The roles of various gatekeepers of corporate governance, such as auditors, independent directors and credit rating agencies, has increasingly come under scrutiny as a response to the various financial scandals that shook corporate India – from Satyam to IL&FS, and more recently, in the case of the auditor resigning from Reliance Capital. While the company's management is ultimately responsible for ensuring that the accounts give a true and fair view of its state of affairs, its auditors also play a key role in assessing the accuracy and reliability of such accounts.
The auditor-company relationship has potential for conflicts of interest, where the former is providing more lucrative non-audit services (NAS) to a company that it audits, which could compromise its independence, and by extension, the quality of its audit. The Companies Act, 2013, has addressed these issues to some extent by prohibiting auditors from providing services such as internal audit, accounting, investment advisory and investment banking to an audit client (including its holding and subsidiary companies). Firms are, however, free to offer NAS such as tax and unspecified advisory services with the approval of the company's board of directors or the audit committee of the board, as applicable.
Recent news reports indicate that the Ministry of Corporate Affairs is considering tightening the NAS-related rules further, including expanding the list of prohibited NAS and capping revenues from NAS.
Listed and unlisted public companies exceeding specified thresholds of share capital, turnover, loan or deposits are mandated to constitute an audit committee for reviewing and monitoring the auditor's independence and performance, and the effectiveness of the audit process. The audit committee, which has a majority of independent directors, and at least two-thirds in the case of listed companies, has the opportunity to call for the auditor's comments on the company's internal control systems and discuss any observations of the auditor before the submission of accounts to the board of directors.
Additionally, listed companies and large public and private companies are required to appoint internal auditors, who conduct an internal audit of the functions and activities of the company and report to the audit committee. The audit committee of a listed company is responsible for reviewing the findings of investigations by the internal auditor into matters where there is suspicion of fraud, irregularity or a failure of internal control systems of a material nature and for reporting the matter to the board.
An auditor is, to a large extent, reliant on the management's cooperation in providing the requested information, explanations and access to books and records. Due to the timing of the audit, an auditor may not be in a position to protect the stakeholders from the actions of the management and may be able to highlight an issue only after an incident has taken place. A truly independent audit committee, which has the wherewithal to highlight potential issues upfront, coupled with strong internal audit processes, could serve to bridge the gap between the company's management and its stakeholders.
The Ministry of Corporate Affairs constituted the National Financial Reporting Authority (NFRA) in October 2018. In addition to monitoring and enforcing compliance with accounting and auditing standards and overseeing the quality of service of the auditors of listed and other specified companies, the NFRA also has the power to investigate the professional or any other misconduct of any registered chartered accountant or firm. The NFRA has powers to impose penalties for individuals of up to five times, and for firms of up to 10 times the fees received, and to debar them from practising for a period ranging from six months to 10 years.
The powers of the NFRA to investigate misconduct and impose penalties have been challenged through a writ petition that is currently pending before Delhi High Court. The severity of the NFRA's penalties in case misconduct is proven in the IL&FS and other similar matters remains to be seen.
In order to serve as effective watchdogs, and in view of increased regulatory oversight, auditors will need to introduce greater rigour into their audit exercise. The matters required to be disclosed in the auditor's report (under the act, accounting standards, audit rules and the Companies (Auditor's Report) Order, 2016) should not lead to a tick-box compliance approach. Instead, auditors should have open channels of communication with the audit committee to flag issues early on in the engagement and recommend ways to strengthen internal controls.
Originally published by India Business Law Journal, July 25, 2019.
This insight/article is intended only as a general discussion of issues and is not intended for any solicitation of work. It should not be regarded as legal advice and no legal or business decision should be based on its content.