POL00086825
POL00086825
Title Audit Process Manual
Subject Chapter 3 — Performing a Branch Audit
Version Control 3.2
Purpose Outline responsibilities and process to perform an audit in all branches.
Audience Network Services Field Team
Next Review date I March 2014
Stakeholders
Stakeholders Name
Responsibility
Drew McBride
David Mason
Craig Tuthill
Lee Heil
Head of Network Operations
Head of Risk Governance
Network Support Performance Mgr: Reporting
Network Support Admin Mgr: Reporting
Responsibilities in change
Role Job Title(s) Date
Author Field Team Leaders — Linda 5/9/13
McLaughlin & Alicia Hassam
Assurance Field Support Change Advisor 5/9/13
Authorised Network Field Support Project 11/9/13
Manager
Communication Field Support Change Advisor 12/9/13
Version control
Version No. I Reason for issue Section Date
No.
3.0 Annual Review ALL 08/03/13
3.1 Additional paragraph inserted regarding the closing 12.1 22/05/13
meeting. Also regarding contact from the Branch
Standards Team.
3.1 Sentence deleted, also new sentence added Appendix =I 22/05/13
regarding checking all Main Stock. New heading A
added regarding Crown Losses/Notify Security
regardless of amount.
3.1 Name change from Paul Kellet to Louise Wilkins. Appendix I 22/05/13
Also instruction removed regarding sending cash to E
Chesterfield and advised to send to local cash centre
instead.
3.2 Name Change MVL contact Appendix 02/09/13
Stakeholder name change and title H 02/09/13
Appendix I added 02/09/13
P&BA and Product and Branch Accounting replaced I Appendix I
with Finance Service Centre 02/09/13
Security Operations Manual updated to July 2013 ALL 02/09/13
9.2 Additional contacts added in the event of Page 3 02/09/13
irregularity Page 16 02/09/13
All page numbers corrected on Index page Page 2
APM Chapter3 - Performing a Branch aa - ie + J Sort 2013 1
Owners: (-7inda.Mcl_auahlin,
Teli RO
E-mail: linda melaughiing
POLO0086825
POL00086825
Index
Section Title Page No.
1 Introduction 3
2 Types of Audit 3
3 Field Team role and responsibilities 4
4 Lead Field Team Member Role 5
5 Planning 6
6 P32, The CAT Reporting Tool and SharePoint 7
iA On Site Activity oS
8 Financial Assurance Audit (FAA) 11
9 Irregularities 15
10 Financial Assurance Audit (Tier 2) 18
11 Compliance Audit 18
12 Close of audit Meeting 19
13 Audit Reporting 19
App A _I Crown Office 20
App B_ I Franchise and Multiple Branches 21
App C _I Open Plan and Combination Formats 22
App D_I WHSmith 23
App E_I Post Office Local 25
App F_ I ATMs 26
App G_I Access to Horizon System 27
App H__I Accounting for shortages/surpluses in MVL discs at audit 28
App I Process for Auditing Bidi Safes 29
2
Owners:
E-mail:
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013
hl Alicia Hassam
POL00086825
POL00086825
Section 1 - INTRODUCTION
1.1 Audit activity takes place because we have stakeholder requirements to ensure that we
protect, maintain and account for all our assets, both those we own and those we look after on
behalf of our stakeholders. We are also responsible for ensuring that all our staff and
Agents/Operators, operate their Post Office® branches in accordance with legislative
regulations as well as conforming to our operating licence, branch standards and to customer
charter standards.
1.2 We will attend all types of branches throughout the year to verify financial assets on hand
and to test regulatory compliance and business conformance against standards set out in HOL
help and the operations manuals as listed below:
National Lottery - March 2009 —- COMB 44/4
Post Office Outreach Services excluding Home Service — August 2008 — COMB 62/1
Post Office Paystation - May 2009 —- COMB 57/5
Horizon Online™ Equipment & Administration — January 2010 - COMB 63/2
Security — July 2013 - Information can be obtained on HOL Help
Ordering Stores & Stocks — February 2009 - COMB 47/8 — Obsolete - Information can
be obtained on HOL Help
ccc eee
Section 2 - TYPES OF AUDIT
2.1 These are the types of audit
= Financial , Financial Assurance Audit (FAA) and (Tier 2)
= Compliance
2.2 The Financial Assurance Audit (FAA) involves the verification of cash, selected stock items
and vouchers on hand. Items not verified are deemed to be assured.
2.3 The Financial Assurance Audit (Tier 2) is a comprehensive check to assess the current
trading position of the branch. This will be carried out if requested by stakeholders or as the
result of escalation by the Audit Leader, visiting to complete a lesser request, resulting in
unsatisfactory findings.
2.4 The current financial position of the office is calculated and recorded by completion of an
Excel based file known as a P32 and comparing this to the Horizon On Line(HOL) system
derived “balance due to PO figure” using the latest declared branch trading statement, and
reports obtained from HOL.
2.5 The objective of the Compliance Audit is to check that mandatory business conformance
and regulatory compliance controls are operating as intended: by checking evidence and
gaining assurance that the required controls are in place. Compliance to business policies and
procedures can be tested in conjunction with the Financial Audit visit or on a separate visit.
2.6 Details of all audit types are available on EASE- Audits- Audits Codes List. The Network
Services Field Team schedule entry is annotated to detail what type of audit is required.
2.7 While on site at ALL types of audit you must ensure that Mail Segregation is taking place. If
the office is not segregating their Mail please inform them of the process, if the Agent/Operator
does not agree please complete a Mail Segregation/Integrity Proforma which is available on
EASE - Intervention — Mail Segregation & Oversized Items and submit by e-mail to the Branch
Standards Team. Also, when submitting Reports/Compliance Declaration by e-mail please
advise if Mail Segregation is/is not taking place.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 3
Owners: Linda McLaughlin ~~ Alicia. Hassam
Tel.
E-mail: Jinda.melaughling
POL00086825
POL00086825
Section 3 - THE FIELD TEAM ROLE AND RESPONSIBILITIES
3.1 The Field Team role at audit is completely objective and the reports they produce after the
visit must be detailed, accurate and factual. The Field Team’s role is not to speculate on the
cause of the outcome of the audit or the honesty of Agents/Operators or staff either overtly or
by implication. Anything recorded which is deemed to be of a subjective nature would
undermine any subsequent investigation and could impact on the ability of investigators to
pursue the case.
3.2 Field Team Members should not enter into any discussion or speculation about why the
office has been scheduled for a visit.
3.3 If the audit should end in the precautionary suspension of the Agent/Operator then the Field
Team Member must not apologise or enter into any discussion as to why a precautionary
suspension has been affected. The Agent/Operator must be referred to their Contract Advisor.
3.4 There will be circumstances where an audit visit to an office leads to an escalation or
investigation so it is necessary for the Field Team Member to be conscious of this from the
outset.
3.5 The Field Team Member must take a detailed note of all timings and the course of all
events. (EASE-Audits-Useful Guides & Checklists-Audit Info Doc) The actions of those on site
and conversations held may become relevant if there is to be an investigation of misconduct or
dishonesty. The lead Field Team member is responsible for reporting these details.
3.6 For full information about the support available from the Contract Advisor see Irregularities
(section 9).
3.7 All Field Team members must carry their security passes and wear a Post Office® name
badge whilst on site in branches.
3.8 The Lead Auditor and one other Field Team Member must take their laptops to an audit so
the activity is not jeopardised by laptop failure. General security rules apply.
3.9 All Field Team Members working on audit activity must carry with them:
= The Branch Standards booklet
= Kendata - customer satisfaction feedback forms and envelopes. (E-mail NSAT to
request a supply)
= The Network Support Directory of Mobile and Mobex numbers (ref: EASE Audits -
Contacts).
They must also carry a supply of the following items to leave at offices where they are found to
be lacking:
> *Your Guide to Customer Service
> *Suspicious Activity Reporting Form
> Note, coin, rem bags, HOL bar code stickers for non CiT rem.
