2.01 Without information there would be no investment; and without investment there would be no industry. This truism is the cardinal basis of corporate governance, and explains why so much store is placed on the frequency, quality and quantity of financial and non-financial disclosures.
2.02 The statutory auditor is the lead actor on the disclosure front. This is recognised in corporate laws of all countries. Consider, for instance, the Companies Act, 1956. Sections 209 through 223 of the Act lay down the provisions related to maintaining of accounts. Schedule V gives the contents and form of the return that a company with share capital must annually provide to its shareholders and the ROC. Schedule VI defines the form of the balance sheet and disclosure requirements in the profit and loss account.[1] Sections 224 through 233A exhaustively deal with statutory auditors, and are worth outlining:
- At each annual general meeting (AGM) of any company, the shareholders shall appoint the auditor who will, in normal circumstances, hold office until the next AGM (section 224) — which implies that auditors are fiduciaries of shareholders, and not of the management of a company.
- The rules for removing or replacing an auditor are more stringent than for reappointment. An auditor is generally appointed by shareholders through an ordinary resolution. However, section 225 clearly states that a special resolution -- has to be passed for appointing someone other than the retiring auditor. Thus, the law makes it more difficult for management or the board to change auditors — and this is intended to facilitate auditor independence.
- Section 227 states the powers and duties of auditors. The statutory auditor of a company can, at all times, have the right of access to all books of accounts and vouchers of a company. After thoroughly auditing all aspects of a company’s finances including the balance sheet and profit and loss account, he has to make a report to the shareholders on whether the accounts give the information required by law, and whether these represent a ‘true and fair’ view of the company’s financial affairs. This auditor’s report can be quite exhaustive, and has to also specify whether:
- the auditor could obtain from management all information and explanations that were necessary for the purpose of audit;
- proper books of accounts have been kept by the company;
- branch offices have been audited by him and, if by other auditor(s), whether such audited branch accounts were forwarded to him, and how he dealt with such accounts and reports;
- the company’s balance sheet and profit and loss account are in agreement with the books of accounts and whether these conform to all applicable accounting standards set by the Institute of Chartered Accountants of India (ICAI); and,
- there are any observations, comments or qualifications of the auditor that can have an adverse effect on the functioning of the company. These qualifications have to be made separately, and highlighted in italics or bold face.
- Moreover, the annex to the auditor’s report must also certify :
- the adequacy of internal controls commensurate to the size of the company and its nature of business;
- the adequacy of records maintained for fixed assets and inventories, and whether any fixed assets were re-valued during the year;
- loans and advances that were given by the company, and whether the parties concerned were regular in repaying the principal and interest;
- loans and advances taken by the company, and whether these were at terms prejudicial to the interest of the company and also whether these were being properly repaid according to contracted schedules;
- transactions, including loans and advances, with related parties as defined by section 301 of the Companies Act;
- fixed deposits accepted by the company from the public and, if so, whether these conform to the provisions laid down by section 58A of the Companies Act;
- regularity of depositing of Provident Fund dues, and whether the Employees’ State Insurance Act, 1948, was applicable to the company;
- no personal expenses of directors and employees were charged to the profit and loss account; and,
- in the case of any manufacturing company, whether the management has conformed to the Manufacturing and Other Companies (Auditors’ Report) Order, 1988 (called MAOCARO)
- Section 229 specifies that only the statutory auditor can sign the auditor’s report, the balance sheet, profit and loss account, and (for listed companies) the cash flow statement, and any other certificate or document that law requires signature and authentication of the auditor.
- Section 230 states that the auditor’s report shall be read before the shareholders in the AGM and shall be open to inspection by any shareholder of the company.
- Section 231 confers on the auditor the right to attend and, if necessary, be heard at the AGM on any matter that relates to audit functions.
- Section 232 prescribes the penalties on any company not complying with these provisions.
