Companies Act 2013

Audit and auditors

  • Share

Do you have a question? Click here to post a query

  • Appointment of auditors

    What the Companies Act 2013 states:

    Given below is an overview of key changes introduced by the Audit Rules, concerning auditor appointment vis-à-vis the draft rules:

    • Like the draft rules, the Audit rules also require the Audit Committee to recommend auditors for appointment. The draft rules required that if the board does not agree with the Audit Committee recommendation and decides to eventually propose its own nominee at the AGM, the board will explain the reasons for not accepting the Audit Committee recommendation in the board report. It was expected that to avoid such disclosures, there will be pressure on the board to accept the Audit Committee recommendation.

      In the Audit Rules, the language has changed and it is stated that the board will record reasons for its disagreement with the Audit Committee and send its own recommendation to the AGM. Though the Audit Rules do not specifically require disclosure in the board report, section 177(8) of the 2013 Act requires that if the board has not accepted any recommendation of the Audit Committee, the same will be disclosed in the board report with reasons. Hence, the position as mentioned in the draft rules will continue.
    • The draft rules required that before recommending appointment, the Audit Committee or the Board, as the case may be, will consider the completed and pending proceedings against the proposed auditor before the ICAI or the NFRA or Tribunal or any Court of law. Hence, one interpretation was that the board/Audit Committee need to consider any completed/pending proceedings, including matters not related to professional conduct, against the auditor.

      In the Audit Rules, it has been clarified that the Audit Committee or the Board, as the case may be, needs to consider only order or pending proceeding relating to professional matters of conduct against the proposed auditor. In our view, this change represents a significant improvement vis-à-vis the draft rules.
    • To help the audit committee/board evaluate pending proceedings against the proposed auditor, the Audit Rules require the proposed auditor to submit a list of proceedings against the auditor or audit firm or any partner of the firm with respect to professional matters of conduct.
    • Under the 2013 Act, an auditor is appointed for a term of 5 years. However, the appointment needs to be ratified each year at the AGM. The Audit Rules clarify that “if the appointment is not ratified by the members of the company, the board of directors shall appoint another individual or firm as its auditor or auditors after following the procedure laid down in this behalf under the Act.”

    EY insights

    In accordance with the Audit Rules, the board/audit committee need to consider order/pending proceeding relating to matters of professional conduct against the proposed auditor. Does it mean that the board/audit committee cannot recommend such person for appointment as auditor?

    Attention is drawn to section 141 of the 2013 Act dealing with eligibility, qualifications and disqualifications of the auditor. Its clause (3)(h) states that a person, who has been convicted by a court of an offence involving fraud and a period of ten years has not elapsed from the date of such conviction, is not eligible for appointment as auditor. The section does not refer to “order/pending proceeding relating to matters of professional conduct” as a criterion for disqualification. In other words, disqualification is triggered only on conclusion of the proceedings and if the person is convicted for an offence involving fraud, and not before such conviction.

    Hence, mere order/pending proceedings against the proposed auditor do not necessarily disqualify the person from being appointed as auditor. The board/audit committee, upon consideration of the matters, may still decide to recommend the person/firm for appointment as auditor.

    We believe that the punishment accorded to the auditor by the ICAI/Court/Competent Authority should, in itself, be considered sufficient remedy for the wrongful act or omission and should not lead to additional punishment of non-appointment as auditor.

    The Audit Rules state that if the appointment of auditor is not ratified by the members, the board will appoint another individual/firm as its auditor(s) after following the procedure laid down in the 2013 Act. In the case of non-ratification, will the board be required to follow the procedures only for appointment of auditor or will it follow the procedures relating to removal as well as appointment of auditor?

    From a perusal of the explanation given in the Audit Rules, two views seem possible. The first view is that if the appointment of auditor is not ratified at the AGM, the board needs to follow only the procedure regarding appointment of auditor for appointing a new auditor. The contrary view is that the board should follow both the procedures, viz., procedures relating to removal of auditor as well as appointment of new auditor. Particularly, the procedure for removal of auditor will require the Central Government approval and special resolution at the general meeting, since the auditor has been removed before completion of a five year term.

    The MCA should provide clarity on this matter. Until such guidance or clarification is provided, our preferred view is that the board should follow both the procedures, viz., procedures relating to removal of auditor as well as appointment of new auditor.

    Assume that a person/firm, previously appointed as auditor, incurs any of the disqualifying conditions mentioned in the 2013 Act. In such a case, what is the procedure to be followed for appointment of new auditor? Is the company also required to follow the procedures relating to removal of auditor as prescribed in the 2013 Act?

    Section 141(4) of the 2013 Act states as below:

    “Where a person appointed as an auditor of a company incurs any of the disqualifications mentioned in sub- section (3) after his appointment, he shall vacate
    his office as such auditor and such vacation shall be deemed to be a casual vacancy in the office of the auditor.”

    Section 139(8) of the Act states as below:

    “Any casual vacancy in the office of an auditor shall:

    (i) In the case of a company other than a company whose accounts are subject to audit by an auditor appointed by the Comptroller and Auditor-General of India, be filled by the Board of Directors within thirty days, but if such casual vacancy is as a result of the resignation of an auditor, such appointment shall also be approved by the company at a general meeting convened within three months of the recommendation of the Board and he
    shall hold the office till the conclusion of the next annual general meeting …”

    We believe that a company is not required to follow the procedures relating to removal of auditor in cases where an auditor has to vacate its office due to incurrence of any disqualifying condition under the 2013 Act. Such vacation is treated as casual vacancy which can be filled by the board of directors within 30 days. It may be noted that the auditor so appointed holds office only till the conclusion of the next AGM. Subject to compliance with other requirements of the 2013 Act, the AGM can re-appoint the same auditor for a block of five years.