> Mail Segregation Posters
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 4
Owners: Linda McLaughlin, Alicia Hassam
E-mail:
POL00086825
POL00086825
*All can be printed from EASE- Audits - Compliance Official Documents
(Your Guide to Customer Service Internet print not to be handed out to customers)
3.10 It should be noted that although the Field Team Member will supply these items, this will
still be noted as an audit gap and the Field Team Member must witness the Agent/Operator
placing an order for missing items via HOL.
3.11 In addition to the aforementioned items the Field Team member must have the following
paperwork:
A record of conversation held (ref -EASE — Audits — Chapter 3)
A record of conversation Cash Sheet (ref-EASE — Audits — Chapter 3)
A without prejudice receipt (ref-EASE — Audits)
A workplace Risk Assessment. (Can be obtained from the documents section of the
Safety Environment & Wellbeing Intranet pages if required).
= An application form for Grapevine ( ref -EASE — Training On Site - Grapevine)
= Paperwork necessary for performing an office transfer (ref - EASE- Audits)
= Paperwork necessary for appointing a temporary Agent/Operator ( ref - EASE —
Audits — Transfers — Transfer Pack)
= MVL Spoilt Disc Handout (ref EASE — Audits — Useful Guides & Checklists)
Please ensure you have the current/updated documents.
3.12 The Field Team Member must carry notices informing the public of temporary closure or
closure, to include the nearest MVL issuing office if applicable (ref - EASE - Audits - Closure
Notices).
3.13. The Field Team Member must endeavour to have the branch open for 09:30am unless
there are valid circumstances to prevent this. In practice the verification of the Main Stock
Units, Compliance, etc should be carried out whilst the branch is open.
Please refer to Section 8.2 Horizon Reports.
Section 4 - THE LEAD FIELD TEAM MEMBER ROLE
4.1 The Network Support Admin Team (NSAT) will indicate via the schedule which Field Team
Member(s) are to carry out the audit visit and who has been allocated the “lead” role.
4.2 It is the lead’s responsibility to prepare for the audit, manage activities on site, report
financial irregularities and subsequently complete the audit reports.
4.3 The lead is responsible for the introductory discussions with the Agent/Operator, providing
regular updates and performing the closing meeting.
4.4 The lead is responsible for delegating tasks for example; P32 completion, checking of
display material, checking of bureau, to ensure the audit is run in an orderly manner making
efficient use of the resource available and minimum disruption to customer service.
4.5 The lead is also responsible for the decision to re-open the branch when sufficient checks
have been carried out to provide assurance that an escalation to Tier 2 or the involvement of
the Contract Advisor is unlikely. As per the Team Standards, the branch should be ready to re-
open by 09:30am to minimise disruption to customer service. However should subsequent
findings indicate that the situation requires escalation, the Lead Auditor has the authority to re-
close the branch, informing NBSC of the current status and the customers of the alternative
branches.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013
Owners: Linda McLauahiin Alicia Hassam
Tel. I
E-mail: [inda.melaughilif
POL00086825
POL00086825
4.6 The lead is responsible for contacting the other Field Team Members to discuss
arrangements and organise travel in accordance with the current Business Travel Expenses
(BTE) policy, arrange a meeting point and consider contingency arrangements in the event of
absence, sickness, travel or other problems. The meeting time should not precede the branch
opening time by more than 20 minutes. (Ref - EASE - Audits - Audit Process Manual - Chapter
12 - Continuity Planning)
4.7 The lead must provide the official working papers for use in the branch. Only the current
versions of working papers available on EASE are acceptable. Working papers for escalation to
Tier 2 must be carried if attending a Financial Assurance Audit (FAA).
4.8 The lead should ensure that when on site the use of mobile phones is kept to a minimum
and phones put on silent/vibrate once the office has re-opened. Any conversations that must be
held on site should be done so out of earshot of the counter unless this is absolutely
unavoidable. Clerks serving on the counter must be able to converse with customers without
being hampered by conversations taking place behind the counter. PLEASE NOTE only the
lead should have their mobile phone turned on, all other FTM’s should have their phone turned
off for the duration of the audit. Exception to this would need to be agreed with the lead in
cases of urgent/emergency calls being expected.
Section 5 - PLANNING
5.1 The Field Team Member designated “lead” at the audit is responsible for carrying out the
pre visit preparation. The lead must check the audit type, branch name and code and other
details supplied by the schedulers. Using the available database on EASE i.e. the All Branches
Database, they can find all the information on the branch including the date of the last audit.
There is a separate database of branch opening hours available on EASE and details of
Branch Trading dates to establish when the branch last rolled into a new BT period. In addition
to this POCA Vault Card Sales must be checked (ref EASE-Audits-Chapter 2). The lead at the
audit uses these details to populate the P32 audit tool and the CAT Reporting Tool. (Ref -
Section 6)
5.2 Whilst accessing these databases the lead auditor must also take note of what type of
office this is for example:
Agency Offices
Crown Office ( ref — additional info Appendix A)
A Franchise or multiple (ref- additional info Appendix B)
Open plan or a combination store (ref — additional info Appendix C)
WH Smith (ref — additional info Appendix D)
Core and Outreach (ref — additional information in Chapter 3a)
Post Office Local (ref — additional information Appendix E)
Post Office Mains
5.3 The type of office will indicate any further preparation required. Exceptions that relate to
specific types of office are detailed in the appendices. All this information must be accessed in
addition to the Audit Reports Matrix to determine where the reports must be sent. (Ref - EASE
— Audits — Audit Process Manual - Chapter 8)
5.4 The lead Field Team Member must also determine if any non-standard transactions are
performed at the branch as they will need to ensure that monies associated with these
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 6
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
transactions are included in the audit checks. The outlet should also be able to demonstrate
that these products are being accounted for in the correct manner.
Bureau de change (ref — Section 8.5)
ATM (ref — Appendix F)
Lottery (ref — Section 8.6.1 — 8.6.5)
Paystation (ref — Section 8.3.1)
Teller cash dispenser
Retail Service Point ( ref - Appendix C )
Stamp Vending Machine & Post & Go — (cash assured)
Rollercash/Bidi/Bidi Magnum ( ref — Appendix C )
There are instructions for dealing with these non standard transactions in the relevant Counter
Operations manuals/HOL HELP and Field Team Member must familiarise themselves with
these to be prepared to check cash and accounting practices at on site activities.
5.5 The lead must also consider any other factors that may impact on the amount of resource
required for audit activity e.g. seasonal variation, Public holidays or local events affecting cash
flow and banking activity.
5.6 The lead is responsible for supplying all working papers for completion during the audit.
This includes all Financial working papers (ref EASE-Audits-Audit Process Manual-Chapter 2a
Audit Tools) and all Cat working papers (ref EASE-Audits-Audit Process Manual-Chapter 10
Cat Tool).
Section 6 - P32, THE CAT Reporting Tool and SharePoint
6.1 A P32 is an Excel spreadsheet designed to support planning, verification and assurance of
assets and generate the reports required by Financial Audit activity at all branches. The lead
Field Team Member is responsible for posting all reports to the branch and email reports as per
Audit report matrix to all stakeholders along with uploading the relevant figures to SharePoint.
6.2 The Compliance Audit Test Reporting Tool (CAT Reporting Tool) is an Excel spreadsheet
designed to support the planning and testing of regulatory compliance and business
conformance and recording and reporting the results. The Field Team Member uses the tool to
access the lists of Regulatory Compliance and Business Conformance tests required, record
the answers and generate the report and a Compliance Declaration. The lead Field Team
Member is responsible for posting all reports to the branch and email reports as per audit report
matrix to all stakeholders, along with uploading the relevant figures to SharePoint.
The latest version of the CAT Reporting Tool is available from our database (ref - EASE
—Audits — Chapter 10 - CAT Tools & Instructions)
6.3 The tools are reviewed on a monthly basis and the expiry for the tool and last date for
submission is included in the latest Audit Process Update email. These dates must be strictly
adhered to.