- Section 233 outlines penalties for auditor’s non-compliance[2]
2.03 All these provisions assume that shareholders have an inalienable right to get the independent, professional opinion of the financial affairs of their company, and that the statutory auditor has a fiduciary duty to provide such a view. Independent audit function, therefore, is a key respected agency in corporate governance, and must not only be credible, professional and above board, but also be perceived to be so. In fact, this is clearly recognised by the ICAI:
“The Chartered Accountant is a person on whom every section of society could rely upon, and rely strongly. His certificate would be one by way of a seal and a hallmark which would at once inspire confidence in the minds of all concerned as certification by a person fully competent and holding a charter from the supreme legislature of the country for the purpose… He must be above reproach; he must reflect the highest ethics of the profession; he must possess the expert knowledge which can throw light on important problems and issues… Any malpractices at the hands of the client should not be tolerated, and in matters where there is even a semblance of doubt in his mind about any malpractice, it should be his bounden duty to stand up against it and make his comments without fear or favour.”
ICAI, History of the Accounting Profession in India, v.II, pp.viii-ix.
.
Not surprisingly, a major task of the Committee is to suggest measures that enhance the reputation of credibility and independence of India’s statutory auditors.
Independence of Auditors — Basic Principles
2.04 Like hunger, independence is easy to perceive, but difficult to define. At the basic level, independence requires:
- Independence of mind, which permits arriving at an informed and reasoned opinion without being affected by factors that compromise integrity, professional scepticism and objectivity of judgement.
- Independence in appearance, which requires avoiding facts, circumstances and instances where, an informed third party could reasonably conclude that integrity, objectivity and professionalism has, or may have, been compromised.
2.05 These are essential tenets for any auditor — the more so today because of the problems faced by the profession in the wake of Enron, Worldcom and the collapse of the auditing giant, Andersen. Moreover, there are real threats to independence. The Code of Ethics for Professional Accountants, prepared by the International Federation of Accountants (IFAC) identifies five such types of threats. [3] These are:
- Self-interest threats, which occur when an auditing firm, its partner or associate could benefit from a financial interest in an audit client. Examples include (i) direct financial interest or materially significant indirect financial interest in a client, (ii) loan or guarantee to or from the concerned client, (iii) undue dependence on a client’s fees and, hence, concerns about losing the engagement, (iv) close business relationship with an audit client, (v) potential employment with the client, and (vi) contingent fees for the audit engagement.
- Self-review threats, which occur when during a review of any judgement or conclusion reached in a previous audit or non-audit engagement, or when a member of the audit team was previously a director or senior employee of the client. Instances where such threats come into play are (i) when an auditor having recently been a director or senior officer of the company, and (ii) when auditors perform services that are themselves subject matters of audit.
- Advocacy threats, which occur when the auditor promotes, or is perceived to promote, a client’s opinion to a point where people may believe that objectivity is getting compromised, e.g. when an auditor deals with shares or securities of the audited company, or becomes the client’s advocate in litigation and third party disputes.
- Familiarity threats, are self-evident, and occur when auditors form relationships with the client where they end up being too sympathetic to the client’s interests. This can occur in many ways: (i) close relative of the audit team working in a senior position in the client company, (ii) former partner of the audit firm being a director or senior employee of the client, (iii) long association between specific auditors and their specific client counterparts, and (iv) acceptance of significant gifts or hospitality from the client company, its directors or employees.
- Intimidation threats, which occur when auditors are deterred from acting objectively with an adequate degree of professional scepticism. Basically, these could happen because of threat of replacement over disagreements with the application of accounting principles, or pressure to disproportionately reduce work in response to reduced audit fees.
2.06 The Committee felt that a sixth threat was the inadequate remuneration that audit firms in India receive for conducting statutory audits. This perhaps prompts audit firms to look towards non-audit work, such as consultancies, to augment their income. Given these threats, the Committee felt it necessary to outline some guiding principles regarding auditor’s independence. These are:
- For the public to have confidence in the quality of audit, it is essential that auditors should always be — and be seen to be — independent of the companies that they are auditing. In the case of audit, the key fundamental principles are integrity, objectivity and professional scepticism, which necessarily require the auditor to be independent.
- Before taking on any work, an auditor must conscientiously consider whether it involves threats to his independence. In such instances, risk aversion is a desirable virtue. In other words, it is better to reject a task as a potential threat to independence even when it may not be so, than to assume otherwise and risk being even remotely compromised.
- Where such threats exist, the auditor should either desist from the task or, at the very least, put in place safeguards that eliminate them or reduce the threats to clearly insignificant levels. All such safeguard measures need to be recorded in a form that can serve as evidence of compliance with due process. If the auditor is unable to fully implement credible and adequate safeguards, then he must not do the work.
