve performance at all levels. The Internal Auditor must also provide assistance to the Board of Supervisors during their work at XXXX.
  • 46. - 3 - RM4-H2 Segregation of duties This minimizes the probability that a single person winds up in a position to commit and then conceal errors or wrongdoing in the normal course of his duties. This works by assigning to different people the responsibility to authorize and record transactions and protect the assets on deposit. A person in a position to commit errors or wrongdoing should not be able to conceal the fact, and monitoring procedures to guard against any such eventuality (see Cook, p. 250) must be worked out. Duties must be distributed suitably if one is to monitor effectively. It can be difficult in small organizations to set up such a system due to lack of personnel. However, being aware of the necessary segregation of duties can help to think up routines to improve monitoring, even in very small systems (according to Cook, p. 250).
  • 47. - 4 - Microfinance Bank Approval Date December, 2009 EXAMPLE OF INDIVIDUAL LENDING POLICIES AND PROCEDURES MANUAL RM4-H3
  • 48. - 5 - Type of product 1. Loan Size Rs 8000 minimum to Rs. 50000 Maximum Eligibility criteria by type of client, guarantor and Collateral For new clients:  Should be owner of the business  Age between 25 to 60 years  Living in the city limits  Should have at least one ID Proof and one address proof (residence /business). 2. Guarantor A person who undertakes to pay the loan if the client fails to make the payment. All the new clients will need to provide a guarantor.  S/he has to be 18 years and above.  Should have own house  Should have ID proof and residence proof. Copies of same should be submitted.  Separate income and residence from client.  Should be employed or own a business (in fixed location).  Should be from the same city.  Should be credit worthy. 3. Collateral: Household Assets like TV, Radio etc. 4. Following types of businesses are eligible for IL loans. 1) Shops or stores 2) Self employed professionals 3) Home based businesses. 4.1 Common eligibility criteria for all types of businesses are:  Should be operating in the area of operation of the MicroBank  Should be in existence for 2 years.  The business should be operational during evaluation  Business should be legally registered. 4.2 For self employed professionals  Self employed professionals  Should own a business/company or running an established practice for minimum one year.
  • 49. - 6 - 4.3 Home based businesses  Should have own house/family owned house  Assets of business visible. 5. Documentation The following documents will have to be verified with the client.  ID proof , residence proof and business proof.  Ownership proof - (The client will be required to provide a photocopy of these documents.) - These documents will have to be provided by the Guarantor too. 5.1 Acceptable List of Photo ID Documents : The Photo ID document will have to like a voter ID, PAN Card, Bank Passbook, Ration Card or any Government recognized photo ID. 5.2 Acceptable Residence Proof : Ration Card, Electricity Bill, House tax receipt, Telephone Bill 5.3 Business Address Proof : Sales tax, Trade license. 6. Loan Term : Loan cycle : 6 to 12 mths 7. Frequency of Repayment Repayment will be done on weekly basis. 8. Prepayment Prepayment of loans will be allowed any time. A loan can he pre closed only after a minimum period of 5 moths. If pre closed before 5 months, the client s will be liable to pay twice the interest amount for 3 months. 9. Interest Rate Interest Rate 24% declining Processing fees 3% of loan Stamp Duty and Legal Fees 0.1% of loan amount Collection Fees 11 s per month
  • 50. - 7 - 10. Loan Application Business Activity Section Evaluation (Selected Guidelines)  Estimated Business Assets : Estimated amount of the business’s total value, including cash, collectibles, inventory and fixed assets.  Estimated monthly sales : Estimated amount of income from business sales every month. If sales are generated on a daily basis this amount should be multiplies by the number of days the business is open within a month.  Who looks after your business if you are sick?  Loan payment : how often can you afford to pay? How frequently can the applicant pay his /her repayment weekly, biweekly or monthly?  Household and business assets : Include both households and business assets such as appliances, inventory and other chattel items.  Name at least one creditor /supplier that you have borrowed from in the past and have currently outstanding.  It is important to cross reference the loan amount requested and the amount affordable per month with monthly income to see if both are reasonable and realistic. This section is part of loan structuring and cash flow analysis.  Through the loan application form the loan offer obtains more exhaustive information about the business and checks if the applicant is consistent in his /her responses.  The loan officer is responsible for conducting a through analysis and for preparing the client file. Once the loan application is evaluated by the loan officer he also conducts a meeting with References provided by the client.  The LO needs to ensure that the information provided by the client reference is kept strictly confidential.  Inform the respondent that the client is applying for a loan at the MFI and the purpose of this conversation is to verify the clients ‘ willingness and capability to repay the loan.  The LO needs to ask questions like how long the client has been staying in the community and who are the members of the clients’ household and what are the occupations of each of the household members and their sources of incomes.  The LO can also ask about the general business conditions of the client. 11. Approval Process Loan Officer and Manager  Once the loan officer has completed the loan application he submits the client file to his manager.  The Manager reviews the loan application and checks if : all forms are complete, financial computations, cash flow and repayment capacity, loan size and business capacity and project, type of project, completion of all forms.  In case the manager finds that some of the forms are missing he asks the loan officer to complete them.  The manager is required to discuss the client with the LO, review documents and ask probing questions.
  • 51. - 8 -  If the Manager finds that the loan application is complete and ready for the credit committee, the manager submits the loan file for the credit committee.  If the LO and the Manager find that the applicant is not credit worthy the request is denied and a written decline letter with specific reason is sent to the client. A copy of this letter has to be filed in the client file.  Determining Business Liabilities and Net worth : Includes credit from suppliers, loan payables amount owned by the applicant in relation to the business these include short term and long term loans, other payables –any other amount owned by the applicant and other liabilities such as taxes, insurance, health premiums, small lay way items etc  Total Equity: Equity and accumulated profits generated by the applicant and the difference between assets and liabilities. 12. Credit Committee The Credit Committee meets on an “as needed” basis, according to the quantity of loans Produced (weekly, biweekly, or daily) to ensure efficiency and a fast response to clients. The Committee should be scheduled in advance, in order to allow members to plan their week. - The credit committee will comprise of the Loan Officer, Branch Manager and the Regional Manager. - Loan approval decisions are taken at the credit committee. - A through review of all loan applications has to be undertaken at the credit committee. - Loan application review can be undertaken by several managers who sit and discuss loans and have authorization to approve loans up to Rs 30000. - In case loan size exceeds Rs.30000 the loan application will need to be approved by the COO. 13. Recovery • Recoveries will be done on a weekly basis at the door step of clients. • LOs will be responsible for making colleting repayments from borrowers. • The LOs will only be the authorized person to collect repayments. • The LOs will have to carry a daily collection list that lists all repayments due for the day. • In case of delinquent clients a branch manager may also collect cash repayments from clients. • A copy of the cash receipt has to be giving to the clients. 14. Past Dues 1 In all recovery situations the first step should be the classification of clients based on analysis of client’s non payment, client’s attitude and payment habits and behavior.
  • 52. - 9 - 2 While making recovery visits the staff needs to keep in mind the following elements. - Total number of days late. - Total amount overdue. - Clients attitude during the visits - Reason for defaulting. - Credit history of clients - Type of business - Family circumstances Process for handling recoveries 1. In every visit the staff must obtain a date for payment of overdues. 2. In event the borrower fails to pay as per the previous promise the staff must set the date of subsequent visit /collection. 3. The staff must set the tone during negotiation and must not leave the borrower without concrete commitment from the borrower as to the repayment of loan. 4. The staff must explain to the borrower the advantages of immediate payment of missed repayments like repeat loans, avoidance of penalty but make the borrower feel that the organization is concerned with his /her well being. 5. Also the borrower has to be reminded of his / her obligation and responsibility. 6. The client in all possibility will ask for some time, but the LO must insist on payment for the next day itself. 7. In case the LO is not able to make the collections by the third day the loan officer along with the branch manager will need to visit the client and his family members. 8. Contact the wife and appeal to her as women are generally found to be more responsible. Approach senior influential member of the family like father, elder brother and try to convince them. 9. Approach the guarantor on day 3 : The guarantor must be requested to convince the borrower to pay the over dues. 10. Explore the possibility by speaking to persons given by the borrowers as references. 11. Approach any influential person in the community of the borrower to influence the borrower to repay. 12. In case the overdue cannot be collected the Microbank will need to give a legal notice if the loan is delinquent for more than 30 days. 13. 30 days of notice has to provided to the client for final payment.
  • 53. - 10 - VERSION: 01 PAGES: 36 MICROBANK Name of Manual: STAFF MANUAL PREPARED BY: APPROVAL DATE June, 2008
  • 54. - 11 - ABOUT HR MANUAL While the Staff Handbook consists of the basic guidelines on various matters pertaining to staff and is shared with all staff, the HR Manual is a codification of various policies on HR subjects such as recruitment, compensation, training etc. formulated by from time to time.
  • 55. - 12 - TABLE OF CONTENTS CHAPTER 1-Recruitment and Selection.........................................................................................4 1.1 Objective.............................................................................................................................5 1.2 Recruitment Procedures......................................................................................................5 1.3 Job Description...................................................................................................................5 CHAPTER 2- Grade Structure…………………………………………………………………….6 CHAPTER 3-Pay Scale and Staffing................................................................................................8 3.1 Compensation.....................................................................................................................9 3.2 Incentive Structure.............................................................................................................9 CHAPTER 4- Benefits……………………………………………………………………………...11 4.1 Staff Loan Policy………………………………………………………………………….12 CHAPTER 5- Training and Development........................................................................................15 5.1 External Training Program..................................................................................................16 CHAPTER 6- Employee Performance Management......................................................................17 6.1 Performance Appraisal........................................................................................................18 Annexure........................................................................................................... ...................... ..........19 Annexure-I.................................................................................................................... ..........20 Annexure-II.................................................................................................................. ..........21 Annexure-III................................................................................................................ ...........22 Annexure-IV................................................................................................................ ...........27 Annexure-V................................................................................................................... .........28 Annexure-VI…………………………………………………………………………………31 Annexure-VII………………………………………………………………………………...32
  • 56. - 13 - RRREEECCCRRRUUUIIITTTMMMEEENNNTTT AAANNNDDD SSSEEELLLEEECCCTTTIIIOOONNN POLICY NO. /HRD/01 Effective Date 01/06/2008 POLICY NO. Recruitment and Selection Review Date ...../...../......... ISSUED BY. Human Resource Department MicroBank Version 1.1 1.1 OBJECTIVE Recruitment and Selection aim to search and hire suitable candidate to fill vacancies in MicroBank with the view to satisfying human resources needs. The search may be internal and/or external. 1.2 RECRUITMENT PROCEDURE a) The HR Manager shall receive all applications for employment from the concerned department head. All applications for employment shall be addressed to the HR Manager-Recruitment. b) The HR Manager shall sort all applications that meet the minimum appointment requirement as advertised, and then forward these applications to the Department Manager concerned, together with a full list of all applications received. c) The Head of the department, in consultation with the HR Manager-Recruitment, shall draw up the shortlist of candidates for interviewing. d) The HR Manager- Recruitment shall invite the short listed candidates for interviews, and will ultimately make a recommendation to the director for appointment. e) The HR Administration Assistant shall verify the references given by the shortlisted candidates. After the verification the employment offer in consultation with the relevant Head of the Department will be sent to the selected candidate which upon acceptance, shall be followed by an appointment letter signed by the Managing Director/COO and the HR Manager- Recruitment. 1.3 JOB DESCRIPTIONS The HOD of the department to which an employee is assigned will explain the job responsibilities and performance standard expected by an individual employee. The job responsibilities can be changed at any time during the time of the employment. From time to time the employee can be asked to work on the various projects, to assist with other work necessary, or important to operation of the concerned department or the organization. The organization has the rights to change the right, at any time, with or without notice, to alter or change jobs responsibilities, reassign or transfer job position, or assign
  • 57. - 14 - additional job responsibilities. For various job descriptions in MicroBank, see Job Description Manual. For external and internal recruitment details please refer to Annexure-IV
  • 58. - 15 - GGGRRRAAADDDEEE SSSTTTRRRUUUCCCTTTUUURRREEE 2.1 MANAGEMENT GRADE STRUCTURE MICROBANK-MANAGEMENT GRADES Management Level Grades of employees Band Designations Years of experience Top Management A Managing Director 15+ B Exec Director 15+ C COO 15+CFO Head of Legal and Compliance Senior Management D Band 1-2-3 General Manager 10 to 15 E Band 1-2-3 Chief Manager 8 to 12 Middle Management F Band 1-2-3 Senior Manager Company Secretary Regional Manager G Band 1-2-3 Branch Manager ( large Branch with IL/Senior Manager, GL or multi Branch- 3 or more outlets) 3 to 6 Manager Asst Company Secretary Junior Management H Band 1-2-3 Asst Manager/Branch Manager >1to 3Deputy Manager I Management Trainees 0 to 1 Short Term Management Associates No Grade Category Professional Consultants/Advisors
  • 59. - 16 - PPPAAAYYYSSSCCCAAALLLEEE AAANNNDDD SSSTTTAAAFFFFFFIIINNNGGG POLICY NO. /HRD/03 Effective Date 01/06/2008 POLICY NAME. Compensation Review Date ...../...../......... ISSUED BY. Human Resource Department MicroBank Version 1.1 2.1 COMPENSATION MICROBANK believes in paying fair wages to all its employees. Our compensation practices will always be in line with the prevailing tax laws and legal compliance. 2.2 INCENTIVE STRUCTURE Incentives (variable salary component) are paid to all field staff for their performance in their area of work. Field staff is incentivized to spur them to reach their targets. The field staff refers to Field Officer (Loans), Recovery Officer and Collection Assistant. Variable pay is also given to other non-field staff based on the incentive earned by the relative field staff. This includes administrative staff at the branches as well as branch managers. The incentives currently being paid is as follows. 1. LOAN OFFICERS: The Loan officers are paid incentives on a monthly basis based on the following performance parameters- • Number of clients • Outstanding loan amount • Portfolio at risk. For each new client mobilized there is a base incentive. There is also a bonus incentive, which is payable on the LO crossing a milestone such as 100 clients. The incentive is adjusted for PAR. 2. RECOVERY OFFICERS: The recovery officers, who are responsible for recoveries on loan accounts, which are overdue beyond a specified period, are eligible for incentive at a certain percentage of the amount they recover on such loans. Normally, ROs are eligible for higher incentives on recoveries in written- off loans. Payment is made monthly. 3. COLLECTION ASSISTANTS: Collection Assistants are eligible for incentives at a certain percentage of the amount they collect.
  • 60. - 17 - 4. BRANCH MANAGER AND BRANCH BACK OFFICE: The incentive for the branch back office is directly linked to the loan officers’ incentives. A certain percentage of this amount is shared equally between the administrative (back-office) staff and the BM i.e. half of the amount so calculated is given to the BM and the other half is shared equally amongst the all the administrative staff. The BM and the administrative staff at the branch are paid incentives monthly. For incentive calculation sheet please refer to Annexure-V
  • 61. - 18 - EEEMMMPPPLLLOOOYYYEEEEEE PPPEEERRRFFFOOORRRMMMAAANNNCCCEEE MMMAAANNNAAAGGGMMMEEENNNTTT POLICY NO. /HRD/05 Effective Date 01/06/2008 POLICY NO. Employee Performance Management Review Date ...../...../......... ISSUED BY. Human Resource Department MicroBank 5.1 All staff in different grades of the organisation will be reviewed on the annual basis. The annual appraisal is based broadly on the following parameters, which are subject to variation:  Adherence to process  Job knowledge  Communication, interpersonal skills and presentability  Ability to handle high volumes and stress.  Initiative  Customer service  Attention to detail  Ability to take decisions and accept responsibility  Ability to give guidance and leadership Appraisal will be done on the marking system and, later final rating will be done which is subject to change. This appraisal will be done by the reporting officer, which will be further reviewed by the immediate senior of the reporting officer. In exceptional cases the appraisal will be done by the senior management also. Annual appraisals will be conducted as on March 31st in the month of April. For the explanation of the parameter please see Annexure- III
  • 62. - 19 - AAANNNNNNEEEXXXUUURRREEESSS ANNEXURE-III
  • 63. - 20 - PERFORMANCE APPRAISALEXPLANATION PERFORMANCE APPRAISAL Form 2 – QUALITATIVE PARAMETRES EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 1 Job Knowledge EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Lack of knowledge of products and processes EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 2 Adherence to process EXCELLENT VERY GOOD GOOD Adheres to the process at all times and refers all deviations to the senior. AVERAGE UNSATISFACTORY Does not adheres to the process on a number of occasions. Job knowledge means basically, knowledge about the products and processes of Swadhaar, with which the employee is concerned. Such knowledge is revealed in the type of errors made by the employee in filling up forms, the number of times an employee seeks clarifications from the senior on the same issue and the manner in which s/he answers questions at meetings, training sessions. We should also provide for the shyness factor; some employees may not express themselves well in public. The Reporting Authority should be alert to such possibilities. In addition to complete knowledge about the products and processes dealt with including the rationale, also takes interest in other products/processes e.g. an LO takes interest in matters relating to savings accounts. Complete knowledge about the products and processes dealt with including the rationale. Fair or reasonable knowledge of all products, processes though not always understanding the rationale. Fair or reasonable knowledge of most of the products, processes with very limited understanding of the rationale. Process refers to the rules laid down for every aspect of work and at all stages. Examples are the rules relating to individual eligibility criteria, group formation, the group recognition exercise, the proofs of identity and address and other particulars in the loan appraisal format. Swadhaar expects strict adherence to the rules and does not permit any deviation. Further, Swadhaar expects an intelligent understanding of the process, the rationale for both the process and for strict adherence and the practice of referring occasions for deviation to the senior without in any way deviating from the process. Adheres to laid-down processes at all times and refers all deviations to the senior. Besides this, the employee also understands the rationale for the rules. Also applies her/his mind to the deviations and makes meaningful comments. Adheres to laid-down processes at all times and refers all deviations to the senior. Besides this, the employee also understands the rationale for the rules. Adheres to the process most of the time but deviations are observed and are not referred to the senior.
