Suryoday Small Finance Bank Ltd Auditor Reports

To the Members of Suryoday Small Finance Bank Limited

Report on the Audit of the Financial Statements

Opinion

1. We have audited the accompanying financial statements of Suryoday Small Finance Bank Limited (‘the Bank), which comprise the Balance Sheet as at 31 March 2024, the Statement of Profit and Loss and the Statement of Cash Flows for the year then ended, and notes to the financial statements, including a summary of the significant accounting policies and other explanatory information.

2. In our opinion and to the best of our information and according to the explanations given to us, the aforesaid financial statements give the information required by the Banking Regulation Act, 1949 as well as the Companies Act, 2013 (‘the Act) and circulars and guidelines issued by the Reserve Bank of India (‘the RBI), in the manner so required for banking companies and give a true and fair view, in conformity with the Accounting Standards specified under section 133 of the Act, read with the Companies (Accounting Standards) Rules, 2021 and other accounting principles generally accepted in India, of the state of affairs of the Bank as at 31 March 2024, and its profit and its cash flows for the year ended on that date.

Basis for Opinion

3. We conducted our audit in accordance with the Standards on Auditing specified under section 143(10) of the Act. Our responsibilities under those standards are further described in the Auditors Responsibilities for the Audit of the Financial Statements section of our report. We are independent of the Bank in accordance with the Code of Ethics issued by the Institute of Chartered Accountants of India (‘ICAI) together with the ethical requirements that are relevant to our audit of the financial statements under the provisions of the Act and the rules thereunder, and we have fulfilled our other ethical responsibilities in accordance with these requirements and the Code of Ethics. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Key Audit Matters

4. Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the financial statements of the current period. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.

5. We have determined the matters described below to be the key audit matters to be communicated in our report

Identification of Non-Performing Advances (NPA) and provisioning and write off for loans and advances

As at 31 March 2024, the Bank reported total loans and advances (net of provisions) of H 8,078 crores (2023: 6,015 crores), gross NPAs of H 242 crores (2023: H 191 crores), and provision for non-performing assets (including floating provision) of H 173 crores (2023: H 98 crores). The Bank has written off loans of H 103 crores during the year ended 31 March 2024 (2023: H 275 crores).

The provision coverage ratio as at 31 March 2024 is 71% (2023: 51%).

[Refer schedules 9, schedule 17, and 18(4)]

