Kotak Mahindra Bank Ltd Directors Report.

TO

THE MEMBERS OF

KOTAK MAHINDRA BANK LIMITED

REPORT ON THE AUDIT OF THE STANDALONE FINANCIAL STATEMENTS

Opinion

1. We have audited the accompanying standalone financial statements of Kotak Mahindra Bank Limited (the Bank), which comprise the Balance Sheet as at 31 March 2022, the Profit and Loss Account and the Cash Flow Statement for the year then ended, and a summary of the significant accounting policies and other explanatory information.

2. In our opinion and to the best of our information and according to the explanations given to us, the aforesaid standalone financial statements give the information required by the Banking Regulation Act, 1949 as well as the Companies Act, 2013 (the Act) and circulars and guidelines issued by the Reserve Bank of India (the RBI), in the manner so required for banking companies and give a true and fair view, in conformity with the Accounting Standards specified under section 133 of the Act, read with the Companies (Accounting Standards) Rules, 2021 and other accounting principles generally accepted in India, of the state of affairs of the Bank as at 31 March 2022 and its profit and its cash flows for the year ended on that date.

Basis for Opinion

3. We conducted our audit in accordance with the Standards on Auditing (SAs) specified under section 143(10) of the Act. Our responsibilities under those standards are further described in the Auditors Responsibilities for the Audit of the Standalone Financial Statements section of our report. We are independent of the Bank in accordance with the Code of Ethics issued by the Institute of Chartered Accountants of India (ICAI) together with the ethical requirements that are relevant to our audit of the standalone financial statements under the provisions of the Act and the rules thereunder, and we have fulfilled our other ethical responsibilities in accordance with these requirements and the Code of Ethics. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Key Audit Matters

4. Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the standalone financial statements of the current period. These matters were addressed in the context of our audit of the standalone financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.

5. We have determined the matters described below to be the key audit matters to be communicated in our report.

Identification of Non-performing Assets ("NPAs") and provisioning on advances:

Total Loans and Advances (Net of Provision) as at March 31, 2022: Rs 2,71,254 Crores Provision for NPAs as at March 31, 2022: Rs 4,733 Crores Provision Coverage Ratio (including technical write offs) as at March 31, 2022: 79.05%.

Refer Schedule 9, Schedule 17(C)(2), Schedule 18(A) note 9 and note 11

Key audit matter How our audit addressed the key audit matter
The Bank is required to comply with the Master Circular dated 1 October, 2021 issued by the Reserve Bank of India ("RBI") on "Prudential Norms for Income Recognition, Asset Classification and Provisioning pertaining to Advances" (the "IRAC norms") and amendments thereto which prescribes the guidelines for identification and classification of Non-performing Assets ("NPAs") and the minimum provision required for such assets. The Bank is also required to apply its judgement to determine the identification and provision required against NPAs considering various quantitative as well as qualitative factors. Our audit procedures included the following:
• Understood the process and controls, and tested the design and operating effectiveness of key controls, including Information Technology based controls, and focused on the following:
- Approval of new lending facilities in accordance with the Banks credit policies
- Performance of annual review/renewal of loan accounts.
The identification of NPAs is also affected by factors like stress and liquidity concerns in certain sectors. - Monitoring of credit quality which amongst other things includes the monitoring of overdue loan accounts, drawing power limit, pending security creation;
The provision for identified NPAs is estimated based on ageing and classification of NPAs, value of security, recovery estimates etc. and is also subject to the minimum provisioning norms specified by RBI. - Identification and classification of NPAs in accordance with IRAC norms, other regulatory guidelines issued by the RBI and consideration of qualitative aspects; and
In addition, the Bank is also required to implement "Resolution Framework - 2.0: Resolution of COVID-19 related stress of Individuals and Small Businesses" and "Resolution Framework - 2.0: Resolution of COVID-19 related stress of Micro, Small and Medium Enterprises (MSMEs)" issued by the RBI on 5 May 2021 (collectively "Resolution Framework - 2.0"), and consider the same in identification of NPAs and measurement of provision against advances. - Assessment of adequacy of NPA provisions.
• Tested the Banks process for identification of loans with default events and/ or breach of other qualitative factors, and for a sample of performing loans, independently assessed as to whether there was a need to classify such loans as NPAs.
Since the identification of NPAs and provisioning for advances requires considerable level of management estimation, application of various regulatory requirements and its significance to the overall audit, we have identified this as a key audit matter. • On a test check basis, verified the accounts classified by the Bank as Special Mention Accounts (SMA) in RBIs Central Repository of Information on Large Credits (CRILC).
• Inquired with the management of the Bank on sectors where there has been stress and the steps taken by the Bank to mitigate such sectorial risks.
• With respect to provisions recognised towards NPAs, we reperformed the provision calculations on a sample basis taking into consideration the value of security, where applicable, the IRAC norms and NPA policy of the Bank, and compared our outcome to that prepared by the management and tested relevant assumptions and judgements which were used by the management.
• Assessed whether the Banks Board approved policy is in line with the Resolution Framework - 2.0. On a sample basis, tested that restructuring was carried out in accordance with the Resolution Framework - 2.0 and re-computed the provision made in accordance with the said framework.
• With respect to additional provisions held by the Bank on account of the impact of COVID-19 pandemic, we assessed the underlying assumptions and estimates used by the management for such provisions.
• Read the RBI Annual Financial Inspection report and managements response to the extent provided for the financial year ended 31 March 2021 and other communication with regulators and checked whether the observations therein so far as those relate to identification of NPAs and provisions made against advances, have been addressed by the Bank.