  • Rotation of auditors

    What the Companies Act 2013 states:

    In accordance with the 2013 Act, listed companies and companies belonging to the prescribed class cannot appoint or re-appoint the auditor for: (a) More than two terms of five consecutive years, if the auditor is an audit firm; (b) More than one term of five consecutive years if the auditor is anindividual. Under the draft rules, the prescribed class included all companies excluding one-person companies and small companies. This is changed in the Audit Rules. Under the Audit Rules, auditor rotation applies to the following classes of companies excluding one person companies and small companies:

    • All listed companies
    • All non-listed public companies having either (i) paid-up share capital of `10 crore or more, or (ii) public borrowings from financial institutions, banks or public deposits of `50 crores or more
    • All private limited companies having either (i) paid-up share capital of `20 crore or more, or (ii) public borrowings from financial institutions, banks or public deposits of `50 crores or more

    The auditor, who has completed his term, will not be eligible for re-appointment as auditor in the same company for five years from completion of the term. The same restriction applies to the audit firm which has common partner(s) with the outgoing audit firm at the time of appointment.

    Incoming auditor/audit firm is also not eligible for appointment if they are part of the same network as the outgoing auditor. In simple words, the auditor has to be rotated outside the network firm and not within the network firm. The term “same network” has been explained to include the firms operating or functioning, hitherto or in future, under the same brand name, trade name or common control.

    If a partner in the outgoing audit firm, who is in charge of the firm and also certifies financial statements of the company, retires from the said firm and joins another firm of chartered accountants, such other firm will also not be eligible to be appointed as auditor for a period of five years.

    Transitional requirements

    Like the draft rules, the Audit Rules are clear that holding of the office by the auditor prior to the commencement of the 2013 Act will be included to determine the time of rotation. In other words, rotation applies retrospectively. In determining the time of rotation, service period also includes period served by network firms. For example, firm A audited Client X for the first four years. Thereafter, it moved to firm B which is the firm under the same network. Hence, service period completed by firm A and firm B will be included to determine the time of rotation.

    Effective date

    Section 139 (2) of the 2013 Act dealing with auditor rotation is applicable from 1 April 2014. The Audit Rules also apply from the same date. One of the provisos to section 139(2) of the 2013 Act states that existing companies, which are covered under auditor rotation requirement, should comply with those requirements within three years from the date of commencement of the 2013 Act. Section 1(3) of the 2013 Act states that different dates may be appointed for bringing into force different provisions of the 2013 Act and any reference in any provision to the commencement of the 2013 Act will be construed as a reference to the coming into force of that provision. Hence the three year period in this regard starts from 1 April 2014. Illustration 2 given in paragraph 6(3) of the Audit Rules also confirm this point. One heading in the illustration indicates that three years countdown starts from the AGM held after the commencement of section 139(2), i.e., from the first AGM held on or after 1 April 2014.

    EY insights

    Whilst auditor rotation improves independence, it also increases audit cost, imposes excessive burden on companies, increases the risk that new auditors may not be able to detect errors and frauds, and does little to enhance the audit quality. Globally, in countries where auditor rotation is mandated, e.g., Italy, Netherlands and Brazil, it is applicable either only to listed entities, or to listed entities and public interest entities, such as, banks and insurance companies. In none of these geographies, auditor rotation is applicable to private companies or to non- listed public companies. The MCA has generally been very considerate in addressing practical challenges. We believe that it will follow a similar approach in relaxing the rotation requirements in the Audit Rules by using the removal of difficulties section and address the genuine issues faced by the industry and audit profession.

    For deciding auditor rotation, will paid up share capital include non-convertible preference shares also?

    For auditor rotation, paid-up share capital includes paid-up equity share capital and paid-up preference share capital, whether convertible or not. Also, it appears that paid-up share capital includes only amount received toward face value of shares. Amount received toward securities premium is not included in the paid-up share capital. Also, the share application money pending allotment is not included in the paid-up share capital. Please also refer discussion on similar issue under the head “Woman director.”

    Under section 2(71) of the 2013 Act, a private company is deemed to be a public company if it is subsidiary of another company, which is not a private company. In simple terms, a private company, which is a subsidiary of public company, is deemed a public company. For auditor rotation, whether a deemed public company is governed by the criteria applicable to a private company or public company?

    The proviso to section 2(71) states that “a company which is a subsidiary of a company, not being a private company, shall be deemed to be public company for the purposes of this Act.” The language used indicates that a company deemed to be a public company is treated at par with the public company for applying all the requirements of the 2013 Act. Hence, in the given case, the criteria applicable to a public company are relevant.

    Whether an Indian private company, which is subsidiary of a foreign public company, also needs to apply the criteria for auditor rotation as applicable to a public company?

    Section 2(20) of the 2013 Act defines the term “company” to mean “a company incorporated under the Companies Act 2013 or any previous company law.” Accordingly, a company, which is incorporated under the relevant legislation of a foreign country, will not qualify as a “company” under the 2013 Act

    The proviso to section 2(71) states that “a company which is a subsidiary of a company, not being a private company, shall be deemed to be public company for the purposes of this Act.”

    Under the 1956 Act, the issue regarding companies incorporated outside India is dealt with under the section 4(7). The section read as below:

    “A private company, being a subsidiary of a body corporate incorporated outside India, which, if incorporated in India, would be a public company within the meaning of this Act, shall be deemed for the purposes of this Act to be a subsidiary of a public company if the entire share capital in that private company is not held by that body corporate whether alone or together with one or more other bodies corporate incorporated outside India.”