  • 64. - 21 - EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 3 Communication, Interpersonal Skills, Presentability EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Does not enjoy friendly relations with others. EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 4 Ability to handle high volumes, stress EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Is easily upset and becomes tense under pressure. Relationships are all important in a service organisation – within the Company and with the customers. Swadhaar would like to see in its employees, a generally friendly approach to others without sacrificing the objectives of the Company e.g. one needs to be friendly with customers but when recovering an installment, firmness is also required in conveying the message of the Company. At the same time, one must not quarrel and the line of communication with the customer must be kept open. A clear firm expression that is friendly and does not cause offence is the ideal to look for and to encourage. Under this head, the employee's ability to communicate, to maintain and nurture relationships, work with others in a cooperative spirit and to accept difficult interpersonal situations are included. The Reporting Authority must be on the look-out for all these. Communication and interpersonal skill are required for all our staff, but addition to that the management staff needs to be presentable to our stakeholders. They are our Ambassador who will be representing the organisation in the outside forum. Very friendly, helpful and tactful in all relationships and helpful to others. Expresses clearly and firmly without causing offence. Has a persuasive style and is also able to lead and influence others. Very friendly, helpful and tactful in all relationships. Expresses clearly and firmly without causing offence. Has a persuasive style. Friendly and helpful in all relationships. Expresses clearly without causing offence. Generally friendly and helpful. A few instances of difficulties in relationships. Shy of expressing clearly/firmly. In any job, there will be variations in the routine. On some days the volume of transactions will be very high. This may be due to the festival season, salary time or absence of colleagues. There are also situations which impose stress on the employee e.g. A customer may be rude and may not deliver on promise to pay. Employees need to develop the maturity to handle such situations without losing their cool. Reporting Authority must be alert to note the employee's behaviour at such times. Handles high volumes of work without sacrificing accuracy. Takes stress situations in stride without losing cool. Does not display emotion on such occasions. Seldom seeks help; resolves the problems arising from such situation by herself/himself. Handles high volumes of work without sacrificing accuracy. Takes stress situations in stride without losing cool. Does not display emotion on such occasions. Seeks help and consults others to resolve the problem on some occasions. Handles high volumes of work without sacrificing accuracy. Though upset by most stress situations, recovers in a short time. Seeks help and consults others to resolve the problem. Handles high volumes of work willingly but loses out on accuracy and speed. Does not stand up to all stress situations and habitually complains about such situations. Hesitates to avail help and consult others to resolve the problem.
  • 65. - 22 - EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 5 Initiative EXCELLENT VERY GOOD GOOD Good performer; understands the work and thinks of ways to improve. AVERAGE Average performer; nil initiative UNSATISFACTORY Does not perform even the assigned tasks properly. EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 6 Customer Service EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Not sufficiently friendly and prompt in attending to customers Initiative implies going beyond one's line of duty and applying one's mind to understanding the work and to come up with meaningful suggestions to improve work. It also means taking initiative in areas other than one's own work e. g. organising events etc. Good performer; understands the work and thinks of ways to improve the work. Raises questions to understand the rationale including in other areas of work. Makes meaningful suggestions. Takes interest and actively participates in organisational matters such as in hosting an event. Good performer; understands the work and thinks of ways to improve the work. Raises questions to understand the rationale including in other areas of work. Makes meaningful suggestions. In any organisation and more partiularly in a service organisation, customer service is paramount. In the case of the AAs, the service includes the entire pre-disbursement session (financial literacy and security documentation), disbursement, repayment of loan as well as enquiries. The Reporting Authority will have ample opportunity to observe the employees as it takes place in the office. RA should be on the lookout for the following: (1) whether the employee treats customers with politeness, courtesy and a warm, welcoming approach (2) time taken for the service including idle time between two activities (3) clarity in explaining matters (4) Patience with customers e.g. readiness to repeat an explanation or to answer questions. RA should also determine an employee's customer service standards by talking to customers themselves. Very polite, friendly, warm and helpful. Very clear expression. Good knowledge of the processes. Well organised and prompt. Does not keep customers waiting Helps colleagues in customer service. Responds well in crisis situation. Is a troubleshooter. Very polite, friendly, warm and helpful. Very clear expression. Good knowledge of the processes. Well organised and prompt. Does not keep customers waiting Helps colleagues in customer service. Very polite, friendly, warm and helpful. Very clear expression. Good knowledge of the processes. Well organised and prompt. Polite, friendly and helpful. Fairly clear expression. Good knowledge of the processes. Reasonably well organised and prompt.
  • 66. - 23 - SR.NO FACTORS DESCRIPTION EQUIVALENT SCORE OUT OF 10 PERCENTAGE 7 Attention to detail EXCELLENT VERY GOOD Accuracy and completeness of consistently high order. GOOD Work is accurate and complete most of the time. AVERAGE Fairly accurate, however lacks completeness. Errors of omission noticed. UNSATISFACTORY Below par in accuracy as well as completeness. EQUIVALENT SR.NO FACTORS DESCRIPTION SCORE OUT OF 10 PERCENTAGE 8 Ability to take decisions and accept responsibility EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Attention to detail means completeness and correctness in every aspect of the work on hand. It is reflected in a patient, systematic and methodical way of executing the work. Taking for example, the pre- disbursement session, in a security document, all blanks should be filled in before signature. Signature of all clients in the group should be obtained. Clients should be briefed about every item as per instructions without omission. At the end of the process, there should be no occasion to suddenly discover something that needs to be done. In the matter of data entry, it should be complete and correct without any omission. Accuracy and completeness of consistently high order. Eye for detail. Does not need supervision. The Branch Manager being in overall charge with the branch needs to have all those qualities which are important for Field Officers and Administrative Assistants whom s/he supervises. In addition being in command s/he also needs some distinct characteristics. One of these is the ability to take decisions on once own. This is revealed by the number of references made to the Reporting Authority during the normal course of work on matters falling entirely within the Branch Managers powers. This is also revealed in situations where a decision taken put go wrong. In such situations a good Branch Manager owns his decisions and accepts responsibility for them. Takes prompt decision after weighing all factors. Takes full responsibility for all actions and even on matters within the powers of senior, makes definite recommendations. Takes decisions promptly, accepts responsibility for all actions and does not make preferences to the senior. Takes decisions in reasonable times but feels the need for consultations with seniors even though the matter falls within Branch Managers power. Takes decisions but only with guidance from seniors and / or juniors. Takes a long time to arrive at decisions. Does not take decisions on matters within the Branch Managers power. Does not accept responsibility unless trust upon.
  • 67. - 24 - SR.NO FACTORS DESCRIPTION EQUIVALENT SCORE OUT OF 10 PERCENTAGE 9 Ability to give guidance and leadership EXCELLENT VERY GOOD GOOD AVERAGE UNSATISFACTORY Not confident is dependent on staff. In the Swadhaar branch setup the actual work is done by the Field staff and Administrative staff. The role of the Branch Manager is to over see and to step in, in exceptional situations. In such situations the staff look to the Branch Manager for guidance. The behavior of Branch Manager in such situations will reveal his true ability in this regard. As far as leadership is concern, the Branch Manager should have the ability to develop the team spirit among his staff and must become known as an impartial person. Takes prompt decision after weighing all factors and also encourages juniors to take decisions in certain matters. Besides giving guidance in difficult situation s/he has a very good control of all branch matters and her/his leadership is accepted by all staff. In difficult situations talks to the staff concern, weighs all factors and gives directions. Is friendly and manages difficult situations because to good relations with staff but does not take charge.
  • 68. - 25 - ANNEXURE IV EXTERNAL/INTERNAL RECRUITMENT DETAILS GRADE DESIGNATION EXTERNAL/ INTERNAL RECRUITMENT QUALIFICATIONS EXPERIENCE 1 Administrative assistant External X/XII Std 2 Administrative Officer Internal X/XII Std 18 months as AA Graduate 12 months as AA 2 Collection Assistant External X/XII Std NIL 3 Field Officer Internal X/XII Std 6 months as Trainee 3 Individual Loan Officer Extern al/Internal X/XII Std 2 years of experience in finance External/Internal Graduate Fresher 3 Group Loan Officer Internal X/XII Std 6 months as probationary FO External Graduate NIL 3 Sr Administrative Officer Internal X/XII Std 2 years as AO Internal/External Graduate 1 year as Admin Officer 3 Monitor Internal X/XII Std 2 years as field officer loan Graduate 18 months as filed officer loan 4 Sr. Field Officer(Loan) Internal X/XII Std 15 months as field officer(loan) Internal Graduate 1 years as field loan officer 4 Sr. Monitor Internal X/XII Std 18 months as monitor Internal Graduate 1 year as Monitor 4 Field Executive(loan) Internal X/XII Std 12 months as Sr. field officer Internal Graduate 12 months as Sr. field officer 4 Executive Administration Officer Internal X/XII Std 12 months as Sr. admin officer Internal Graduate 12 months as Sr. admin officer 5 Executive Monitor Internal X/XII Std 2 yrs as senior monitor Internal Graduate 2 yrs as senior monitor 5 Senior Executive Administration X/XII Std 12 months as Executive AA Graduate 12 months as Executive AA 6 Senior Field Executive(Loan) X/XII Std 12 months as field executive Graduate 12 months as field executive
  • 69. - 26 - ANNEXURE-V Staff Incentives Group Loan Officers
  • 70. - 27 - COLLECTION ASSISTANTS: Collection Assistants are eligible for incentives at 1% of the amount they collect. BRANCH MANAGER AND BRANCH BACK OFFICE: The incentive for the branch back office is directly linked to the loan officers’ incentives. Total of three months loan officers’ incentive is taken as the base. 25% of this amount is shared equally between the administrative (back-office) staff and the BM i.e. 50% of that amount so calculated is given to the BM and the other half is shared equally amongst the all the administrative staff.
  • 71. - 28 - Individual Loan Officer Incentive Structure Proposal Proposed Incentive Structure Incentive per active client 16 21.04 Incentive per clie Incentive per 1000 Rs in portfolio 0.7 37.04 Incentive per fem Incentive per female client 16 Disincentive per 1000 Rs delinquent -20 The ratio commission per client/penality is the following if the average loan size for loans is: 15000 Proposed Parameters Incentive Penalty Per client Portfolio Total PAR Total Ratio 16 10.5 26.5 -300 -300 -11.32 ASSUMPTIONS 6 months 12 months 2 years Number of clients 75 165 300 60% Average Loan outstanding 7200 8571 9900 25% % of female clients 20% 20% 20% 15% Average delinquent portfolio > 5 days 1% 2% 4% at 6 months Active Clients 75 16 1,200 66% Oustanding Portfolio 540,000 1 378 21% Female Clients 15 16 240 13% Delinquent Portfolio 5,400 (20) (108) 1,710 Salary as a percentage of portfolio 22.69% Incentive as percentage of total package 17% Base Salary: 8,500 10,210 at 12 months Active Clients 165 16 2,640 63% Outs. Portfolio 1,414,286 1 990 24% Female Clients 33 16 528 13% Delinquent Portfolio 28,286 (20) (566) 3,592 Salary as a percentage of portfolio 10.26% Incentive as percentage of total package 30% Base Salary: 8,500 12,092 at 2 years Active Clients 300 16 4,800 61% Outs. Portfolio 2,970,000 1 2,079 27% Female Clients 60 16 960 12% Delinquent Portfolio 118,800 (20) (2,376) 5,463 Salary as a percentage of portfolio 5.99% Incentive as percentage of total package 37% Base Salary: 9,350 14,813
  • 72. - 29 - Individual loan officer incentive structure proposal = Proposition de système de primes pour les agents de prêts individuels Proposed incentive structure : Système de primes proposé Incentive per active client : Prime par client actif Incentive per 1000 Rs in portfolio : Prime pour 1000 Rs dans le portefeuille Incentive per female client : Prime par cliente Disincentive per 1000 Rs delinquant : Suppression de la prime pour 1000 Rs en retard The ratio commission per client/penalty is the following if the average loan size for loans is : 15 000 = Le ratio de commission par client / pénalité est le suivant si le montant moyen des prêts est : 15 000 Proposed parameters : Paramètres proposés Incentive : Prime Penalty : Pénalité Per client : Par client Portfolio : Portefeuille PAR : PAR Assumptions : Hypothèses Number of clients : Nombre de clients Average loans outstanding : Moyenne des encours de prêts % of female clients : % de clientes Average delinquent portfolio > 5 days : Portefeuille moyen en retard > 5 jours 6 months, 12 months, 2 years : 6 mois, 12 mois, 2 ans At 6 months : À 6 mois Active clients : Clients actifs Outstanding portfolio : Encours du portefeuille Female clients : Clientes Delinguent portfolio : Portefeuille en retard Salary as a percentage of portfolio : Salaire comme pourcentage du portefeuille Incentive as a percentage of total package : Prime comme pourcentage du portefeuille Base salary : Salaire de base
  • 73. Policy and Procedures Worksheet Complete the worksheet for the functional areas for which your MFI has written policies and procedures. Functional area Who wrote them? When were they written? Last updated? Who is responsible for updating? Are they available to staff? How disseminated? Comments: How effective do you think they are in controlling risks? RM4-H4 ©CGAP/WorldBank,2007 RM4-H4
  • 74. RM4-H6RM4-H5 Social performance dashboard for a cooperative network – fictitious data, for illustrative purposes
  • 75. RM4-H6 Action Planning Prevention is worth a pound of cure! We have been discussing the use of preventive controls to mitigate risks as identified in various activities of MFI operations. Which do you think your MFI needs most? Take a few moments to write down the concepts you would like to review and improve once you return to you office. 1. I think the major risks in my MFI are 2. I would like to review, update, install, and/or implement the controls as follows: Human Resources Policies and Procedures Information Systems Other: Technologies, Physical Infrastructure, Tools, etc.
  • 76. Internal controls and audit: Integrating SPM into microfinance capacity building Introduction Microfinance capacity building on internal controls and audit has mostly focused on financial concerns, especially protecting against fraud in the areas of cash management, savings and loan operations, write-offs and procurement. As social businesses, microfinance institutions (MFIs) also need checks and balances to ensure that they perform against their social objectives, as stated in their mission. Internal auditors can and should verify the MFI’s compliance with its policies and procedures related to social performance, as highlighted in Box one. Internal controls and audit should also ensure that quality standards are maintained in service provision, as quality is often compromised by shortcuts and cost-cutting measures. This briefing emphasises the importance of integrating social performance into internal controls and audit. It offers guidance on how MFIs can systematically check compliance with their social mission in the following areas: social responsibility towards key stakeholders, client protection, quality of service provided to clients, and monitoring impact on clients’ lives. It aims to inspire MFIs to improve their operational social performance. We begin by raising key questions to consider, then discuss some emerging practices being used by some MFIs to address these issues. We end with some guidance on best practice. Key questions Do MFIs systematically incorporate social responsibility and client protection principles into their policies? Are the internal auditors trained and experienced in measuring social performance management? Do internal auditors use tools designed to assess the organisation’s social performance? Are MFIs equipped to monitor and assess the quality of the services they provide to clients, including changes in clients’ lives? Guidance Note Box one: Quality and compliance at the Small Enterprise Foundation (SEF) The Small Enterprise Foundation (SEF), a South African MFI, has a strong internal audit department, which focuses primarily on ensuring compliance. Management recently identified weaknesses in how consistently SEF’s methodol- ogy was being applied in areas such as evalua- tion of client repayment capacity, group training and support, and client–staff interface. As a re- sult, SEF established a set of quality checklists for ‘key operational activities’ that will be used by management and internal audit to ensure quality. These quality checks are integrated into the standard internal audit, which also verifies compliance with SEF’s operational policies. Written by Rashmi Ekka, with contributions from Anita Campion, Anton Simanowitz, Veronika Thiel, Ragini Bajaj Chaudhary, Ewa Bankowska, L.B. Prakash, Ruth Dueck-Mbeba, John Bliek and Christian Loupeda.