Information Technology ("IT") Systems and Controls impacting Financial Reporting

Key audit matter How our audit addressed the key audit matter
The IT environment of the Bank is complex and involves a large number of independent and interdependent IT systems used in the operations of the Bank for processing and recording a large volume of transactions. As a result, there is a high degree of reliance and dependency on such IT systems for the financial reporting process of the Bank. Our audit procedures with respect to this matter included the following:
Appropriate IT general controls and IT application controls are required to ensure that such IT systems are able to process the data as required, completely, accurately, and consistently for reliable financial reporting. In assessing the controls over the IT systems of the Bank, we involved our technology specialists to obtain an understanding of the IT environment, IT infrastructure and IT systems.
We evaluated and tested relevant IT general controls and IT application controls of the "in-scope" IT systems identified as relevant for our audit of the standalone financial statements and financial reporting process of the Bank.
We have identified certain key IT systems ("in-scope" IT systems) which have an impact on the financial reporting process and the related control testing as a key audit matter because of the high level of automation, significant number of systems being used by the Bank for processing financial transactions, the complexity of the IT architecture and its impact on the financial records and financial reporting process of the Bank. On such "in-scope" IT systems, we have tested key IT general controls with respect to the following domains:
a. Program change management, which includes that program changes are moved to production environment as per defined procedures and relevant segregation of environment is ensured.
b. User access management, which includes user access provisioning, de-provisioning, access review, password management, sensitive access rights and segregation of duties to ensure that privilege access to applications, operating system and databases in the production environment were granted only to authorized personnel.
c. Program development, which comprises IT operations and system development life cycle for relevant in-scope applications, operating systems, and databases, which are relied upon for financial reporting.
d. Other areas that were assessed under the IT control environment included backup management, business continuity, disaster recovery, incident management, batch processing and monitoring.
We also evaluated the design and tested the operating effectiveness of key IT application controls within key business processes, which included testing automated calculations, automated accounting procedures, system interfaces, system reconciliation controls and key system generated reports, as applicable.
Where control deficiencies were identified, we tested compensating controls or performed alternative audit procedures, where necessary.

Information other than the Financial Statements and Auditors Report thereon

6. The Banks Board of Directors are responsible for the other information. The other information comprises the information included in the Annual Report including the Pillar 3 Disclosure under the New Capital Adequacy Framework (Basel III disclosures) but does not include the standalone financial statements and our auditors report thereon. The Annual Report is expected to be made available to us after the date of this auditors report.

Our opinion on the standalone financial statements does not cover the other information and we will not express any form of assurance conclusion thereon.