2.07 The chapter now moves on to recommending certain practices that can help preserve independence. In the course of meetings with chartered accountants, it was often argued that auditors’ independence is about knowledge of the discipline, professionalism, integrity and fiduciary responsibility — and that none of these attributes can be substituted by legislated restrictions and prohibitions. The Committee certainly agrees with the first part of this sentiment. Even so, there is a case for recommending some judicious restrictions in order to facilitate independence — or, to put it more accurately, to prevent the possibility of dependence. This brings us to the first set of recommendations, which relate to disqualifications for audit assignments.
Recommendation 2.1: Disqualifications for audit assignments
In line with international best practices, the Committee recommends an abbreviated list of disqualifications for auditing assignments, which includes:
- Prohibition of receiving any loans and/or guarantees from or on behalf of the audit client by the audit firm, its partners or any member of the engagement team and their ‘direct relatives’.
- Prohibition of any business relationship with the audit client by the auditing firm, its partners or any member of the engagement team and their ‘direct relatives’.
- Prohibition of personal relationships, which would exclude any partner of the audit firm or member of the engagement team being a ‘relative’ of any of key officers of the client company, i.e. any whole-time director, CEO, CFO, Company Secretary, senior manager belonging to the top two managerial levels of the company, and the officer who is in default (as defined by section 5 of the Companies Act). In case of any doubt, it would be the task of the Audit Committee of the concerned company to determine whether the individual concerned is a key officer.
- Prohibition of service or cooling off period, under which any partner or member of the engagement team of an audit firm who wants to join an audit client, or any key officer of the client company wanting to join the audit firm, would only be allowed to do so after two years from the time they were involved in the preparation of accounts and audit of that client.
- Prohibition of undue dependence on an audit client. So that no audit firm is unduly dependent on an audit client, the fees received from any one client and its subsidiaries and affiliates, all together, should not exceed 25 per cent of the total revenues of the audit firm. However, to help newer and smaller audit firms, this requirement will not be applicable to audit firms for the first five years from the date of commencement of their activities, and for those whose total revenues are less than Rs.15 lakhs per year.
- This recommendation has to be read with Recommendation 2.3 below.
Note: A ‘direct relative’ is defined as the individual concerned, his or her spouse, dependent parents, children or dependent siblings. For the present, the term ‘relative’ is as defined under Schedule IA of the Companies Act. However, the Committee believes that the Schedule IA definition is too wide, and needs to be rationalised for effective compliance.
Non-Audit Services of Firms to Audit Clients
2.08 The Committee believes that non-audit services is a complex area that can’t be resolved by simplistic solutions. These need to be carefully dealt with, keeping in view the twin objectives of maintaining auditor’s independence and ensuring that clients get the benefit of efficient, high quality services. The Ramsay Report (Australia) underscores this point: “There is no solid evidence of any specific link between audit failures and the provision of non-audit services… A ban should not be imposed in the absence of compelling evidence of a problem.” In fact, it is possible for audit firms to end up being more dependant on their audit clients if other services were to be totally banned. In general, the Committee tends to agree with this view.
2.09 However, having said so, the Committee also believes that certain types of non-audit services could impair independence and possibly affect the quality of audit. It also believes that, given the well-publicised failures of an auditing firm as large as Andersen, some judicious prohibitions are in order. Indeed, the accounting regulatory agencies of most OECD countries prescribe negative lists. More recently, section 201 of the SOX Act has disallowed eight types of non-audit services, with the provision to disallow more as may be determined by the newly legislated Public Company Accounting Oversight Board (see Box 2.A).
Box 2.A: Prohibited non-audit services legislated by the SOX Act
According to Section 201 of the SOX Act, auditors performing audit functions for a company are prohibited from contemporaneously carrying out any non-audit service, which includes:
- Bookkeeping, or any other service related to maintaining accounting records or financial statements of the audit client.
- Financial information systems design and implementation.
- Appraisal or valuation services, fairness opinions, or contribution-in-kind reports.
- Actuarial services.
- Internal audit outsourcing services.
- Management or human resource functions.
- Broker, dealer, investment adviser or investment banking services.
- Legal and other expert services unrelated to audit.
- Any other service that the Public Company Accounting Oversight Board may determine to be impermissible.
