INDEX

MODULE 2

CA Harshad Jaju
Swapnil Patni Classes caharshad
98812 92971
 8
CHAPTER
SPECIALISED
AREAS

Highlights

After studying this chapter, you would be able to -

1. Know about special considerations applicable in respect of the audit of financial statements prepared
in accordance with the special purpose framework in accordance with SA 800.
2. Understand the meaning of special purpose framework.
3. Know about special considerations applicable in acceptance, planning and performance and forming
an opinion and reporting in such types of engagements.
4. Gain knowledge about special considerations applicable to an audit of a single financial statement
or of a specific element, account or item of a financial statement in accordance with SA 805.
5. Understand the meaning of a single financial statement and elements of a financial statement.
6. Know about special considerations applicable in acceptance, planning and performance and forming
an opinion and reporting in such types of engagements in accordance with requirements of SA
805.
7. Understand the responsibilities of an auditor when undertaking an engagement to report on summary
financial statements derived from financial statements audited in accordance with SAs by the
same auditor in accordance with SA 810.
8. Know about special considerations applicable in acceptance, planning and performance and forming
an opinion and reporting in such type of engagements in accordance with requirements of SA 810.
9. Understand elements of audit report issued on summary financial statements in accordance with
SA 810.

1. INTRODUCTION

• SA 800 deals with special considerations applicable in respect of the audit of financial statements
prepared in accordance with the special purpose framework.
• SA 805 deals with special considerations applicable to an audit of a single financial statement or
of a specific element, account or item of a financial statement.
• SA 810 deals with responsibilities of an auditor when undertaking an engagement to report on
summary financial statements derived from financial statements audited in accordance with SAs
by that same auditor.

CA Harshad Jaju
Swapnil Patni Classes caharshad 8.1
98812 92971
 SPECIALISED AREAS

All the aforesaid discussed Standards on auditing broadly deal with following areas: -

Acceptance of such
engagements
Planning and
performance of such
Forming an engagements
opinion and reporting
considerations in such
engagements

2. SA 800 - SPECIAL CONSIDERATIONS - AUDITS OF

FINANCIAL STATEMENTS PREPARED IN ACCORDANCE
WITH SPECIAL PURPOSE FRAMEWORKS
SA 800 deals with special considerations applicable in respect of audit of financial statements prepared
in accordance with special purpose framework.

SA 800 addresses special considerations that are relevant to: -

a. The acceptance of the engagement
b. The planning and performance of that engagement and
c. Forming an opinion and reporting on the financial statements but not for the purpose of expressing
an opinion on the effectiveness of the entity’s internal control.

2.1 What is Special Purpose framework?

a. SA 800 defines special purpose framework as a financial reporting framework designed to meet
the financial information needs of specific users. The financial reporting framework may be a fair
presentation framework or a compliance framework.
b. The requirements of the applicable financial reporting framework determine the form and content
of the financial statements and what constitutes a complete set of financial statements.

Examples of Special purpose frameworks are: -

• The cash receipts and disbursements basis of accounting for cash flow information that an entity
may be requested to prepare for creditors.
• The financial reporting provisions established by a regulator to meet the requirements of that
regulator.
• The financial reporting provisions of a contract, such as a bond indenture, a loan agreement, or
a project grant.

CA Harshad Jaju
8.2 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

c. Special purpose framework is to be distinguished from general purpose framework. A financial

reporting framework designed to meet the common financial information needs of a wide range of
users is known as “General purpose framework” whereas a financial reporting framework designed
to meet the financial information needs of specific users is known as “Special purpose framework.”