6.4 The lead Field Team Member must download the current copy of the P32 and the CAT
Reporting Tool direct from EASE for every activity. Local copies should not be saved to avoid
use of out dated versions.
6.5 The current P32 and user instructions can be accessed from our database: (ref - EASE —
Audits- Chapter 2.)
The current CAT Reporting Tool and user instructions can be accessed from our database.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 7
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
(Ref — EASE — Audits — Audit Process Manual — Chapter 10 — CAT Tool and instructions)
6.6 The lead Field Team Member must ensure that they have read and understood the current
versions of the instructions.
6.7 To correctly name the P32 or CAT Reporting Tool, please see the guide/instruction on
EASE (ref —- EASE — Audits — Audit Process Manual Chapter 8 - Guide to sending reports)
6.8 When a date of previous audit is given on the all branches database then it is necessary to
access the database where the previous audit reports are held and carry forward information on
gaps from the previous audit to ensure they have been addressed. There is an area on the CAT
Reporting Tool “Planning section” where this information must go. Only audit reports from the
preceding three years need be consulted. If no record of previous audit or over three years
please add a comment to reflect this.
6.9 If the office has been subject to transfer since the last audit activity then the gaps recorded
against the previous Agent/Operator should be ignored.
6.10 All findings from the P32 and CAT Reporting Tool must be submitted via the appropriate
SharePoint Survey. This will be completed as a SharePoint Upload direct from the P32 & CAT
Reporting Tool
6.11 SharePoint is an on line tool that enables results to be reported and accessed immediately
by the relevant stakeholders. The responses to all SharePoint surveys can be collated
automatically without the P32 and CAT Reporting Tool having to be manually analysed.
The instructions to complete a SharePoint survey as an upload are held on our Toolkit.
(Ref - EASE -SharePoint Links/Info - P32 / CAT Tool - SharePoint Upload instructions)
6.12 As with the reporting tools it is essential that the lead Field Team Member accesses the
correct SharePoint survey links. Field Team Members should access the manual SharePoint
links after the automatic upload to ensure the entry has gone through (Ref — EASE — Audits -
SharePoint Links/Info)
There are also instructions here on how to edit SharePoint Entries.
It is also essential to read and follow the latest version of the instructions, ensuring that cut-off
times are strictly adhered to.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 8
Owners: Linda McLaughlin Alicia Hassam
Tel. ¢
E-mail: linda. mclaugfi
POL00086825
POL00086825
Section 7 - ON SITE ACTIVITY
7.1 Before approaching the branch the lead Field Team Member should take the opportunity to
brief the team on the approach for the visit and clarify all roles and responsibilities. Please
await the arrival of your colleagues before entering the branch.
7.2 The lead Field Team Member must send a text message to the Contract Advisor to inform
them of the audit activity, this should be sent before entering the branch. The brief text
message must include the lead Field Team Member’s name, the office name and branch code.
This is to make the Contract Advisor aware that there may be calls later in the day regarding
irregularities in the office. This is designed to speed up the resolution of on site issues. If there
is no mobile signal no text message will be sent, and the audit should commence as normal.
7.3 The lead Field Team Member must call the NBSC to notify them that an audit is taking
place and the branch will remain closed until its completion. This should also be completed
before entering the branch.
7.4 The introduction, by the lead Field Team Member, to the first person arriving on site should
be worded as follows;
“Hello my name is .... From Post Office® Network Services Field Team, I’m here to carry out an
audit of your branch today — introduce your colleagues and ascertain the role of the staff
7.5 Other points for the opening discussion should include as a minimum:
= The purpose of the audit is to verify cash and stock items.
= The reason behind the use of laptops and the P32 (using tools independent of the
Horizon system for verification)
= The course of events, what items will be checked and in what order — establish where
they are held in branch
= The need for access to the HOL system.
= The estimated opening time of the branch is 9:30am.
= Other aspects of the audit; for example reconciliation of non-value stock. E.g. POCA
cards, MVLs, etc.
* The Compliance Audit which will require the input of the Agent/Operator/OIC and
staff. Some of the areas to be tested can be mentioned as examples, e.g. Security,
AML, etc.
= The close of audit meeting and the opportunity for the Agent/Operator/OIC to
comment on any findings.
= The opportunity for the Agent/Operator/OIC to fill out a customer satisfaction
feedback form requesting their views on how the visit was conducted.
7.6 If they are not the Agent/Operator then they must be advised to contact the Agent/Operator
to let them know their branch is being audited and invite them to attend. This also applies to all
Multiple partners. Whether the Agent/Operator accepts or declines to attend the branch, the
branch is audited as planned.
7.7 The Agent/Operator or staff may contact the NBSC before allowing access and this will
mean that Field Team Members may have to wait outside until their identity has been confirmed
by the NBSC and they have completed their first access procedures. (Contact with NBSC is
not mandatory; Field Team Members may be admitted on verification of security passes)
Branches in Northern Ireland only:
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 9
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
The admittance and verification procedures for audits in Northern Ireland differ from GB.
Anyone carrying out an audit in Northern Ireland should follow the procedures detailed below:
Each afternoon, Network Support Admin Team will provide PO Grapevine with a plan of
scheduled audits for the next day with details of the office, branch code and names of auditors
scheduled to attend.
Special Audit Requests
In the event of an audit being called at short notice, the Network Support Admin Team will email
PO Grapevine and the relevant security manager to inform them of the special audit, detailing
the office name and branch code along with the names of the auditors who are scheduled to
attend
At commencement of the audit, the Agent/Operator or staff must contact Post Office
Grapevine to verify the auditors credentials before allowing access and this will mean that
Field Team Members may have to wait outside until their identity has been confirmed by
Grapevine and they have completed their first access procedures.
7.8 The Agent/Operator or staff should be advised that he/she should not access cash, stock or
the HOL system until the Field Team Members have gained access. In these circumstances,
any irregularity should be documented and a transaction log obtained from the HOL system to
ensure there has been no activity on the system before the Field Team Members were allowed
access.
7.9 If the Agent/Operator or staff refuses to allow entry to the premises, explain that the Field
Team Members have the right to verify Post Office Ltd assets and that the Agent/Operator is
contractually obliged to allow the Field Team Members access to do this. If access is denied
refer to the Contract Advisor for advice in the first instance. It may be necessary to involve the
police as a last resort.
7.10 Having gained entry to the building the lead Field Team Member must arrange for the
notices informing the public of the closure to be displayed in a prominent position. The details
on the poster will include the names and addresses of alternative offices, nearest MVL office if
applicable and an estimated opening time for the office.
7.11 Each Field Team Member must ensure that they sign a visitor's book or log recording their
arrival, date, time and purpose of their visit. They must also enter their departure time before
leaving the office.
7.12 Establish facilities for Field Team Members and where bags and personal belongings
should be stored — Not getting agreement on this could prove contentious if items are claimed
to be missing from the premises during or after the visit. Some branches have policies in place
which forbid taking handbags, personal cash, food etc into the counter area. Field Team
Members must abide by these policies. If Field Team Members are concerned about leaving
personal items in a different area or locking them in a vehicle then they are advised not to carry
unnecessary items to audit visits.
7.13 The Field Team Members should not have un-witnessed access to cash and stock.
Where it is not possible for the Agent/Operator to attend or the Agent/Operator chooses not to
be present, then checks must be made in the presence of a nominated Officer in Charge (OIC) -
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 10
Owners: Linda McLaughlin
Tel. F
E-mail: _jinda.melaughtiiif
POL00086825
POL00086825
(this should be agreed with the Agent/Operator on the call). It is important that any checks are
not made in isolation. Both the Field Team Member and stockholder should acknowledge the
accuracy of the figures following the check. Where a discrepancy is highlighted, the
Agent/Operator or OIC should be offered the opportunity to verify the findings and sign the cash
and/or stock sheet to confirm that the figures to be used as part of the audit are correct. In the
event that they decline the offer, then this should be noted, and included in the subsequent
audit report.