    A similar provision does not exist under the 2013 Act. This has resulted in an ambiguous position with regard to private companies which are subsidiaries of foreign public companies. One may argue that a “foreign company” is not a “company” under the 2013 Act. Hence, the proviso to section 2(71)
    is not triggered. Under this view, a private company, which is subsidiary of foreign company, will always be a private company.

    Apparently, the concept enshrined in section 4(7) of the 1956 is not contained in the 2013 Act. Hence, it seems more logical that under the 2013 Act, a private company is deemed a public company only when it is a subsidiary of an Indian public company. This issue impacts not only the auditor rotation criteria, but also applicability of many other key provisions of the 2013 Act, e.g., requirements concerning Woman Director, Independent Directors, Audit Committee and Nomination & Remuneration Committee. Considering wider implications, it may be appropriate for the MCA to clarify the position.

    What is the relevant date for assessing whether a company meets the criteria for auditor rotation? What happens if there is any change in the threshold from year-to-year?

    Scenario 1: Assume that a private company (ABC) had paid up share capital of `20 crore or more on 1 April 2014. It needs to rotate its existing auditor who has completed more than 10 years of service within the next 3 years. During the financial year 2015-16, ABC reduces its paid-up share capital to below `20 crore. ABC does not have borrowings exceeding `50 crore. Is ABC still required to rotate its existing auditors?

    Scenario 2: A private company (XYZ) did not meet any criteria for auditor rotation on 1 April 2014. It, therefore, appointed its existing auditor who has completed more than 10 years of service for another five year-term. During the financial year 2015-16, XYZ increased its paid-up share capital to above `20 crore. Hence, it now meets the auditor rotation thresholds. Will such requirement apply prospectively or retrospectively to XYZ?

    Neither the 2013 Act nor the Audit Rules provide any guidance on approach to be followed if there is a change in the threshold over the period. Therefore, multiple views may be possible/ acceptable. It is expected that the ICAI/ MCA may provide guidance on these issues. Until such guidance is provided, possible views and our preferred approach on these issues are explained below.

    Rotation requirements of the 2013 Act, read with the Audit Rules, apply from 1 April 2014. Hence, on the said date, a company needs to assess whether it meets the prescribed criteria. If so, it needs to prepare itself for the rotation as per the principles explained in the Audit Rules. For example, if an audit firm has already completed 7 or more years of service, the company will need to rotate its existing auditors within the next
    3 years.

    In scenario 1, ABC meets the rotation criteria at 1 April, 2014, but during the transition period of 3 years flips out of the rotation criteria. One view is that the rotation criterion is tested at 1 April 2014, and on that basis, ABC’s existing auditor can serve as auditor for no longer than 3 years. The second view is that since ABC is no longer a covered company, it has an option of either continuing with its existing auditors beyond three years or appointing new auditors voluntarily. Since neither the 2013 Act nor the Audit Rules provide any specific guidance on this aspect, our preference is toward the second view, viz., ABC seems to have a choice in this matter.

    In scenario 2, though the 2013 Act or Audit Rules do not provide any specific guidance, the wording used suggests that the requirement applies retrospectively and the earlier service period, i.e., the period when XYZ did not meet the prescribed criteria, will also be included in the 10 year limit.

    It appears that the 3 year transition period is applicable only on first time applicability of rotation requirements at 1 April 2014. It does not apply in cases where the prescribed threshold is met at a subsequent date. In such cases, XYZ will need to rotate the audit firm at the time of next appointment/re-appointment if
    the 10 year service has already been completed by the audit firm.

    How do the rotation requirements apply in cases where a company goes through amalgamation/merger/demerger, etc.? Let us say that ABC Limited is merging into DEF Limited and DEF is the surviving company. Assume ABC and DEF have different audit firms and that there was no break in service.

    Though no specific guidance is available on this particular matter, it appears that rotation requirements will be decided based on the transferee/surviving company. This is irrespective of the size of the two companies and the name of the surviving company which may or may not have changed. Hence, if DEF is the surviving company and ABC’s auditors are appointed as auditor of the merged company, they can be appointed for two five year terms. On the other hand, if DEF is the surviving company and its auditors continue to be the auditor of the merged company, the period since their original appointment as auditor of DEF will be included for determining the auditor rotation period.

    Will any change in the management/business of a company have impact on the auditor rotation period? Let us assume that at 1 April 2014, an audit firm is the auditor of MNO Limited (listed company) for past 15 years. Four years back, the controlling shareholder of MNO sold its stake to an independent third party. Pursuant to this, the management of MNO changed completely. In this case, can a view be taken that the 10 year period should start from the date of change in the management and not from the date on which the firm was originally appointed as auditor of MNO?

    Auditor rotation requirements apply vis-à-vis the company and not its management/controlling shareholder/business. Hence, any change in the management of MNO does not impact the auditor rotation period. In this example, since the audit firm has already completed 10 years of service to MNO, it needs to be rotated out within three years transitional period.

    How do the rotation requirements apply to a company having, say, calendar year-end or June Year-end? Assume two scenarios (i) company will follow 31 March year-end in two years, and (ii) it will get exemption to continue with its existing calendar or June year-end.

    Appointment/re-appointment of auditor take place at the AGM and are valid until the conclusion of the next AGM irrespective of the year end. Three/five years, as relevant, will be counted from AGM to AGM.

    An explanation in the Audit Rules states that “if a partner, who is in charge of an audit firm and also certifies the financial statements of the company, retires from the said firm and joins another firm of chartered accountants, such other firm shall also be ineligible to be appointed for a period of five years.” What is meant by the terms ‘person in charge of audit firm’ and ‘retires’?

    The meaning of the phrase ‘in charge of the audit firm’ is not clear. In a multi-disciplinary, multi-locational firm, it is not clear whether the Chief Executive Officer (CEO), Head of the Audit Practice, partner in-charge of the local office or the audit partner who is in charge of the engagement, will be considered as ‘in charge of the audit firm.’ The ICAI/MCA need to provide guidance on this aspect.

