Independent Assurance Report

To the directors of Central Depository and Settlement Corporation

We have been engaged to perform a limited assurance engagement in respect of the operational capabilities of the central depository system as required by Section 33(3) of the Central Depositories Act, 2000.

Responsibilities of directors

The directors are responsible for keeping or cause to be kept such records and accounts, in sufficient detail as per Section 32 of the Central Depositories Act, 2000 and to also ensure that the Central Depository’s operations are functioning satisfactorily with due regards to the duties of Central Depository as per the Central Depositories Act, 2000.

Section 32 of the Central Depositories Act, 2000 requires the Central Depository to keep or cause to be kept such records and accounts, in sufficient detail, so as to show particulars of:

    • all transfer of book-entry securities to and from a securities account;
    • all moneys received or paid by a central depository, including dividends received in respect of any book-entry securities and the disbursement of such dividends to depositors;
    • all income received from commissions, fees, charges and other sources, and all expenses, commissions, and other payments made or paid by the central depository; and
    • all assets and liabilities (including contingent liabilities) of the central depository.

Section 33 (1) of the Central Depositories Act, 2000 requires the Central Depository at the end of every financial year cause an audit to be conducted in respect of every record or account kept pursuant to section 32, which shall include:

    • verification of the accuracy of the details shown in such records or accounts;
    • a stock count of all certificates held by the central depository.

Our independence and quality control

The firm applies International Standard on Quality Control 1 and, accordingly maintains a comprehensive system of quality control including documented policies and procedures regarding compliance with ethical requirements, professional standards and applicable legal and regulatory requirements.

We are independent of the company in accordance with the International Ethics Standards Board for Accountants’ Code of Ethics for Professional Accountants (IESBA Code) together with ethical responsibilities in Kenya and we have fulfilled our other ethical responsibilities in accordance with these requirements.

Our responsibilities and scope

We conducted our work in accordance with the International Standard on Assurance Engagements (ISAE) 3000 which requires that we comply with ethical requirements and plan and perform the assurance engagement, under consideration of materiality, to provide our conclusion with limited assurance.

Our responsibility is to obtain limited assurance about whether the company has complied with the requirements of Section 32 and 33(1) of the Central Depositories Act, 2000. Our procedures are designed to provide limited but not reasonable or absolute assurance that the proper records and accounts have been kept with sufficient detail, that the Central Depository System operates and performs its functions satisfactorily and that there is no material non-compliance with the requirements of Section 32 of the Central Depositories Act, 2000. Our procedures therefore cannot be relied upon or used as a substitute for adequate internal controls including monitoring thereof or an audit of every record kept by the depository under the requirements of Section 33 (1). Accordingly, this engagement does not meet the requirements as set out under Section 33 (1) of the Central Depositories Act, 2000.

Within our scope of work, we:

    • Performed procedures to review the adequacy of the Information System Control Environment.
    • Reviewed application controls including the system integration between the Nairobi Securities Exchange, Central Depositories Agents and the Depository.
    • Performed tests on operating effectiveness of controls over operational procedures as detailed in our Letter of Engagement dated 31 January 2017.

Conclusion

Based on our limited procedures, nothing has come to our attention to cause us to believe that proper records and accounts have not been kept with sufficient detail and the Central Depository System operate and perform its functions satisfactorily.

Emphasis of Matter – Internal controls recommendations

We have detailed in our separate management letter a number of recommendations related to the internal control environment including IT controls which should be read in conjunction with this report. Our conclusion is not qualified in this respect.


PKF KENYA, CERTIFIED PUBLIC ACCOUNTANTS
25th March 2019