  • 77. Page 2 Internal controls and audit: Integrating SPM Emerging good practice The following emerging practices are helping MFIs to integrate SPM into internal controls and audits: Raising awareness about the importance of monitoring social performance MFI management and staff need to be convinced that extending internal controls and audit to social performance is a good management practice so that they can equip their internal auditors with the knowledge and tools needed to incorporate this task into their responsibilities. As part of that process, MFIs should make a business case for integrating social performance into internal controls, and should ensure that all staff are involved in discussions about how to achieve this (for example, providing good customer service as a strategy to improve client retention). Verifying progress in achieving social responsibilities MFIs need to put policies and procedures in place to protect their social mission and to mitigate reputation risk.1 Depending on their social mission, they need to integrate policies and procedures related to social responsibility to clients, staff, communities and the environment (see Table one). By clearly defining their target client characteristics (location, gender, poverty level, type of economic activity, etc), the MFI can set SMART objectives (specific, measurable, achievable, relevant and time- bound). An MFI with a social mission to reduce poverty could, for example, set the following SMART objective: 50 per cent of new clients will have an income below US$1.5 a day. To check progress against that objective, loan applications could track income levels. At the branch level, the number of new clients earning less than US$1.5 a day could be computed on a weekly basis (using the Progress out of Poverty Index (PPI) tool, for example). That data could then be compiled by branch managers and sent to headquarters for comprehensive monitoring. This enables management to analyse the data, identify which branches are more successful at poverty targeting and why, and use the information to make, and regularly review, decisions to ensure that the MFI fulfils its mission. Preventing client over-indebtedness In the individual loan approval process, the loan officer generally uses a standard format to collect information that is used to determine the borrower’s repayment capacity. This information often includes a full assessment of the client’s business and personal revenues and expenses, as well as other outstanding debts. MFIs should have a formula to protect against over-indebting clients, such as limiting loan payments to a maximum of 50 per cent of current monthly income. They could also collaborate with other MFIs in their area (either directly or through a credit bureau) to track clients who are borrowing from several MFIs. Monitoring how clients use loans To ensure transparency, before loan disbursal, the MFI should have a system for ensuring that the client understands all the terms of the loan, including the repayment schedule and amounts owed, procedures in case of default, etc. Once the loan is disbursed, the loan officer should check whether the client is using the loan as stated in the application, by visiting the client 1 See the guidance note on Risk management
  • 78. Page 3 Internal controls and audit: Integrating SPM for follow-up interviews. Ensuring collection practices follow code of ethics Loan officers need to be able to distinguish between clients who are experiencing real hardships, making it difficult for them to repay on time, and those who have the capacity to repay but not the goodwill to do so. When managing the collection of repayments, MFIs must walk a fine line between putting pressure on clients to repay, and putting vulnerable clients into a worse financial situation. To manage this and other difficult situations, MFIs should have a code of conduct to guide staff. The human resources (HR) department should ensure that all staff Table one: Sample policies and controls to ensure social responsibility Policy2 Controls to ensure implementation Clients Our MFI is committed to quality service, which includes easy application processes, timely disbursements, provision of information about service terms and conditions, accurate as- sessment of repayment capabilities, and friendly staff Monitor average loan processing time Spot-check loan officers’ repayment capacity calculations Spot-check loan collection approaches Interview clients to assess their knowledge of service terms and conditions, and soliciting feedback on client–staff relationships Staff Our MFI is an equal opportunities employer. Qualified applicants are considered for em- ployment without regard to age, race, colour, religion, sex, national origin or sexual orienta- tion Monitor diversity of selected candidates against applicants Assess salaries to check for gender and other biases Conduct exit interviews with staff Check compliance with local law and transpar- ency of salary scale Gender awareness Our MFI ensures that our staff, both women and men, are able to interact with women with respect and a sense of equality, and pro- mote a vision of women’s empowerment Train staff on gender awareness Client and staff interviews Strengthening communities Our MFI works to strengthen community bonds and we do everything in our power not to disturb or break any previous ties within communities Conduct community assessments Check how community complaints are resolved Environmental protection Our MFI does support enterprises that have negative environmental impacts, e.g. logging Review loan applications by business type Conduct visits to clients’ businesses 2 Adapted from Campion, A., (2009) Social Performance Management Policy Templates and Best Practices for Microfinance Institutions
  • 79. Page 4 Internal controls and audit: Integrating SPM understand and comply with the code of conduct. Field staff in particular should know that it is unacceptable to use abusive language or threats, harass borrowers, or forcibly enter a client’s house and seize property without a court order or in violation of the law. The code of conduct should be included in orientation for new staff, and existing staff should have periodic refresher sessions. Managers and supervisors should monitor compliance with the code of conduct as part of their regular staff supervision. During loan disbursal, clients should be made aware that they have a right to make a complaint, and should know the MFI’s procedures for doing so (for instance, a client suggestion box, or taking a complaint to a third party ombudsperson). The internal audit process should include a check to see that client complaints are addressed in a timely and appropriate manner. Mitigating client vulnerabilities and ensuring client protection MFIs should recognise that clients are vulnerable to shocks such as natural disasters, sickness and death of family members. To mitigate the effects of these shocks, MFIs can offer products such as emergency loans and insurance, as well as non-financial products and services (health education, for example). In case of debt restructuring, this should be done in a fair, standardised manner, and the loan should not be re-financed for a higher amount. The internal auditors should also make sure that restructured loans are not treated in the same way as regular loans in the management information system (MIS), but instead reflect the appropriate risk profile. The MFI should make sure that this practice is reflected in its operational procedures. As most MFIs have social missions linked to serving the poor, internal auditors should check clients’ poverty level by analysing changes in income or assets over time. They should also check that the MFI’s field staff have the necessary skills and knowledge to effectively assess how their clients are progressing out of poverty. They should carry out spot-checks to identify household debt exposure, lending practices that violate procedures (such as unauthorised re-financing), multiple borrowers or co-signers per household, and other practices that could increase client indebtedness and vulnerability. Ensuring quality service and transparency Good customer service is an important aspect of all MFI operations. Procedures and policies should emphasise good customer service, such that it becomes a part of the institutional culture. To ensure good customer service, all field staff should receive training, ideally using participatory methods so that they can role- play and practice handling client complaints and other sensitive situations. While the customer may not always be right, he or she always deserves to be treated with respect. MFIs can reinforce good customer service and let clients know what they can expect from staff by, for example, placing posters (e.g. ‘Customer First!’) on the branch walls. As well as carrying out customer satisfaction surveys and exit interviews, internal auditors can ask questions about the quality of customer service during client visits, and include the findings in their audit reports. They can ask clients to describe their perceptions of the MFI, how they feel they are treated by staff, the extent to which they value its products and services, and the difference the MFI
  • 80. Page 5 Internal controls and audit: Integrating SPM has made to their lives. As good-quality customer service also implies protecting clients’ rights to information and privacy, internal audits should also check clients’ understanding of product terms and pricing, as well as verifying how sensitive data is handled within the MIS. Checking availability and reliability of social data in the MIS What gets measured is what gets done and managed. You cannot influence change in social indicators if you don’t measure them. Depending on the MFI’s mission, institutions can include indicators related to clients’ poverty levels, percentage of women or rural clients, or number of jobs created, etc. The internal audit process should spot-check both the data and the processes used to collect it, to ensure accuracy and consistency. MFIs should make sure that these indicators are fully integrated into data capturing, analysis and reporting. Management should review and analyse the data on a regular basis, and make adjustments to staff and procedures as necessary to fulfil the mission. Protecting staff against biases MFIs should have clear HR policies to guide them in hiring, firing and promoting staff to ensure fair and consistent treatment. As with clients, staff should have a channel through which they can express grievances and seek redress in a timely manner, other than through their direct supervisor. Training is especially important to ensure that management understand HR policies, especially related to gender awareness, and how they should conduct performance appraisals to avoid biases. Ensuring quality of implementation Field staff are often under considerable pressure to increase their efficiency, and as a result, may take shortcuts that can have a negative impact on quality of services. Financial service delivery (loan disbursements and collections) is easy to monitor through portfolio quality, and therefore tends to receive priority attention by staff. Staff are more likely to take shortcuts in activities that support the quality of financial services, such as thorough assessment of repayment capacity, provision of information about the products and services and terms and conditions, formation of cohesive client groups, and provision of training, advice or other support. To ensure that shortcuts are not being taken in these ‘softer’ areas, it is important to monitor the way they are being implemented – for instance, regularly collecting feedback from clients by someone other than their loan officer (the internal auditor, for example). Ensuring that field staff receive strong supervision and support is one of the best ways to ensure the delivery of good-quality services. Adopting best practice As MFIs integrate SPM into their internal controls and audit, three key lessons will ensure success: Stay focused on your social goals Internal controls represent a strategy to improve an MFI’s social performance just as it can improve financial performance; there should, therefore, be a clear link between the MFI’s stated social goals
  • 81. Page 6 Internal controls and audit: Integrating SPM and the tools made available to the internal auditors. Your internal audit questions (or considerations) cannot be separated from your social and financial goals. If your goal is to have an outstanding client service, that’s what the internal auditors should be checking (using appropriate tools to do so). Prioritise the process, not the result The process of integrating social performance into internal controls and audit requires a strong commitment, as it involves several areas of the MFI’s operations. In order to avoid staff feeling overwhelmed, MFIs should plan the process carefully, prioritising activities based on their needs and capacities. Ensure consistency MFIs should ensure that field staff (particularly loan officers) have sufficient training and support to carry out the activities that internal auditors will be checking on. For example, if internal auditors are asked to check whether the MFI is targeting very poor clients, loan officers should be effectively trained how to identify clients in this segment in their daily work. Conclusion Extending internal audit and internal controls to the area of social performance appears to be an effective incentive for MFIs to develop their capacity and strengthen their SPM systems. It also enables them to achieve a better balance in their performance management and to become more responsive and responsible as an organisation, not only towards their clients but towards all stakeholders. References Campion, A. and Ekka, R. (2009) Social Performance Management Policy Templates and Best Practices for Microfinance Institutions, Social Performance Task Force Campion, A. and Linder C., with K. Knotts (2008) Putting the 'Social' into Performance Management: A Practice-Based Guide for Microfinance, Brighton: Imp-Act Consortium, Institute of Development Studies Imp-Act/Microfinance Centre (MFC) (2005) Social Performance Management in Microfinance – Guidelines, Brighton: Imp- Act Consortium, Institute of Development Studies MFC (2007) Quality Audit Tool for Managing Social Performance – Overview, From Mission to Action: Management Series for Microfinance Institutions, Poland: MFC Pandey, S.H. Internal Controls in Small/Medium MFIs, MicroSave Briefing Note # 72, www.microsave.org (accessed 11 November 2010) Sharma, M.K. and Wright, A.N. Loan Portfolio Audit in Practice, MicroSave Briefing Note # 54, www.microsave.org (accessed 11 November 2010) United States Agency for International Development (USAID) (2008) Social Audit Handbook Tool – Using the Social Audit to Assess the Social Performance of Microfinance Institutions, Washington: USAID
  • 82. Page 7 Internal controls and audit: Integrating SPM Imp-Act Consortium: Learn, connect, share A range of online resources are available to help you improve your SPM practice: The SPM Resource Centre offers step-by-step guidance on integrating a social lens into MFI performance management systems, including an interactive SPM self-assessment tool. Head to: www.spmresourcecentre.net The SPM Network connects individuals and organisations who are committed to managing and achieving social performance in microfinance. The Network is a virtual space for practitioners to share experiences and information, and debate new ideas in SPM. Join in today! www.spmnetwork.net The SPM Practice Guide offers step-by-step guidance on integrating SPM into your MFI along- side real MFI case studies. Download in English, French, Spanish or Arabic. Fulfilling the Promise is a new film by the Imp-Act Consortium that captures the SPM experi- ence of two mission-driven MFIs, SEF (South Africa) and AMK (Cambodia). Short and long ver- sions are available in English, French, Spanish and Arabic. Learn more about the Imp-Act Consortium and its work by visiting www.Imp-Act.org. About this series This series of Guidance Notes emerges from a collaboration between the Imp-Act Consortium and key industry technical experts. Recognising that the ongoing support to MFIs from funders and support organisations is critical to ensuring a balanced approach to performance management, series aims to help them integrate the missing “social lens” into existing MFI training materials. The notes provide targeted guidance on critical issues, as well as details on further resources available. Development process The Integrating social performance management into mainstream capacity building initiative, led by the Imp-Act Consortium, involves a three-part strategy: Linking SPM experts with experts in key technical areas: Consortium members and associates join forces with industry experts to apply a social lens to key technical areas. Reviewing existing mainstream training materials: Through online workshops between project partners, gaps in training currently provided to MFIs are identified and prioritised. Facilitating online knowledge sharing discussions: Each technical area is addressed in a facilitated discussion on the SPM Network in order to add to the rich experience base of these Guidance Notes.
  • 83. smArt lendInG: clIent ProtectIon In the credIt Process An overview for Incorporating client Protection Practices into Individual Lending by Microfinance Institutions www.smartcampaign.org
  • 84. INTRODUCTION These guidelines are designed to help microfinance institutions (MFIs) with individual lending operations integrate good client protection prac- tices into their credit processes. At each point in the individual lending process, the guidelines explain how MFI staff should incorporate client protection into policies and operations. The guidelines are largely focused on operational issues, with brief recommendations about setting up policies for the institution. The guidelines are presented in the chart below and in the following pages. They walk the user through each major step of the individual lending process, organized into five phases: 1) Promotion and Sales, 2) Evaluation, 3) Approval, 4) Disbursement , and 5) Collections. The chart begins with an overview of the entire credit process and then provides greater detail on each of the five phases. At each appropriate step in the process, the guidelines identify where client protection practices can and should be incorporated. Each of those intersections is denoted with a client protection intervention point number (e.g. CP1, CP2 etc.). Guidelines for each CP include suggestions for how to model good prac- tice in consumer protection for that portion of the credit process. While the guidelines offer suggestions for operational steps and policy consideration, they are not a complete solution for implementing client protection in the credit process. They do, however, identify areas where additional steps may be necessary, such as staff training and institu- tion-specific materials for how to address the points raised in the guidelines. Many of the guidelines would benefit from an additional, more in-depth tool to help field staff implement the ideas contained in the guidelines. For example, CP2 offers guidelines for the information that should be conveyed during the initial sales speech and what should be avoided when selling individual credit products to clients. An additional tool, such as a sample sales speech, could offer sample dialogues between the staff person selling the product and the client, with possible questions and answers that adhere to the Client Protection Principles. The Smart Campaign plans to develop several of these in-depth tools. Until then, we encourage MFI users of this tool to move forward with the implementation of client protection into existing operations and to share your feedback and experiences with The Smart Campaign. THE CLIENT PROTECTION PRINCIPLES (short form listed below; for complete description, see www.smartcampaign.org). 1. Avoidance of over-indebtedness 4. Ethical staff behavior 2. Transparent and responsible pricing 5. Mechanisms for redress of grievances 3. Appropriate collections practices 6. Privacy of client data Source: These guidelines are the result of collaboration between The Smart Campaign and the technical staff of ACCION International. This collaboration is ongoing and ACCION looks forward to sharing more such tools on related topics in the future. Special thanks goes to Susana Barton, Cara Forster, Raul Gomez, Valerie Kindt, Elisabeth Rhyne, and Victoria White.
