An Audit is an examination of data to verify its integrity. Audits can be found in every field to ensure the accuracy and reliability of important information. A financial audit checks for the accuracy of data presented in the financial statements and books of accounts of an entity.
Although financial audits can be internally conducted by an entity through its employee, an audit from an external independent body is considered more reliable. A financial audit may include a test of controls, tests of transactions, tests of balances and analytical procedures.
What is a Statutory Audit
When a financial audit is required under law, it is called a statutory audit. It is an external audit where the auditor is appointed under the respective law or statute. In India, a “Company audit” is generally referred to as “Statutory audit”. Generally practising chartered accountants can be appointed as statutory auditors.
Statutory Audit vs Internal Audit
Internal audit is done voluntarily without any legal force, whereas Statutory audit is authorised and governed by law.
Although certain types of companies are required to appoint an internal auditor under the Companies Act 2013, there are no reporting guidelines prescribed by the act. The company can in consultation with the Internal Auditor, formulate the scope, and methodology for conducting the internal audit.
The auditor may or may not be an employee of the company and maybe a CA/CWA or any other professional. It involves a review of the system and processes of the business to identify weaknesses that may affect the efficiency and productivity of the business.
Types of Financial Audits under various laws in India
Company Audit under Companies Act 2013 – As a company is limited by its liability, it is necessary to safeguard the interests of its lenders and shareholders. To ensure this the Indian companies act requires every company to get its accounts audited as per the guidelines laid down in the act. Both private and public companies are required to get their accounts and financial statements audited every year. This audit is conducted by an independent practising chartered accountant. The audit report has to be prepared according to the Companies auditor report order 2016 (CARO 2016).
Tax Audit under Income Tax Act 1961 – Income Taxes contribute to more than 50% of the total tax revenue of India. To verify various expenses and deductions claimed by businesses and to minimise tax evasions certain businesses are required to get their accounts audited by practising chartered accountants as per the guidelines and reporting requirements mentioned in the act. The audit report has to be prepared according to Form 3CD prescribed by the Income Tax Rules.
GST Audit under CGST Act 2017 – Indirect tax in the form of Goods and services tax (GST) came into effect from 1st July 2017. An audit under GST was applicable to verify the correctness of turnover declared, input tax credit availed, taxes paid and refunds claimed by the assessee. This audit is no more applicable from the financial year 2020-21.
Cost Audit under Companies Act 2013 – This audit involves an audit of cost records maintained by the companies operating in regulated and non-regulated sectors. An audit is applicable as per the turnover guidelines mentioned in the Companies act. It is conducted by a practising Cost Accountant.
Bank Audit under the Banking Regulation Act, 1949 – It applies to all banking institutions as defined under the Banking Regulation Act, 1949. A practising Chartered Accountant appointed by the bank in consultation with RBI is eligible for auditing the financial records and other operations of the bank. The audit report has to be furnished along with a Long-form audit report (LFAR) prescribed by RBI.
Forensic Audit – This audit is conducted when there is a suspicion of fraud, theft or other financial misdeeds. This type of audit involves investigations to produce evidence that can be used in a court of law. Generally, market regulators like RBI and SEBI order such audits for banks and listed companies. There is no standard format for a Forensic Audit Report.
Trust & Cooperative Society Audit – are also two types of audits required under Income tax and the respective societies act.
Procedure for a Financial / Statutory Audit
A statutory audit involves understanding the operating environment and controls of a business entity.
Understanding the Business Environment – The auditor needs to check the guidelines and regulations of the law under which he is appointed. He also needs to check the nature of the entity and its business transactions. The procedure includes sending questionnaires, checklists and other formal notifications to the client.
Understanding Controls – Effectiveness of Standard operating procedures play a key role in an organisation’s well being. An auditor can understand the control of operations by referring to the working papers of the company. Asking the employees and referring to previous year audit reports and financial statements can give a further idea.
Test of Controls – It involves the evaluation of standard operating procedures and mechanisms for the prevention of fraud and error. Do they agree with industrial best practices and standards set by the regulators? The auditor checks whether operating controls are adequate, are performed properly and understood by all the employees involved.
Test of Account Details – It involves digging into the transaction details. Like Vouching invoices, testing bank reconciliations from subsequent month bank statements, Sending bank & customer confirmations, Vouching for subsequent receipts in receivables. Substantive analytics look at numbers from a broader perspective like comparison of current ratio or compare this year’s debt level with prior years.
Test of Account Balances – Auditors perform a test on account balances to ensure that the financial statements are free of misstatements and reflect a true and fair view of the financial position.