Key Audit Matter	How our audit addressed the key audit matter
Identification of NPA and measurement of provision for loans and advances is made based on the assessment of various criteria stipulated in the Reserve Bank of India (RBI) guidelines on Prudential Norms on Income Recognition, Asset Classification and Provisioning pertaining to advances (IRACP).	Our audit procedures included but were not limited to the following:
The Bank is required to have a Board approved policy as per the IRACP guidelines for NPA identification and provision and write off for loans and advances.	Design/Controls
The IRACP guidelines stipulate the requirement to identify NPA through defined criteria such as past due status, out of order status etc. Provisions in respect of such NPAs are made based on minimum provisioning levels prescribed under the IRACP and Banks internal credit policy. The provision on NPAs are also based on the valuation of the security available. NPA classification is made borrower wise whereby if one facility to the borrower becomes an NPA then all facilities to such a borrower will be treated as an NPA	Understood the process and controls and tested the design and operating effectiveness of key internal controls (including application controls) over
	• Approval, recording and recovery of loans;
	• Monitoring process for overdue loans
	• Identification and classification of NPA in line with IRACP guidelines; and
	• Measurement of provision on loans and advances in line with IRACP guidelines including valuation of security and collateral against loans.
The Bank is also required to apply its judgement to determine the identification of NPA and provision required for loans and advances by applying quantitative as well as qualitative factors. The risk of identification of NPA is affected by factors like stress and liquidity concerns in certain sectors, profile of borrowers etc. Similarly, the Bank is also required to make judgements to identify the loans and advances which are non-recoverable and thereby determined to be written off.	Substantive procedures
Considering the significance of the above matter to the financial statements, the heightened regulatory compliances, and significant auditor attention required, we have identified this as a key audit matter for the current year audit.	• Evaluated the Banks accounting and internal policies for identification of NPAs and provisioning and write off on loans and advances;
	• For borrowers, assessed the appropriateness of asset classification and adequacy of related provisioning by performing procedures such as computation of ageing, assessment of borrower level NPA identification and verification of applicable provision rates as per IRACP norms and Banks Policy on test check basis;
	• Verified performing loans on test check basis to assess whether they should be classified as NPA;
	• Performed inquiries with the Management of the Bank to ascertain if there were indicators of stress, perceived credit risk or occurrence of an event of default in any particular class of borrowers, product category or loan account that warrants NPA assessment;
	• Verified on a sample basis that the loan write-offs during the year is in accordance with Board approved policy;
	• Obtained and read communications with regulators during the year
	• Assessed disclosures included in the financial statements in respect of asset classifications and provisioning, including specific disclosures made in accordance with the requirements of the RBI Master Directions
Information Technology ("IT") Systems and Controls for the financial reporting process
Key Audit Matter	How our audit addressed the key audit matter
The IT environment of the Bank is complex as it involves a number of independent and inter-dependent IT systems which are used in the operations of the Bank for processing and recording a large volume of transactions at numerous locations on a daily basis.	We included specialized IT auditors as part of our audit team to perform audit procedures which included, but were not limited to the following:
As a result, there is a high degree of reliance and dependency on such IT systems for the financial reporting process of the Bank which impacts key financial accounting and reporting items such as loans, interest income, provision on loans amongst others. Appropriate IT general controls and application controls are required to ensure that such IT systems are able to process the data, as required, completely, accurately and consistently for reliable financial reporting.	• Obtained an understanding of the Banks IT related control environment and conducted risk assessment and identified IT applications, networks, databases and operating systems that are relevant to our audit. Also, obtained an understanding of the changes that were made to the identified IT applications during the audit period and tested those changes that had a significant impact on financial reporting.
Our area of audit focus for the IT systems and the related control environment included:	• Tested IT general controls particularly access rights over applications, change management across identified applications, password policies, security configuration etc. We also assessed the design and operating effectiveness of controls over granting, removal and periodical review of access rights. We further tested segregation of duties, including preventive controls to ensure that access to change applications, the operating system or databases in the production environment were granted only to authorized personnel.
• IT general controls over user access management and change management across applications, networks, database, and operating systems;
• IT application controls (automated controls) relevant for financial reporting.
Accordingly, due to the importance of the impact of the IT systems and automated controls, new system implementation and related control environment on the Banks financial reporting process, we have identified testing of such IT systems and related control environment as a key audit matter for the current year audit.	• Tested related interfaces, configuration and other application layer controls identified during our audit mainly for loans, interest income, provision for loan assets, deposits amongst others, for evaluating completeness and accuracy;
	• Where deficiencies were identified, tested compensating controls or performed alternative procedures.

Information other than the Financial Statements and Auditors Report thereon

The Banks Board of Directors are responsible for the other information. The other information comprises the information included in the Annual Report but does not include the financial statements and our auditors report thereon. The Annual Report is expected to be made available to us after the date of this auditors report.

Our opinion on the financial statements does not cover the other information and we do not express any form of assurance conclusion thereon.

In connection with our audit of the financial statements, our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit or otherwise appears to be materially misstated.

When we read the Annual Report, if we conclude that there is a material misstatement therein, we are required to communicate the matter to those charged with governance.

Responsibilities of Management and Those Charged with Governance for the Financial Statements

6. The accompanying financial statements have been approved by the Banks Board of Directors. The Banks Board of Directors are responsible for the matters stated in section 134(5) of the Act with respect to the preparation and presentation of these financial statements that give a true and fair view of the financial position, financial performance and cash flows of the Bank in accordance with the Accounting Standards specified under section 133 of the Act, read with the Companies (Accounting Standards) Rules, 2021 and other accounting principles generally accepted in India, and provisions of section 29 of the Banking Regulation Act, 1949 and circulars and guidelines issued by the RBI from time to time. This responsibility also includes maintenance of adequate accounting records in accordance with the provisions of the Act for safeguarding of the assets of the Bank and for preventing and detecting frauds and other irregularities; selection and application of appropriate accounting policies; making judgments and estimates that are reasonable and prudent; and design, implementation and maintenance of adequate internal financial controls, that were operating effectively for ensuring the accuracy and completeness of the accounting records, relevant to the preparation and presentation of the financial statements that give a true and fair view and are free from material misstatement, whether due to fraud or error.

7. In preparing the financial statements, the Board of Directors is responsible for assessing the Banks ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Board of Directors either intends to liquidate the Bank or to cease operations, or has no realistic alternative but to do so.