In connection with our audit of the standalone financial statements, our responsibility is to read the other information identified above when it becomes available and, in doing so, consider whether the other information is materially inconsistent with the standalone financial statements or our knowledge obtained in the audit or otherwise appears to be materially misstated.

When we read the Annual Report, if we conclude that there is a material misstatement therein, we are required to communicate the matter to those charged with governance and take appropriate action as applicable under the relevant laws and regulations.

Responsibilities of Management and Those Charged with Governance for the Standalone Financial Statements

7. The accompanying standalone financial statements have been approved by the Banks Board of Directors. The Banks Board of Directors are responsible for the matters stated in section 134(5) of the Act with respect to the preparation and presentation of these standalone financial statements that give a true and fair view of the financial position, financial performance and cash flows of the Bank in accordance with the Accounting Standards specified under section 133 of the Act, read with the Companies (Accounting Standards) Rules, 2021 and other accounting principles generally accepted in India, and provisions of section 29 of the Banking Regulation Act, 1949 and circulars and guidelines issued by the RBI from time to time. This responsibility also includes maintenance of adequate accounting records in accordance with the provisions of the Act for safeguarding of the assets of the Bank and for preventing and detecting frauds and other irregularities; selection and application of appropriate accounting policies; making judgments and estimates that are reasonable and prudent; and design, implementation and maintenance of adequate internal financial controls, that were operating effectively for ensuring the accuracy and completeness of the accounting records, relevant to the preparation and presentation of the standalone financial statements that give a true and fair view and are free from material misstatement, whether due to fraud or error.

8. In preparing the standalone financial statements, the Board of Directors are responsible for assessing the Banks ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Board of Directors either intend to liquidate the Bank or to cease operations, or has no realistic alternative but to do so.

9. Those Board of Directors are also responsible for overseeing the Banks financial reporting process.

Auditors Responsibilities for the Audit of the Standalone Financial Statements

10. Our objectives are to obtain reasonable assurance about whether the standalone financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditors report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with SAs will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these standalone financial statements.

11. As part of an audit in accordance with SAs, we exercise professional judgment and maintain professional skepticism throughout the audit. We also:

• Identify and assess the risks of material misstatement of the standalone financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control;

• Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances. Under section 143(3)(i) of the Act, we are also responsible for expressing our opinion on whether the Bank has adequate internal financial controls with reference to standalone financial statements in place and the operating effectiveness of such controls;

• Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by management;

• Conclude on the appropriateness of managements use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Banks ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditors report to the related disclosures in the standalone financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditors report. However, future events or conditions may cause the Bank to cease to continue as a going concern.

• Evaluate the overall presentation, structure and content of the standalone financial statements, including the disclosures, and whether the standalone financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

12. We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

13. We also provide those charged with governance with a statement that we have complied with relevant ethical requirements regarding independence, and to communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards.

14. From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the standalone financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditors report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.

Other Matter

15. The standalone financial statements of the Bank for the year ended 31 March 2021, were audited by M/s Walker Chandiok & Co LLP, who vide their report dated 03 May 2021 expressed an unmodified opinion on those standalone financial statements.

Our opinion is not modified in respect of this matter.

Report on Other Legal and Regulatory Requirements

16. The Balance Sheet and the Profit and Loss Account have been drawn up in accordance with the provisions of section 29 of the Banking Regulation Act, 1949 and section 133 of the Act.

17. As required by sub-section (3) of section 30 of the Banking Regulation Act, 1949, we report that:

a) We have obtained all the information and explanations which, to the best of our knowledge and belief, were necessary for the purpose of our audit and have found them to be satisfactory;

b) The transactions of the Bank, which have come to our notice, have been within the powers of the Bank;

c) We have visited 120 of branches to examine the books of accounts and other records maintained at the branches for the purpose of our audit. Since the key operations of the Bank are automated with the key applications integrated to the core banking system, the audit is carried out centrally as all the necessary records and data required for the purposes of our audit are available therein.