Moreover, for any public accounting firm to engage in any non-audit services, including tax services, excluding those prohibited above, prior permission and pre-approval must be taken from the Audit Committee of the concerned client company, and full disclosure of all such payments to the auditing firm be made in the annual accounts and report to the shareholders.
2.10 Most of these prohibitions already exist in India. The ICAI prohibits its members, as auditing firms, from services such as bookkeeping, maintaining accounts, internal audit, designing any information system which is a subject of audit or internal audit, brokering, investment advisory and investment banking services. Even so, the Committee believes that it is necessary to provide an explicit list of prohibi
Recommendation 2.2: List of prohibited non-audit services
The Committee recommends that the following services should not be provided by an audit firm to any audit client:
- Accounting and bookkeeping services, related to the accounting records or financial statements of the audit client.
- Internal audit services.
- Financial information systems design and implementation, including services related to IT systems for preparing financial or management accounts and information flows of a company.
- Actuarial services.
- Broker, dealer, investment adviser or investment banking services.
- Outsourced financial services.
- Management functions, including the provision of temporary staff to audit clients.
- Any form of staff recruitment, and particularly hiring of senior management staff for the audit client.
- Valuation services and fairness opinion.
Further in case the firm undertakes any service other than audit, or the prohibited services listed above, it should be done only with the approval of the audit committee.
Independence of Affiliated Consulting and Associated Firms
2.11 It is one thing to mandate strict independence standards for an audit firm-qua-audit functions; but, as was raised in the Committee, what about the status of consulting and associated entities affiliated to audit firms? Shouldn’t these also have some independence guidelines?
2.12 The problem is something like this. Suppose an audit firm, A, has a subsidiary, B, that engages in consulting services. Further, suppose that the A’s audit revenue is Rs.10 crore, and B’s revenue from consulting is Rs.30 crore. Now, if a common corporate client accounts for only 10 per cent of A’s audit revenue (and, thus, meets the criteria outlined in Recommendation 2.3), but accounts for a third of B’s consulting income. Would that not create self-interest threats, and possibly affect the auditors’ independence?
2.13 A caveat is in order at this stage. Not once is the Committee stating that audit firms must not have affiliated consulting firms (or firm) engaged in specialised practices such as taxation or valuation. Indeed, it has been often demonstrated that consulting skills lead to a wider understanding of business strategy and, hence, can foster positive knowledge externalities for auditors. It makes a great deal of sense for good auditors to widen their horizons by occasionally engaging in the business of consulting, just as it does for business consultants to intermittently get involved in the nitty-gritty of auditing. There is human resources dimension as well. Nowadays, rare is a good chartered accountant who wants to spend his entire life as a pure auditor; he also wants to do consulting assignments. Preventing the talented from straddling both worlds could easily result in a secular decline in the quality and expertise of auditors. This Committee has no qualms per se about audit firms having subsidiaries or associate companies engaged in consulting or other specialised business services.
2.14 However, it is also a fact that such affiliations could cause potential threats to auditor independence and, therefore, it would be prudent to create realistic safeguards against such contingencies. This leads to the following recommendation
Recommendation 2.3: Independence Standards for Consulting and Other Entities that are Affiliated to Audit Firms
- Prohibition of undue dependence. Where an audit firm has subsidiary, associate or affiliated entities, yardstick of no more than 25 per cent of revenues coming from a single audit client stated in Recommendation 2.1 should be widened to accommodate the consolidated entity. Thus, no more than 25 per cent of the revenues of the consolidated entity should come from a single corporate client with whom there is also an audit engagement.
- The other prohibitions listed in Recommendation 2.1 should also apply in full to all affiliated consulting and specialised service entities of any audit firm that are either subsidiaries of the audit firm, or have common ownership of over 50 per cent with the audit firm. And all the tests of independence outlined in Recommendation 2.1 should be carried over to the consolidated entity.
- Therefore, this recommendation has to be read with Recommendation 2.1.
Consolidation tests should test fully, line-by-line, for all subsidiaries, whether the audit firm, or its partners, own over 50 per cent of equity, or share of profit.
Rotation of Audit Firms
2.15 The Committee heard the views of two distinct schools of thought: the minority, which believed in the compulsory rotation of audit firms (the notable proponents were the office of the Comptroller and Auditor-General, Life Insurance Corporation of India and ASSOCHAM); and the overwhelming majority (notable amongst them being the CII, FICCI and some of the ex-presidents of the ICAI) which was against it, but argued in favour of the rotation of audit or engagement partners.