7.14 The need to identify and produce all cash, stock and vouchers
It must be stressed at the outset that there will be a need to identify and produce all cash, stock
and vouchers and to remind the Agent/OIC that this includes items kept outside the secure
area, Paystation or Lottery or any other cash which should be kept in the secure area. Should
the Agent/Operator/ OIC present cash after the audit has commenced, and it has been
confirmed that all cash has been produced, it must be excluded from the audit as the audit
result is only based on the verification of the financial assets presented as “on hand” at the
outset of the audit. The cash must be accepted from the Agent/Operator “without prejudice to
investigations or the current branch trading position”, a receipt issued, and included in Post
Office Ltd funds, but not the current branch trading position. Details of the amount should
however be included in the SharePoint input sheet of the P32 and recorded on SharePoint.
On completion of the audit all assets should be secured by the Field Team Member and
witnessed by either another member of the team or the Agent/Operator/OIC.
7.15 Obsolete stock must be discounted from the audit, the subsequent shortage included in
the current branch trading position and explained in the audit report.
Section 8 - FINANCIAL ASSURANCE AUDIT (FAA)
(Tier 2 requires additional procedures details below section 10)
8.1 The Financial Assurance Audit (FAA) involves the checking and verification of:
= Cash (ref — Section 8.3.2)
Cheques (ref — Section 8.3.3)
ATM cash (ref — Appendix F )
Currency (ref — Section 8.5)
Spoiled Postage labels
Lottery Instant scratch cards (ref Section 8.6.1 - 8.6.5)
National Lottery Cheques
Self Adhesive stamps 100 x 1*
Self Adhesive stamps 100x 2"¢
Self Adhesive stamps 50 x 1% Large
Self Adhesive stamps 50 x 2" Large
MVL discs (ref — see below & also Appendix H)
Traveller's cheques
POCA cards
All other stock items will be deemed to be assured.
Stamp Vending Machine and Post and Go machines will be assured.
MVL Discs - Count on hand MVL discs. Full unused packs of MVLs may be sampled and
assured. Following discussions with Finance Service Centre and the Conformance Team, it has
been agreed that any discrepancies at audit are recorded on the P32, audit report and
SharePoint. Furthermore, any shortages or surplus discs should be corrected during the audit
(see Appendix H).
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 11
Owners: Linda McLaughlin __.Aligia Hassam
Tel i
E-mail: Jinda.melaughling
POL00086825
POL00086825
Please note all empty stocks, when audited, should have the cash declared as zero before
coming out of the stock unit.
8.2 Horizon Reports
8.2.1 Ascertain the number and types of stock units on the system.
8.2.2 Ask the Agent/Operator or a member of staff with manager’s access to create a user ID
for the lead Field Team Member to allow them access to the Horizon system.
See Appendix G for Instructions on Accessing the Horizon System if no one in the office has
manager access.
8.2.3 The following report printouts must be obtained from the HOL system, examined and filed
with the working papers in line with the current retention process: See EASE — Audits -
Chapter 3 for Audit Report Paths, See EASE — Audits - Chapter 9 for Retention of Papers
The reports below should be printed by the lead to enable completion of the FAA and
once these reports have been obtained the lead can then assist colleagues in counting
cashi/stock.
e Un-reconciled/outstanding transfers report — for multi stock branches. This must be
printed prior to obtaining the office snapshot and definitely before any transfers have
been accepted.
e Transaction log for the day of the audit (audits commencing before opening hours -
only) - this report must be produced regardless of whether or not you feel the Horizon
terminal has been accessed prior to audit attendance
Office snapshot
Balance snapshot for each stock unit
Most recent cash declaration holdings for each stock unit
Foreign currency holdings
Outstanding summaries (to verify vouchers / cards on hand):
> Giro deposits / withdrawals
> Personal banking deposits and withdrawals (manual transactions)
> Green Girocheques
e Suspense account report
e Transaction corrections outstanding
8.2.4 Further reports required, to be printed after completion of FAA.
e User summary - obtain a list of all HOL users and take note of their full names. This
can then be checked by accessing the ‘modify user’ screen and checking that all
entries are current and in the correct format. (If any amendments are made to user
names please reprint the user summary to reflect the changes).
e Forty-two day transaction log detailing all transactions over £5000.00 to illustrate
transactions where identification data capture may have been required.
e Transaction corrections processed (this will also show instances whereby evidence
has been requested — entries will be preceded with an ‘E’
e Remittance summary (ins and outs) for the whole office for the trading period
e Reversal reports for 42 days — RV and ER; Reversal transaction and existing
reversal transaction when transaction code has been used
8.2.5. Please note: - Further reports can be obtained from the HOL system as required e.g.
branch trading statement reprints, stock adjustment reports, event logs and further transaction
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 12
Owners: Linda McLaughlin Alicia. Hassam
E-mail:
POL00086825
POL00086825
logs for investigation purposes. The above list is not exhaustive. However, this should be seen
as the minimum.
8.2.6 If the audit takes place on a Thursday, following the end of a branch trading period, and
the branch trading statement has not been fully completed, the audit should be based on the
trial balance figure ensuring cash and stock have been declared. (Please ensure all stocks are
in the same TP). The final branch trading statement can then be completed during the course of
the audit or as soon as practicable, ideally before the Field Team Members have left the
branch.
8.3 Checking Cash, Stock and Vouchers on Hand
8.3.1 Branches with a Paystation or Lottery terminal: ensure any overnight Transaction
Acknowledgement’s (TA) have been accepted or ensure this is the first action on log on.
Ensure all monies accepted in respect of transactions carried out on the terminal have been
introduced to the main cash before commencing the audit. The maximum amount of Post
Office® cash that can be held on the retail side is £250.00.
8.3.2 Cash check - obtain the final cash declaration for the day prior to the audit by reprinting
the last “existing” declaration or obtaining the report via the event log. Where the audit is
carried out later in the day and the branch has been open for business then it will not be
possible to confirm cash to a branch declaration. However the report should still be obtained
and examined for possible inflation of cash.
8.3.3. Cheques -. Count and record cheques on hand and verify to the HOL snapshot or the
branch trading statement if the branch trading period has been completed. Ensure that
cheques are examined for validity and that any “personal” cheques are not on hand, including
those belonging to staff members, without the correct annotation and a matching transaction
that can be verified through HOL.
8.3.4 If an irregular personal cheque (not associated with any transaction) is found contact the
Contract Advisor and Security Manager. The personal cheque must be impounded, excluded
from the audit result and a “without prejudice” receipt issued.
8.4 Vouchers- All the vouchers on hand must be checked and verified irrespective of the day of
the audit. The details on the report printouts of any transaction vouchers on hand must be
checked against the actual vouchers on hand e.g. giro deposits and withdrawals, or green giros
etc. These reports can be obtained in the HOL back office. Most are in the “Daily” report
section, but the green giro report is in the “Weekly” report section. It is also important that all
vouchers on hand are checked for validity, early encashment and fraud.
8.5 Currency - Verify all the Euros, US Dollars & the next 2 highest value (£) currencies on
hand to the correct amount on the balance snapshot. Totals from the currencies verified and
those deemed assured should be documented for later inclusion in the P32.
8.6.1 Lottery - All on line lottery transactions must be accounted for daily. Calculate any
outstanding monies owed to the Post Office and ask the Agent/Operator to make this good. If
the Agent/Operator isn’t able to do this or the lottery is not being accounted for correctly then
see irregularities (Section 9).