  • 85. THE CREDIT PROCESS PROMOTION AND SALES Promotion of MFI products Expression of interest by client Product and service description Internal inquiry Go to Evaluation Rejection Application form CP3CP1 CP2 CP4 CP5 EVALUATION APPROVAL DISBURSEMENT COLLECTIONS & RECOVERY Collection of ­nonfinancial data Collection of ­financial data Entry of data Internal inquiry Go to Approval Rejection CP8CP7CP6 CP5 Credit committee & loan analysis Loan decision Go to Disbursement Rejection CP9 CP5 Inform client of loan decision Client & co-signers visit branch Disbursement speech Disburse funds Finalize paperwork CP10 CP11 Follow-up and collections reports Regularly follow-up with clients On-time collection Record late payment activities Follow-up and recovery of late payments CP12 CP12 CP13 CP14
  • 86. 1. PROMOTION AND SALES Promotion of MFI products Expression of interest by client Product and service description Internal inquiry Go to Evaluation Rejection Application form CP# CP1 CP2 CP3 CP4 CP5 ACTIVITY MARKETING MATERIALS SALES PITCH PRODUCT DESCRIPTION APPLICATION FORM COMMUNICATION OF RESULTS PROTOCOL CP PRINCIPLES Transparency, Redress Over-indebtedness, Transparency, Data Privacy Over-indebtedness, Transparency Transparency, Data Privacy Transparency, Redress POLICY CONSIDERATIONS Transparency in terms and conditions: The institution makes a commitment to transparency in product and services terms and conditions, including pricing. Responsible pricing practices: The total cost to the client must be affordable to the client and offer the potential for sustainability to the institution. Staff incentive policy for credit: Weigh PAR appropriately with growth, given risk environment (e.g., regional, macroeconomic conditions, etc.). OPERATIONAL CONSIDERATIONS • Develop promotional fly- ers in local language. • Provide basic eligibility ­requirements on the flyer. • Reserve space on calling cards and flyers for how to handle questions and/ or complaints including the institution’s phone number and address. • If space, include basic ­information on product (e.g., purpose, payment information, etc.). • Sales speech should provide basic introduction to the institution and its products in local lan- guage. • Product terms and condi- tions should be clearly stated, including topics such as eligibility require- ments, documentation requirements, total cost to the client for ­accessing loan (with examples), minimum and maximum loan sizes, explanation of use of client data, and, for group loan products, a clear explanation of the meaning of joint liability. • Explain products, ad- dressing which is most appropriate/best value/ best fit. • Provide a complete de- scription of the product’s costs, including price, interest rate, and all as- sociated fees. • Provide a complete de- scription of the product’s terms and conditions. • Provide an explanation of upcoming evaluation ­process and inform the client of penalty fees, late payment fines, etc. • Inform the client on what demographic and business information is required and why. • Explain how this informa- tion will be used and stored. • Client consent to terms and conditions should be ­located on form and explained by loan officer (explain ­concept of credit bureau if ­necessary). • Communicate eligibility results clearly to the client. • If negative, explain why a decision was made and how the client can take action to achieve a positive result in the future. • Provide a phone number where the client can get additional information and recourse. CP TOOL Guide for development of promotional flyer with relevant information; sample flyer Guide for initial sales pitch; sample pitch Guide for describing products available to client Guide on how to request information from a client; sample form Guide for communicating eligibility criteria CP3CP1 CP2 CP4 CP5
  • 87. 2. EVALUATION Collection of ­nonfinancial data Collection of ­financial data Entry of data Internal inquiry Go to Approval Rejection CP# CP6 CP7 CP8 ACTIVITY/FORMS DATA COLLECTION: NON-FINANCIAL EVALUATION DATA COLLECTION: FINANCIAL EVALUATION DATA PRIVACY / DATA MANAGEMENT CP PRINCIPLES Over-indebtedness, Transparency, Appropriate Collections, Staff behavior, Data privacy Over-indebtedness, Ethical staff behavior Ethical Staff Behavior, Data privacy POLICY CONSIDERATIONS • Commit to respect client privacy and confidentiality of information. • Collect relevant data to ensure sufficient “willingness to repay” and to analyze “capacity to repay.” • Commit to collect and incorporate 3rd-party debt information on each client. • Develop clear policy guidelines on loan guarantee and collateral mechanisms, including guarantor profiles and what can and cannot be registered as collateral. OPERATIONAL CONSIDERATIONS General • Explain to client what information is needed and why. • Explain how the information will be used. • If relevant, explain what a credit score is and how it will be used. • Clearly ask about other outstanding loans client may have. Use available means (e.g., credit reference bureau, shared client lists, etc.) to confirm outstanding debts. • Ensure privacy of photos; if client photos are taken, explain how the pictures will be used and who will have access to them. Collateral • Explain why assets are being recorded (collateral as well as evaluation) and what can happen to them in the case of default. • If applicable, describe under what circumstances client assets can be removed and describe the confiscation process. Co-Signors, Guarantors, Spouses • Explain why co-signers and guarantors are used and why spouses are involved. • Explain the rights and duties of co-signers, guarantors, and spouses. • The explanation should precede signing. • Treat with all parties with respect. References • Explain why assets are being verified. • Focus on fact checking. • Refrain from judgmental questioning. • Before initiating financial evaluation: • explain to the client the consequences of over-indebtedness and why it is important to provide accurate information—Stress honesty and integrity, and • explain what information is necessary to ­collect and how it will be used. Discuss institutional values for avoiding over-indebt- edness, such as appropriate products and debt capacity analysis. • Limit access to private data within the institution with strong internal controls. • Strong data security means: • internal controls, good IT man- agement; • clearly-defined user access hierarchy; and • frequent change of passwords. • Special considerations for sharing data with third parties include: • considerations for data security when ­outsourcing, and • MOUs with contracted third parties should agree to CP guidelines/ethics. CP TOOL Guide for collecting non financial evaluation information Guide for collecting financial evaluation information Guideline for developing data management protocol CP8CP7CP6 CP5
  • 88. 3. APPROVAL Credit committee & loan analysis Loan decision Go to Disbursement Rejection CP# CP9 ACTIVITY FINANCIAL ANALYSIS CP PRINCIPLES Over-indebtedness POLICY CONSIDERATIONS • Never lend more than the client requests or more than they have capacity to repay. • All lending decisions should incorporate some element of ­capacity to pay analysis; as loan size increases, this analysis should be i­ncreasingly more thorough. • Ensure credit decisions are made by appropriately trained ­professional staff. OPERATIONAL CONSIDERATIONS • At a minimum, capacity-to-pay analysis should include calculation of the client’s working capital and business and household surplus, as well as their assets and liabilities. • Over-indebtedness: It is the responsibility of the MFI to collect data on other loans the client may have. This can be done through an ­interview, a credit bureau, or an information exchange between MFIs. • MFIs need to invest in acquiring data available so that the best credit decision can be made. Any other loans outstanding should be incorporated into client’s indebtedness analysis. • Client indebtedness should be continually monitored by the ­organization. • Guidelines may need to be regional, by business sector, or both. CP TOOL Guideline for financial evaluation CP9 CP5
  • 89. 4. DISBURSEMENT Inform client of loan decision Client & co-signers visit branch Disbursement speech Disburse funds Finalize paperwork CP# CP10 CP11 ACTIVITY DISBURSEMENT SPEECH DOCUMENTATION CP PRINCIPLES REFLECTED Over-indebtedness, Transparency, Data privacy Over-indebtedness, Transparency, Appropriate Collections, Ethical Staff Behavior, Redress POLICY CONSIDERATIONS • Ensure sufficiently senior/ trained person is responsible for assembling all relevant documentation and the disbursement speech. Ensure this person is not the same person who later collects loan payments. • MFIs should only accept as guarantors persons who have the financial capacity to pay back the loan. OPERATIONAL CONSIDERATIONS General: • Provide verbal explanation of each document to client, especially the payment schedule. • Read the summary page (see CP11) to the client. • For illiterate clients, verbally read or explain all the documents. • Consider a poster on the wall near where the disbursement occurs to remind staff and clients of client rights and responsibilities. Key elements of disbursement speech: • Explain all costs (e.g., stamp duty, margin money, insurance, any other fees, linked products, etc.). Clients should also be alerted to never pay any additional commissions or fees to staff, beyond what is explained in the disbursement speech. • Advise client to always ask for a receipt of their account balance and to ask for exact change. • Explain impact of fees on amount disbursed, which may be less than loan amount approved if fees are deducted up front. For guarantors, spouse, co-signors: • Inform the spouse about the disbursement, unless there is good reason to ­believe that the spouse might misuse/appropriate the funds. • Inform the guarantor/co-signer of his/her co-responsibility to pay back the loan in case the client defaults. • Ensure that the guarantor is not a “professional guarantor” who guaran- tees multiple clients and may ask for a fee or percentage of the loan. • Explain that the loan recipient should control the use of the loan money. • Include a summary page that: • Provides the client with one summary page with key information. This summary page can be tailored to the client or can be generic. (Generic pages increase ­efficiency and reduce error rate; tailored ones can be more understandable to the client. Consider making it a part of the welcome kit.) • Includes rights and duties of both the MFI and the client. • Includes complaints information (e.g., how to access MFI and third- party consumer agencies). • Explains collections practices, consequences, and procedures in the case of non-repayment • Provides verbal explanations for all clients, especially for illiterate clients. • Explain complete contract in non-legal, clearly understandable terms. • Ensure the client always receives a copy of the loan repayment table. CP TOOL Guideline for disbursement speech; sample speech Guideline for documentation requirements; sample plain language contract and sample one page summary CP10 CP11
  • 90. 5. COLLECTIONS & RECOVERY Follow-up and collections reports Regularly follow-up with clients On-time collection Record late payment activities Follow-up and recovery of late payments CP# CP12 CP13 CP14 ACTIVITY ON TIME COLLECTIONS OUTSOURCING - USE OF THIRD PARTY COLLECTIONS AGENTS RECOVERY AFTER LATE PAYMENT CP PRINCIPLES Transparency, Appropriate Collections, Ethical Staff Behavior Appropriate Collections, Ethical Staff Behavior Over-indebtedness, Transparency, Appropriate Collections, Ethical Staff Behavior, Data Privacy POLICY CONSIDERATIONS • Commit to ethical standards for collections. • Collection agents (in-house or 3rd party) should share organizational culture and/or be trained on the institution’s values. • Collection agents (in-house or 3rd party) should be held accountable for the same standards of behavior outlined in the institution’s code of ethics. • Established standards for ensuring the privacy of client data should be used by both MFI and the third party. OPERATIONAL CONSIDERATIONS • Ensure ethical staff behavior during collec- tions as described in the code of ethics. • Use preventive recovery methods, such as reminders. • Always provide a receipt and give correct change. • For field collections, provide special training for collections staff. • For field collections, ensure visits happen on a specified day. • The CP 12 guidelines apply. • Develop contracts with 3rd-party agents that hold agents accountable to the MFI’s ethical standards. • Implement a quality control process to en- sure that the standards are being met. • Draft recovery-visit scripts to ­emphasize respect and model ­appropriate behav- ior. • Ensure restructuring does not ­increase the debt levels of already-indebted clients. • Ensure any confiscation of assets ­follows legal recovery channels. Penalty fees • Fees, penalty interest, etc., should not exceed an established portion of the original loan amount. Each institution should establish its own standard. • Do not charge interest after the loan is written off. CP TOOL Guidelines for collection practices; sample code Guidelines for 3rd-party collection practices Guidelines for recovery practices; sample scripts CP12 CP12 CP13 CP14
  • 91. Principle #5 – Mechanisms for Redress of Grievances This presentation is made possible by the Smart Campaign www.smartcampaign.org
  • 92. 2 Mechanism for Redress of Client Grievances: The Principle in Practice A financial institution measures up to this principle by having a mechanism for collecting, responding in a timely manner, and resolving problems for customers.
  • 93. 3 How Dissatisfied Clients Affect the Institution •  A very satisfied client will talk about his/her experiences with 3-4 people, but an dissatisfied client will tell 8-9 people. •  When a dissatisfied client’s complaints are received, answered, and solved, there is a 90% chance that s/he will return. •  90% of dissatisfied clients whose problems are not resolved will never return to do business with the institution again.
  • 94. 4 No Complaints Completely Satisfied Customers If your institution does not receive concerns or complaints, be careful: •  Clients could be happy with your products and customer service, or       •  Clients might not feel empowered to share their concerns and complaints or   •  They might not know how to do so, or       •  Clients might not feel like they can complain without this affecting their business relationship with the institution.      
  • 95. 5 •  A written policy requires customer complaints to be taken seriously, fully, investigated and resolved in a timely manner without bias.   Wri%en  Policy   •  A mechanism to handle customer complaints is in place, has dedicated staff resources, and is actively used.   Mechanism   •  Customers are informed of their right to complain and know how to submit a complaint to the appropriate person.   Informed  Customers   Indicators of Good Practice
  • 96. 6 •  Staff is trained to handle complaints and refer them to the appropriate person for investigation and resolution.   Trained  staff   •  Internal audit or other monitoring systems check that complaints are resolved satisfactorily.   Internal  audit  monitors  system   •  Complaints information is used to improve products, sales techniques and other interactions with customers.   Use  complaints  informa<on   Indicators of Good Practice
  • 97. 7 Good Practice: Using Multiple Channels to Receive Complaints Sugges<on  /   Complaint   on-­‐site   Branch   Teller   Wri%en   sugges<on  /   complaint   Branch   Manager   Sugges<on  /   Complaint   via  feedback   mechanism   Complaints   Agent   Immediately       Up  to  14  days   At one institution, complaints are handled through several channels depending on the urgency and complexity of the complaint: Source: Adapted from Banco Solidario
  • 98. ©CGAP/World Bank RM5-H1 Credit Cycle Example The Disbursement Process Activities/ transactions Who is involved Risks Rank gravity of risk Control • Client is informed of the decision • Client and guarantor/co- signer come to the branch • Key information provided just before disbursement • Administrative documents finalized • Disbursement • Loan officer • Branch Manager • Cashier • Lack of liquidity for the MFI • Client over-indebtedness • Fraud • Client not understanding repayment terms • Guarantor/co-signer not understanding the nature of his commitments Low or high • Verify that the amount granted is the same as the amount disbursed • Verify that the signatures for the loan application and the loan contract match • Verify that the provisions of the contract (terms and conditions, interest rate, etc.) are in compliance with MFI credit policy • Verify that the client has clearly understood the terms of the contract • Verify that the guarantor/co- signer has clearly understood his commitments • Verifythat the transaction has been recorded correctly in the MFI’s books
  • 99. ©CGAP/World Bank RM5-H2 MFI Fraud Cases CASE DETECTION Cycles and controls Loan officer sets up 90 ghost group loans in a successful high-growth branch. Repays loans from new loans. Collusion with supervisor and regional internal auditor. Tip from an employee. Trusted administrative officer purchased computers and furniture at higher-than-market prices, receiving a kickback. Officer leaves to take on a better job. When new furniture is purchased months later, new administrator discovers the high prices paid by the prior employee. Loan officer in rural area disburses and collects loans in cash. Officer keeps some of the repayments. Argues that he lost loan payment receipts. Most clients don’t demand receipts. Loan officer under suspicion because of sloppy paperwork. Delinquency increases and central office investigates. Loan officer disburses a large loan to a microentrepreneur who declares a profitable, thriving business and uses to use business equipment as collateral. No payments are made Increase in delinquency reports for that officer. Regional internal auditor’s visit reveals that the business is struggling, the equipment obsolete and worthless.