2.2 Considerations When Accepting Such Engagement

1. In the case of special purpose financial statements, the financial information needs of the intended
users are a key factor in determining the acceptability of the financial reporting framework applied
in the preparation of the financial statements.
2. The applicable financial reporting framework may encompass the financial reporting standards
established by an organisation that is authorised or recognised to promulgate standards for special
purpose financial statements.
3. In that case, those standards will be presumed acceptable for that purpose if the organisation
follows an established and transparent process involving deliberation and consideration of the
views of relevant stakeholders.
4. Some laws or regulations may prescribe the financial reporting framework to be used by
management in the preparation of special purpose financial statements for a certain type of entity.
For example, a regulator may establish financial reporting provisions to meet the requirements of
that regulator. In the absence of indications to the contrary, such a financial reporting framework
is presumed acceptable for special purpose financial statements prepared by such an entity.
5. Where the financial reporting standards referred to above are supplemented by legislative or
regulatory requirements, SA 210 requires the auditor to determine whether any conflicts between
the financial reporting standards and the additional requirements exist and prescribes actions to be
taken by the auditor if such conflicts exist.
6. The applicable financial reporting framework may encompass the financial reporting provisions of
a contract or sources other than those described in the preceding paras. In that case, the acceptability
of the financial reporting framework in the circumstances of the engagement is determined by
considering whether the framework exhibits attributes normally exhibited by acceptable financial
reporting frameworks in accordance with the requirements of SA 210.
7. In the case of a special purpose framework, the relative importance to a particular engagement of
each of the attributes normally exhibited by acceptable financial reporting frameworks is a matter
of professional judgment.

For example, for purposes of establishing the value of net assets of an entity at the date of its
sale, the vendor and the purchaser may have agreed that very prudent estimates of allowances
for uncollectible accounts receivable are appropriate for their needs, even though such financial
information is not neutral when compared with financial information prepared in accordance with
a general purpose framework.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.3
 SPECIALISED AREAS

2.3 Considerations When Planning and Performing Such Audit

SA 200 requires the auditor to comply with
a. Relevant ethical requirements, including those pertaining to independence, relating to financial
statement audit engagements, and
b. All SAs relevant to the audit. It also requires the auditor to comply with each requirement of an
SA unless, in the circumstances of the audit, the entire SA is not relevant or the requirement is not
relevant because it is conditional and the condition does not exist. In exceptional circumstances,
the auditor may judge it necessary to depart from a relevant requirement in an SA by performing
alternative audit procedures to achieve the aim of that requirement.
c. Application of some of the requirements of the SAs in an audit of special purpose financial statements
may require special consideration by the auditor. For example, in SA 320, judgments about matters
that are material to users of the financial statements are based on a consideration of the common
financial information needs of users as a group. In the case of an audit of special purpose financial
statements, however, those judgments are based on a consideration of the financial information
needs of the intended users.
The existence of such a threshold does not relieve the auditor from the requirement to determine
materiality in accordance with SA 320 for purposes of planning and performing the audit of the
special purpose financial statements.
d. SA 260 (Revised) requires the auditor to determine the appropriate person(s) within the entity’s
governance structure with whom to communicate. In some cases, all of those charged governance
are involved in managing the entity, and the application of the communication requirements is
modified to recognize this position. When a complete set of general purpose financial statements
is also prepared by the entity, those person(s) responsible for the oversight of the preparation of
the special purpose financial statements may not be the same as those charged with governance
responsible for the oversight of the preparation of those general purpose financial statements.
Forming an opinion and reporting considerations in such an audit : When forming an opinion and
reporting on special purpose financial statements, the auditor shall apply the requirements in Revised
SA 700.

2.4 Description of the Applicable Financial Reporting Framework

Revised SA 700 requires the auditor to evaluate whether the financial statements adequately refer to
or describe the applicable financial reporting framework. In the case of financial statements prepared
in accordance with the provisions of a contract, the auditor shall evaluate whether the financial
statements adequately describe any significant interpretations of the contract on which the financial
statements are based.
Revised SA 700 deals with the form and content of the auditor’s report. In the case of an auditor’s
report on special purpose financial statements: -
a. The auditor’s report shall also describe the purpose for which the financial statements are prepared
and, if necessary, the intended users, or refer to a note in the special purpose financial statements
that contain that information; and
b. If management has a choice of financial reporting frameworks in the preparation of such financial
statements, the explanation of management’s responsibility for the financial statements shall
also make reference to its responsibility for determining that the applicable financial reporting
framework is acceptable in the circumstances.

CA Harshad Jaju
8.4 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

2.5 Alerting Readers that the Financial Statements Are

Prepared in Accordance with a Special Purpose Framework
The special purpose financial statements may be used for purposes other than those for which they were
intended. For example, a regulator may require certain entities to place the special purpose financial
statements on public record. To avoid misunderstandings, the auditor alerts users of the auditor’s
report that the financial statements are prepared in accordance with a special purpose framework and,
therefore, may not be suitable for another purpose.

