Commenting on the global financial crisis in 2008, Queen Elizabeth is reported to have asked at the London School of Economics in November that year: “It’s so awful. Why did nobody notice it?” Pretty much the same could be said of the current troubles in Indian banking. Unbearable risks have led to capital erosion and further requirement of own funds to maintain international standards of capital and leverage, in accord with what are known as the latest Basel norms.

While finding capital in a savings-oriented nation may not be much of an issue if the right kind of policy changes are made, the challenge for Indian banks would be to tighten internal controls and risk management measures. Stakeholders need reasonable assurances that history will not be repeated.

The Basel-based Bank for International Settlements (BIS), the oldest financial organisation in the world as on date, of which India is a prominent member, has been setting standards of governance for banks in order to realise its objective of global monetary and financial stability.

The BIS has been consistent in its emphasis on the need for strong internal audit functions, as part of risk mitigation measures. As early as in 2011, in a comprehensive charter, the BIS stated that an independent, effective internal audit function is part of sound corporate governance. “Banking supervisors must be satisfied as to the effectiveness of a bank’s internal audit function and that management takes appropriate corrective action in response to internal control weaknesses identified by internal auditors. An effective internal audit function helps reduce the risk of loss and reputational damage to the bank,” the BIS said.

If one were to look back, a major part of the ills currently plaguing the public sector banks could be traced to weak internal controls and the relatively lower importance given to audit and inspection as a “function”. It is common knowledge among senior bankers that, as a rule, the inspection department is seen mostly as a “dump yard” for personnel who would not otherwise fit into other fashionable areas like treasury, credit or operations. There could be a few worthy exceptions.

In promotion exercises, a tenure in Inspection is often seen as a disadvantage because the tag would be that of somebody who had been a misfit in “mainstream” banking. But, the songline “the times, they are a-changing,” is perhaps more applicable to Inspection and Audit than to any other department currently among Indian banks.

A dynamic and vibrant internal audit department would now be the sine qua non for the functioning of any commercial bank worth its name. With consolidation being pursued vigorously, control systems need to keep pace or banks would burst at the seams, being big.

The first and foremost condition would be the absolute independence of internal audit with accountability only to the board of directors. Unfortunately, there are only a very few honourable exceptions such as SBI, which have fiercely guarded the independence of internal audit.

To be truly detached and objective, even physically, the audit department needs to be away from the corporate/head office, because the Chairman or CEO, breathing down the neck of the inspection chief, may lead to compromising of roles.

In almost all public sector banks, the Inspection department head still functions under the direction and supervision of the CEO or the executive heads, leading to conflict of interest. And in many review discussions, business performance predominates, pushing compliance and risk management to the background.

In the emerging architecture of control systems in banks, inspection, risk management and compliance should form the triad based on which the edifice of the institution would stand. The failure of this triad to play its role effectively and mediate in policies, procedures and decision-making has been one of the main reasons for the current banking crisis in India. The NPA issue is a symptom or a manifestation (among other factors) of this deep-rooted malaise and not the disease itself.

Thankfully, compliance and risk management are receiving due attention, of late, thanks to some very strong interventions and moral suasion by RBI. India’s central bank has recently moved all banks to its controls-driven Supervisory Programme for Assessment of Risk and Capital (SPARC) from the earlier system of direct monitoring of critical parameters.

What is now required is the realisation among bankers that if you put compliance first, business is likely to last. The sustainability of business is based on robust compliance and risk management practices. The rigour of inspection and internal audit will complete the necessary (may not be sufficient) conditions for the sustainable growth of banks. This requires an intense commitment right from the top boss to assign inspection and audit functions the importance it deserves. Now that the Bank Boards Bureau is headed by an ex-CAG, who proved that he could also be the conscience keeper to the nation, perhaps a stint in Inspection and Audit, Compliance or Risk Management could be made mandatory for rise to top positions in banks.

Mandatory rural assignments which exist now in almost all the banks have ensured the flow of at least a sense of the ordinary man’s expectations from banks to top executives. A provision for audit and inspection is no less crucial in terms of its potential effects. It can lead to public sector banks not repeating their mistakes.

The writer is chief general manager of State Bank of India. The views are personal