Auditing and Attestation Services

Verification of financial information in financial statements is a critical process in the banking sector as it is in other industries. Together with our sector-specialized professionals, we offer independent auditing services for banking information systems and banking processes.

Our in-depth knowledge and extensive experience provide the backbone of our auditing in the areas of Information Technologies and Banking Processes, the rules and regulations of which have been set down by BRSA, to be executed together annually with a financial audit. 

In addition to statutory requirements, the BRSA audit offers you the following benefits: 

- Effective and efficient operation and risk management and support in internal control

- A regulations-compliant and risk-tolerant structure; and

- Investment decisions based on accurate financial statements.

•   Can you be sure that your systems will be running tomorrow?

•   Are you concerned that one of your IT staff may leave the job?

•   How do you check on whether your employees can identify or are using any system or program deficiencies?

•   How are changes made in your system authorizations and who makes these changes?

•   Is your corporate information safe? What about your client information?

•   When your systems / programs are updated, is it possible that some of the information might have been changed?

•   Can you maintain business sustainability in the face of extraordinary circumstances?

•   How well do your needs and your technology match?

•   How long do you think your technology investments will last?

Business performance is based on the controlled operation of information technologies in the transition that has been made from the old and huge computers of the past to tailored web applications featuring state-of-the-art-technologies.

Companies are frequently confronted with steadily growing Information Technology (IT) risks such as security threats, risks of non-compliance with laws and regulations, and system failure or system outages. Managements understand the importance of designing appropriate controls to manage these technology risks and ensuring security with the effective working of these controls.   

Internal audit operations should not only be limited to internal processes; IT systems and processes should also be an integrated part of the audit. Companies are eager to know whether their systems will be reliable enough to bring value-added services to their businesses. IT reviews, however, require specific company information that should already exist within the company.

As an expert Deloitte IT team, we support your internal audit professionals in a wide range of IT areas by offering our competencies in the use of up-to-date techniques, tools and information. Our certified IT professionals provide IT audits in finance, telecommunications, media, public services, aviation, transportation, logistics, production, technology, health, pharmaceuticals, and in many other sectors, bringing our clients value-added solutions 

In today’s business world, most companies transfer their many of their growing operations to third-party companies and thus rely on the complex relations they have with these third-party companies.

You have most probably felt the need to add value to your business (in the form of vendor partnerships, joint ventures, outsourcing). We advise you then to ask yourself the following questions:

- Has your risk management and control systems kept up with your growth?

- Are you sure that your expanded business is working efficiently and is even suited to your goals?

- Do you make regular assessments of the work you carry out with new business partners? Have you audited the licenses and product rights that you have granted?

How can we support your business?

Third Party Assurance (3PA) is a comprehensive service solution for our clients. We have designed and developed our 3PA services based on our expansive experience in helping leading enterprises In the world assess their entire network of relations and manage interdependent risk effectively in order to create value for their corporations.

Our services with regard to primary contract risks and compliance include:

· Clarification of business partnerships and related business objectives, risks, controls and interests;

· Determining the nature of compliance and noncompliance with respect to the terms of the contract;

· Verification of the accuracy of information reported by business partners;

· Internal and external risk assessment and executing audit reviews of partners;

· Cost recovery analyses, advertising and promotion assessments, royalty and franchising evaluations; and

· Improvement of computing systems and related processes based on findings. 

The Service Organizations Control Report, which is a response to the business world’s needs for comprehensive risk monitoring and transparency, has rapidly become more widespread since the first publication of  “Statements on Auditing Standards No. 70, Service Organizations (SAS70)” in 1992. In an effort to respond to increasing expectations and ensure compliance with modern assurance standards, the IAASB (International Auditing and Assurance Standards Board) and AICPA (American Institute of Certified Public Accountants) replaced SAS70 with the new standards, ISAE 3402 and SSAE16. 

The practice of outsourcing and using support services is a growing trend and increasingly, providing clients with critical services has become dependent on the contributions of third party service providers. Companies specifically require support services in the following areas:

• Information Technologies

• Circumstances of Force Majeure

• Finance and Accounting

• Customer Relations

• Call Centers

• Human Resources and Fringe Benefits Management

• Remuneration and Administrative Affairs

• Archive Management

• Fund Management

Companies that prefer to use outsourcing services for these areas seek independent assurance that the operations and internal control systems overseen by service providers are being run effectively. Accordingly, when companies are selecting a support service provider for their operations, they ask these firms for Service Organizations Control Reports.

Deloitte’s services with regard to providing Third Party Assurance include the following:

- ISAE 3402 / SSAE 16 audits and reporting,

- Establishing controls and providing support in developing control matrices for the preliminary work as relates to ISAE 3402 / SSAE 16, and

- Performing tests and identifying development areas in the preliminary work prior to the ISAE 3402 / SSAE 16 audit. 

In Interbank Clearing Commissions Verification, we offer funding cost calculations of interbank clearing commissions and a review of the amounts disclosed in the reports presented to the Interbank Card Centre (“ICC”) to verify compliance with predetermined principles.

Our specialized team on interbank clearing commissions verification provides the following rewards for its clients:             

- Revenue growth by providing a balance between products, clients and assets;

- Increasing support for the corporation’s social responsibilities by identifying both social and environmental standards; and

- Operating as required in compliance with statutory requirements.

To provide a more effective business management, Deloitte Turkey offers gambling systems auditing, including the processes of overseeing gambling operations, analyzing compliance with related policies, and examining security controls in online gambling systems.

Our specialized gambling systems team of auditors provides the following rewards for clients:             

- Revenue growth by providing a balance between products, clients and assets;

- Increasing support for the corporation’s social responsibilities by identifying both social and environmental standards; and

- Operating as required in compliance with statutory requirements.