2.6 Restriction on Distribution or Use

In addition to the alert required as discussed above, the auditor may consider it appropriate to indicate
that the auditor’s report is intended solely for the specific users. Depending on the law or regulation
applicable, this may be achieved by restricting the distribution or use of the auditor’s report. In these
circumstances, the paragraph alerting the readers may be expanded to include these other matters, and
the heading modified accordingly.

3. SA 805-SPECIAL CONSIDERATIONS—AUDITS OF SINGLE

FINANCIAL STATEMENTS AND SPECIFIC ELEMENTS,
ACCOUNTS OR ITEMS OF A FINANCIAL STATEMENT
SA 805 deals with special considerations in the application of 100 to 700 series SAs to an audit of a
single financial statement or of a specific element, account or item of a financial statement. The single
financial statement or the specific element, account or item of a financial statement may be prepared
in accordance with a general or special purpose framework. If prepared in accordance with a special
purpose framework, SA 800 also applies to the audit.
SA 805 does not apply to the report of a component auditor issued as a result of work performed on
the financial information of a component at the request of a group engagement team for purposes
of an audit of group financial statements.
The objective of the auditor, when applying SAs, in such an audit, is to address appropriately the
special considerations that are relevant to the acceptance of engagement, planning and performance
of engagement and forming an opinion and reporting but not for the purpose of expressing an opinion
on the effectiveness of the entity’s internal control.

3.1 What is a Single Financial Statement?

A single financial statement is to be distinguished from a complete set of financial statements. For
example, a cash flow statement is a single financial statement.

3.2 What is the Element of a Financial Statement?

“Element of a financial statement” or “element” means an “element, account or item of a financial
statement.” For example, trade receivables or cash and bank balances
A single financial statement or a specific element of a financial statement includes the related notes
ordinarily comprising a summary of significant accounting policies and other explanatory information
relevant to the financial statement or to the element.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.5
 SPECIALISED AREAS

3.3 Considerations When Accepting Such Engagement

3.3.1 Application of SAs
SA 200 requires the auditor to comply with all SAs relevant to the audit. In the case of an audit of a
single financial statement or of a specific element of a financial statement, this requirement applies.
SA 200 requires the auditor to comply with
a. Relevant ethical requirements, including those pertaining to independence relating to financial
statement audit engagements, and
b. All SAs relevant to the audit. It also requires the auditor to comply with each requirement of an
SA unless, in the circumstances of the audit, the entire SA is not relevant or the requirement is not
relevant because it is conditional and the condition does not exist. In exceptional circumstances,
the auditor may judge it necessary to depart from a relevant requirement in an SA by performing
alternative audit procedures to achieve the aim of that requirement.
Compliance with the requirements of SAs relevant to the audit of a single financial statement or of a
specific element of a financial statement may not be practicable when the auditor is not also engaged
to audit the entity’s complete set of financial statements. Accordingly, the auditor may need further
evidence to corroborate audit evidence acquired from the accounting records.
In the case of an audit of a specific element of a financial statement, certain SAs require audit work
that may be disproportionate to the element being audited.

3.3.2 Acceptability of the Financial Reporting Framework

SA 210 requires the auditor to determine the acceptability of the financial reporting framework applied
in the preparation of the financial statements. In the case of an audit of a single financial statement or of a
specific element of a financial statement, this shall include whether application of the financial reporting
framework will result in a presentation that provides adequate disclosures to enable the intended users to
understand the information conveyed in the financial statement or the element, and the effect of material
transactions and events on the information conveyed in the financial statement or the element.
A single financial statement or a specific element of a financial statement may be prepared in accordance
with an applicable financial reporting framework that is based on a financial reporting framework
established by an authorised or recognised standards setting organisation for the preparation of a
complete set of financial statements. If this is the case, determination of the acceptability of the
applicable framework may involve considering whether that framework includes all the requirements
of the framework on which it is based that are relevant to the presentation of a single financial statement
or of a specific element of a financial statement that provides adequate disclosures.