    The term ‘retires from the said firm’, should in our view not be read literally as someone leaving the firm on reaching his or her retirement age. Rather, it should be read more broadly as someone leaving the firm, irrespective of the reason for leaving.

    In case of banking and insurance companies, the rotation requirements prescribed by RBI/IRDA are different from those prescribed under the 2013 Act. Particularly, the RBI and IRDA require two years cooling off period, instead of 5 years cooling off period required under the 2013 Act. This may raise a potential issue as to how RBI/IRDA requirements will work vis-à-vis auditor rotation requirements under 2013 Act?

    It may be noted that the requirements of the 2013 Act apply to insurance companies and banking companies, except to the extent these provisions are inconsistent with the requirements of the Insurance Act 1938/the IRDA Act 1999 and the Banking Regulation Act, 1949, respectively. These Acts do not contain specific requirements regarding auditor rotation. Rather, the Banking Regulation Act specifically refers to audit by a person duly qualified under the Companies Act. Since, under the 2013 Act, cooling off period of less than 5 years does not meet eligibility requirement, a potential issue may arise for banking and insurance companies.

    Under the 2013 Act, an audit firm is appointed for two 5 year terms, which is then followed by a 5 year cooling off period. In the case of RBI, an auditor is appointed for 4 years, followed by a two year cooling off period. Thus, one may also raise an issue of whether a 5 year cooling off period is relevant in the
    case of a bank. Similar concern is also relevant in the case of an insurance company. We suggest that the MCA, the RBI and the IRDA should provide an appropriate clarification on the same.

    In accordance with the Audit Rules, a break in the term for a continuous period of five years is considered as fulfilling the requirement of rotation. In other words, an audit firm becomes eligible for fresh appointment only if there has been a break in the audit service for a continuous period of five years. Is this requirement applicable prospectively or retrospectively?

    Let us assume that a company has changed its auditor two years-back. Before the change, the audit firm had audited the company for a continuous period of more than 10 years.
    From the current financial year onward, the company desires to appoint the same audit firm as its auditor. In this case, will the previous period of service be also included to decide the auditor rotation period?

    Consider second example. An audit firm had previously audited a company for five continuous years. After this, there was a break in the service of the audit firm for 3 years. The same audit firm was appointed auditor again and is auditing the company for past 3 years. In this case, to decide auditor rotation period is there a requirement to consider earlier service period also? Or will it be sufficient compliance if the auditor rotation period is decided only based on the current history, ignoring five year audit services performed in the earlier past?

    Explanation II to paragraph 6(3) of the Audit Rules states as below:

    “For the purpose of rotation of auditors:

    a) A break in the term for a continuous period of five years shall be considered as fulfilling the requirement of rotation…”
    Attention is invited to illustration 2 given in paragraph 6(3) of the Audit Rules. The illustration explains the application of transitional provision pertaining to rotation in the case of an audit firm. The illustration, among other matters, gives (i) number of consecutive years for which an audit firm has been functioning as auditor in the company, and (ii) maximum number of consecutive years for which the firm may be appointed in the same company (including transitional period). The note 2 to the illustration states that “consecutive years shall mean all the preceding financial years for which the firm has been the auditor until there has been a break by five years or more.”

    Hence, it is clear that the requirement concerning break in the term for minimum five years applies retrospectively. Hence, in the example 1, if the company appoints old audit firm as its auditor at this stage, the firm can continue to be its auditor for only transitional period of 3 years. In the example 2, the audit firm has historically audited the company for 8 years (5 years + 3 years). Though there was 3-year break in the service, it does not satisfy qualifying condition for the fresh appointment. Hence, the audit firm may continue rendering audit services only for transitional period of 3 years.

  • Eligibility, qualification & disqualification

    What the Companies Act 2013 states:

    Financial interest and indebtedness, guarantee or security

    A person is not eligible for appointment as auditor if he himself, his relative or partner:

    • Holds any security or interest in a company, or its subsidiary, holding or associate company or subsidiary of such holding company.

      However, the relative is allowed to hold security or interest in the company having face value not exceeding `1 lac. The Audit Rules state that if any security or interest is acquired by a relative above the prescribed threshold, corrective action needs to be taken within 60 days of such acquisition or interest.
    • Is indebted to the company, its subsidiary, holding or associate company or subsidiary of such holding company, in excess of `5 lac.
    • Has given any guarantee or provided any security in connection with indebtedness of any third person to the company, or its subsidiary, holding or associate company or subsidiary of such holding company, in excess of `1 lac.

    Business relationship

    Under the 2013 Act, a person or an audit firm are not eligible for appointment as auditor, if it, directly or indirectly, has business relationship with the company, its subsidiary, its holding, or associate company or subsidiary of such holding company or associate company. The draft rules explained the term “Business relationship” to mean any transaction entered into for a commercial purpose except professional services permitted to be rendered by an auditor.

    Hence, there was a concern that an auditor cannot purchase/ avail goods/services from the auditee company, its subsidiary, its holding, or associate company or subsidiary of such holding company or associate company. This was likely to pose serious practical problems not only to the auditors but also to the companies they audit. For example, an auditor of a hospital would not have been able to avail services of that hospital even if the hospital charged the same price as it would have to any other patient, and it would not have mattered if that was the only hospital available to the auditor.

    In the Audit Rules, exemption regarding professional services permitted to be rendered by an auditor has been retained. To address the above concern, the Audit Rules additionally allow parties to enter into commercial transactions that are in the ordinary course of business of the company at arm’s length price, e.g., sale of products/services to auditor as customers in the ordinary course of business, by companies engaged in the business of telecommunications, airlines, hospitals, hotels and such other similar businesses.