18. With respect to the matter to be included in the auditors report under section 197(16) of the Act, we report that since the Bank is a Banking Company as defined under the Banking Regulation Act, 1949, Section 197 is not applicable to the Bank by virtue of section 352B(2A) of the Banking Regulation Act, 1949. Accordingly, the reporting under Section 197(16) in relation to whether the remuneration paid by the Bank is in accordance with the provisions of section 197 of the Act and whether any excess remuneration has been paid in accordance with the aforesaid section is not applicable.

19. Further, as required by section 143 (3) of the Act, based on our audit, we report, to the extent applicable, that:

a) We have sought and obtained all the information and explanations which to the best of our knowledge and belief were necessary for the purpose of our audit of the accompanying standalone financial statements;

b) In our opinion, proper books of account as required by law have been kept by the Bank so far as it appears from our examination of those books;

c) The Balance Sheet, the Profit and Loss Account and the Cash Flow Statement dealt with by this report are in agreement with the books of account;

d) In our opinion, the aforesaid standalone financial statements comply with the Accounting Standards specified under section 133 of the Act read with the Companies (Accounting Standards) Rules, 2021, to the extent they are not inconsistent with the accounting policies prescribed by RBI;

e) On the basis of the written representations received from the directors and taken on record by the Board of Directors, none of the directors is disqualified as on 31 March 2022 from being appointed as a director in terms of section 164(2) of the Act;

f) With respect to the adequacy of the internal financial controls with reference to standalone financial statements of the Bank as on 31 March 2022 and operating effectiveness of such controls, refer to our separate Report in Annexure A wherein we have expressed an unmodified opinion; and

g) With respect to the other matters to be included in the Auditors Report in accordance with rule 11 of the Companies (Audit and Auditors) Rules, 2014 (as amended), in our opinion and to the best of our information and according to the explanations given to us:

i. the Bank, as detailed in Schedule 12 (I), Schedule 17C - Note 13 and Schedule 18B Note 15(1) to the standalone financial statements, has disclosed the impact of pending litigations on its financial position as at 31 March 2022;

ii. The Bank, as detailed in Schedule 12 (II), 12 (Va) and 12 (Vb), Schedule 17C - Note 10, Note 11 and Note 13 and Schedule 18B - Note 10 and Note 15 to the standalone financial statements, has made provision as at 31 March 2022, as required under the applicable law or accounting standards, for material foreseeable losses, if any, on long-term contracts including derivative contracts;

iii. There has been no delay in transferring amounts, required to be transferred, to the Investor Education and Protection Fund by the Bank during the year ended 31 March 2022;

iv. a. The management has represented that, to the best of its knowledge and belief, other than as disclosed in Schedule 18B - Note 17 to the standalone financial statements, no funds have been advanced or loaned or invested (either from borrowed funds or securities premium or any other sources or kind of funds) by the Bank to or in any person(s) or entity(ies), including foreign entities (the intermediaries), with the understanding, whether recorded in writing or otherwise, that the intermediary shall, whether, directly or indirectly lend or invest in other persons or entities identified in any manner whatsoever by or on behalf of the Bank (the Ultimate Beneficiaries) or provide any guarantee, security or the like on behalf the Ultimate Beneficiaries;

b. The management has represented that, to the best of its knowledge and belief, other than as disclosed in Schedule 18B - Note 17to the standalone financial statements, no funds have been received by the Bank from any person(s) or entity(ies), including foreign entities (the Funding Parties), with the understanding, whether recorded in writing or otherwise, that the Bank shall, whether directly or indirectly, lend or invest in other persons or entities identified in any manner whatsoever by or on behalf of the Funding Party (Ultimate Beneficiaries) or provide any guarantee, security or the like on behalf of the Ultimate Beneficiaries; and

c. Based on such audit procedures performed, as considered reasonable and appropriate in the circumstances, nothing has come to our attention that causes us to believe that the management representations under sub-clauses (a) and (b) above contain any material misstatement.

v. The dividend declared and paid during the year ended 31 March 2022 by the Bank is in compliance with Section 123 of the Act.