3.4 Considerations When planning and performing the Audit

In planning and performing the audit of a single financial statement or of a specific element of a financial
statement, the auditor shall adapt all SAs relevant to the audit as necessary in the circumstances of the
engagement.
When auditing a single financial statement or a specific element of a financial statement in conjunction
with the audit of the entity’s complete set of financial statements, the auditor may be able to use audit
evidence obtained as part of the audit of the entity’s complete set of financial statements in the audit
of the financial statement or the element. SAs, however, require the auditor to plan and perform the
audit of the financial statement or element to obtain sufficient appropriate audit evidence on which to
base the opinion on the financial statement or on the element.

CA Harshad Jaju
8.6 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

The individual financial statements that comprise a complete set of financial statements, and many of
the elements of those financial statements, including their related notes, are interrelated.
Accordingly, when auditing a single financial statement or a specific element of a financial statement,
the auditor may not be able to consider the financial statement or the element in isolation.
Consequently, the auditor may need to perform procedures in relation to the interrelated items to meet
the objective of the audit.
Furthermore, the materiality determined for a single financial statement or for a specific element
of a financial statement may be lower than the materiality determined for the entity’s complete set
of financial statements; this will affect the nature, timing and extent of the audit procedures and the
evaluation of uncorrected misstatements.

3.5 Form of Opinion

SA 210 requires that the agreed terms of the audit engagement include the expected form of any
reports to be issued by the auditor. In the case of an audit of a single financial statement or of a specific
element of a financial statement, the auditor shall consider whether the expected form of opinion is
appropriate in the circumstances.

The form of opinion to be expressed by the auditor depends on the applicable financial reporting
framework and any applicable laws or regulations. In accordance with Revised SA 700:
a. When expressing an unmodified opinion on a complete set of financial statements prepared in
accordance with a fair presentation framework, the auditor’s opinion, unless otherwise required
by law or regulation, uses one of the following phrases: (i) the financial statements present fairly,
in all material respects, in accordance with the applicable financial reporting framework or (ii)
the financial statements give a true and fair view in accordance with the applicable financial
reporting framework and
b. When expressing an unmodified opinion on a complete set of financial statements prepared
in accordance with a compliance framework, the auditor’s opinion states that the financial
statements are prepared, in all material respects, in accordance with the applicable financial
reporting framework.
In the case of a single financial statement or of a specific element of a financial statement, the
applicable financial reporting framework may not explicitly address the presentation of the financial
statement or of the element. This may be the case when the applicable financial reporting framework
is based on a financial reporting framework established by an authorised or recognised standards
setting organisation for the preparation of a complete set of financial statements The auditor therefore
considers whether the expected form of opinion is appropriate in the light of the applicable financial
reporting framework.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.7
 SPECIALISED AREAS

Factors that may affect the auditor’s consideration as to whether to use the phrases “presents
fairly, in all material respects”, or “gives a true and fair view” in the auditor’s opinion include:

• Whether the applicable financial reporting framework is explicitly or implicitly restricted to the
preparation of a complete set of financial statements.

• Whether the single financial statement or the specific element of a financial statement will:
• Comply fully with each of those requirements
• If necessary to achieve fair presentation,
of the framework relevant to the particular
provide disclosures beyond those specifically
financial statement or the particular element,
required by the framework or, in exceptional
and the presentation of the financial statement
circumstances, depart from a requirement of
or the specific element of a financial statement
the framework.
include the related notes and disclosures
The auditor’s decision as to the expected form of opinion is a matter of professional judgment. It may
be affected by whether use of the phrases “presents fairly, in all material respects”, or “gives a true
and fair view” in the auditor’s opinion on a single financial statement or on a specific element of a
financial statement prepared in accordance with a fair presentation framework is generally accepted
in the particular jurisdiction.

3.6 Forming an Opinion and Reporting Considerations

When forming an opinion and reporting the auditor shall apply the requirements in Revised SA 700,
adapted as necessary in the circumstances of the engagement.

If the auditor undertakes an engagement to report on a single financial statement or on a

specific element of a financial statement in conjunction with an engagement to audit the
entity’s complete set of financial statements, the auditor shall express a separate opinion for
each engagement.