8.6.2 Count and record lottery scratchcards and reconcile to the HOL snapshot and local
records, if held. Scratchcards will normally be held on the retail counter and it may be
necessary to physically count the cards outside the counter area. Any cash held on the retail
side relating to sales should be included in the cash on hand verification.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 13
Owners: Linda. MeLauablin Alicia Hassam
Tel
E-mail: linda.melaughling
POL00086825
POL00086825
8.6.3 The scratchcards on hand can be verified by reference to the lottery matrix held on EASE
— (Audits — Processes — Audit Process Manual — Ch 3 Performing a Branch Audit) or by
telephoning the NBSC 08456011022. The Agent/Operator must be advised that any value of
obsolete scratchcards will be removed from the balance and the resultant shortage must be
made good. This should be actioned at the time of the audit and detailed in the audit report.
8.6.4 Obtain the following reports from the lottery terminal and the Agent/Operator, depending
on the type of branch OLT
e Summary Inventory
e Pack status reports for each game listed on the Summary Inventory
e Prizes for Online & Instants Report
8.6.5 Using the summary inventory and pack status reports confirm and reconcile the un-
activated scratchcards. It should also be confirmed that the scratchcards on sale have all been
activated. The pack status reports identify the status of the cards held:
CONFIRMED - Pack is un-activated
ACTIVATED - Pack is activated
8.6.6 Additional Instructions for Tesco Lottery Branches:
Some Tesco Post Offices complete their Lottery accounting a bit differently. They accept TA’s
as normal into a Lottery Stock Unit but there is no exchange of cash between the retail area
and the Post Office. This will create an increased discrepancy in the Lottery Stock Unit which
is then Settled Centrally when the branch completes their Branch Trading Statement. Finance
Service Centre reconcile these figures with figures from Camelot and invoice Tesco which they
then pay direct.
When completing an audit at a Tesco branch with Lottery the Lead Auditor will need to call the
Agent/Operator Accounting Team at Chesterfield (contact details on EASE) to obtain the
Agent/Operator Debt figure for Lottery. This should be done as early as possible. The Lead
Auditor also needs to request that the daily Lottery transaction spreadsheet for the branch is
emailed to them. This acts as evidence of the discrepancy and needs to be added to the zip
file emailed to the P32 File.
Any further discrepancies found at the branch will need to be reported on the P32 as normal.
8.7 Network Support Admin Team - Audit Admin Duty
48 hours prior to all audit types the Admin Duty will notify the lead Field Team Member of the
names of the staff registered as working in the office by email. Any staff working in the office
not registered with HR should be reported via the P356 Anomalies Report located on EASE. —
Audits — Audit Process Manual — Ch 3 Performing a Branch Audit
Whilst on site the lead Field Team Member will receive a phone call from the Network Support
Admin Team Audit duty. Depending on the type of audit
Financial Assurance Audit — Field Team Member will be advised of Agent/Operator Debt
Figure only. No call will be received if there is no debit / credit figure.
Tier 2 Audit — In addition to Agent/Operator Debt figure: the Field Team Member will be
contacted by Network Support Admin Team to confirm both inward and outward remittance
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 14
Owners: Linda McLaughl Alicia Hassam
Tel. {
E-mail: Jinda.mclaugnoy~
POL00086825
POL00086825
figures for the current trading period for verification purposes. This call will include confirmation
of the specific amount of debt.
8.8 There is no need to hold back and open rem bags awaiting collection if they are due for
despatch the same day as the audit. The reference numbers from the bags must be recorded
and verification sought the following day that the bags have arrived at the Cash Centre by
phoning the Network Support Admin Team Audit Duty. Any failures should be reported to the
Contract Advisor and Security Manager for an Investigation audit to be arranged.
If rem bags have been made up in advance and are not due for despatch on the day of audit
they should be opened and contents verified. In the event that any rem bags are made up and
sealed by a Field Team Member these must be witnessed by either a second Field Team
Member or the Agent/Operator/OIC.
8.9 On completion of the audit, contact the Cash Management Team for an assessment of their
performance. In the event of excess cash holdings, remit excess back to the cash centre.
Record amount returned for inclusion on SharePoint and remind Agent/Operator/OIC of the
correct cash management process.
Section 9 - IRREGULARITIES
9.1 During the course of the audit the Field Team Member may find discrepancies, transaction
corrections, inappropriate items held in suspense, business practices out with the Post Office®
operating instructions and in this situation the irregularity must be discussed with the Contract
Advisor.
9.2 Central Accounting in Chesterfield - Problems with irregularities involving errors in
accounting, transaction corrections or entries in the suspense account may be progressed with
the help of the appropriate contact. Please see (ref - EASE — Audits — Contacts — Finance
Service Centre Contacts — Finance Service Centre Team Contacts.)
In the event that a P242 needs to be completed the standard settle centrally threshold of £150
must be adhered to. If the branch indicates they are due a Transaction Correction or are
unable to mak
9.3 Support from Contract Advisor - As part of the preparation for the audit the lead Field
Team Member must have available the contact details for the Contract Advisor and alternative
Contract Advisor and the Security Manager to report findings, errors, discrepancies or
admissions.
9.3.1 If intervention is required, or circumstances suggest that they may be required, the
Contract Advisor should be contacted at the earliest opportunity. This will allow discussions to
take place and any necessary decisions made whilst the lead Field Team Member is still on site
and will ensure that problems are dealt with quickly and efficiently. Contact should be made via
mobile phone, as this will ensure confidentiality (use Mobex number for calls). The use of the
Agents/Operator’s telephone should be avoided.
9.3.2 The Contract Advisor should be contacted if anything happens during the visit that would
suggest that the Agent/Operator may be in breach of their contract for example:
e There is an unexplained discrepancy of £1000 or more (excluding outstanding debt)
e There are any irregular or suspicious circumstances
e There is an irregular personal cheque on hand
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 15
Owners: Linda McLaughlin Alicia Hassam
Tel. I" I
E-mail: _jinda.melaughiliif
POL00086825
POL00086825
e Sales made on a “credit” basis i.e. payment outstanding
e There is an admission of misuse of Post Office® Ltd funds or fraudulent activity
e The Agent/Operator refuses to allow access to the premises or any cash or stock
items
e Cash on hand has been inflated or an amount of cash is produced after the audit has
commenced
e Lottery takings are not to hand and/or banked in personal account
e There are discrepancies found in on-site verifications (remittances, suspense
accounts etc.)
e The Agent/Operator has declared that the previous periods discrepancy has been
made good, however findings are to the contrary
e The Agent/Operator cannot make good an audit shortage and is unable, or unwilling,
to put forward proposals
e Ifthe lead Field Team Member has any other concerns about the branch
This list is not meant to be exhaustive. Regardless of the circumstances, if there is any
doubt or concern about the branch or Agent/Operator, contact the Contract Advisor.
9.3.3 Should the Agent/Operator admit any fraudulent activity, he/she should be advised
immediately that the branch will be kept closed and the Contract Advisor and Security Manager
contacted.
Should the Agent/Operator be suspended, there is a possibility that the branch will remain
closed and the assets defunded (ref EASE — Audits — Audit Process Manual - Closure Process -
Chapter 5) for details about branch defund, In this case, a special notice to this effect should be
displayed and NBSC should be contacted to advise them of the situation. If the branch is to
remain closed, the datestamps should be lodged in the safe. Arrangements for the door and
safe keys should be agreed with the Contract Advisor.
9.3.4 In the event of a discrepancy, the Agent/Operator/OIC/Manager should be invited to
complete an independent check of the cash. This can be obtained from EASE (Audits- Audit
Process Manual — Chapter 3 — Record of Conversations — Cash Sheet)
9.3.5 In cases involving suspension, the lead Field Team Member should obtain six periods
worth of branch trading statements, and send for retention at the central archive in Salford
along with any other working papers. This will assist Finance Service Centre and/or the Fraud
Team should there be legal repercussions.
Originals should be obtained, but copies (where such facilities exist) are acceptable. Should
there be no statements available; reprints of the last six completed statements must be
obtained from the HOL system.
If the Agent/Operator objects to their removal, it should be pointed out that the paperwork is the
property of Post Office® Ltd, and if necessary a receipt should be issued.