ANNEXURE A TO THE INDEPENDENT AUDITORS REPORT

Referred to in paragraph 19(f) of the Independent Auditors Report of even date to the members of Kotak Mahindra Bank Limited on the standalone financial statements for the year ended 31 March 2022

Independent Auditors Report on the internal financial controls with reference to the standalone financial statements under Clause (i) of Sub-section 3 of Section 143 of the Companies Act, 2013 (the Act)

1. In conjunction with our audit of the standalone financial statements of Kotak Mahindra Bank Limited (the Bank) as at and for the year ended 31 March 2022, we have audited the internal financial controls with reference to standalone financial statements of the Bank as at that date.

Responsibilities of Management and Those Charged with Governance for Internal Financial Controls

2. The Banks Board of Directors is responsible for establishing and maintaining internal financial controls based on the internal control over financial reporting criteria established by the Bank considering the essential components of internal control stated in the Guidance Note on Audit of Internal Financial Controls Over Financial Reporting ("the Guidance Note") issued by the Institute of Chartered Accountants of India (ICAI). These responsibilities include the design, implementation and maintenance of adequate internal financial controls that were operating effectively for ensuring the orderly and efficient conduct of the Banks business, including adherence to Banks policies, the safeguarding of its assets, the prevention and detection of frauds and errors, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information, as required under the Act.

Auditors Responsibility for the Audit of the Internal Financial Controls with Reference to the Standalone Financial Statements

3. Our responsibility is to express an opinion on the Banks internal financial controls with reference to the standalone financial statements based on our audit. We conducted our audit in accordance with the Guidance Note issued by the ICAI and the Standards on Auditing issued by the ICAI and prescribed under Section 143(10) of the Act to the extent applicable to an audit of internal financial controls with reference to financial statements. Those Standards and the Guidance Note require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether adequate internal financial controls with reference to the standalone financial statements were established and maintained and if such controls operated effectively in all material respects.

4. Our audit involves performing procedures to obtain audit evidence about the adequacy of the internal financial controls with reference to the standalone financial statements and their operating effectiveness. Our audit of internal financial controls with reference to the standalone financial statements includes obtaining an understanding of internal financial controls with reference to the standalone financial statements, assessing the risk that a material weakness exists, and testing and evaluating the design and operating effectiveness of internal control based on the assessed risk. The procedures selected depend on the auditors judgement, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error.

5. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion on the Banks internal financial controls with reference to the standalone financial statements.

Meaning of Internal Financial Controls with Reference to the Standalone Financial Statements

6. A Banks internal financial controls with reference to the standalone financial statements is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A Banks internal financial controls with reference to the standalone financial statements include those policies and procedures that

(1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Bank;

(2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of the standalone financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the Bank are being made only in accordance with authorisations of management and directors of the Bank; and

(3) provide reasonable assurance regarding prevention or timely detection of unauthorised acquisition, use, or disposition of the Banks assets that could have a material effect on the financial statements.

Inherent Limitations of Internal Financial Controls with Reference to the Standalone Financial Statements

7. Because of the inherent limitations of internal financial controls with reference to the standalone financial statements, including the possibility of collusion or improper management override of controls, material misstatements due to error or fraud may occur and not be detected. Also, projections of any evaluation of the internal financial controls with reference to the standalone financial statements to future periods are subject to the risk that the internal financial controls with reference to the standalone financial statements may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

Opinion

8. In our opinion, the Bank has, in all material respects, adequate internal financial controls with reference to the standalone financial statements and such internal financial controls with reference to the standalone financial statements were operating effectively as at 31 March 2022, based on the internal control over financial reporting criteria established by the Bank considering the essential components of internal control stated in the Guidance Note issued by ICAI.

For Walker Chandiok & Co LLP For Price Waterhouse LLP
Chartered Accountants Chartered Accountants
Firm Registration Number: 001076N/N500013 Firm Registration Number: 301112E/E300264
Murad D. Daruwalla Russell I Parera
Partner Partner
Membership Number: 043334 Membership Number: 042190
UDIN: 22043334AIJAKS4902 UDIN: 22042190AIJNDL3154
Place: Mumbai Place: Mumbai
Date: 04 May 2022 Date: 04 May 2022