8. The Board of Directors is also responsible for overseeing the Bankss financial reporting process.

Auditors Responsibilities for the Audit of the Financial Statements

9. Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditors report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with Standards on Auditing will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

10. As part of an audit in accordance with Standards on Auditing specified under section 143(10) of the Act, we exercise professional judgment and maintain professional skepticism throughout the audit. We also:

Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control;

• Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances. Under section 143(3) (i) of the Act, we are also responsible for expressing our opinion on whether the Bank has adequate internal financial controls with reference to financial statements in place and the operating effectiveness of such controls;

Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by management;

Conclude on the appropriateness of Board of Directors use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Banks ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditors report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditors report. However, future events or conditions may cause the Bank to cease to continue as a going concern; and

Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

11. We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

12. We also provide those charged with governance with a statement that we have complied with relevant ethical requirements regarding independence, and to communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards.

13. From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditors report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.

Report on Other Legal and Regulatory Requirements

14. The Balance Sheet and the Profit and Loss Account have been drawn up in accordance with the provisions of section 29 of the Banking Regulation Act, 1949 and section 133 of the Act.

15. As required by sub-section (3) of section 30 of the Banking Regulation Act, 1949, we report that:

a) We have obtained all the information and explanations which, to the best of our knowledge and belief, were necessary for the purpose of our audit and have found them to be satisfactory;

b) The transactions of the Bank, which have come to our notice, have been within the powers of the Bank;

c) We have visited 30 branches to examine the books of accounts and other records maintained at the branch for the purpose of our audit. Since the key operations of the Bank are automated with the key applications integrated to the core banking system, the audit is carried out at centrally as all the necessary records and data required for the purposes of our audit are available therein.

16. With respect to the matter to be included in the auditors report under section 197(16) of the Act, we report that since the Bank is a banking company, as defined under the Banking Regulation Act, 1949; the reporting under section 197(16) in relation to whether the remuneration paid by the Bank is in accordance with the provisions of section 197 of the Act and whether any excess remuneration has been paid in accordance with the aforesaid section is not applicable.

17. Further, as required by section 143 (3) of the Act, based on our audit, we report, to the extent applicable, that:

a) We have sought and obtained all the information and explanations which to the best of our knowledge and belief were necessary for the purpose of our audit of the accompanying financial statements;

b) In our opinion, proper books of account as required by law have been kept by the Bank so far as it appears from our examination of those books;

c) The financial statements dealt with by this report are in agreement with the books of account;

d) In our opinion, the aforesaid financial statements comply with the Accounting Standards specified under section 133 of the Act read with the Companies (Accounting Standards) Rules, 2021, to the extent they are not inconsistent with the accounting policies prescribed by RBI;

e) On the basis of the written representations received from the directors and taken on record by the Board of Directors, none of the directors is disqualified as on 31 March 2024 from being appointed as a director in terms of section 164(2) of the Act;

f) With respect to the adequacy of the internal financial controls with reference to financial statements of the Bank as on 31 March 2024 and operating effectiveness of such controls, refer to our separate report in Annexure A wherein we have expressed an unmodified opinion; and

g) With respect to the other matters to be included in the Auditors Report in accordance with rule 11 of the Companies (Audit and Auditors) Rules, 2014 (as amended), in our opinion and to the best of our information and according to the explanations given to us:

i. The Bank, as detailed in schedule 12 and schedule

18 - note (20)(b) to the financial statements, has disclosed the impact of pending litigations on its financial position as at 31 March 2024;

ii. The Bank has made provision as at 31 March 2024, as required under the applicable law or accounting standards, for material foreseeable losses, if any, on long-term contracts. The Bank does not have any derivative contracts as at 31 March 2024;

iii. There were no amounts which were required to be transferred to the Investor Education and Protection FundbytheBankduringtheyearended31March2024;

iv. a. The management has represented that, to the best of its knowledge and belief, as disclosed in note 20(w)(i) to the financial statements, no funds have been advanced or loaned or invested (either from borrowed funds or securities premium or any other sources or kind of funds) by the Bank to or in any person(s) or entity(ies), including foreign entities (‘the intermediaries), with the understanding, whether recorded in writing or otherwise, that the intermediary shall, whether, directly or indirectly lend or invest in other persons or entities identified in any manner whatsoever by or on behalf of the Bank (‘the Ultimate Beneficiaries) or provide any guarantee, security or the like on behalf the Ultimate Beneficiaries;

b. The management has represented that, to the best of its knowledge and belief, as disclosed in note 20(w) (ii) to the financial statements, no funds have been received by the Bank from any person(s) or entity(ies), including foreign entities (‘the Funding Parties), with the understanding, whether recorded in writing or otherwise, that the Bank shall, whether directly or indirectly, lend or invest in other persons or entities identified in any manner whatsoever by or on behalf of the Funding Party (‘Ultimate Beneficiaries) or provide any guarantee, security or the like on behalf of the Ultimate Beneficiaries; and

c. Based on such audit procedures performed, as considered reasonable and appropriate in the circumstances, nothing has come to our notice that has caused us to believe that the management representations under sub-clauses (a) and (b) above contain any material misstatement.

v. The Bank has not declared or paid any dividend during the year ended 31 March 2024.

vi. Based on our examination which included test checks, the Bank, in respect of financial year commencing on or after 01 April 2023, has used an accounting software for maintaining its books of account which has a feature of recording audit trail (edit log) facility and the same has been operated throughout the year for all relevant transactions recorded in the software. Further, during the course of our audit we did not come across any instance of audit trail feature being tampered with.