9.3.6 When an audit has gone to suspension, the lead Field Team Member should also advise
Network Support Admin Team of this on the day. This is particularly important from a
scheduling point of view, as NSAT may need to cancel or reschedule any work the day after the
audit, if any of the Field Team Members on the suspension audit need to carry out any follow
up work relating to the audit, e.g. the office may not transfer to a temp SPMR until the following
day.
9.3.7 Transaction Acknowledgement Instructions on Suspension Audits:
The FTM needs to establish that all TA’s have been received in branch by checking the TA
print out and if any are missing make sure that funds are produced by the SPMR/Operator to
make good and then this amount should be placed in emergency suspense, or if the
Agent/Operator/operator does not make the amount good then this is included in the debt figure
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 16
Owners: Linda McLaughlin
Tel
E-mail: linda. melaughling
POL00086825
POL00086825
and reported on the final account so an attempt to recover any monies due by the late account
process can be made.
In the event of a Lottery branch the FTM needs to ensure that no instant pack activations are
missed by checking the pack activation slips or if these are not on hand to verify the date
of activation by ringing Camelot and checking that all the TA’s have been received.
9.4 Appointing a Temporary Agent/Operator - If the Contract Advisor decides that the
Agent/Operator is to be precautionary suspended from the office then it may be possible to
appoint a temporary Agent/Operator in his place to ensure continuity of service.
The Contract Advisor will commence this process with the permission and agreement of the
existing Agent/Operator. The Field Team Member must carry a set of paperwork to carry ili
out under the direction of David Sears, Temporary Subpostmaster/Operator Advisor {.
(Ref EASE-Interventions-Temporary Subpostmaster Security Checks)
Branches in Scotland only — Audit Irregularities
One of the fundamental rules of Scottish Criminal Law is that the essential elements of the
charge require to be corroborated before anyone can be convicted on that charge. It follows
that an admission by the accused is not enough evidence to convict in Scotland because that
evidence needs to be corroborated from another source. Therefore if one Field Team Member
finds a shortage in excess of £1000, the cash and stock they have checked requires a second
Field Team Member to physically check it, and also sign the working papers initialling any
alterations. Hence it has then been corroborated. From a business point of view we should not
construe as corroboration getting the Agent/Operator or Temporary Agent/Operator who is
taking over to check the cash and stock. The Defence argument could be that the
Agent/Operator was in shock, under duress etc when checking the figures. The same
argument could be made by the defence when it is an Assistant who is taking over as a Temp,
and they are asked to check the figures.
If the audit is a singleton activity contact your Field Team Leader to arrange assistance. Please
contact Security Team in addition to the Contract Advisor on the day of the audit to discuss.
NB: Corroboration can be completed by any Post Office employee, i.e. in remote locations a
member of Field Change Team etc may be more accessible than another Field Team Member.
Section 10 - PROCEDURES FOR FINANCIAL ASSURANCE AUDIT (TIER 2)
(In addition to aforementioned Financial Assurance Audit (FAA) procedures)
10.1 Print a copy of the Branch Trading Statement.
10.2 Check all cash, cheques, currency, postage, stock on hand as required for completion of
P32 (Tier 2). Refer to the latest user instructions on EASE for completion of the P32.
10.3 Working papers specific to Tier 2 must be used from EASE.
(Ref — EASE — Audit — Audit Process Manual — Chapter 2a - Audit Tools- Working Papers)
10.4 Ifa Tier 2 audit has been scheduled then in addition to the agent debt and staff names
information the Network Support Admin Team Audit Duty will also phone the lead Field Team
Member to confirm remittances in & out for the current Trading Period on the day. If the
Financial Assurance Audit (Tier2) is by escalation then these figures must be requested by the
Field Team Member.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 17
Owners: Linda McLaughlin ___Aligia Hassam
E-mail: linda.melaugfi
POL00086825
POL00086825
Section 11 - COMPLIANCE AUDIT
11.1 Compliance audit tests (CAT’s) are designed to test that regulatory compliance and
business conformance procedures are operating as intended, by checking evidence of
adherence to the approved systems.
11.2 The Field Team Members role in compliance auditing is to undertake sufficient testing
(across at least 50% of all staff) to be able to confirm, with reasonable assurance that controls
that should be present in a system are being deployed.
The areas tested are:
CORE CAT’s (Compliance Audit Tests)
Government Services (DVLA, IPS, AE!)
Procedural Security Inspection
POCA or other tests requested by Branch Standards
eocee
11.3 For current tests and user instructions see CAT reporting tool and user instructions on
EASE.
(Ref EASE- Audits- Audit Process Manual — Chapter 10 — CAT Tools/Instructions)
Section 12 - CLOSE OF AUDIT MEETING
12.1 Once the financial audit and compliance tests have been completed, the audit findings will
need to be discussed with the Agent/Operator. The following guidelines should be followed:
e The closing meeting should already have been discussed and planned with the
Agent/Operator as part of the opening meeting at the outset of the audit
e The meeting should be conducted in private whenever possible as some of the points
for discussion may be sensitive
e The lead Field Team Member should be familiar with all the findings of all the tests
completed (in conjunction with the person who has completed the Compliance testing
if this is not the lead Field Team Member). The lead Field Team Member is solely
responsible for discussing gaps identified during the closing meeting.
¢ During the closing meeting with the Agent/Operator the FSA must highlight any
issues identified from the financial audit in addition to the gaps discovered during the
compliance tests.
e When talking through the findings it is important to discuss them in a balanced way
and be able to qualify exactly what is meant. The reason for any actions should be
made clear. Informing the Agent/Operator that any gaps will result in contact from the
Branch Standards Team either by phone or letter. It is essential to highlight where the
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 18
Owners: Linda McLaughlin Alicia Hassam.
Tel. f GRO i
E-mail: linda melaughi
-
alicia
POL00086825
POL00086825
correct procedure is documented and the importance of adherence to it, by explaining
the correct procedures and clarifying understanding. The lead Field Team Member
must highlight the consequences and impact of failure to comply for the
Agent/Operator/staff and for the business. Failure could lead to the loss of the
Agents/Operator’s contract to provide products and / or services, and / or financial
penalties for Agent/Operator, his staff and the business
e Recognise good working practices in the office.
e Also, on the occasions where an office has no compliance gaps, congratulate the
Agent/Operator and/or staff on their good performance, emphasising how this has a
positive effect on the Network and Post Office customers.
e Following the closing meeting a customer satisfaction feedback form should be left
with the Agent/Operator at the branch — The Agent/Operator should be encouraged
to complete and return this form.
Section 13 - AUDIT REPORTING
13.1 All audit reports are embedded within the P32 & CAT Reporting Tool.
Please refer to the latest user instructions held on EASE; please also refer to the current
“reporting matrix”.
(Ref - EASE — Audits — Audit Process Manual — Chapter 8)
13.2 The lead Field Team Member must telephone the branch two days after sending the report
to confirm their understanding of the content and highlight their responsibility for the return of
the Declaration of Compliance and ask if they have returned their Customer Satisfaction
Feedback Form.
CROWN OFFICE APPENDIX A
(Additional information to be used at Crown Branches)
e Check and verify as a minimum, 50% of the counter stocks. If time and resource allow
then additional counter stocks can be checked
e All dormant stocks have to be checked
¢ All stocks with cash in excess of £25k
e Any stock held by the Branch Manager this will include ALL items that are in the Main
Stock such as postage stamps, special stamps, non value stock etc.
NB. The tab to input this information will automatically appear on the index page once
branch is identified as a Crown from the All Branches Database entered on the planning
page.
Crown Branch Losses
Losses & Gains identified should be e-mailed to Post Office Security in all instances regardless
of value.