    Limit on maximum number of audits

    In accordance with the 2013 Act, a person or a partner of a firm will not be eligible for appointment, if such personsor partner at the date of appointment/reappointment holds appointment as auditor of more than 20 companies. Private companies are also included in the maximum limit of 20 companies.

    Conviction by the Court

    In accordance with the 2013 Act, a person is not eligible for appointment as auditor, if that person has been convicted by a court of an offence involving fraud and period of ten years has not elapsed since such conviction.

    A proviso to section 141(1) states that a firm whose majority of partners practising in India are qualified for appointment as auditor may be appointed by its firm name to be auditor of a company.

    A collective reading of the two clauses suggest that if a partner in a partnership firm (including limited liability partnership), proposed to be appointed as auditor, is convicted of fraud, it may not render the entire firm ineligible for appointment as auditor. However, this is subject to a condition, viz., majorityof partners practising in India are qualified for appointment as auditor.

    EY insights

    Financial interest and indebtedness, guarantee or security

    • From the wording used, it is not clear whether the `1 lac/`5 lac limit applies separately to each relative or collectively to all covered persons, including auditor if allowed), all his relatives and partner. Also, it is not clear whether the limit will apply separately for the company, its each subsidiary, holding company, etc., or collectively to all these companies.

      We suggest that the MCA/ ICAI may clarify this issue. In the absence of any guidance/clarification, the wording used indicates that limits apply person/relative-wise; however, limits includes that person’s indebtedness, etc., to the company, its subsidiary, holding or associate company or subsidiary of such holding company. Example below explains this principle in the context indebtedness of an auditor’s relative.

      Assume that an auditor has 10 relatives. In this case, `5 lac indebtedness limit will apply separately to each relative. However, while evaluating whether a relative breaches the limit, its indebtedness to the company, its subsidiary, its holding or associate company or subsidiary of such holding company is combined.
    • Under the 2013 Act, a person may become ineligible for being appointed as auditor of the company, not only based on his/her own transaction but also transactions entered by a “relative.” Since the definition of “relative” is not restricted to financially dependent relative, the auditor may not be able to control their actions. Even if any of these relatives inadvertently enter into a disqualifying transaction, the auditor may have to vacate his office immediately. In rare cases, an estranged relative may invest in shares of a company in a manner that will render the auditor jobless. This is likely to create significant inconvenience both for the company and auditor. To avoid such issues, we suggest that the term “relative” should be redefined by the MCA as “financially dependent individual” by using the removal of difficulties section.

    Business relationship

    • Undoubtedly, the change made in the Audit Rules is a relief for companies and their auditors. However, it may not address all issues which are likely to arise. For example, some may refer to examples given in the relevant clause and state that they focus primarily on services being rendered to the public at large. Hence, it is not clear whether similar exemption also applies to transactions involving sale of products, say, an auditor purchasing a consumer product or real estate from the company.

      The other perspective on this issue is that one need not focus too much on the examples. Rather, it is more important to understand the underlying principle, which refers to aspects such as ordinary course of business and at arm’s length price. Considering this, the determination of whether a transaction impacts auditor appointment or not will be a matter of judgment and needs to be decided on case-to-case basis. Given below are some indicative examples which an auditor/companies may consider in this regard:

      • If a transaction satisfies a basic need of the auditors’ business, say, office supplies or recruitment services, one may argue that the auditor is acting akin to a “customer.” If the auditor/audit firm has a general pattern of making similar purchases, this may be another indicator that the product or service is used routinely and thus is in the “ordinary course of business” from the auditors’ perspective. However, a product or service used infrequently may require further evaluation.
      • If the audit client (or its subsidiary, or its holding or associate company or subsidiary of such holding company or subsidiary of associate company) is in the business of selling such product or providing such service, and sells such product or service customarily and often, then it may be concluded that the transaction is in “ordinary course of business” from their perspective. If this is not the case, the matter is likely to require further evaluation.
      • An additional consideration is whether the terms and conditions of the transaction are standard or the same as those of other similarly situated customers of the audit client (or its subsidiary, or its holding or associate company or subsidiary of such holding company or subsidiary of associate company), or if there is anything unusual about the price, payment arrangements, other than normal, traditional commercial terms.

        It may be noted that if the audit client provides usual credit period and the same period is given to auditor also, it may not breach the “ordinary course of business” condition. However, there is another criterion related to indebtedness beyond prescribed limit which may potentially trigger disqualification.

        It may be emphasized that these examples are only indicative and one needs to consider specific facts and circumstances to decide whether disqualification may get triggered.
    • Whilst the 2013 Act uses the word “directly or indirectly,” its meaning in the context of business relationship is not explained. One view is that an analogy may be drawn from explanation given in section 144 of the 2013 Act. In section 144, this term has been explained to include “rendering of services by the firm itself or through any of its partners or through its parent, subsidiary or associate entity or through any other entity in which the firm or any partner of the firm has significance influence or control, or whose name or trade mark or brand is used by the firm or any of its partners”. Under this view, auditor independence for business relationship is not only restricted to the audit firm, but may also extend to all its affiliated entities.

      The counter view is that explanation given in section 144 is relevant only for that section. In the context of business relationship, “directly or indirectly” means the covered person acting either directly or through their agents. Hence, the transactions of affiliated entities, which are otherwise not covered and are acting in their own capacity, does not impact the auditor independence.

      The MCA/ICAI may clarify this issue. Until such guidance or clarification is provided, there seems to be an argument for using analogy of section 144. Hence, view 1 is our preferred approach.