2.16 Those who advocated rotation of audit firms held the view that changing engagement partners did not suffice to promote independence. According to this view, replacing engagement partner A by B every three, five or seven years was only a cosmetic change. The other school of thought also brought to bear its arguments in favour of rotating engagement partners, but not necessarily the audit firm. Their arguments were as follows. First, auditing of multi-divisional, multi-segmental companies in today’s environment has become an increasingly complex task — one that requires high levels of accounting and income recognition skills as well as detailed, industry-specific knowledge. Secondly, such knowledge doesn’t come overnight. It needs sustained training, exposure and understanding of business practices as well as rapidly changing global accounting rules and standards. Thirdly, if auditing firms know that they will be changed every few years, then one of two things could happen. At best, the ten or fifteen large and reputable audit firms could swap the big clients among themselves to no great purpose. At worst, most firms would have no incentive to invest in the necessary knowledge of complex industries and businesses, and so reduce the quality of auditing to its lowest common denominator — to the detriment of the company, its investors and other stakeholders.
2.17 The Committee deliberated long and hard over the issue of rotation. In doing so, it did not find sufficient international evidence favouring compulsory rotation of audit firms. Various independent accounting studies made available to the Committee indicated no discernible benefits from rotation.[4] In fact, these studies universally indicated the opposite — that rotation tends to enhance the risk of audit failures in the last year of the tenure of the outgoing auditor (who has no further incentive to invest in quality), and the first two years of the new auditor (who is yet to get to grips with the nitty-gritty of the business). Further, even the politically charged, crusading post-Enron world has not legislated in favour of compulsory rotation of audit firms. For instance, while section 203 of the SOX Act prescribes rotation of the lead (or coordinating) audit partner, or the audit reviewing partner once every five years, it does not mandate compulsory rotation of audit firms.
2.18 Given international practice, and the fact that there is no conclusive proof of the gains while there is sufficient evidence of the risks, the Committee does not recommend in favour of any statutory rotation of audit firms. However, in line with the SOX Act, the Committee is in favour of compulsory rotation of audit partners.
Recommendation 2.4: Compulsory Audit Partner Rotation
- There is no need to legislate in favour of compulsory rotation of audit firms.
- However, the partners and at least 50 per cent of the engagement team (excluding article clerks and trainees) responsible for the audit of either a listed company, or companies whose paid up capital and free reserves exceeds Rs.10 crore, or companies whose turnover exceeds Rs.50 crore, should be rotated every five years.
- Also, in line with the provisions of the European Union and the IFAC, persons who are compulsorily rotated could, if need be, allowed to return after a break of three years.
Disclosures by Auditors
2.19 Nothing works like disclosures. The guidance, “When in doubt, disclose” is probably the simplest and best yardstick for evaluating good corporate governance. The Committee felt that while amendments in the Companies Act, Clause 49 of the Listing Agreement, and other regulations laid down by the SEBI and the DCA have significantly enhanced disclosures in recent times, more can be done in the interests of shareholders, other investors, stakeholders and the community at large.
2.20 Disclosure by different agents are dealt with throughout the various chapters of this report. This section focuses only on additional disclosures by auditors.
-
Contingent liabilities
2.21 Many small shareholders do not know how to read the minutiae of balance sheets, profit and loss accounts, cash flow statements and notes on accounts. When this is juxtaposed with the language of auditors, cost accountants and company secretaries — replete with long and dense sentences — the result is often one of profound non-comprehension. This is particularly true in the case of contingent liabilities.
Recommendation 2.5: Auditor’s disclosure of contingent liabilities
It is important for investors and shareholders to get a clear idea of a company’s contingent liabilities because these may be significant risk factors that could adversely affect the corporation’s future health. The Committee recommends that management should provide a clear description in
plain English of each material liability and its risks, which should be followed by the auditor’s clearly worded comments on the management’s view. This section should be highlighted in the significant accounting policies and notes on accounts, as well as, in the auditor’s report, where necessary.