If a discrepancy of more than £1000 is discovered, this should be reported to the Crown Sales
and Customer Service Manager and Security Manager: There is no need to escalate this to a
Tier 2 Audit, or keep the branch closed for longer than is necessary.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 19
Owners: Linda McLaughlin Alicia Hassam
Tel. i
E-mail: Jinda.melaughling
POL00086825
POL00086825
If a discrepancy of £10,000 or more is discovered, the Crown Sales and Customer Service
Manager and the Security Manager must be notified immediately and the Branch remains
closed until a full Audit of Accounts (Tier 2) can be completed. The branch should be re opened
at the earliest opportunity to minimise disruption to customer service.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 20
Owners: __ ....binda MeLauahlin..
Teli.
E-mail: linda.melaughlin!
POL00086825
POL00086825
FRANCHISE AND MULTIPLE BRANCHES APPENDIX B
The all branches database will provide details of branches that are of either a franchise or
multiple branch type. The lead Field Team Member should obtain this information at the
preparation stage along with:
e The name of the multiple / franchisee
e The multiple/franchise company contact point e.g. nominee
« The name of the Contract Advisor
The financial audit process outlined in this chapter can be applied to multiple and franchise
branches with the following exceptions:
If highlighted in the Branch Performance Profile model the lead Field Team Member will need to
determine if the procedural security compliance paper needs to be undertaken if the branch is a
franchise. Some franchise branches are self-insured and in these cases the Procedural
Security Inspection tests should not be completed. The self-insured franchise branches can be
identified from the branch details excel spreadsheet, available from EASE. Any major security
weaknesses must be still noted, however, and commented upon in the audit report.
On arrival at the branch, the lead Field Team Member should make the visit known to the store
manager and any local entry procedures must be adhered to. At the beginning of the audit the
lead Field Team Member must telephone the company contact, as per Multiple Contact List on
Chapter 3 main page, to advise that an audit is taking place and to invite them to the closing
meeting at the branch. The estimated time of the closing meeting should be advised and, if the
company contact is unable to attend, it must be confirmed that they are happy for the audit
findings to be discussed with the officer in charge on site.
Any irregularities, discrepancies, admissions etc. should be reported to the Contract Advisor.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 21
Owners: Linda McLaughlin Alicia Hassam
Tel.
E-mail: linda melaughi
POL00086825
POL00086825
OPEN PLAN AND COMBINATION FORMATS APPENDIX C
A Combination Store is the title given to retail branches that combine other retail business with
Post Office transactions using the same point of sale in the retail area. These branches often
also have one or more fortress positions. In the retail area the same person will deal with retail
and Post Office transactions, but funds and accounts will be separated.
The financial audit outlined in this chapter can be applied to open plan and combination
branches, but special care must be taken because of the different security arrangements.
To minimise security risk to staff and funds, the following principle applies:
e Under no circumstances should bulk cash be counted in positions which are exposed
to the public
e Allcash on hand should be counted in a secure back office area (if available) or prior
to the branch opening for business to avoid the problem.
e Cash being moved to a secure area should not exceed the till limit (£1000) for open
plan working unless the premises are closed
e NOTE: Rising screen branches operate with the same security procedures as
screened branches so the normal 60/90 rule would apply (enough cash to last up to
1.5 hours), not the £1000 limit
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 22
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
WH Smith Branch APPENDIX D
(Additional information to be used at WH Smith Branches)
On arrival at the branch, the lead Field Team Member should make the visit known to the
store manager and any local entry procedures must be adhered to.
There is no need to contact WH Smith (as we would with any other multiple) as senior
WHS Security & Investigation managers are aware of the audit plan.
WHS have an insurance waiver, but compliance questions relating to Procedural
Security Inspection should be asked. This is at the request of the Head of Business
Development (WH Smith).
The closing meeting will take place with the lead Field Team member and the Branch
Manager (or their representative at the branch) on the day of the audit.
Process - Financial
Physical check of cash & cheques
Main Safe stock unit
Bureau stock unit
Counter stocks: 2 to 3 stocks, prioritising in cash value the highest while still allowing the
branch to open at the normal time
Rollercash contents can be assured if store/branch is open
All other all purpose working (APW) stocks should be assured
Cash and currency REM Pouches — All cash rem pouches on hand to be verified, by
reversing the rem and checking the contents. (All cash rems prepared for dispatch must
be reversed out from HOL prior to opening and checking). Each pouch then needs to be
checked one at a time (the contents of each pouch being pouched up again and
remmed out prior to checking the next pouch). If the rem van arrives during the audit, the
pouches that the Field Team have checked can be dispatched. Any pouches still to be
checked will leave the office on the next scheduled collection day. N.B. All pouches
should have the barcode numbers noted and their delivery confirmed the next day, as
per normal procedure. (Count and assure the numbers of full sealed bags and physically
count any odd amounts of loose notes).
Physical check of stock
Main stock only — verify stock items as per Financial Assurance (P32) process.
N.B. The bulk MVL discs should be checked once the branch has been allowed to open.
Stock items in other stock units where holdings are considered to be high
In the event that a large cash, cheque or stock discrepancy is found, then a full stock unit check
is required.
Process - Compliance
Questions will be directed towards the BM and ABM in the office and as many counter
staff as practically possible. If the manager is unavailable then a representative of the
manager should be chosen.
Unlike some self-insured multiple partners, security questions should still be asked in
every case.
Contact
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 23
Owners: Linda McLaughlin Alicia Hassam
Tel.
E-mail: Jinda.mclaugh]
POL00086825
POL00086825
If there is an issue onsite, i.e. discrepancies over £1000 then there is one main point of contact,
Simon Davies (WH Smith). Any intervention to suspend staff will be actioned by either Simon or
passed onto an appropriate WH Smith manager to deal with. One phone call from the lead
Field Team Member will be sufficient. If Simon is unavailable please contact Steve Hall.
Simon Davies
Steve Hall
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 24
Owners: Linda McLaughlin
E-mail:
POL00086825
POL00086825
POST OFFICE LOCAL APPENDIX E
Post Office Local - Retailer Cash Funded — Audit Process
Normal audit procedures apply throughout the audit but if a discrepancy is found further
information will be required for offices where the Operator provides their own cash to run the
Post Office. (N.B. some PO Locals are PO funded).
Discrepancy over £1000
Check to see if the branch is aware of the discrepancy and the cause.
If they are aware the Field Team Member should contact the relevant team in Finance Service
Centre (EASE — Audits - - Contacts -Finance Service Centre Team Contacts) to determine if a
transaction correction can be expected.
If the branch are unaware Field Team Member to contact Louise S Wilkins at Chesterfield
_(Current Agent/Operators Debt, Postline:
1 GRO} ind check if they are aware of discrepancy. If required Louise will jiaise! with the
Fraud & Conformance team to check if they are aware of any issues. Louise can also advise
on outstanding settled centrally debt if required
When this has been confirmed please contact the Contract Advisor and inform them of the
situation. They will make the decision to suspend if appropriate.
Should the Operator opt to make good an audit shortage by cheque; Accept the cheque, issue
a without prejudice receipt and post directly to Finance Service Centre, 1 Future Walk, West
Bars, Chesterfield S49 1PF. Endorse the reverse of the cheque with branch name, code and
“audit shortage”.
Defund of Post Office Local
If, as a result of the call to Agent/Operators Debt, the money in the office is due to the Post
Office, and needs to be returned it will need to be accounted for as follows:
Loan Withdrawn from PO — on Horizon (HOL)
F7 Adjustments - 66 Loan to PO withdrawn
If unable to get a pick up from CViT send Cash by Special Delivery to local cash centre.
ATMs APPENDIX F
There are 4 different ATM types on site at branches.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 25
Owners: Linda McLaughlin Alicia Hassam
Tel. {
E-mail: Jinda.melaughiing
POL00086825
POL00086825
The different types of machines in the network are:
e PO maintained — this machine holds between £50k— £140k and is funded by a
remittance received at the branch. Some branches are authorised to hold in excess
of £140k, but written notification should be on hand. The transactions are reported
through the branch trading statement.
e Fully Serviced — this machine type is totally maintained by a cash carrying company
therefore would not be included in an audit.
e Self-fill: Retail cash — this machine is funded from private cash and under no
circumstances must Post Office funds be utilised. This is considered misuse of funds
and should be reported to the Contract Advisor. The cash in this machine does not
form part of the audit.