  • 100. ©CGAP/World Bank RM5-H3 Cycles – Definition and Approach Credit Cycle • Promotion and sales • Evaluation • Approval • Disbursement • Collection • Portfolio quality review and provisioning Savings Cycle • Promotion (marketing, monitoring, assessing demand and potential clients) and sales • Application and approval • Account opening and services • Withdrawals and deposits • Account closing Procurement Cycle Equates to the expenditures and purchasing cycle, goods and supplies acquired from vendors, payments to vendors and employees Purchasing – functions involved in initiating requests for goods and other assets and services Payroll – functions of hiring, compensation, reporting on attendance and work performed, accounting for all payroll costs, payroll deductions, benefits, and other adjustments Disbursement – functions involved in preparing, signing, and issuing checks or distributing cash to suppliers Holding and safeguarding of fixed assets Treasury/Financing Cycle Funds received from equity and debt investors (savings) Funds temporarily invested until needed for operations Liquidity management Asset and liability management Functions involved with issuance and redemption of capital stock, debt and investment management, investigation and selection of appropriate forms of financing Donations Cycle Approach to Risk and Control Identification • Classify and group transactions and activities according to cycles • Identify activities and transactions that involve potential risk • Prioritize risks • Identify the criteria and standards appropriate for the transaction according to the objectives to be met
  • 101. ©CGAP/World Bank • Establish and implement internal controls • Measure the existing control procedures and techniques and expected output against the criteria
  • 102. ©CGAP/World Bank RM5-H4a MFI Credit Cycle Worksheet Activities and transactions Who is involved Risks Rank gravity of risk Control
  • 103. RM5-H4b MFI Savings Cycle Worksheet Activities and transactions Who is involved Risks Rank gravity of risk Control
  • 104. RM5-H4c Procurement Cycle Worksheet Activities and transactions Who is involved Risks Rank gravity of risk Control
  • 105. RM5-H4d Treasury and Financing Cycle Worksheet Activities and transactions Who is involved Risks Rank gravity of risk Control
  • 106. RM5-H5 Technical Materials – Internal Controls Definitions and Purpose Internal controls are all of the resources and procedures used by managers to properly control their activities. Using the process allows the management and its personnel to be reasonably sure that their objectives have been met. ICs help correct contradictions and detect anomalies that occur between the different decision centers, which have varying degrees of autonomy. They are necessary because of the • Growth and size of institutions • Diversity and complexity of the operations processed • Multiplicity of risks from many outside pressures, including competition; economic, fiscal, and labor relations; technical progress; market tensions; growing importance of regulatory constraints applicable to institutions; and application of senior management objectives. In sum ICs are a set of safety devices that contribute to managing an organization. Use of internal controls aims • To ensure the application of management instructions and encourage improved performance • To maintain the organization’s efficiency • To collect reliable information • To preserve the organization’s clients and assets ICs are part of the organization, the methods, and the procedures of each of the institution’s activities to ensure its continuity. Essentials of Good Internal Controls CONTROL ENVIRONMENT The control environment is the tone of the organization at all levels. It includes integrity, ethical values, and competence. It consists of management's philosophy and operating style, its methods of assigning authority and responsibility, and the organization and development of staff. Also included is the attention and direction of the board of directors. Managers and employees should maintain a supportive attitude toward ICs. Those involved in the operation of ICs should have a level of professional and personal integrity and competence adequate to operate the controls so as to achieve the internal control objectives. RISK ASSESSMENT Risk assessment is the identification and analysis of relevant risks to the achievement of objectives, the determination as to how risks will be managed, and the identification of risks associated with change. CONTROL ACTIVITIES Control activities are policies and procedures relating to approvals, authorizations, verifications, reconciliation, reviews of operations, including the quality of services to clients
  • 107. RM5-H5 (page 2 of 5) ©CGAP/World Bank, 2007 (appropriateness of products and services, collection methods, consideration of client vulnerability, gender issues, etc.), security of assets, and segregation of duties. Specific, comprehensive, and reasonable control objectives are to be identified or developed for each organizational activity. Control activities should give reasonable assurance that the internal control objectives will be achieved. INFORMATION AND COMMUNICATION Pertinent information must be communicated to enable people to carry out their responsibilities, including how we serve our clients. Information should be shared effectively with customers, vendors, government, and stockholders. MONITORING The internal control systems must be monitored to determine the quality of the system's performance. Managers must continually monitor the output of the control systems and to take appropriate action on deviations that warrant such action. STANDARDS The structure of the IC system, all transactions, and significant events must be clearly documented. Such documentation must be readily available Transactions and events must be authorized and executed by properly designated persons. Transactions and events must be promptly recorded and properly classified. The activities of authorizing, processing, recording, and reviewing transactions should be separated among individuals (and units). Supervision should be competent and ongoing to ensure the achievement of IC objectives. Access should be limited to authorized individuals, some of whom are accountable for the custody and use of resources and others who maintain the records. This aspect should be periodically verified by comparing physical and recorded amounts. Characteristics of Controls TIMELINESS Controls should detect potential or actual deviations early enough to limit costly exposures. Controls should be timely, although cost-effectiveness must also be considered. Managers should anticipate and provide for problems disclosed by the controls. The inevitable "unknown unknowns"—events for which experience is not a guide and that present unexpected problems—should be identified and dealt with in a timely manner. ECONOMY Controls should provide "reasonable assurance" of achieving intended results at a minimum cost and with the fewest undesirable side effects. Absolute control may be possible (though unlikely), but it may also outweigh the benefits to be gained. Controls should pay for themselves by reducing potential losses and expenses beyond the added costs. Thus, management should compare the cost of exposures to be prevented, detected, or corrected with the cost of related controls. Management must be concerned not only with effectiveness of controls, but also with their efficiency and economy. Controls should be increased only as long as the benefits they provide are greater than their incremental costs. The balancing of exposure and protection may not always be easy or, indeed, objectively measurable. Some controls may be mandated by considerations of safety, the environment,
  • 108. sensitive situations, or enhanced reputation. So, in some cases, management may need to use subjective evaluations when establishing the rigor of particular control systems. ACCOUNTABILITY Controls should help people demonstrate their accountability for tasks assigned. Managers need controls to help them meet their responsibilities. Managers should therefore be aware of the purpose and operation of controls to that end and be able to take advantage of them. PLACEMENT Controls should be positioned where they are most effective and installed with foresight: 1. Before an expensive part of a project. 2. Before points of no (or difficult) return. 3. Where one phase of an operation ends and another starts. 4. Where measurement is most convenient. 5. Where corrective action is easier to take. 6. When time is left for corrective action. 7. After a completed task or the completion of an error-prone activity. 8. When accountability for resources change. FLEXIBILITY Circumstances are bound to change. Plans and procedures are almost sure to be altered with time. Controls that will accommodate such changes without themselves requiring change are preferable to avoid the need to change. Changes in controls to match operation changes tend to bring about additional confusion. CAUSE IDENTIFICATION Prompt corrective action is aided if controls identify not only the problem but also the cause. Standard responses can be prepared in advance and readily put to use if the control points to the cause of the difficulty. No corrective action is truly effective unless the cause of the defect is addressed. APPROPRIATENESS Controls should meet management’s needs. They should help achieve the objectives of management's plans, and they should fit into the personnel and organization structure of operations. The most efficient and useful controls are those that work on an exception basis, responding only to significant deviations. LIMITATIONS OF INTERNAL CONTROLS No matter how well internal controls are designed, they can only provide reasonable assurance that objectives will be achieved. The following limitations are inherent in all internal control systems: Judgment – The effectiveness of controls will be limited by decisions made with human judgment under pressure to conduct business based on information at hand. Breakdowns – Even well-designed internal controls can break down. Employees sometimes misunderstand instructions or simply make mistakes. Errors may also result from new technology and the complexity of computerized information systems. Controls may become obsolete with new systems and operations. Management override – High-level personnel may be able to override prescribed policies or procedures for personal gain or advantage. These actions should not be confused with
  • 109. RM5-H5 (page 4 of 5) ©CGAP/World Bank, 2007 management intervention, which is an action that departs from prescribed policies and procedures for legitimate purposes. Collusion – Control systems can be circumvented by employee collusion. Individuals acting collectively can alter financial data or other management information in a manner that cannot be identified by control systems. Costs – It may be too costly to install certain controls based on the anticipated benefits of installing the controls. People – People can make mistakes, be misdirected or poorly trained, be irresponsible, show poor judgment, have high workloads, or be affected by high staff turnover (They might not know what to do, or how to do it or where.) In determining whether a particular control should be established, the risk of failure and the potential effect must be considered along with the cost of establishing the control. Excessive control is costly and counterproductive. Too little control presents undue risk. A conscious effort should be made to achieve an appropriate balance. For a system of internal controls to be effective, ALL of the following must be present: • Honest and capable employees • Clear delegation and separation of duties • Proper procedures for processing of transactions • Suitable documents and accounting records • Appropriate incentives/pay • Adequate physical control over assets and records • Independent verification of performance Techniques for Mitigating Identified Risks Organizational Structure POLICIES AND PROCEDURES • Have them in writing, current, simple, available, understood, and applied • Identify areas where internal controls enter into policies and procedures (cash transacted and recorded) STRUCTURAL ISSUES – ORGANIZATIONAL CHART AND SEGREGATION OF DUTIES • Clearly identify areas of responsibility, with job descriptions for segregation of duties (including board). • Indicate who is responsible for internal controls (to determine/document independence) MANAGEMENT INFORMATION SYSTEM • Provide the right information at the right time to the right people. If you can’t measure it, you can’t control it. INSURANCE • Protect (cover) your personnel and assets (deposits, fixed assets, collateral)
  • 110. STAFF AND PERSONNEL – TRAINING AND CULTURE • Place education before understanding and implementation Oversight Environment MANAGEMENT • The process starts with management. • Without you, internal controls don’t. BOARD • The buck stops here. INTERNAL AUDIT • A system ensures constant vigilance. EXTERNAL AUDIT • Without one the organization could lose everything. • If you want investors/creditors, you’ll need an audit. SUPERVISORS AND REGULATORS • These are the ultimate authority; they can shut you down!
  • 111. ©CGAP/World Bank RM6-H1 Job Description: Chief Internal Auditor 1. QUALIFICATIONS: a. Possess a bachelor’s degree in finance, accounting, commerce or a related discipline from a recognized university. b. Be an experienced auditor, either from within the bank or in the financial sector, knowledgeable in audit techniques, standards, and computer processing. c. Possess excellent communication skills, both written and oral, with demonstrated managerial, organizational, and analytical skills. Incumbent must be an independent thinker, capable of forming sound conclusions and recommendations. d. Be aware of the microfinance sector’s social goals and MFI’s core values, and be capable of working with the MFI’s clients (interviews, visits, etc.). 2. PRIMARY RESPONSIBILITIES: a. Provide prudent audit coverage at a reasonable cost for all elements of microfinance (operational, financial, social) in line with the MFI’s values and its financial and social goals. b. Assist Board of Directors in fulfilling their responsibilities relating to audits. c. Maintain an open line of communication with the Chief Executive Officer and the Audit Committee of the Board of Directors, when formed. d. Develop a professional audit staff. 3. SPECIFIC ACTIVITIES: a. Develop a comprehensive audit program to provide audit coverage for the bank and help with training. b. Execute annual audit plan, including financial budget, coordinating efforts with external auditors to avoid unnecessary costs and duplication of efforts. c. Ensure primary audit focus is to determine the effectiveness of internal controls and the degree of compliance with policies. Secondary objectives include reviewing operating efficiency, measuring attainment of objectives, and making recommendations on how to reduce costs and improve earnings and still offer appropriate quality services to the clients served by the MFI. d. Review modified or new systems prior to implementation to ensure any internal control deficiencies that might occur can be corrected at a time when it is practical to make system changes. e. Ensure that audit standards for written audit programs and work papers are adhered to, and that sufficient, competent documentation is required to evidence audit work performed and conclusions drawn.
  • 112. f. Prepare and issue reports to management after audits are completed, obtain responses from management, and review responses prior to submitting to the Chief Executive Officer and the Audit Committee of the Board of Directors, when formed. g. Inform Chief Executive Officer and, when formed, Audit Committee of the Board of Directors of audit activities and material audit findings through routinely scheduled reports and/or meetings, as required. h. Manage the audit function independently of management, however in keeping with the bank’s current organization chart, functionally reporting to the Chief Executive Officer until such time as an Audit Committee of the Board of Directors may be formed, then reporting to the Chief Executive Officer administratively. i. Maintain and develop a professional audit staff, requiring highly qualified candidates from recruitment authorities in the bank, obtaining through the bank's training authorities effective training programs, and practicing job rotation. Staff profiles should be complementary to ensure a comprehensive auditing function for operational, financial and social risks. j. Establish and maintain professional ties in related professional groups. k. Participate in actual field work as appropriate to ensure quality of work and procedures. l. Create and update a risk matrix for the risks the MFI faces or might face. m. Ensure that the permanent files containing documents, records, reports, reconciliation statements, financial statements and other internal documents/journal vouchers, etc., are kept and updated periodically. SAMPLE QUESTIONS TO ASK APPLICANTS FOR INTERNAL AUDITOR DUTIES Key Elements Sample Questions Experience Knowledge of client needs and rights How long have you been an auditor [>3 years]? What type of business activities have you audited [prefer finance, banking, MFI]? Names of professional references. What experience do you have in working directly with our institution’s target clients? Are you familiar with the Client Protection Principles? Integrity Provide a specific example of a time when you had to present a finding that was unpopular with management or the board [should show where they stood up for right and did not back down]. How would you address the situation if you found that the CEO was taking kickbacks from suppliers [gather documentation/evidence, provide report and discussion of it to board contact, follow up as directed by board contact however, if no action from board contact discuss with board chair]? What would you do if your client surveys revealed staff misconduct or aggressive collections practices [discuss the issue with clients, with the loan officers’ superior, verify the repayment procedures, verify the code of ethics, contact the audit committee, the social performance
  • 113. ©CGAP/World Bank committee, or the Board member in charge of social performance issues]? Independence Have you worked in any way with this MFI? Do you have any friends on the staff? [consider that you do not want relationships that might hinder independence]? Understanding of MFIs Have you ever worked with an MFI [prefer yes]? What are the key audit elements to consider in an MFI audit [credit cycle and cash]? Adaptability Provide an example of how you integrated yourself into your last position [You want someone who will try to build their knowledge of the company, and work in a way that does not intentionally inflame other staff – this reduces effectiveness]? SAMPLE QUESTIONS THAT MFI SHOULD BE ABLE TO ANSWER ABOUT THE IA FUNCTION: • Will the board have an audit committee [should be yes]? • Who will be the contact person for the Internal Auditor [should be chair audit committee, if not the Chairman of the Board of Directors]? What is their experience [prefer accounting, audit experience]? How often will they meet with the IA [at least once per month, but IA should have access to them at any time. Someone who travels frequently is not a good candidate.]? • When will the IA’s first review occur [after three months]? Who will do it [Audit committee chair]? • How will the IA be reviewed on an ongoing basis [using regular company review structure and schedule, reviewed by chair audit committee]? How will their salary be reviewed [using regular company review structure and schedule, reviewed by chair audit committee]? • When will the IA’s first audit plan be due [within three months of start]? • Who will approve the IA plan [audit committee]? • How will the CEO oversee the IA [facilitating access to all functions, providing access to resources, making sure the auditor is working]? • How will IA reports be utilized [CEO will ensure that managers respond in writing within one week of receipt and CEO will ensure follow-up and correction of weaknesses identified]? • What will happen if the IA has a dispute with the CEO [audit committee will intermediate]?
  • 114. RM6-H2 Social Audit Resources Resources Depth of analysis Links SPI social audit by CERISE and ProsperA Audit Depends on the method used (internal audit only, internal audit accompanied by an external resource, external audit) Focuses on 4 social performance dimensions: - Targeting clients - Quality of services - Benefits to clients - Social responsibility to employees, clients, the environment http://www.cerise- microfinance.org QAT Social Audit by Imp-Act and MFC Audit Audit accompanied by external resource Focuses on the mission, the systems and procedures set up by the MFI http://www.mfc.org.pl/ The Smart Campaign’s client protection assessment Audit Assessment of the application of client protection measures in an MFI’s processes, procedures and activities http://www.smartcampaign.o rg/page-daccueil Social rating Rating If an MFI has no internal auditor, it can request a social rating, which is even more external than an audit. Each rating agency has its own standardized methodology http://www.ratinginitiative.org MIX Market social performance reporting Reporting This is a reporting framework, but an MFI can use it as a guide to identify certain standards assessed internationally to measure the social performance of an MFI and to review the core components of a social audit http://www.themix.org/social- performance/Indicators
  • 115. ©CGAP/World Bank RM6-H3 Technical Materials – MFI Audit Information Center Excerpted from the CGAP web page: http://www.microfinancegateway.org/section/resourcecenters/auditcenter/ The Role of the Internal Auditor The internal auditor conducts the internal audits ( ) of the MFI based on directions from management and the board. Several key factors help to improve their effectiveness. These include: • Independence, • Adequate resources, • Senior management support, and • Full understanding of their role and responsibilities. Generally, the internal auditor's ( ) activities revolve around the several areas within the institution. These include: • Financial audits, where the auditor analyzes the economic activity of the MFI, reviewing for accuracy, timeliness, and completeness. • Compliance, which includes a comprehensive review of financial and operating controls to assess their conformity with written policies, laws, established standards, regulatory requirements, donor agreements. • Operational, which includes a comprehensive review of portfolio, savings, cash and other operations, assessing efficiency and effectiveness, as well as risk of the various activities. • Fraud investigations are another important aspect of the work of the internal auditor. A fraud investigation is a confidential review of the circumstances surrounding misconduct either on the part of clients or staff. The internal auditor, based on evidence derived from audit activities, often initiates these investigations. They are usually full-time employees of the MFI, though sometimes MFIs will contract external auditors to perform the internal audit function. This will impair the independence of the auditor or firm relative to the annual audit. Internal auditors can play a critical role in improving the efficiency of an external audit by obtaining guidance from the external auditors and collecting audit evidence in a manner that can be used with confidence. The relationship between internal and external auditors can become strained at times. Management should ensure a fruitful and collaborative relationship between these parties. WHAT IS THE PURPOSE OF AN INTERNAL AUDIT? According to the Institute of Internal Auditors (IIA) ( ), the purpose of an internal audit ( ) is to evaluate the adequacy and effectiveness of a company's internal control system and determine the extent to which assigned responsibilities are actually carried out. The IIA's five audit scope standards outline the internal auditor's responsibilities: 1. Review the reliability and integrity of operating and financial information and how it is identified, measured, classified, and reported. 2. Determine whether the systems designed to comply with operating and reporting policies, plans, procedures, laws, and regulations are actually being followed.