    Limit on maximum number of audits

    Under the 1956 Act read with the ICAI rules, a person/partner cannot audit more than 30 companies, including private companies, per year. Out of this, maximum 20 companies can be public companies. The 2013 Act has reduced the maximum limit to 20 companies (including private companies) with immediate effect from 1 April 2014. The auditors/audit firms with more than 20 audits (individually/per partner) stand disqualified from being appointed/reappointed as auditor of excess companies. This is likely to result in casual vacancy in the office of the auditor, requiring companies to search for a replacement auditor immediately. In certain cases, it may be difficult to find a suitable auditor in a very short period of time. We recommend that the MCA may address this issue though the order for removal of difficulties.

    We believe that from an audit firm perspective, the above limit will apply on a global basis and not per partner. To illustrate, let us assume that an audit firm has 5 partners. It can accept appointment as auditor of maximum 100 companies. However, it is not the case that each partner should audit a maximum of 20 companies. That limit can be exceeded, subject to an overall limit of 100 companies for the firm. Whilst this view is clear from reading of the section; to avoid differing practices, ICAI may confirm this.

  • Independence/prohibited services

    What the Companies Act 2013 states:

    Under the 2013 Act, an auditor is allowed to provide only such non-audit services to the company as are approved by its board or audit committee. However, the auditor is not allowed to render the following services either directly or indirectly to the company, its holding or subsidiary company:

    • Accounting and book keeping services
    • Internal audit
    • Design and implementation of any financial information system
    • Actuarial services
    • Investment advisory services
    • Investment banking services
    • Rendering of outsourced financial services
    • Management services
    • Any other kind of services as may be prescribed

    From an audit firm’s perspective, the term ‘directly or indirectly’ includes rendering of services by the firm itself or through any of its partners or through its parent, subsidiary or associate entity or through any other entity in which the firm or any partner of the firm has significance influence or control, or whose name or trade mark or brand is used by the firm or anyof its partners.

    Transitional requirements

    If an auditor has been rendering non-audit services to a company on or before the commencement of the 2013 Act, the auditor will need to comply with the above restrictions before the end of the first financial year. This implies that:

    • For existing services, an auditor is required to comply with the above requirements on or before 31 March 2015.All engagements with an audit client or its parent or subsidiary company for any prohibited service need to be completed/terminated by 31 March 2015.
    • An auditor is not allowed to enter into any new engagement with an audit client or its parent or subsidiary company for any prohibited services on or after 1 April2014.

    EY insights

    In certain cases, the independence requirements of the 2013Act are stricter than those currently applicable. To illustrate, under the IESBA code, an auditor is prohibited/restricted from rendering non-audit services to the parent of its non-SEC listed audit client, only if the audit client is material to the parent. In case of non-listed non-SEC audit client, there is no restriction on rendering non-audit services to the parent if the parentis also a non-listed entity. Under the 2013 Act, restriction/ prohibition will apply in all these cases. This requires companies as well auditors to consider various non-audit services being rendered to a company, its holding or subsidiary company. If it is determined that certain services are not permitted, the same needs to be completed/terminated by 31 March 2015.

    Management services

    Under the 2013 Act, an auditor is not allowed to render, among other services, “management service” to the company, its holding or subsidiary company. However, this term is not defined either in the 2013 Act or in the Audit Rules. In the absence of clear definition, one may argue that guidance can be taken from the IESBA Code. The IESBA code provides the following guidance on “management responsibilities”:

    “290.162 Management of an entity performs many activities in managing the entity in the best interests of stakeholders of the entity. It is not possible to specify every activity that is a management responsibility. However, management responsibilities involve leading and directing an entity, including making significant decisions regarding the acquisition, deployment and control of human, financial, physical and intangible resources.

    290.163 Whether an activity is a management responsibility depends on the circumstances and requires the exercise of judgment. Examples of activities that would generally be considered a management responsibility include:

    • Setting policies and strategic direction
    • Directing and taking responsibility for the actions of the entity’s employees
    • Authorizing transactions
    • Deciding which recommendations of the firm or other third parties to implement
    • Taking responsibility for the preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework, and
    • Taking responsibility for designing, implementing and maintaining internal control.”

    Since the definition of “management service” is not clear and may be subject to varying interpretations, ICAI should provide guidance. In the meanwhile, auditors should take precaution not to provide any services which entail management responsibilities as discussed in the IESBA code.

  • Reporting responsibilities

    What the Companies Act 2013 states:

    Internal financial controls

    Reporting responsibilities of the auditor concerning “internal financial control” both with respect to SFS and CFS are discussed elsewhere in this publication.

    Fraud reporting

    In the Audit Rules, distinction between material and immaterial frauds has been removed. The auditor is required to report all frauds to the Central Government irrespective of materiality. The Audit Rules state that if an auditor has sufficient reason to believe that an offence involving fraud, is being or has been committed against the company by officers or employees of the company, the auditor will report the matter to the Central Government immediately but not later than sixty days of his knowledge. The Audit Rules prescribe the following procedure for fraud reporting:

    • The auditor will forward his report to the board or the Audit Committee, as the case may be, immediately after a fraud comes to his knowledge, seeking their reply or observations within 45 days.
    • On receipt of reply/observations, the auditor will forward his report, reply received and his comments on the reply to the Central Government within 15 days.
    • If the auditor fails to get any reply/observations within 45 days, he will forward his report to the Central Government along with a note explaining the fact.

    The provision will also apply, mutatis mutandis, to a cost auditor and a secretarial auditor.

    Non-compliance with this requirement knowingly and wilfully is punishable with a fine of minimum `1 lac which may extend to `25 lac.

    To report the fraud related matters to the Central Government, the Audit Rules have prescribed Form ADT-4. The form requires that the report on fraud, with form ADT-4, is to be given in a sealed cover to the Secretary, Ministry of Corporate Affairs.