-
Qualifications
2.22 What is true for contingent liabilities is even more germane for auditor’s qualification of the accounts of a company. A qualification can be a serious indictment of the financial affairs and management of a company. Yet, far too few shareholders really understand what a qualification means, and companies are hardly ever questioned by regulators such as the SEBI and the DCA regarding such qualifications. The Committee believes that this must change — and the only way of doing so is by mandating greater disclosures.
Recommendation 2.6: Auditor’s disclosure of qualifications and consequent action
- Qualifications to accounts, if any, must form a distinct, and adequately highlighted, section of the auditor’s report to the shareholders.
- These must be listed in full in plain English — what they are(including quantification thereof), why these were arrived at, including qualification thereof, etc.
- In case of a qualified auditor’s report, the audit firm may read out the qualifications, with explanations, to shareholders in the company’s annual general meeting.
- It should also be mandatory for the audit firm to separately send a copy of the qualified report to the ROC, the SEBI and the principal stock exchange (for listed companies), about the qualifications, with a copy of this letter being sent to the management of the company. This may require suitable amendments to the Companies Act, and corresponding changes in The Chartered Accountants Act.
Disclosure in the event of replacement of auditors
2.23 As mentioned earlier, the Companies Act makes it more difficult to replace an auditor than to re-appoint one. While this is as it should be, the Committee felt that corporate governance would benefit from some additional disclosure. The Committee felt that if the management were to be more accountable to the shareholders and the audit committee, in the matter of replacing auditors, this is likely to make the auditors more fearless. This is a step which would meet, to some extent, intimidation threats to auditors.
Recommendation 2.7: Management’s certification in the event of auditor’s replacement
- Section 225 of the Companies Act needs to be amended to require a special resolution of shareholders, in case an auditor, while being eligible to re-appointment, is sought to be replaced.
- The explanatory statement accompanying such a special resolution must disclose the management’s reasons for such a replacement, on which the outgoing auditor shall have the right to comment. The Audit Committee will have to verify that this explanatory statement is ‘true and fair’.
Disclosure regarding independence of auditors
2.24 Even if the shareholders and the audit committee are satisfied about the independence of the auditors when appointing them, this independence might, somewhere along the way, get compromised: a financial or employment relationship could develop. Faith in the continued independence of the auditors must be renewed. The Committee, therefore, felt that it will be a good practice for the audit firm to annually file a certificate of independence to the Audit Committee or the board of directors of the client company.
Recommendation 2.8: Auditor’s annual certification of independence
- Before agreeing to be appointed (along with 224(1)(b)), the audit firm must submit a certificate of independence to the Audit Committee or to the board of directors of the client company certifying that the firm, together with its consulting and specialised services affiliates, subsidiaries and associated companies:
- are independent and have arm’s length relationship with the client company;
- have not engaged in any non-audit services listed and prohibited in Recommendation 2.2 above; and
- are not disqualified from audit assignments by virtue of breaching any of the limits, restrictions and prohibitions listed in Recommendations 2.1 and 2.3.
In the event of any inadvertent violations relating to Recommendations 2.1, 2.2 and 2.3, the audit firm will immediately bring these to the notice of the Audit Committee or the board of directors of the client company, which is expected to take prompt action to address the cause so as to restore independence at the earliest, and minimise any potential risk that might have been caused.
Appointment and Remuneration of Auditors
2.25 By and large, the Committee had no issues with the method of appointing the statutory auditor, as laid down by the Companies Act and Clause 49 of the Listing Agreement. However, it was noted that audit fees in India were generally quite low — which might, over time, impinge upon the quality of audit. Nevertheless, the Committee felt that it would be imprudent to mandate a minimum audit fee.
2.26 The Committee also felt that, in general, the primary point of reference for the appointment, terms of reference and fees of the auditing firm must be the Audit Committee of the board of directors. The second level of decision-making should rest with the full board, subject to a positive recommendation by the Audit Committee. And the final approval must rest with the shareholders at the company’s AGM. The Committee also recognised that, in India, there would be two notable sets of exceptions to this practice — and these relate to government companies and public sector banks. Under section 619 of the Companies Act, auditors are appointed by the Comptroller and Auditor-General of India; while those of scheduled commercial banks need to be approved by the RBI.