  • 116. 3. Review how assets are safeguarded and verify the existence of assets as appropriate. 4. Examine company resources to determine how effectively and efficiently they are utilized. 5. Review company operations and programs to determine whether they are being carried out as planned and whether they are meeting their objectives. The internal auditor is usually an employee of the organization being audited and follows management's requirements of the audit. AT WHAT POINT SHOULD WE HIRE AN INTERNAL AUDITOR? The MFI should consider hiring an internal auditor when it is economically feasible and operationally beneficial to do so. From a purely direct cost perspective, some argue that an MFI should hire an internal auditor once it has 100 employees. At this point, it is argued, an MFI will be easily able to cover the costs incumbent in the new position. Others argue for hiring the initial internal auditor much earlier. Their arguments center around capacity building and strengthening internal controls early in the life of the MFI to protect it from large problems. Their considerations include: • It takes time to develop the audit function and an MFI should have the internal auditor in place to oversee it as you build their capacity. • It takes time to build the capacity of the internal auditor. They should have full capacity when the institution really needs their oversight rather than searching for someone when the institution is already overdue in terms of institutional needs. • MFIs tend to enter a new phase of growth at about 3,000-5,000 clients, requiring a reassessment of policies and internal controls. It helps to have an independent internal auditor to focus on their development without vested interests. • MFIs often provide a great deal of independence to their field staff and elevate supervisors from the credit officer staff. Thus, independent staff are often weakly supervised. The internal auditor can provide an important oversight to this operational structure. • When major control problems occur early in a program's life it can create serious problems for future growth. An early internal auditor can help detect and avoid such problems before their impact is excessive on the institution. An MFI, using a group- or individual-based methodology, may have staff servicing between 5,000 and 20,000 clients, once there are 100 staff members. Much of this work is done independently and controls must be strong and frequently reinforced. This requires the expertise of an internal auditor. An appropriate approach might be to hire a junior internal auditor (at least one year audit experience) at about 3,000 clients and a senior internal auditor at about 10,000 clients. This varies significantly depending on the structure of the MFI. In general, the more decentralized the activities, the sooner you need an internal auditor. If having an internal auditor can eliminate 1/3 to 1/2 of the work that is needed by the external audit firm, and the external audit costs $10,000, then an annual salary of $3,333 to $5,000 may be justifiable. Explicit conversations with the external audit firm can help in identifying cost savings attributable to the internal audit function. Do not just expect that by hiring an internal auditor that costs of the audit will decline rapidly if you have not had this conversation beforehand. Occasionally, companies will hire audit firm staff from the audit firm they work with in order to staff their internal audit position. If the MFI feels that one of the members of the external audit
  • 117. ©CGAP/World Bank team would make a good employee, it is important that this fact not be discussed until after the audit report is issued for the year the staff member is working on the audit. HOW DO THE ROLES OF MANAGEMENT AND THE BOARD DIFFER REGARDING THE INTERNAL AUDIT? Roles of management and the board with respect to the internal auditor: Management • Establish and follow policies and procedures, then install necessary controls in the MFI • Day-to-day supervision • Establish an environment that says controls are important to the MFI • Facilitation of access to all areas of institution • Conduct regular unannounced spot checks • Requests special audits • Provides necessary resources • Receives copies of audit reports • Enforces response provision by affected departments/staff • Oversees correction/implementation of IA recommendations Board The ultimate authority regarding the internal audit function is the Board of Directors. • Oversight of IA function. Board has the ultimate responsibility to monitor risk and ensure that an appropriate system of control is in place. • Oversees job description preparation and IA hiring process, and finalizes selection of senior internal auditor. • Board should establish a functioning audit committee. Establish procedures. Designates a person (audit committee chair) to act as board contact for internal auditor. Board should ensure that the internal auditor reports to the audit committee. Reporting requirements should be established and followed. • Assesses performance of IA. • Conducts periodic salary assessments. • Instill in management importance of control. Recognize that management can be part of the problem. Mediates issues between management and the IA. • Receives IA report at board meetings. • Approves annual IA work plan. • Assigns special audits. WHAT SHOULD REGULATORS/SUPERVISORS DO? • Their focus is compliance. • Make sure you understand what the requirements are, and keep up to date. • Develop good relations with them; they can help. • Note well that regulators’ requirements may not be sufficient to manage your risk.
  • 118. RM6-H4 Control Sheet INTERNAL CONTROL ASSESSMENT QUESTIONNAIRE CASH FLOW MANAGEMENT PROCEDURES OFFICE: ________________________________________ DONE BY: ________________ DATE: ______________________ Controls Response to Controls References Yes No N/A A. Make sure functions are sufficiently separate For review 1 Cash operations 2 Securities holding 3 Holding of checks from clients 4 Authorization for advances to employees 5 Holding of checkbooks 6 Preparing checks 7 Journal voucher approval 8 Check signing 9 Journal voucher cancellation 10 Mailing out checks 11 Cash journal operations 12 List of checks received by mail 13 Check or cash deposits 14 Loan account operations 15 Savings account and account payable operations 16 Receiving bank statements 17 Preparing bank reconciliation procedures 18 Access to general accounting 19 Repayment ledger operations 20 Preparing late letters 21 Updating loan file/register Comments Date : ____________________________ Approved: ______________________
  • 119. ©CGAP/World Bank RM6-H5 Sample Criteria for Social Audits (Based on the SPI Tool) For questions pertaining to MFI internal control on client protection and/or social performance, see the complete SPI tool at www.cerise-microfinance.org Targeting the poor and excluded Criterion 1 – Geographic targeting Evaluates whether the MFI provides services in poor or isolated areas, or in areas where no other formal financial services are available. Criterion 2 – Direct/individual targeting Evaluates whether the MFI selects clients based on poverty and/or exclusion criteria, and whether it limits access for people who are considered as less poor or excluded. Criterion 3 – Pro-poor financial methodology Examines the specific design of services that target the poor or excluded: implementation of service terms and conditions specifically adapted for this poor or excluded public, with the idea that the untargeted population will not seek out this type of services, which wouldn’t be adapted to their needs. This can be done through the forms of guarantee, loan and deposit size, etc. Products and Services Criterion 1 – Range of traditional services Evaluates the diversity of the traditional services (savings and loans) offered by the MFI. From the client perspective, product diversity is essential. Diversity implies a variety of terms and conditions adapted to different financial needs. Assesses the range of products offered by the MFI. Criterion 2 – Quality of services Evaluates quality through objective and verifiable proxies. Quality of services is an important part of performance, but difficult to measure objectively. Criterion 3 – Innovative and non-financial services Evaluates the MFI’s efforts to adopt innovative approaches and adapt its services to a wide range of client needs. Benefits to clients Criterion 1 – Economic benefits to clients Evaluates the systems designed to promote and measure improvement in clients’ economic situation. An MFI may monitor economic changes to the household, reduce its operational costs, make sure its loan officers and staff focus on clients’ needs, or share profits with clients. Criterion 2 – Client participation Analyzes to what extent clients are involved in decision-making (at the client level and institutional level). Microfinance is often associated with client participation. Many MFIs strive for proximity to clients and well-adapted products in view of engendering development. Criterion 3 – Social capital/client empowerment Assesses activities designed to build clients’ social capital, i.e., activities that reinforce social ties and client capacities, such as group formation, collective action, working together to reach common goals, fostering links with other development programs and facilitating access to previously inaccessible services. Stronger
  • 120. social ties can create new opportunities for clients, greater mutual protection against economic and social hardship, and improved ability to cope with crisis. Dimension 4: Social responsibility Criterion 1 – Social responsibility to employees Evaluates the MFI’s working conditions. Human resources have often been slighted in microfinance, with emphasis on client services and cost-effectiveness instead. This criterion is often essential to maintaining high-quality, well- trained and motivated employees. Criterion 2 – Social responsibility to clients Evaluates some principles of consumer protection widely accepted in the microfinance sector and promoted by the Smart Campaign. The principles concern overindebtedness, transparent communication about prices, collection practices, staff conduct, complaint procedures and client data confidentiality. Criterion 3 – Social responsibility to the community and the environment Evaluates the MFI’s actions in terms of local economic, social and cultural development as well as environmental protection.
  • 121. ©CGAP/World Bank RM6-H6 SCORING TOOL FOR A CLIENT PROTECTION ASSESSMENT, JAN 2013 VERSION Client Protection Principle Standard Indicator Client Protection Principle 1: Appropriate Product Design and Delivery Channels The FI designs products that are appropriate to client needs and do no harm The FI designs products that are appropriate to client needs and do no harm. It does not offer products that produce negative value for the clients. The FI has a policy describing acceptable pledges of collateral; Has clear guidelines for how collateral is registered and valued. The FI seeks client feedback for product design and delivery The FI investigates reasons for clients drop out. The FI uses client feedback to inform product development and improve existing products (client feedback can be informal). The FI does not use aggressive sales techniques The FI does not use high pressure/ aggressive sales techniques. Does not force clients to sign contracts (for credit, no forced signing of any individual borrower or group member, or any guarantor). Client Protection Principle 2: Prevention of Over- indebtedness The FI conducts appropriate client repayment capacity analysis before disbursing a loan The FI policies support good repayment capacity analysis. The loan approval does not rely solely on guarantees (whether peer guarantees, co-signers or collateral) as a substitute for good capacity analysis. [individual lending] Repayment capacity analysis is done for every loan. [group lending] The group formation and loan approval process ensure the prudent self-selection of members, with emphasis on the concept of solidarity payment. The FI's repayment capacity policy is adequately disseminated among staff, considering the staff growth and turn-over. The FI's repayment capacity policy is uniformly used in the practice. The FI performs a repayment capacity analysis at each loan cycle, even if simplified for secondary aspects at loan renewal. For clients with informal revenues and/or non consumption loans (most cases), the repayment capacity analysis is based on a client visit (performed by the loan officer or delegated to the group/village members). The FI verifies the information consistency through cross-checks. For clients with a salary asking for a consumption loan, a client visit is not required.
  • 122. Client Protection Principle Standard Indicator Client Protection Principle 2: Prevention of Over- indebtedness The FI incentivizes quality loans Regular reports on PAR and write-offs are produced and reviewed by the FI's management. Reasonable portfolio quality is maintained over time. If there is poor long term quality of loan portfolio, and linked to over-indebtedness, corrective measures have been put in place. The FI's productivity targets and incentive systems value portfolio quality at least as highly as other factors, such as disbursement or client growth. The FI's productivity targets and incentive schemes are reasonable as compared to the industry benchmark (parameters and proportion of fixed/variable remuneration). If PAR is over 10% at the level of the MFI, bonuses are offered to loan officers able to decrease PAR below 10%. The FI uses credit bureau and competitor data, as feasible in local context [credit bureau] The FI policies include clear consultation and sharing of client data (for all loan cycles). [credit bureau] The FI systematically reviews client data from the credit bureau (for borrower current debt levels and repayment history) to assess the client repayment capacity prior to disbursement at each loan cycle. The FI also systematically reports client data to the credit bureau. [credit bureau] [group lending] Groups access to up-to-date data from the credit bureau regarding borrower credit history: group members are provided with the credit bureau credit checks done on other members. [no credit bureau] Policies include clear consultation and sharing of client data (for all loan cycles), with competitors, as feasible in local context. [no credit bureau] The FI regularly consults with and reports client data to competitors (informal data exchanges consistent with legal limitations), as feasible in local context. The FI has a supervisory system in place to ensure that the credit bureau or competitor data is effectively used to inform credit analysis and decisions.
  • 123. ©CGAP/World Bank Client Protection Principle Standard Indicator Client Protection Principle 2: Prevention of Over- indebtedness The FI Management and Board is aware of and concerned about the risk of over-indebtedness The FI's management and Board of Directors show awareness and concern about the risk of client over-indebtedness, and monitor it. In high risk markets, stronger efforts are required. Management and Board of Directors define what is high-risk. They review relevant market level information (relevant to the current or planned operational area of the financial institution). The FI's internal audit department monitors that policies to prevent over-indebtedness are applied The FI's internal audit and/or internal controls department verifies the compliance with the policies and systems to prevent the risk of client over-indebtedness. The FI's internal audit and/or other departments (except for credit and/or collections departments) visit a representative sample of clients each year. The FI's MIS regularly provides information on rescheduled loans. The FI avoids dangerous commercial practices (i.e., avoids combining loan products to meet the same need, or restricting the loan use; sets prudent limits to allow for the renewal of a loan in case of early repayment; sets guidelines for appropriate rescheduling policies) [group lending] The FI has a policy that avoids parallel loans within the MFI (i.e., combining loan products to meet the same need, or restricting the loan use). [group lending] The FI has prudent limits to allow for the renewal of a loan in case of early repayment. The FI has specific procedures to actively work out solutions (i.e., through workout plan) for rescheduling loans/ refinancing/ writing off on an exceptional basis for late clients who have the “willingness” to repay but not capacity to repay, prior to seizing assets.
  • 124. Client Protection Principle Standard Indicator Client Protection Principle 3: Transparency The FI fully discloses cost and non-cost information The FI fully discloses to the clients all prices, installments, terms and conditions of all financial products, including all charges and fees, associated prices, penalties, linked products, 3rd party fees, and whether those can change over time. The FI clearly presents to clients the total amount that the client pays for the product, regardless of local regulations (including in the absence of industry-wide requirements). The FI participates in the MFTransparency project (or similar industry project, if applicable). The FI communicates proactively with clients in a way that clients can easily understand The FI has effective communication. Staff communicates in such a manner that clients can understand the terms of the contract, their rights and obligations. Staff communicates with techniques that address literacy limitations (e.g., materials available in local languages). The FI contracts contain simple language and no fine print (figuratively or literally). A clear facts summary page is given if the legally necessary contract is deemed too technical for the clients. The FI avoids using pricing mechanisms that create confusion on the total costs. The FI uses a variety of disclosure mechanisms The FI uses at least two different communication channels for disclosing clear and accurate information about the product: written and verbal (to address literacy limitations). The FI discloses pricing information in public domain. The FI leaves adequate time for client review and discloses at multiple times The FI communicates all information related to the product (terms, conditions, etc.) to clients before signing. The FI gives clients adequate time to review the terms and conditions of the product, ask questions and receive additional information prior to signing contracts. The FI staff is available to answer questions. The FI provides accurate and timely account information The FI gives clients a hard copy of all documents signed by clients (including, but not limited to the contract) with all terms and conditions. The FI ensures that there are no blank terms in all documents signed by clients (including, but not limited to, contracts) – they must be completely filled out. [group lending] Each client receives a contract, and/or an individual pass/book or payment book with contact terms and signature (even if the contract is between the group and the financial institution). The FI regularly gives clients clear and accurate information regarding their accounts (e.g., account statements, receipts, balance inquiries, proof of payment for loans). The FI provides clients with updated balances on request.
  • 125. ©CGAP/World Bank Client Protection Principle Standard Indicator Client Protection Principle 4: Responsible Pricing The FI offers market-based, non- discriminatory pricing The FI offers market-based, non-discriminatory pricing. The FI’s efficiency is in line with its peers The FI has efficiency ratios aligned with peers. The FI does not charge excessive fees The FI's pre-payment penalties, account closure fees, transaction fees or other penalties are not excessive. Client Protection Principle 5: Fair and Respectful Treatment of Clients The FI culture raises awareness and concern about fair and responsible treatment of clients The FI clearly spells out in a Code of Conduct (i.e., in Code of Conduct, Code of Ethics, Book of Staff Rules) the organizational values and standards of professional conduct that are expected of all staff. The FI's Code of Conduct has been reviewed and approved by the Board. The FI's staff signs a document by which they acknowledge that they will abide to the standards of professional conduct and not engage in the prohibited behaviors mentioned in the Code of Conduct. The FI has defined in specific detail what it considers to be appropriate debt collection practices The FI clearly spells out in a Code of Conduct (i.e., in Code of Conduct, Code of Ethics, Book of Staff Rules) the specific standards of professional conduct that are expected of all staff involved in collection (including third party staff). The FI does not endorse a policy of zero tolerance for PAR. The FI's policy guarantees that clients receive a fair price for any confiscated assets; Has procedures to ensure that collateral seizing is respectful of clients' rights; Offers an explanation of the role of guarantors. In case collateral is kept in the financial institution premises, procedures are in place to ensure its security. The FI's HR policies (recruitment, training) are aligned around fair and responsible treatment of clients The FI staff is recruited and trained in line with the Code of Ethics. The FI staff is trained in line with the Code of Ethics: initial training includes a review of the Code of Conduct and a discussion with new staff on the situations where the compliance with the Code might be a challenge. The FI's collection practices are covered during the initial training of all staff involved in collections (loan officers, collections staff, and branch managers). In particular, collections staff receives training in acceptable debt collections practices and loan recovery procedures.