An audited single financial statement or an audited specific element of a financial statement may
be published together with the entity’s audited complete set of financial statements. If the auditor
concludes that the presentation of a single financial statement or of the specific element of a financial
statement does not differentiate it sufficiently from the complete set of financial statements, the auditor
shall ask management to rectify the situation. The auditor shall also differentiate the opinion on the
single financial statement or on the specific element of a financial statement from the opinion on
the complete set of financial statements. The auditor shall not issue the auditor’s report containing
the opinion on the single financial statement or on the specific element of a financial statement until
satisfied with the differentiation.

• If the opinion in the auditor’s report on an entity’s complete set of financial statements
is modified, or that report includes an Emphasis of matter paragraph or other matter
paragraph, the auditor shall determine the effect that this may have on the auditor’s report
on a single financial statement or on a specific element of those financial statements. When
deemed appropriate, the auditor shall modify the opinion on the single financial statement
or on the specific element of a financial statement, or include an Emphasis of matter
paragraph or other matter paragraph in the auditor’s report, accordingly.

CA Harshad Jaju
8.8 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

• If the auditor concludes that it is necessary to express an adverse opinion or disclaim an

opinion on the entity’s complete set of financial statements as a whole, Revised SA 705 does
not permit the auditor to include in the same auditor’s report an unmodified opinion on
a single financial statement that forms part of those financial statements or on a specific
element that forms part of those financial statements. This is because such an unmodified
opinion would contradict the adverse opinion or disclaimer of opinion on the entity’s
complete set of financial statements as a whole.

If the auditor concludes that it is necessary to express an adverse opinion or disclaim an opinion
on the entity’s complete set of financial statements as a whole but, in the context of a separate
audit of a specific element that is included in those financial statements, the auditor nevertheless
considers it appropriate to express an unmodified opinion on that element, the auditor shall
only do so if:
b.
That opinion c.
a. is expressed in an
auditor’s report that is not The specific element
The auditor is not prohibited published together with the does not constitute a
by law or regulation from auditor’s report containing major portion of the
doing so; the adverse opinion entity’s complete set of
or disclaimer of financial statements.
opinion; and

The auditor shall not express an unmodified opinion on a single financial statement of a complete set
of financial statements if the auditor has expressed an adverse opinion or disclaimed an opinion on the
complete set of financial statements as a whole. This is because a single financial statement is deemed
to constitute a major portion of those financial statements.
Revised SA 700 requires the auditor, in forming an opinion, to evaluate whether the financial
statements provide adequate disclosures to enable the intended users to understand the effect of
material transactions and events on the information conveyed in the financial statements. In the case
of a single financial statement or of a specific element of a financial statement, it is important that
the financial statement or the element, including the related notes, in view of the requirements of the
applicable financial reporting framework, provides adequate disclosures to enable the intended users
to understand the information conveyed in the financial statement or the element, and the effect of
material transactions and events on the information conveyed in the financial statement or the element.
Even when the modified opinion on the entity’s complete set of financial statements, Emphasis of
matter paragraph or Other matter paragraph does not relate to the audited financial statement or the
audited element, the auditor may still deem it appropriate to refer to the modification in an Other
matter paragraph in an auditor’s report on the financial statement or on the element because the
auditor judges it to be relevant to the users’ understanding of the audited financial statement or the
audited element or the related auditor’s report.
In the auditor’s report on an entity’s complete set of financial statements, the expression of a disclaimer
of opinion regarding the results of operations and cash flows, where relevant, and an unmodified
opinion regarding the state of affairs is permitted since the disclaimer of opinion is being issued in
respect of the results of operations and cash flows only and not in respect of the financial statements
as a whole.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.9
 SPECIALISED AREAS

SA 800 and 805 do not override the requirements of the other SAs; nor do they purport to deal with
all special considerations that may be relevant in the circumstances of the engagement.

Accounts receivable, allowance for doubtful accounts receivable, inventory,

Examples of the liability for accrued benefits of a private pension plan, the recorded value
of identified intangible assets, or the liability for “incurred but not reported”
Specific
claims in an insurance portfolio, including related notes.
Elements,
Accounts A schedule of externally managed assets and income of a private pension
plan, including related notes.
or Items of
a Financial A schedule of net tangible assets, including related notes.
Statement are: A schedule of disbursements in relation to a lease property, including
explanatory notes.