    CARO reporting

    The 2013 Act requires that if an auditor, in the course the performance of his duties as auditor, has reasons to believe that an offence involving fraud is being or has been committed against the company by its officers or employees, he will immediately report the matter to the Central Government within the prescribed time and manner. Under the draft rules, reporting to the Central Government was required only for material frauds. Material frauds were defined as (a) fraud(s) happening frequently, or (b) fraud(s) where the amount involved or likely to be involved is not less than 5% of net profit or 2% of turnover of the company for the preceding financial year. For immaterial frauds, the auditor was required to report only to the Audit Committee/Board.

    Under the 1956 Act, the Central Government issued the CARO 2003. CARO 2003 contains various matters on which the auditors of companies (except exempted companies) have to make a statement in their audit report. The Audit Rules issued under the 2013 Act do not contain a similar order. Rather, the Audit Rules require an auditor to comment on the following three additional matters:

    • Whether the company has disclosed the impact, if any, of pending litigations on its financial position in the financial statements
    • Whether the company has made provision, as required under any law or accounting standards, for material foreseeable losses, if any, on long-term contracts including derivative contractsWhether there has been any delay in transferring amounts, required to be transferred, to the Investor Education and Protection Fund (IEPF) by the company.

    Considering the above, it appears that CARO type reporting may no longer be required under the 2013 Act. However, one should not rule out the possibility that the Central Government may prescribe such reporting requirements in due course.

    Interestingly, whilst the MCA has so far not prescribed the CARO or its equivalent under the 2013 Act, Form AOC-4 (for filing financial statements and other documents with the Registrar) requires details regarding Auditors’ Reporting under the CARO 2003.

    Transitional requirements

    In addition to specific issues/aspects, one pervasive and key issue for auditor reporting was related to the applicability date. In accordance with the notification, new requirements apply from 1 April 2014. However, it was not clear as to how exactly this requirement will apply. It appeared that the following three views were possible:

    • The new requirement is applicable to all audit reports for accounting periods commencing on or after 1 April 2014.
    • It is applicable to all audit reports for accounting periods ending on or after 1 April 2014.
    • It is applicable to all audit reports issued on or after 1 April 2014, irrespective of the period to which it pertains.

    As mentioned earlier, to address the issue, the MCA has issued the General Circular no. 8/2014 dated 4 April 2014. The Circular clarifies that the Auditor’s Report in respect of financial years, which commenced earlier than 1 April 2014, will be governed by the relevant provisions of the 1956 Act. Hence, view (i) will apply for the matters covered under the auditor report. In our view, this approach is logical as it ensures that the new requirement is applied prospectively.

    EY insights

    The procedure prescribed for fraud reporting is a step in the right direction. Since the auditor will obtain the views of the Board/Audit Committee before reporting a matter to the Central Government, it may help in avoiding/minimizing situations where the auditor reports matters to the Central Government purely based on allegations and without proper evaluation.

    We believe that the materiality threshold for fraud reporting is needed. In the absence of such threshold, an auditor may need to report even trivial matters of fraud/potential fraud to the Government. This may impose significant additional cost and burden on all parties, viz., the company (including its board/ Audit Committee), auditor and the Central Government and yet achieve nothing.

    Both the 2013 Act and the Audit Rules require an auditor to report “frauds being committed” to the Central Government. The following key issues need to be considered regarding this:

    • Is an auditor also required to report suspected frauds to the Central Government?
    • If response to (a) is yes, at what stage an auditor should report matter to the Central Government? Consider that under the vigil mechanism, an employee has raised complaint about a potential fraud being committed by an officer of the company. The company is in the process of collecting necessary data and verifying the complaint.

      It is expected that the management/Audit Committee need approximately three months to verify the accuracy or otherwise of the complaint. Is the auditor required to report the matter to the Central government, without waiting for the outcome of the inquiry?
    • Is the auditor also required to report those matters of suspected frauds to the Central Government where the management/Audit Committee have ultimately concluded that no fraud is involved?
      • For fraud reporting, the use of the phrase “is being committed” is not clear. However, a reading of the 2013 Act and related the Audit Rules indicate that it is not necessary for a fraud to be finally concluded to trigger an auditor’s reporting to the Central Government. Rather, an auditor may also need to report matters of suspected frauds to the Central Government. Please refer response to issue (b) regarding the stage at which an auditor may need to report suspected frauds.
      • One view is that the Audit Rules require an auditor to report on all cases of suspected fraud to the Central Government within 60 days. Hence, as soon as, an auditor becomes aware of any complaint about a potential fraud, the auditor will report the matter to the Central Government within 60 days by adopting the procedure prescribed. Hence, auditor should not wait for completion of inquiry being conducted by the management/Audit Committee.

        The second view is that based on wording used in rules, reporting to the Central Government is triggered only once “an auditor has sufficient reason to believe that an offence involving fraud is being or has been committed.” Hence, mere complaint by an employee/others may not be sufficient reason to trigger reporting to the Central Government. Also, reporting to the Central Government at a preliminary stage without proper evaluation is not consistent either with the public’s expectations or with companies’ understanding of an auditors’ role. Moreover, if an auditor reports certain matters as “potential fraud” to the Central Government without establishing proper facts, then it may create significant hardship both for the company and the auditor. Under this view, 60 days’ time-limit to report “suspected frauds” will not start immediately on the date the company receives complaint about a potential fraud and auditor become aware of the same; rather, it should start from the date when the management/Audit Committee have made reasonable progress on the matter and the auditor has sufficient reasons” to believe that a fraud is being committed. Determination of such a stage is a matter of judgment and needs to be decided based on the facts and circumstances of each case.