  • 126. Client Protection Principle Standard Indicator Client Protection Principle 5: Fair and Respectful Treatment of Clients The FI implements policies to promote ethics and prevent fraud The FI managers and supervisors review ethical behavior, professional conduct and the quality of interaction with customers as part of staff performance evaluations. The FI's procedures describe the sanctions that will be taken in case of violation of the Code of Conduct or collections policies (harassment, discrimination, theft, corruption, kickbacks, etc.), that can result in termination of employment. The FI staff is informed of penalties for non-compliance with Code of Conduct or collections policies. There is sufficient monitoring of the practices (by operations department, internal audits), to provide education or sanctions as necessary. The FI sanctions cases of violations of the Code of Conduct or collections policies (identified by management, internal audit or thanks to an efficient complaint mechanism) according to the set rules. The loan officer base pay is at least a living wage. In selection and treatment of clients, the FI does not discriminate inappropriately against certain categories of clients The FI has a non-discrimination policy. The FI's rescheduling policies are applied in a consistent and fair way across the financial institution. In-house and 3rd party collections staff are expected to follow the same practices as the FI staff The same training is provided to third party collections staff in case collection is subcontracted and they are held to the same standards as the FI staff. The FI informs clients of their rights The FI informs clients of the main aspects of the Code of Conduct. Information includes clients’ right to complain and how to submit a complaint. [group lending] The FI informs clients about procedures about collateral seizing. The FI documents and communicates to clients loan policies and procedures for rescheduling credit.
  • 127. ©CGAP/World Bank Client Protection Principle Standard Indicator Client Protection Principle 6: Privacy of Client Data The FI has a privacy policy and appropriate technology systems The FI has a written privacy policy that governs the gathering, processing, use, distribution and storage of client information. The policy covers current staff and those who leave the organization and information leakage. The FI's privacy clause is in plain language and not hidden in legalese or contract. The privacy clause stands out and is not in small print. The FI's Staff Book of Rules and/or Code of Conduct penalize misuse or misappropriation of client data. The FI has penalties for exposing or revealing client data to third parties without prior client consent. The FI's has systems in place (including secure IT systems) to protect the confidentially, security, accuracy and integrity of customers’ personal and financial information. The FI's IT systems in place have different password protection systems that are changed periodically with different access levels according to the position of the staff member accessing the data. If files are stored in physical format, the FI stores the client files in a secure location, within the branch or headquarters that has 1) restricted access only to selected persons; 2) is kept in a facility secure from arson or theft. The FI informs clients about when and how their data is shared and gets their consent The FI has a policy (included in the training manual) to describe how to talk to clients about this topic. Requires that the FI present clearly to clients how it will use and share their client data. The FI communicates well the privacy policy to staff. The FI trains its staff to protect the confidentially, security, accuracy and integrity of customers’ personal and financial information. The FI informs customers how their information will be used internally and, when applicable, when it will be shared externally. Prior to loan disbursement, the FI's staff reads the privacy portion of the contract to the client. The FI's contracts include a data privacy clause, describing how and when data can be shared (in addition to credit bureau information). The FI requires written client consent to share personal information with any external audience, including credit bureaus, insurance agents, collections companies, and others. The FI requires written client consent to use of information or photos in promotions, marketing material and other public information. [group lending] The FI trains group leaders to safeguard group member information, particularly saving account balances, dates of loan disbursement, and information on repayment problems.
  • 128. Client Protection Principle Standard Indicator Client Protection Principle 7: Mechanisms for Complaints Resolution The FI's clients are aware of how to submit complaints The FI informs clients about: • their right to complain; and • how to submit a complaint to the appropriate person (or where they could find that information if they don’t know it first-hand). The FI's staff is trained to handle complaints The FI's dedicated staff induction training includes a session on how the complaints mechanism works, the loan officer’s role in the process and how to appropriately manage complaints until they are completely resolved (how to handle complaints and refer them to the appropriate person for investigation and resolution). The FI's complaints resolution system is active and effective The FI's policies include how to handle complaints. They include how to inform client about the complaint mechanism. The FI has an effective, appropriate system in place to resolve complaints in a timely way. The FI has assigned someone to handle complaints and refer them to the appropriate person for resolution, at least on a part-time basis. The FI has a clear reporting system in place to ensure that complaints from branches/POS reach complaints handling staff. The complaints mechanism is actively used by clients. The FI's clients receive a timely response to their issues, within a month of complaint submission. The FI's internal audit or other monitoring systems check that complaints are resolved satisfactorily. The FI uses client feedback to improve practices and products The FI uses information to correct mistakes, omissions and activities that may be harmful to the client. The FI uses complaints information to improve the organization's operations/products/ communications.
  • 129. ©CGAP/World Bank RM7-H1 Audit Information Needs Worksheet THINK ANSWER DISCUSS 1. What information would you like to get from an audit of your MFI? • • • • • • 2. Do your audits currently deliver this information? 3. Why do you think audits fail to deliver this information to your MFI? 4. Prioritize the list you generated in question 1. Rank what information you would most like to get, to the least needed. • • • • • •
  • 130. ©CGAP/World Bank RM7-H2 Terms of Reference Exercise Instructions: The Terms of Reference (ToR) for MFI XYZ are attached below. Identify 5 items that are omitted or procedurally incorrect in the following sample ToR. Also identify at least 5 items that impress you as important for inclusion in a ToR. 1. Introduction 1.1 The board of directors of MFI XYZ invites your firm to submit technical and financial proposals for audit of MFI XYZ. Proposals are invited for two assignments, one covering an annual financial statement audit and one covering agreed-upon procedures. The proposal could form the basis for future negotiations and ultimately a contract between your firm and MFI XYZ. The contract would be for fiscal year 2000. 1.2 The contracts for these assignments may be renewable upon their completion for a further period, or advertised again, at the discretion of MFI XYZ. 1.3 The cost of preparing a proposal and conducting the pre-proposal survey or any meetings for oral presentations shall be borne by your firm, regardless of the conduct or outcome of the solicitation process. Proposals must offer services for the total requirements: proposals offering only part of the services will be rejected. 1.4 At any time before the submission of proposals, MFI XYZ may, whether at its own initiative or in response to a clarification requested by an invited offeror, modify the solicitation documents by amendment. The amendment will be conveyed in writing or by cable, telex, or facsimile to all invited offerors and will be binding on them. MFI XYZ may, at its discretion, extend the deadline for submission of proposals. 1.5 All proposals must remain valid and open for acceptance for a period of ninety (90) calendar days after the date specified for receipt of proposals. 2. Background 2.1 MFI XYZ was founded in 1985. XYZ has expanded its operations to include 13 branches in 2005, with branches in remote rural areas. Further details about XYZ’s operations, including a copy of the previous year’s unaudited financial statements, are provided in attachment A. 2.2 XYZ has an audit committee headed by its financial manager. The director of finance will have responsibility for day-to-day interface with the external auditor and will supply the external auditor with necessary information. 3. Objective of the external audit 3.1 The objective of the external audit of MFI XYZ’s financial statements is to enable the auditor to express a professional opinion on the financial position of MFI XYZ at the end of the three fiscal years (2003, 2004, and 2005) and on the funds received and expenditures for the accounting period ended 31 December for each fiscal year. 4. Scope of the external audit 4.1 The external audit will be carried out in accordance with International Standards on Auditing (ISAs), and will include such tests and controls as the auditor considers necessary under the circumstances.
  • 131. ©CGAP/World Bank 4.2 The auditor should pay special attention to key account balances, particularly the loan portfolio and loan loss provisions, cash and equivalents, and fund balances. 4.3 Given XYZ’s large number of loans, the auditor is encouraged to use statistical sampling methods to ensure that a representative sample is tested. 4.4 As part of the audit process, the auditor should visit a representative number of branches each year. It is expected that the auditor will have visited all branches in a two-year period. 4.5 For the purposes of testing, the auditor is required to visit a representative number of clients and check that they are applying the client protection principles, that the proposed products meet their needs, and that their profile corresponds to the MFI’s targeting objectives. 5. Use of CGAP handbook 5.1 The auditor must become familiar with both volumes and the annexes of External Audits of Microfinance Institutions: A Handbook, produced by CGAP Washington, D.C., which covers key issues relevant to the audit of microfinance institutions. MFI XYZ will provide copies of the handbook to interested bidders at their request. The auditor will be required, before executing the engagement agreement, to specify in writing any major elements of the handbook’s guidance that the auditor does not believe should be implemented due to issues of practicality, cost, or conflicting authoritative guidance. 5.2 To fulfill the requirements in 4.5, the auditor should be familiar with standard social audit tools (knowledge of tools like CERISE-SPI or Microfinance Centre-QAT, MISION/CRS and/or the Smart Campaign methodology to assess the client protection principles, for example; guides for these tools are available at their websites). 6. Financial statements and other information 6.1 MFI XYZ prepares its financial statements according to local accounting standards. XYZ will provide to the external auditor the following financial statements: • Income statement • Balance sheet • Cash-flow statement 6.2 The financial statements of XYZ will be prepared in conformity with the requirements of attachment B. While the accuracy of the information requested in this attachment, and the reasonableness of procedures used to derive it, are primarily the responsibility of management, the auditor’s review and opinion will extend to all of the disclosures required in that attachment, whether they appear in the main body of the financial statements or in the notes to those statements. 6.3 The auditor will be given access to all legal documents, correspondence, and other information associated with MFI XYZ and deemed necessary by MFI XYZ. 7. Prior-year audits 7.1 MFI XYZ has not been audited in previous years. Thus, it is crucial that the external auditor closely examine all the opening balances for this fiscal year. 8. Audit opinion 8.1 The external auditor is required to provide an opinion on the financial statements of MFI XYZ in accordance with ISAs.
  • 132. ©CGAP/World Bank 8.2 The external auditor is required to provide an opinion on how well MFI XYZ’s procedures and activities align with its social objectives. 9. Management letter 9.1 In addition to the audit report and opinion, the auditor will be required to prepare a management letter. In the management letter the auditor should: • Comment on the accounting records, systems, and controls that were examined during the audit, including but not limited to systems for handling and recording cash; adherence to policies and procedures in the loan approval and disbursal process; segregation of duties in loan and cash areas; procedures for loan loss provisions; proper recording and cut-off of payables and accruals; and so on. • Comment on other specific systems and processes, such as the administration system and management information system, particularly at the branch level. • Recommend improvements where specific weaknesses are identified in any of the above systems and controls. • Communicate any other matters identified during the audit that might significantly affect the future implementation of MFI XYZ’s function, or that the auditor considers pertinent. • Comment specifically on the appropriateness and consistency of application, of policies for loan loss provisioning, loan write-offs, allocation of indirect costs between financial and nonfinancial services, and, where applicable, cessation and reversal of accrued but unpaid interest on nonperforming loans. • Comment specifically on the appropriateness and consistency of the policies and strategies in place for achieving MFI XYZ’s stated social mission. 10. Agreed-upon procedures 10.1 In addition to the financial statement audit, the external auditor is required to perform the agreed- upon procedures specified in attachment C [perhaps developed along the lines of annex D of the CGAP Audit Manual and submit a separate report]. 11. Communications with the financial manager 11.1 The selected auditor will be required to present his or her audit approach and planned audit program to the financial manager and perhaps the social performance monitoring committee (if none, then the person(s) in the operational or the Research/Development department who is(are) in charge of monitoring the MFI’s operations) before starting the audit. 11.2 If external auditors discover any errors, irregularities, or fraudulent acts during their work, they are required to communicate these immediately to the financial manager. 12. Pre-proposal survey 12.1 Prospective bidders must conduct a pre-proposal survey at their own cost. A team from the audit firm should spend a minimum of two full days at headquarters reviewing key systems and processes, as well as visit one or more branches. The impressions and finding from this survey should be incorporated into the audit proposal.
  • 133. ©CGAP/World Bank 13. Additional information and proposal structure 13.1 Proposals must incorporate the following information, be organized into the four sections indicated, and be no more than [provide number] pages in length. 13.2 Understanding of the work. Demonstrate understanding of the MFI industry, MFI XYZ, and the nature of the work. 13.3 Audit approach. Describe the proposed approach, timing of tasks, and quality control procedures. 13.4 Audit team. For each member of the audit team, describe roles in the engagement and approximate level of effort. For each licensed auditor proposed for this engagement, provide a separate attachment with name and brief summary of qualifications and experience, including: • Education and qualifications • Memberships in professional audit or accounting associations • Details of audit and accounting work experience, including experience in microfinance • Written and spoken fluency in English or other languages 13.5 Firm experience. Provide the following information at a minimum: • Description. State the legal nature of the firm (sole proprietorship, partnership). State the total number of auditors (excluding support staff) who are owners or employees of the firm. Indicate how many of these are licensed auditors. Indicate services provided by the firm and the approximate percentage of auditing services in the firm’s total fee income. State whether the firm has any association or affiliation with any other professional firm as auditors, accountants, consultants, or lawyers, either in the country or abroad. If so, provide details. • Financial institutions experience. Discuss the firm’s experience with financial institution audits. • Independence of the firm. State whether any of the individuals listed above (or spouses or close relatives) are employed by, serve as a director of, or have any financial or business relationship with MFI XYZ. If so, provide details. • Audit practice. Attach a separate list of the firm’s main clients (particularly any microfinance institutions, financial institutions, or nonprofit service organizations) in the past five years. Specify the type of service (social or financial auditing, consulting, accounting) provided to each client. State whether the firm has performed audits jointly with international audit firms. If so, provide details. • Audit standards and procedures. State whether the firm adheres to international auditing standards and local auditing standards. Describe how the firm’s audit procedures and methods ensure that these standards are followed. State whether the firm’s audit procedures and methods are recorded in a manual or similar document. State briefly how employees are supervised. State briefly the internal procedures used to ensure high-quality work and services. 14. Oral presentation 14.1 As part of the proposal process, the three bidders with the highest scores will be invited to present their proposal in person to the audit committee, and to respond to questions from the committee. In the proposal, bidders should discuss their availability and willingness to make such a presentation. All members of the proposed audit team will be required to attend the proposal presentation.
  • 134. ©CGAP/World Bank 15. Fees 15.1 Each bidder is required to submit a separate cost proposal for this engagement under separate cover. A separate cost proposal is also required for the agreed-upon procedures. The format for the cost proposal is provided in attachment D. 16. Submission and deadlines 16.1 The technical proposal and cost proposal should be submitted to MFI XYZ no later than _________________. 16.2 All proposals and correspondence should be addressed to: Financial Manager MFI XYZ Street address 16.3 Proposals should be mailed or sent by courier. 17. Proposal scoring 17.1 No mathematical weighting will be used in scoring proposals.