4. SA 810 - ENGAGEMENTS TO REPORT ON

SUMMARY FINANCIAL STATEMENTS
SA 810 deals with the auditor’s responsibilities when undertaking an engagement to report on summary
financial statements derived from financial statements audited in accordance with SAs by that same
auditor.

4.1 What do Summary Financial Statements Reflect?

Summary financial statements reflect historical financial information that is derived from financial
statements, but that contains less detail than the financial statements while still providing a structured
representation consistent with that provided by the financial statements of the entity’s economic
resources or obligations at a point in time or the changes therein for a period of time.

4.2 Engagement Acceptance

The auditor shall, ordinarily, accept an engagement to report on summary financial statements in
accordance with this SA only when the auditor has been engaged to conduct an audit in accordance
with SAs of the financial statements from which the summary financial statements are derived. If the
auditor has not also audited the financial statements from which the summary financial statements
are derived, the auditor shall not have the necessary knowledge to discharge his responsibilities in
relation to the summary financial statements in accordance with this SA.
4.2.1 Before accepting an engagement to report on summary financial statements, the auditor
shall:

a. Determine whether the applied criteria are acceptable.

CA Harshad Jaju
8.10 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

Applied criteria refer to the criteria applied by management in the preparation of the summary financial
statements. Management is responsible for the determination of the information that needs to be
reflected in the summary financial statements so that they are consistent, in all material respects, with
or represent a fair summary of the audited financial statements. Because summary financial statements,
by their nature contain aggregated information and limited disclosure, there is an increased risk that
they may not contain the information necessary so as not to be misleading in the circumstances. This
risk increases when established criteria for the preparation of summary financial statements do not
exist.
Factors affecting the auditor’s determination of the acceptability of the applied criteria:

• The nature of the entity

• The purpose of the summary financial statements
• The information needs of the intended users of the summary financial statements and
• Whether the applied criteria will result in summary financial statements that are not misleading in
the circumstances.

The criteria for the preparation of summary financial statements may be established by an authorised
or recognised standards setting organisation or by law or regulation. Similar to the case of financial
statements, as explained in SA 210, in many such cases, the auditor may presume that such criteria
are acceptable. Where established criteria for the preparation of summary financial statements do
not exist, criteria may be developed by management, for example, based on practice in a particular
industry.
If the auditor concludes that the applied criteria are unacceptable or is unable to obtain the agreement
of management as discussed above, the auditor shall not accept the engagement to report on the
summary financial statements, unless required by law or regulation to do so.
An engagement conducted in accordance with such law or regulation does not comply with this SA.
Accordingly, the auditor’s report on the summary financial statements shall not indicate that the
engagement was conducted in accordance with this SA. The auditor shall include appropriate
reference to this fact in the terms of the engagement. The auditor shall also determine the effect that
this may have on the engagement to audit the financial statements from which the summary financial
statements are derived.
Adequate disclosure of the summarised nature of the summary financial statements and the identity of
the audited financial statements, may, for example, be provided by a title such as “Summary financial
statements prepared from the audited financial statements for the year ended March 31, 20XX”

b. Obtain the agreement of management that it acknowledges and understands its responsibility:
i. For the preparation of the summary financial statements in accordance with the applied criteria.
ii. To make the audited financial statements available to the intended users of the summary financial
statements without undue difficulty (or, if law or regulation provides that the audited financial
statements need not be made available to the intended users of the summary financial statements
and establishes the criteria for the preparation of the summary financial statements, to describe
that law or regulation in the summary financial statements)

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.11
 SPECIALISED AREAS

The auditor’s evaluation whether the audited financial statements are available to the intended
users of the summary financial statements without undue difficulty is affected by factors such
as whether:
The summary financial statements describe clearly from whom or where the audited financial
statements are available

The audited financial statements are on public record; or

Management has established a process by which the intended users of the summary financial
statements can obtain ready access to the audited financial statements

iii. To include the auditor’s report on the summary financial statements in any document that contains
the summary financial statements and that indicates that the auditor has reported on them

c. Agree with management on the form of opinion to be expressed on the summary financial
statements.