        Based on the wordings used in the Audit Rules and management/public expectations and understanding of auditors’ role, we prefer the second view on this matter. However, if there is a prolonged delay from the management/Audit Committee in the evaluation of a potential fraud, the auditor may decide to report the matter to the Central Government, without waiting for completion of such evaluation. We understand that the ICAI is developing guidance on auditors’ reporting responsibilities and recommend that it conforms to the second view.
      • Please refer discussion on issue at (b) above. The 2013 Act and the Audit Rules require the auditor to make its own assessment and exercise professional judgment whether there is a sufficient reason to believe that an offence involving fraud is being or has been committed. If the auditor agrees with the management/Audit Committee conclusion that no fraud is involved, reporting to the Central Government is not required. However, if an auditor does not agree with the management/Audit Committee conclusion, then the auditor needs to further probe the matter and come to conclusion whether the fraud/potential fraud is involved. If, after further probe, the auditor has sufficient reason to believe that an offence involving fraud is being or has been committed, then the auditor will need to file its report to the Central Government along with the Audit Committee/management observations. We believe that ICAI will clarify this position as part of its proposed guidance on auditors’ responsibility for fraud reporting.

    Is the auditor required to report all frauds/suspected frauds, including, cases where a company may be defrauding 3rd parties, says, customers, vendors, investors, or is falsifying its books of accounts, to the Central Government?

    Both the 2013 Act and the Audit Rules require the Central Government reporting only in cases where an offence involving fraud is being or has been committed against the company by its officers or employees. We believe that in other cases, including, cases where a company may be defrauding 3rd parties, the auditor is not required to report directly to the Central Government. Nonetheless, an auditor needs to consider impact of these frauds/potential frauds on the audit and while finalizing auditors’ report on the financial statements. Specific attention is drawn to SA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements. An auditor needs to ensure compliance with SA 240 for conducting the audit as well as communication of fraud to the management, to those charged with governance and others.

    General Circular 8/2014 clarifies that auditor’s report in respect of financial years, which commenced earlier than 1 April 2014, will be governed by the relevant provisions of the 1956 Act. How does this Circular apply in the context of fraud reporting to the Central Government? The 1956 Act did not contain any requirement for fraud reporting directly to the Central Government.

    One view is that General Circular 8/2014 deals only with financial statements, board report and matters covered in the auditors’ report. Requirement concerning fraud reporting to the Central Government is a not an auditors’ report related matter; rather, it is an independent requirement, i.e., auditor’s other reporting responsibility. Hence, the General Circular is not relevant in this context. Rather, an auditor is required to report any fraud, which comes to its attention on or after 1 April 2104, to the Central Government after adopting the procedure prescribed.

    The second view is that requirement for fraud reporting is covered section 143 of the 2013 Act, which deals with all matters relating to powers and duties of an auditor, including its reporting responsibilities. Hence, one should read the General Circular in context of overall section 143; and not merely for matters to be covered in the auditors’ report. To support this view, it may also be argued that section 143(12) of uses the phrase “if an auditor of a company, in the course of the performance of his duties as auditor, has reason to believe…” Hence, it is important that fraud comes to the auditors’ knowledge while performing duties as an auditor under the 2013 Act and not otherwise. For the year ended 31 March 2014, an auditor is performing duties under the 1956 Act and not the 2013 Act. Hence, any fraud noticed as part of 31 March 2014 year-end audit will not trigger reporting to the Central Government. However, any fraud/potential fraud noticed as part of audit for the following year, i.e., financial year beginning on or after 1 April 2014, will trigger reporting to the Central Government.

    We believe that the second view seems to be more appropriate. We recommend that ICAI may clarify this position as part of its proposed guidance on fraud reporting.

    During the course of limited review as required by Clause 41 to the Listing Agreement, the audit firm notices that a fraud has been committed against the company by its officers or employees. From the perspective of fraud reporting under section 143(12), will frauds identified by the auditor in the course of a limited review under clause 41 be covered?

    In accordance with section 143(12) of the 2013 Act, reporting to the Central Government is triggered if the auditor notices fraud/potential fraud in the course of performing duties as auditor. Clause 41 requires that unaudited financial results of a company should be subjected to limited review by its statutory auditors. This implies that an auditor conducts limited review of quarterly financial information in the capacity as auditor of the company and any fraud noticed during the review is during the course of performing duties as auditor. Hence, the auditor needs to report the fraud/potential fraud identified in the course of limited review in accordance with the requirements of the 2013 Act and the Audit Rules.

    CARO reporting

    The requirements contained in clauses (a) and (b) in any case require an auditor to qualify/modify the audit report if provision for foreseeable losses and litigations is not made, and the amounts involved are material. However, because of specific requirements contained in the 2013 Act, the auditor may provide a greater focus on these issues in the audit.

  • Penalty on auditors

    What the Companies Act 2013 states:

    Section 147(5) of the 2013 Act states that “where, in case of audit of a company being conducted by an audit firm, it is proved that the partner or partners of the audit firm has or
    have acted in a fraudulent manner or abetted or colluded in any fraud by, or in relation to or by, the company or its directors or officers, the liability, whether civil or criminal as provided in this Act or in any other law for the time being in force, for such act shall be of the partner or partners concerned of the audit firm and of the firm jointly and severally.”

    The Audit Rules clarify that in case of criminal liability, the liability will devolve only on the concerned partner or partners, who acted in a fraudulent manner or abetted or, as the case may be, colluded in any fraud.

    EY insights

    The Audit Rules have clarified the position only with respect to the criminal liability but not the civil liability. Hence, one may argue that for civil liability, joint and several liabilities of the partners and the firm can be enforced even if all the partners have not colluded in committing the fraud.