For Walker Chandiok & Co LLP

Chartered Accountants

Firms Registration No.: 001076N/N500013

Sudhir N. Pillai

Partner

Membership No.: 105782

UDIN: 24105782BKFIZZ3010

Place: Mumbai

Date: 09 May 2024

Annexure A referred to in paragraph ‘17(f) under the heading "Report on Other Legal and Regulatory Requirements" in the Independent Auditors Report of even date to the members of Suryoday Small Finance Bank Limited on the financial statements for the year ended 31 March 2024

Independent Auditors Report on the internal financial controls with reference to the financial statements under Clause (i) of Subsection 3 of Section 143 of the Companies Act, 2013 (‘the Act)

1. In conjunction with our audit of the financial statements of Suryoday Small Finance Bank Limited (‘the Bank) as at and for the year ended 31 March 2024, we have audited the internal financial controls with reference to financial statements of the Bank as at that date.

Responsibilities of Management and Those Charged with Governance for Internal Financial Controls

2. The Banks Board of Directors are responsible for establishing and maintaining internal financial controls based on the internal financial controls with reference to financial statements criteria established by the Bank considering the essential components of internal controls stated in the Guidance Note on Audit of Internal Financial Controls over Financial Reporting issued by the Institute of Chartered Accountants of India. These responsibilities include the design, implementation and maintenance of adequate internal financial controls that were operating effectively for ensuring the orderly and efficient conduct of the Banks business, including adherence to the Banks policies, the safeguarding of its assets, the prevention and detection of frauds and errors, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information, as required under the Act.

Auditors Responsibility for the Audit of the Internal Financial Controls with Reference to Financial Statements

3. Our responsibility is to express an opinion on the Banks internal financial controls with reference to financial statements based on our audit. We conducted our audit in accordance with the Standards on Auditing issued by the Institute of Chartered Accountants of India (‘ICAI) prescribed under Section 143(10) of the Act, to the extent applicable to an audit of internal financial controls with reference to financial statements, and the Guidance Note on Audit of Internal Financial Controls Over Financial Reporting (‘the Guidance Note) issued by the ICAI. Those Standards and the Guidance Note require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether adequate internal financial controls with reference to financial statements were established and maintained and if such controls operated effectively in all material respects.

4. Our audit involves performing procedures to obtain audit evidence about the adequacy of the internal financial controls with reference to financial statements and their operating effectiveness. Our audit of internal financial controls with reference to financial statements includes obtaining an understanding of such internal financial controls, assessing the risk that a material weakness exists, and testing and evaluating the design and operating effectiveness of internal control based on the assessed risk. The procedures selected depend on the auditors judgement, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error.

5. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion on the Banks internal financial controls with reference to financial statements.

Meaning of Internal Financial Controls with Reference to Financial Statements

6. A banks internal financial controls with reference to financial statements is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A banks internal financial controls with reference to financial statements include those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Bank; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the bank are being made only in accordance with authorisations of management and directors of the bank; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorised acquisition, use, or disposition of the banks assets that could have a material effect on the financial statements.

Inherent Limitations of Internal Financial Controls with Reference to Financial Statements

7. Because of the inherent limitations of internal financial controls with reference to financial statements, including the possibility of collusion or improper management override of controls, material misstatements due to error or fraud may occur and not be detected. Also, projections of any evaluation of the internal financial controls with reference to financial statements to future periods are subject to the risk that the internal financial controls with reference to financial statements may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

Opinion

8. In our opinion, the Bank has, in all material respects, adequate internal financial controls with reference to financial statements and such controls were operating effectively as at 31 March 2024, based on the internal financial controls with reference to financial statements criteria established by the Bank considering the essential components of internal controls stated in the Guidance Note issued by the Institute of Chartered Accountants of India.

For Walker Chandiok & Co LLP

Chartered Accountants

Firms Registration No.: 001076N/N500013

Sudhir N. Pillai

Partner

Membership No.: 105782

UDIN: 24105782BKFIZZ3010

Place: Mumbai

Date: 09 May 2024