4.3 Nature of Procedures to be Performed by Auditor

The auditor shall perform the following procedures, and any other procedures that the auditor
may consider necessary, as the basis for the auditor’s opinion on the summary financial
statements:
a. Evaluate whether the summary financial statements adequately disclose their summarised
nature and identify the audited financial statements.
b. When summary financial statements are not accompanied by the audited financial
statements, evaluate whether they describe clearly:
i. From whom or where the audited financial statements are available; or
ii. The law or regulation that specifies that the audited financial statements need not be made
available to the intended users of the summary financial statements and establishes the criteria
for the preparation of the summary financial statements.
c. Evaluate whether the summary financial statements adequately disclose the applied criteria.
d. Compare the summary financial statements with the related information in the audited
financial statements to determine whether the summary financial statements agree with
or can be re-calculated from the related information in the audited financial statements.
e. Evaluate whether the summary financial statements are prepared in accordance with the
applied criteria.
f. Evaluate, in view of the purpose of the summary financial statements, whether the summary
financial statements contain the information necessary, and are at an appropriate level of
aggregation, so as not to be misleading in the circumstances.
g. Evaluate whether the audited financial statements are available to the intended users of the
summary financial statements without undue difficulty, unless law or regulation provides
that they need not be made available and establishes the criteria for the preparation of the
summary financial statements as discussed already.

CA Harshad Jaju
8.12 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

4.4 Form of Opinion

When the auditor has concluded that an unmodified opinion on the summary financial statements
is appropriate, the auditor’s opinion shall, unless otherwise required by law or regulation, use
one of the following phrases:

a.
b.
The summary financial statements
The summary financial statements
are consistent, in all material
are a fair summary of the audited
respects, with the audited financial
financial statements, in accordance
statements, in accordance with the
with the applied criteria
applied criteria or

If law or regulation prescribes the wording of the opinion on summary financial statements in
terms that are different from those described above, the auditor shall:

b.
a. Evaluate whether users of the summary financial
Apply the procedures discussed earlier statements might misunderstand the auditor’s
and any further procedures necessary to opinion on the summary financial statements and, if
enable the auditor to express the prescribed so, whether additional explanation in the auditor’s
opinion and report on the summary financial statements can
mitigate possible misunderstanding.

If, the auditor concludes that additional explanation in the auditor’s report on the summary financial
statements cannot mitigate possible misunderstanding, the auditor shall not accept the engagement,
unless required by law or regulation to do so. An engagement conducted in accordance with such
law or regulation does not comply with this SA. Accordingly, the auditor’s report on the summary
financial statements shall not indicate that the engagement was conducted in accordance with this SA.

4.5 Auditor’s Report on Summary Financial Statements

Elements of the Auditor’s Report : The auditor’s report on summary financial statements shall include
the following elements: -
a. A title clearly indicating it as the report of an independent auditor
b. An addressee: If the addressee of the summary financial statements is not the same as the
addressee of the auditor’s report on the audited financial statements, the auditor shall evaluate the
appropriateness of using a different addressee. Factors that may affect the auditor’s evaluation of
the appropriateness of the addressee of the summary financial statements include the terms of the
engagement, the nature of the entity, and the purpose of the summary financial statements.
c. An introductory paragraph:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.13
 SPECIALISED AREAS

An Introductory i. Identifies the summary financial statements on which the auditor is

Paragraph reporting, including the title of each statement included in the summary
financial statements. When the auditor is aware that the summary financial
statements will be included in a document that contains other information,
the auditor may consider, if the form of presentation allows, identifying the
page numbers on which the summary financial statements are presented.
This helps readers to identify the summary financial statements to which
the auditor’s report relates.
ii. Identifies the audited financial statements
iii. Refers to the auditor’s report on the audited financial statements, the date
of that report, and, in cases other than where audited financial statements
contain modified opinion, emphasis of matter paragraph and other matter
paragraph, the fact that an unmodified opinion is expressed on the audited
financial statements;
iv. If the date of the auditor’s report on the summary financial statements is
later than the date of the auditor’s report on the audited financial statements,
states that the summary financial statements and the audited financial
statements do not reflect the effects of events that occurred subsequent to
the date of the auditor’s report on the audited financial statements; and
v. A statement indicating that the summary financial statements do not contain
all the disclosures required by the financial reporting framework applied
in the preparation of the audited financial statements, and that reading the
summary financial statements is not a substitute for reading the audited
financial statements.
d. A description of management’s responsibility for the summary financial statements, explaining
that management is responsible for the preparation of the summary financial statements in
accordance with the applied criteria.
e. A statement that the auditor is responsible for expressing an opinion on the summary financial
statements based on the procedures required by this SA.
f. A paragraph clearly expressing an opinion.
g. The auditor’s signature along with the firm registration number, wherever applicable, and
the membership number assigned by the Institute of Chartered Accountants of India. Besides,
UDIN is required to be stated.
h. The date of the auditor’s report