  • 135. ©CGAP/World Bank Attachment A Details about MFI XYZ’s operations Copy of previous year’s unaudited financial statements Attachment B Requirements for content and preparation of financial statements CGAP disclosure guidelines attached Attachment C Agreed-upon procedures As needed (not included) Attachment D Format for the cost proposal 1. Fees Total Position Hours Rate Cost Partner Senior manager Manager Senior accountant Staff 2. Expenses Total Travel Per diem Communications Report production Other 3. Grand Total
  • 136. ©CGAP/World Bank RM7-H2sol Suggested Improvements for ToR Exercise* Draw a “T” on flipchart paper. Questionable items/Items excluded Good/Items included One-year contract; why not three? Background items – nature of business, branch network, number of staff, overview of operations, etc. Financial Manager is contact vs. board. The Financial Director is more likely to head the audit committee. • ISAs used as a basis for auditing • Introduction was good Sample MFI shouldn’t restrict information to only the information they want to supply the auditor. Loan portfolio identified as a specific area Client protection identified as a specific area Timing section is excluded. Audit team qualifications requested Microfinance experience is omitted. Two-day pre-proposal investigation Date audit is due is not included. Oral presentation Financial statements should have been prepared. • Cost-structure style budget (not just one number) • Client visits/client protection/aligning results with social mission required • Review of financial statements • Comprehensive scope of work Period of audit not consistent Management letter *Items listed do not represent all possible improvements, just the most important. Roles of Management vs. Board Board Management • Set ToR • Agree to scope of the audit, including areas of focus (you cannot limit the scope but you can expand) • Review proposals • Select the external auditor • Research audit firm candidates • Provide prospective auditors with information needed to create a quality proposal, including significant time when needed
  • 137. RM7-H3 MFI 1 (July 2008) – Sample Social Audit Summary The Social Performance Indicators (SPI) tool examines an MFI’s organizational procedures based on information from within the MFI, to establish the extent to which the MFI has the means to achieve its social goals: Who are its clients, and how are they targeted? How well adapted are the products to client needs? What are the advantages for them, specifically in terms of improving social capital? What is the institution’s social responsibility? The following assessment was done in July 2008 on MFI 1. Key MFI data1 Number of active clients: 19,895 Number of staff: 46 Number of branches: 11 2 PAR30: 22% Status: Gini Inequality Index (2007): 47, 3% Zone of intervention: urban and rural GDP/inhabitant (2007): US$453 Year created: 1998 Annual interest rate: 54% and 36% Main lending methodology: solidarity-group lending Operational self sufficiency 3 : N/A Number of loans disbursed: 40,400 Return on assets: N/A Active/Gross loan portfolio: US$2,577,167 Return on equity: N/A Average loan outstanding: US$176 MFI 1’s mission and social strategy MFI 1’s mission is to “give people in urban and rural areas who are excluded from the conventional financial sector access to quality financial services.” The program’s original title was “Decentralized Project for the Rural and Urban Informal Sector”. 1 Source: MFI Dashboard, June 1, 2008 2 Including one being opened, 3 that are still branches, and 2 are under construction, with recruiting ongoing 3 Pending closing of 2007 accounts
  • 138. RM7-H2 (page 2 of 5) SPI Results Results Summary Targeting the poor and excluded From a geographical point of view, MFI 1 was designed to address populations who work in urban or rural areas. According to the product datasheets, one of the conditions for loan access is having worked for at least a year. The idea is to serve highly marginalized areas as a priority. These areas are identified by a feasibility study. For individual targeting, however, MFI 1 bases its choices not on social or economic criteria, but on a number of characteristics of the products offered that enable priority access for the poorest people, such as solidarity- Results by dimensions Results by criteria
  • 139. group lending or limits on the loan amounts. However, the mandatory savings (20%) that are deducted from the loan increase the cost of the loan for the client, so it cannot be considered as a “social” guarantee. Adaptation of products and services to target clients This dimension is under development. MFI 1 offers only credit products at declining interest rates and with balloon payment. It provides no non-financial services or savings products. Adequate transparency in the activities is a guarantee given the propinquity between members and the organization. The survey shows that there is a concern for getting to know the clients, e.g. through feasibility studies and satisfaction surveys, but the quality is not sufficiently monitored due to the absence of reliable data (e.g. the dropout and jobless rates for members) in the Front Office’s management system. Improvement of social capital and client policy MFI 1 is still in the project phase and belongs collectively to its members, who control it through representatives for each branch/bank. So MFI 1 is run by a particularly democratic system. The quality of the system is guaranteed by mechanisms for training elected members, who help employees manage the activities. A strong point is that there are more than the required minimum of women in the representive bodies. However, the elected members do not yet entirely fulfill their targeted decision-making role. The MFI’s social responsibility Most of the main principles of good employee working conditions are provided for (canteen, convivial environment, etc.), even if there is not yet a tool to sound out the degree of satisfaction or stability. The Human Resources department is under development and has not been organized yet. MFI 1 provides members with life insurance that discharges the family from the debt in case of death, and even provides for debt rescheduling in case of disaster. Conclusion MFI 1 has several strong points in the quality of its services, the geographical targeting, and its unusual democratic governance.
  • 140. RM7-H4 Exercise – Analyze Sample Management Letter and Report Audit Committee Aspire MFI Manila In planning and performing our audit of the financial statements of the Aspire Microfinance Institution for the year ended 31 December 2006 (on which we have issued our report dated 15 September 2007), we considered its internal control structure in order to determine our auditing procedures for the purpose of expressing an opinion on the financial statements, not to provide assurance on the internal control structure. Such consideration would not necessarily disclose all matters in the internal control structure that might be material weaknesses under standards established by [the country’s professional body]. A material weakness is a condition in which the design or operation of the specific internal control structure elements does not reduce to a relatively low level the risk that errors or irregularities in amounts that would be material relative to the financial statements being audited may occur and not be detected within a timely period by employees in the normal course of performing their assigned functions. We noted no matters involving the internal control structure and its operations that we consider to be material weaknesses as defined above. We did note other matters related to the internal control structure, and certain other issues. Our comments are presented in the attached report. This report is intended solely for the information and use of the audit committee, management, and others within the organization. We will be pleased to discuss these comments with you and, if desired, to assist you in implementing any of these suggestions. (signature) Partner Big Four Audit Co. Attachment
  • 141. Aspire Microfinance Institution Report to management for the year ended 31 December 2006 Contents Internal audit function Cash Capital Various issues Internal audit function LACK OF FUNCTIONS As Aspire continues to grow both in terms of new branches and disbursed loans, it may prove difficult for personnel in the head office to effectively supervise operations as well as perform their own duties. It was noted that there is no internal monitoring of Aspire’s adherence to policies and procedures. Clients do not seem to be well informed about the loan terms and conditions. Some loan officers do not adhere to the conditions for assessing loan applications and requests for information from clients, creating the risk of overindebtedness in urban areas where Aspire MFI faces strong competition. Recommendation: Management should consider hiring Big Four Audit Company to conduct its internal auditing. Cash CURRENT ACCOUNTS Current accounts between the head office and branches are not being reconciled regularly. This shortcoming, which necessitates recording activity into suspense accounts to facilitate consolidation, is attributed to insufficient communication between offices. Recommendation: Current accounts should be reconciled semi-annually. BANK RECONCILIATIONS Included in the loan account reconciliation were two checks that were returned for insufficient funds on 29 December 2006 and had not been reversed in the records as of 31 December 2006. Recommendation: Bank reconciling items should be identified and promptly resolved. Any recurring reconciling items should be investigated by management. SEGREGATION OF DUTIES In some branches there is inadequate segregation of duties. For example, the same person handles the functions of loan officer and telephone receptionist. Recommendation: Aspire should properly segregate duties among their staff. Proper monitoring of adherence to policies and procedures is required. Capital CATEGORIZATION OF RESTRICTED AND UNRESTRICTED FUNDS Aspire’s funds are not categorized into restricted and unrestricted funds as required by the accounting standards promulgated by the Central Bank (Aspire’s regulatory authority). This point has been discussed with the senior management of Aspire, who have agreed to comply with recommended practice. Due to time constraints, the financial statement could not be reclassified according to this recommendation. Various issues UNRECONCILED DIFFERENCES All the branches had unreconciled differences. Recommendation: Accounts should be reconciled.
  • 142. Improved Management Letter and Report Audit committee Aspire MFI Manila In planning and performing our audit of the financial statements of the Aspire Microfinance Institution for the year ended 31 December 2006 (on which we have issued our report dated 15 March 2007), we considered its internal control structure in order to determine our auditing procedures for the purpose of expressing an opinion on the financial statements, not to provide assurance on the internal control structure. Such consideration would not necessarily disclose all matters in the internal control structure that might be material weaknesses under standards established by [the country’s professional body]. A material weakness is a condition in which the design or operation of the specific internal control structure elements does not reduce to a relatively low level the risk that errors or irregularities in amounts that would be material relative to the financial statements being audited may occur and not be detected within a timely period by employees in the normal course of performing their assigned functions. We noted no matters involving the internal control structure and its operations that we consider to be material weaknesses as defined above. We did note other matters related to the internal control structure, and certain other issues. Our comments are presented in the attached report. This report is intended solely for the information and use of the audit committee, management, and others within the organization. We will be pleased to discuss these comments with you and, if desired, to assist you in implementing any of these suggestions. (signature) Partner XYZ Audit Co. Attachment
  • 143. Aspire Microfinance Institution Report to management for the year ended 31 December 2006 Contents: Internal audit function; Loans; Loan loss provisions; Cash; Capital; Various policies Internal audit function LACK OF FUNCTIONS As Aspire continues to grow both in terms of new branches and disbursed loans, it may prove difficult for personnel in the head office to effectively supervise operations as well as perform their own duties. It was noted that there is no internal monitoring of Aspire’s adherence to policies and procedures. Clients do not seem to be well informed about the loan terms and conditions. Some loan officers do not adhere to the conditions for assessing loan applications and requests for information from clients, creating the risk of overindebtedness in urban areas where Aspire MFI faces strong competition. Recommendation: Management should consider establishing an internal audit function. This newly created function would not only provide management and the audit committee with a degree of assurance, it could also help with the annual external audit, thereby saving money. The staff needs to be better informed about procedures on loan disbursement and on analyzing repayment ability. Loans LOAN STATUS REPORTS In some cases loan status reports were not adequately checked and reviewed against loan officers’ records and borrowers’ passbooks. Thus errors could remain in accounting records for a long time without being detected. Recommendation: Debtor listings should be produced and checked periodically. They should be regularly checked by loan officers against borrowers’ passbooks, and any difference should be investigated promptly. Internal auditors (if an internal audit function is established; see above) should also perform such procedures during the normal course of their work. UNRECONCILED DIFFERENCES All the branches had unreconciled differences between loan tracking system balances and the general ledger. These differences were attributable to the method of apportioning repayments between principal and interest. Recommendation: The loan tracking system and the general ledger must be reconciled at least monthly. CREDIT MANUAL Aspire does not have a comprehensive credit manual covering the policies and procedures relating to its credit methodology. Recommendation: Aspire should consolidate all of its policies and procedures into one manual. This manual should be provided to all branches and all loan officers. Loan loss provisions
  • 144. ERRORS IN CALCULATION There were minor errors in the calculation of loan loss provisions. This appears to occur because there is little coordination between loan officers and branch accountants when determining the amounts to provision. Recommendation: The accounting department should be fully involved in the exercise of provisioning for doubtful accounts. A thorough review of accounts by the accounting department and valuations should be performed to ensure that provisions and write-offs of loans cannot be manipulated. Loan officers should not be responsible for establishing the provisions. Cash CURRENT ACCOUNTS Current accounts between the head office and branches are not being reconciled regularly. This shortcoming, which necessitates recording activity into suspense accounts to facilitate consolidation, is attributed to insufficient communication between offices. Recommendation: Current accounts should be reconciled monthly. BANK RECONCILIATIONS Included in the loan account reconciliation were two checks, amounting to X, that were returned for insufficient funds in August 2006 and had not been reversed in the records as of 31 December 2006. Recommendation: Bank reconciling items should be identified and promptly resolved. Any recurring reconciling items should be investigated by management. SEGREGATION OF DUTIES In some branches there is inadequate segregation of duties. For example, the same person handles the functions of loan officer and cashier. Recommendation: Aspire should properly segregate duties between those accounting for activities and those handling assets. Proper monitoring of adherence to policies and procedures is required. Capital CATEGORIZATION OF RESTRICTED AND UNRESTRICTED FUNDS Aspire’s funds are not categorized into restricted and unrestricted funds as required by the accounting standards promulgated by [authoritative body]. This point has been discussed with the senior management of Aspire, who have agreed to comply with recommended practice. Recommendation: Aspire should present its financial statements in accordance with the above requirements. Various policies COST ALLOCATION As indicated in the notes to the financial statements, Aspire allocates indirect costs between financial and nonfinancial services in the same proportion as total compensation of staff whose time is dedicated to one service or the other. While this method of allocation is not especially precise, it is reasonable under the circumstances, since it does not materially distort the costs of the respective services, and a more sophisticated system would be too costly for an institution of Aspire’s size. PORTFOLIO-RELATED POLICIES The terms of reference for the audit require specific comment on Aspire’s policies for loan loss provisioning, loan write-off, and reversal of accrued interest on nonperforming loans. These
  • 145. policies are described in notes 2 and 4 of the financial statements. We found them to be reasonable for Aspire’s circumstances, and consistently applied in practice. Recommendation: None.
  • 146. RM7-H6 Technical Materials – Why haven’t MFI external audits delivered the intended results?* • External audits are not clearly understood by management, board of directors, and donors. • Information systems and internal controls are weak, which make MFIs difficult to audit. • No standard set of guidelines is used for MFI financial statements. • Auditors are preoccupied with minimal compliance with auditing and reporting standards (instead of providing a product that would be valuable to the MFI/client). • Levels of quality, experience, and credibility of auditors vary. • MFI portfolio risks and management techniques are different from those of conventional banks, and are not amenable to ordinary audit tests. • Management and board are antagonistic toward audits. • Auditors don’t always understand the MFI’s business. Types of Audits SPECIAL-PURPOSE AUDIT • Assesses contractual compliance • Audits financial statement not prepared according to accepted accounting standards • Audits only specific items • Audits summarized financial statements AGREED-UPON PROCEDURES • Are the only way to get specific information for the MFI • Can include portfolio testing, MIS evaluation (although an MIS specialist may be a better person to perform this work), internal controls assessment • May detail tests and results; no opinion expressed in the report. MFI draws its own conclusions. Auditor does not agree to comment on results, only discloses the test results. FINANCIAL STATEMENT AUDIT • Assures stakeholders that statements fairly reflect the state of the business • Provides independent confirmation of its financial information • Is required by law or regulations • Examines, on a test basis, evidence supporting amounts and other disclosures in financial statements • Assesses accounting principles • Assesses significant estimates made by management • Evaluates overall presentation of the financial statements *CGAP Audit Manual, pp. 6, 8–9)
  • 147. ©CGAP/World Bank RM9-H1 Action Plan The course has presented a step-by-step approach to risk management. Think through the steps and consider how they will be applied to your MFI. Focus on the obstacles and on ideas to overcome those obstacles. CORE VALUES – MISSION, VALUES, PEOPLE PILLARS OF PREVENTION – HUMAN RESOURCES, POLICIES AND PROCEDURES, TOOLS AND TECHNOLOGY Points of most interest or need to my MFI Anticipated obstacles Ideas to overcome the obstacles Points of most interest or need to my MFI Anticipated obstacles Ideas to overcome the obstacles
  • 148. ©CGAP/World Bank CYCLE APPROACH TO RISK IDENTIFICATION AND CONTROLS INTERNAL AUDIT FUNCTION Points of most interest or need to my MFI Anticipated obstacles Ideas to overcome the obstacles Points of most interest or need to my MFI Anticipated obstacles Ideas to overcome the obstacles
  • 149. ©CGAP/World Bank EXTERNAL AUDIT Points of most interest or need to my MFI Anticipated obstacles Ideas to overcome the obstacles Any other issues or ideas not to be forgotten!
  • 150. ©CGAP/World Bank RM9-H2 Operational Risk Management Postcourse Skills Audit Name: ______________________________ 1. Name three major risk areas for an MFI. 2. Who is in charge of risk management in an MFI? 3. Define internal control/hat does internal control mean? 4. Name four control methods. 5. Name three sources/instances of fraud. 6. What are the four most common types of fraud in an MFI? 7. Name three types of social risk. 8. What are the three main differences between internal audit and external audit?
  • 151. ©CGAP/World Bank RM9-H3 Operational Risk Management Course Evaluation Form – Sample [Use similar design, as appropriate to your needs and market] Please rate and comment on the following: 1 = Poor 2 = Fair 3 = Average 4 = Good 5 = Excellent Overall Course 1 2 3 4 5 Comments: Length of Course 1 2 3 4 5 Comments: Course Content 1 2 3 4 5 Comments: Course Methods 1 2 3 4 5 Comments: Course Materials 1 2 3 4 5 Comments: Trainer 1 2 3 4 5 Name ____________________________________ Comments: Trainer 1 2 3 4 5 Name ____________________________________ Comments: Course Organization 1 2 3 4 5 Comments: Precourse Organization, Communication, Advertising 1 2 3 4 5 Comments: Facilities 1 2 3 4 5 Comments:
  • 152. ©CGAP/World Bank 1. What I learned most from this course was: 2. What I still need to learn more about is: 3. I will apply the following in my organization: 4. I will have difficulty applying the following to my organization: 5. My overall feeling about the course is: 6. The course might have been more efficient if: 7. Any other comments (please use another page if necessary):

×