¢ Self-fill: PO cash — these machines hold £1k - £3k and are funded from PO funds.
There are consequently only 2 machine types that would need to be verified as part of the audit
process. Although it is not possible to open any of the ATMs whilst the branch is open for
business (if access is not via the secure area), all cassettes should be removed for counting
and the ATM closed down before the branch is allowed to open. If the branch (or the retail
side) is already open for business when the audit commences then they should be closed for a
short period whilst the ATM contents are removed for checking.
If, however, it is not possible to perform a physical check of the ATM during the audit then
sufficient reports should be obtained from the ATM to provide assurance that funds are on hand
within the ATM. This should be subsequently fully documented in the audit report, and reported
to the Contract Advisor at the time of the audit.
The obtaining of ATM reports should not be considered a replacement for physically checking
the actual contents of the machine. It should be used as a temporary measure to carry on with
the audit until such time (during a quieter period of the day as mentioned above) when the
branch can be closed for a short period to perform the physical verification.
This should only occur as an exception and where the premises in which the branch are
situated is not owned and operated by the same person and a decision to close the doors
cannot be enforced.
In extreme circumstances when the ATM is unable to be accessed, 4 weeks entries for ATM
withdrawals should be checked to ascertain whether or not stated holdings are reasonable. All
instances whereby the ATM cannot be accessed must be reported to the Contract Advisor by
phone during the audit.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 26
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
ACCESS TO THE HORIZON SYSTEM APPENDIX G
It will be necessary as part of an audit to gain access to the HOL system at the branch being
audited. There will also be times when different levels of access will be required and the
following should be adopted:
At all Audits
You should request the AGENT/OPERATOR to add you to the system, if this is not possible
due to no one in the branch having managers access, then your Global User ID should be used
to access the system. Once logged on with your Global User ID you can then create other
users on the system in order to later assist with the production of transaction/event logs and
you should add yourself as a user through the normal process to enable you to produce all
reports required under that user log on.
As previously stated, do not attempt to log on to or gain access to the HOL system with
anything other than your own personal ID.
Please note: - If users have been added to the system during the course of an audit remember
to delete them from the system at the conclusion of the audit and ask the agent/operator to
obtain a reprint of the User Summary. This will ensure all staff on User Summary is accurate
before leaving the branch.
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 27
Owners: Linda McLaughlin Alicia Hassam
E-mail:
POL00086825
POL00086825
ACCOUNTING FOR SHORTAGES/SURPLUSES IN MVL DISCS AT AUDIT
APPENDIX H
Shortages need to be declared as “lost” discs: — on HOL — Front Office — (F5) Licences &
Government — (45) Stock Mgt — (32) Lost Disc — If the branch knows the serial number(s) then
this should be entered, if not they should use volume where the serial number is not required-
(F16) Settle.
Surplus discs need to be entered as “found”:
If serial number is NOT known — on HOL — Back Office — (F5) Rems & Transfers — (F2) In From
ADC — (F15) Quantity [enter amount found] — (71) MVL discs — (F16) Settle.
If serial number is known - on HOL — Back Office — (F5) Rems & Transfers — (F2) In From ADC
—(F15) Quantity [enter amount found] — (71) MVL Discs — (F16) Settle — Front Office — (F5)
Licences & Government — (45) Stock Mgt — (34) Found disc - Choose either [31] Single or [32]
range - the system will now ask for the REM Session ID, Enter the serial number(s) / bar
code(s) on the disc(s) - (F16) Settle.
In all instances a copy of the MVL handout should bi
the Mails and Stock Team) should be contacted on
ranch and Jill Thompson (or
} (mobex I ).
Section 3.9 of this chapter refers to carrying a copy of the Branch Standards booklet at audits,
and this should be used to reference the importance of offices correctly accounting for MVL
discs, and the financial penalties of not doing this.
The MVL handout has been produced to assist MVL branches account for their tax discs.
This handout should be given to the Agent/Operator/OIC at MVL branches where
irregularities have been identified during the audit. (EASE - Audits — Useful Handouts
and Guides).
Appendix I
Process for auditing Bidi Safes
Tel. f
E-mail: Jinda.melaughling
POL00086825
POL00086825
The following process is to be used when Field Support Team Members (FSM’s) audit the Post
Office position at the Retail Service Point for Locals and Mains.
Process:
1. The FSM(s) upon entry will identify themselves to the Operator / Subpostmaster and the
Post Office Service Point must be isolated and all transactions ceased.
2. The FSM(s) will ask the Operator / Subpostmaster if they would like to close the
premises whilst all value cash and stock is removed to the secure area. If the Operator /
Subpostmaster wish the premises to remain open then the following must be applied.
3. The FSM(s) will retrieve all paper work required from Horizon to establish that Post
Office funds are secure.
4. If there is a back room terminal this must also be isolated and the Operator /
Subpostmaster instructed that this must not be used without their prior consent.
5. The Keys to the main safe must be identified and the FSM(s) must take possession of
the safe keys into their custody.
6. There are up to 20 cassettes within the Bidi, the FSM(s) will need to ensure that they
either mark the first cassette using a permanent marker or by inserting a piece of paper
into each cassette as it is checked so that each cassette is clearly recognisable.
7. The FSM(s) will push the button for the first cassette to be released (which will be
instant) and counted. Once counted then each cassette needs to be marked and then
placed back into the Bidi and the button pushed to receive the next cassette. There is a
known problem when only two or three cassettes are held within the Bidi in that when the
cassettes are placed back into the Bidi they have a tendency to not fall back flat and the
Bidi safe jams. If this happens then we will have no alternative but to close the retail
premises so that the main Bidi door can be opened. On opening any unmarked
cassettes can be placed on the bottom of the compartment (if there is only one, this can
be withdrawn and counted) and any marked cassette(s) placed on top.
8. It should take a maximum of one minute between each cassette withdrawal. This will
continue until all cassettes have been recycled and the FSM comes back to the first
cassette which will be identified by the permanent marker or by a piece of paper inside
the cassette.
9. Each cassette should hold around £400 - £600 so it is acceptable that the risk is minimal
in counting this cash one cassette at a time at the Post Office Position.
10.Once all the cassettes have been counted, then the cash till contents should also be
counted.
11.All other Audit process and practices will apply
12. The Post Office Service Position will NOT be put back into service until all cash and
stock has been accounted and the auditors have completed all their checks.
13. If the branch has a Bidi Magnum+ the following additional conditions will apply:
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 29
Owners: Linda McLaughlin licia Hassam.,
Tel RO
E-mail: linda.melaughi
SRO
POL00086825
POL00086825
14. The branch must be audited before 8 o'clock in the morning; this is to reduce the
likelihood that the drop safe will have been used.
15. If there is money in the drop safe, any amounts reported to be in the drop safe should
be verified using the transaction log to any large deposits made prior to the FSA’s
arrival . As long as any amounts reported to be in the drop safe match the transaction
log, the contents can be assured. If the amounts reported to be in the drop safe do not
match the transaction log then the premises must be closed for only the time it takes to
open the drop safe and remove the contents to a secure area for it to be counted. This
should be noted on the audit report. There will be no need to contact the contracts
advisor for authority to assure the contents.
16. If there is money in the drop safe, following the audit the FSM should contact their Field
Team Leader and the Field Team Leader will then contact the Network Support Admin
Team to request that another audit of the branch be scheduled within the next 20
working days.
Additional information:
For the majority of Locals, one FSM will be required to complete the audit. Additional FSM’s
will only be required if the branch operates 2 Horizon positions; has a Bidi Magnum+ safe, or
requires 2 FSM’s due to the size of the branch based on normal scheduling criteria
APM Chapter3 - Performing a Branch Audit — v3.2 Sept 2013 30
Owners: Linda McLaughlin - Alicia Hassam
E-mail: