The National Credit Guarantee Company Limited (NCGCL) hereby invites proposals from eligible and qualified audit firms for the provision of Internal Audit Services.
These Terms of Reference (TORs) set out the mission, scope of work, key deliverables, and professional requirements for the engagement, with the objective of ensuring independent assurance over NCGCL’s risk management, internal control, and governance processes.
1. Mission and Purpose
Mission:
To enhance and protect organizational value through the provision of risk-based, objective assurance, advisory, and insight.
Purpose:
To provide independent and objective assurance and consulting services designed to add value and improve the operations of NCGCL.
2. Objective of Internal Audit
The Internal Audit function shall provide independent and objective assurance to the Board of Directors and the Audit Committee regarding the adequacy and effectiveness of NCGCL’s risk management, internal control, and governance processes.
Given that NCGCL is currently in its Build Phase, the Internal Audit function shall also act as a constructive enabler of institutional architecture, providing advisory support during the institution-building stage and validating control frameworks prior to implementation.
3. General Scope of Work
The Internal Auditor shall assess whether NCGCL’s systems of risk management, control, and governance are adequately designed and effectively implemented. The scope includes:
- Strategic Alignment: Evaluation of risk exposures in relation to the achievement of strategic objectives.
- Information Integrity: Assessment of the reliability, accuracy, and reporting mechanisms of financial and operational information.
- Operational Consistency: Review of operations and programs to ensure alignment with approved objectives and execution as planned.
4. Scope Prioritization (Build Phase Calibration)
In light of NCGCL’s initial phase of operations, the following areas shall be prioritized:
- Governance Framework: Review of Board processes and Delegation of Financial Powers (DOFP).
- Policy and Process Design: Validation of credit guarantee frameworks and operational policies.
- Risk Management Framework: Advisory and validation at the design stage.
- Treasury Safeguards: Oversight of investment policy implementation and income protection mechanisms.
- Regulatory Compliance Readiness: Early-stage compliance with SECP, FBR, and other applicable regulatory requirements.
5. Specific Scope of Work
The Internal Auditor shall undertake detailed reviews across the following areas:
- Treasury and Investment Management:
Review compliance with Board-approved investment policies, verification of treasury income calculations, fund placements, maturity monitoring, and assessment of counterparty and liquidity risks. - Credit Guarantee Framework:
Review the design and implementation of guarantee schemes, evaluation of risk assessment methodologies for participating financial institutions, and audit of claim management and recovery processes. - Financial Reporting and Tax Compliance:
Review financial statements for compliance with IFRS and SECP regulations and ensure timely and accurate tax filings. - Governance and Regulatory Compliance:
Assess compliance with the Companies Act, 2017, Public Sector Companies (Corporate Governance) Rules, and other applicable laws, including review of DOFP. Any non-compliance shall be formally reported. - Procurement and Expenditures:
Audit administrative expenses, procurement processes, payroll, and employee benefits. Review adherence to the code of conduct, including identification of fraud, conflict of interest, or misappropriation. - Whistleblowing Mechanism:
Review and report whistleblowing matters to the Board Audit Committee (BAC).
6. Key Deliverables
The Internal Auditor shall be responsible for the following deliverables:
- Annual Audit Plan:
Submission of a risk-based internal audit plan to the BAC for approval. - Execution of Audit Plan:
Implementation of the approved audit plan, including any additional assignments requested by the CEO or BAC. - Periodic Updates:
Regular progress updates to the BAC. - Quarterly Audit Reports:
Comprehensive reports covering audit findings, control evaluations, risk ratings, and management action plans. - Audit Committee Participation:
Attendance at Audit Committee meetings where audit and financial matters are discussed. - Annual Control Review:
Year-end assessment of the overall internal control environment. - Follow-up Mechanism:
Semi-annual tracking of implementation status of prior audit recommendations.
7. Reporting Structure
- Functional Reporting: To the Board of Directors through the Audit Committee.
- Administrative Reporting: To the Chief Executive Officer (CEO).
8. Professional Requirements
The appointed firm must:
- Be a QCR-rated firm registered with the Audit Oversight Board.
- Disclose any historical or ongoing regulatory penalties or sanctions.
- Demonstrate prior experience in auditing NBFCs or banking institutions.
- Adhere to the International Standards for the Professional Practice of Internal Auditing.
- Maintain independence and ensure the audit function remains free from organizational interference.
Submission Details Deadline: By 1400 PKT, April 22, 2026
Submission Mode: Email to shahfain.ejaz@ncgcl.pk
For any clarifications, please contact the undersigned via email.
Regards,
Farhan Ali
Financial Controller
farhan.ali@ncgcl.pk