2.27 Chapter 4 discusses Audit Committees of boards in detail. It has been pointed out that lack of skill, commitment required in terms of time, inadequate financial compensation to members, and inadequate regulatory oversight are some of the reasons why audit committees have not been able to play the effective role that was envisaged for them. Here, the Committee felt that Audit Committees should play a key role vis-à-vis auditing itself, by involving itself in areas such as discussing the annual work programme with the auditors, reviewing the independence of the audit firm, recommending appointment/re-appointment or removal of external auditor, along with the annual audit remuneration.
Recommendation 2.9: Appointment of auditors
The Audit Committee of the board of directors shall be the first point of reference regarding the appointment of auditors. To discharge this fiduciary responsibility, the Audit Committee shall:
- discuss the annual work programme with the auditor;
- review the independence of the audit firm in line with Recommendations 2.1, 2.2 and 2.3 above; and
- recommend to the board, with reasons, either the appointment/re-appointment or removal of the external auditor, along with the annual audit remuneration.
Exceptions to this rule may cover government companies (which follow section 619 of the Companies Act) and scheduled commercial banks (where the RBI has a role to play).
CEO and CFO Certification
2.28 Section 302 of the SOX Act specifies that the CEO and CFO of all listed companies must certify to the SEC regarding the veracity of each annual and quarterly financial report. This is a far more expanded certification compared to the ones that were earlier required for mandatory SEC filings. In addition, under section 304 of the SOX Act, if there is an accounting restatement because of either misconduct or material non-compliance of this certification and other requirements, the CEO and CFO will have to reimburse the company for any excess incentive- or equity-based compensation arising out of the misstatement (the disgorgement clause). Furthermore, the Act has prescribed enhanced criminal penalties for any false certification.
2.29 The Committee examined this certification issue in detail, and concluded that it constitutes a good corporate governance practice. However, it was not in agreement with instituting criminal proceedings. Instead, the Committee felt that there should be significantly enhanced penalties — ones that should act as a credible deterrent.[5]
Recommendation 2.10: CEO and CFO certification of annual audited accounts
For all listed companies as well as public limited companies whose paid-up capital and free reserves exceeds Rs.10 crore, or turnover exceeds Rs.50 crore, there should be a certification by the CEO (either the Executive Chairman or the Managing Director) and the CFO (whole-time Finance Director or otherwise) which should state that, to the best of their knowledge and belief:
- They, the signing officers, have reviewed the balance sheet and profit and loss account and all its schedules and notes on accounts, as well as the cash flow statements and the Directors’ Report.
- These statements do not contain any material untrue statement or omit any material fact nor do they contain statements that might be misleading.
- These statements together represent a true and fair picture of the financial and operational state of the company, and are in compliance with the existing accounting standards and/or applicable laws/regulations.
- They, the signing officers, are responsible for establishing and maintaining internal controls which have been designed to ensure that all material information is periodically made known to them; and have evaluated the effectiveness of internal control systems of the company.
- They, the signing officers, have disclosed to the auditors as well as the Audit Committee deficiencies in the design or operation of internal controls, if any, and what they have done or propose to do to rectify these deficiencies.
- They, the signing officers, have also disclosed to the auditors as well as the Audit Committee instances of significant fraud, if any, that involves management or employees having a significant role in the company’s internal control systems.
- They, the signing officers, have indicated to the auditors, the Audit Committee and in the notes on accounts, whether or not there were significant changes in internal control and/or of accounting policies during the year under review.
- In the event of any materially significant misstatements or omissions, the signing officers will return to the company that part of any bonus or incentive- or equity-based compensation which was inflated on account of such errors, as decided by the Audit Committee.
2.30 The Committee believes that such a certificate, coupled with significantly enhanced penalties, will induce CEOs and CFOs to be far more careful in their disclosures to shareholders and investors.
[1] In addition, listed companies must append an annual cash flow statement in line with the heads of items prescribed by the SEBI.
[2] It is a different matter that the penalties are paltry, and hardly serve as a deterrent. Each instance of corporate non-compliance attracts a fine of Rs.5,000, while that for auditors penalty for non-compliance of Rs.10,000.
[3] See IFAC, Code of Ethics for Professional Accountants (Section 8 — Independence), pp.7-8.
[4] See, for instance, studies by the SDA University of Bocconi (2002) and Arunada and Paz-Ares (1995).
[5] At the time of writing this report, another committee under the Chairmanship of Mr. Shardul S. Shroff is examining the issue of enhanced penalties for non-compliance.