Benefits and Limitations of a Financial Audit
The authenticity and credibility of financial statements for an external independent party are increased. It also helps in getting banking loans and other credit facilities. An auditor does not assess and verify all the transactions. His reporting is based on sample data and he merely expresses his opinion and does not give total assurance.
Companies Auditor Report Order (CARO-2016)
|(i)||FIXED ASSETS||(a) Maintenance of proper records relating to fixed assets along with the quantitative details and their situation.|
|(b) Physical verification of fixed assets by management at reasonable intervals. Whether any material discrepancies were noticed on such verification. Proper dealing of material discrepancies in the books of account.|
|(c) The title deeds of immovable properties to be held in the name of the company. Details to be provided in the report if the case is otherwise.|
|(ii)||INVENTORY||Physical verification to be conducted by management at reasonable intervals and the material discrepancies to be properly dealt with in the books of account.|
|(iii)||LOAN TO SEC 189 PARTIES||Granting of loans, to companies, firms, Limited Liability Partnerships or other parties covered in the register maintained under section 189 of the Companies Act, 2013.|
|(a) terms and conditions of grant of such loans should not be prejudicial to the interests of the company;|
|(b) schedule of repayment of principal and payment of interest has been stipulated and the repayments or receipts are to be regular;|
|(c) total amount overdue for more than ninety days to be stated, and reasonable steps to be taken by the company for recovery.|
|(iv)||LOANS, INVESTMENTS, GUARANTEE, SECURITY||In respect of loans, investments, guarantees, and security provisions of sections 185 and 186 of the Companies Act, 2013 are to be complied with and details are to be given in case of departure.|
|(v)||PUBLIC DEPOSITS||If the company accepts deposits from the public then the directions issued by RBI and also sections 73 to 76 of the Companies Act, 2013 are to be complied with. The reporting responsibility arises in case of contraventions.|
|(vi)||COST RECORDS||If under section 148(1), the central government orders maintenance of cost records, then the report must mention the maintenance of such accounts and records.|
|(vii)||STATUTORY DUES||(a) The company should be regular in depositing undisputed statutory dues like – provident fund, employee state insurance, customs duty, excise duty, income tax, etc. to the appropriate authorities. If such is not the case then the report must mention the arrears of outstanding dues on the last day of the financial year, that are due for a period exceeding six months from the date they first became payable.|
|(b) In case of dispute, the report should state the amount due and the forum where the dispute is pending.|
|(viii)||REPAYMENT OF DUES||If a company defaults in repayment of loans or borrowings to a financial institution, bank, debenture holder or Government, then the period and amount of default are to be reported. (Lender wise details to be given in case of defaults to banks, financial institutions, and Government).|
|(ix)||END-USE OF MONEY RAISED||The money raised by a company through IPO or FPO or through debt instruments should be used for the same purpose it was raised. If this is not the case then the report should mention the details of default and also subsequent rectification steps.|
|(x)||FRAUD||The report must state the fraud by the company or fraud on the company by its officers or employees along with the nature of fraud and the amount involved in it.|
|(xi)||MANAGERIAL REMUNERATION||The managerial remuneration has to be paid according to the provisions of section 197 of the Companies Act, 2013 and Schedule V to the Act. The report must mention the amount involved if it is not in conjunction with the same and also the steps taken by the company to secure the refund of excess paid.|
|(xii)||NIDHI COMPANIES||The Nidhi Company has to comply with the requirement of Net Owned Funds to Deposits in the ratio of 1:20 to meet out the liability and also maintenance of 10% unencumbered deposits. The report must mention whether the same has been complied with.|
|(xiii)||RELATED PARTY TRANSACTIONS||For the purpose of related party transactions, compliance with sections 177 and 188 of the Companies Act, 2013 is necessary. Also, the reporting requirements as mentioned in the applicable accounting standard are to be looked into.|
|(xiv)||PREFERENTIAL ALLOTMENT||In case a company makes preferential allotment or private placement of shares or debentures, then compliance of the provisions of section 42 of the companies act, 2013 is necessary. The amount raised is to be used for the purpose it was raised. If this is not the case then the report must mention the non-compliance and amount involved.|
|(xv)||NON CASH TRANSACTIONS||If a company enters into any non-cash transactions with the directors or persons in connection with directors then the provisions of section 192 of the companies act, 2013 are to be complied with.|
|(xvi)||REGISTRATION WITH RBI||If the company is required to get registered under section 45-IA of the Reserve Bank of India Act, 1934 then the report must mention the registration so obtained.|