CA Harshad Jaju
8.14 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

The auditor shall date the auditor’s report on the summary financial
statements no earlier than:

i.
The date on which the auditor has obtained
sufficient appropriate evidence on which
ii.
to base the opinion, including evidence
The date of the auditor’s report on the
that the summary financial statements
audited financial statements.
have been prepared and those with the
recognised authority have asserted that they
have taken responsibility for them; and

i. The place of signature.

4.6 Modifications to the Opinion, Emphasis of Matter

Paragraph or Other Matter Paragraph in the Auditor’s
Report on the Audited Financial Statements
When the auditor’s report on the audited financial statements contains a qualified opinion, an Emphasis
of Matter paragraph, or an Other Matter paragraph, but the auditor is satisfied that the summary
financial statements are consistent, in all material respects, with or are a fair summary of the audited
financial statements, in accordance with the applied criteria, the auditor’s report on the summary
financial statements shall, also contain followings: -
a. State that the auditor’s report on the audited financial statements contains a qualified opinion, an
Emphasis of Matter paragraph, or an Other Matter paragraph; and
b. Describe:

i. The basis for the qualified opinion on the audited financial

statements, and that qualified opinion; or the Emphasis
of Matter or the Other Matter paragraph in the auditor’s
report on the audited financial statements; and
Describe
ii. The effect thereof on the summary financial statements, if
any.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.15
 SPECIALISED AREAS

When the auditor’s report on the audited financial statements

contains an adverse opinion or a disclaimer of opinion, the
auditor’s report on the summary financial statements shall,
additionally: -

c.
a.
b.
State that, as a result of
State that the auditor’s
the adverse opinion or
report on the audited Describe the basis for
disclaimer of opinion, it is
financial statements contains that adverse opinion or
inappropriate to express an
an adverse opinion or disclaimer of opinion; and
opinion on the summary
disclaimer of opinion;
financial statements.

4.6.1 Modified Opinion on the Summary Financial Statements

If the summary financial statements are not consistent, in all material respects, with or are not a fair
summary of the audited financial statements, in accordance with the applied criteria, and management
does not agree to make the necessary changes, the auditor shall express an adverse opinion on the
summary financial statements.

4.7 Restriction on Distribution or Use or

Alerting Readers to the Basis of Accounting
When distribution or use of the auditor’s report on the audited financial statements is restricted, or the
auditor’s report on the audited financial statements alerts readers that the audited financial statements
are prepared in accordance with a special purpose framework, the auditor shall include a similar
restriction or alert in the auditor’s report on the summary financial statements.

4.8 Comparatives
Comparatives in the audited financial statements may be regarded as corresponding figures or as
comparative financial information. If the audited financial statements contain comparatives, but the
summary financial statements do not, the auditor shall determine whether such omission is reasonable
in the circumstances of the engagement. The auditor shall determine the effect of an unreasonable
omission on the auditor’s report on the summary financial statements.
If the summary financial statements contain comparatives that were reported on by another auditor,
the auditor’s report on the summary financial statements shall also contain the matters that SA 710
requires the auditor to include in the auditor’s report on the audited financial statements.

CA Harshad Jaju
8.16 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

4.9 Unaudited Supplementary Information

Presented With Summary Financial Statements
The auditor shall evaluate whether any unaudited supplementary information presented with the
summary financial statements is clearly differentiated from the summary financial statements. If the
auditor concludes that the entity’s presentation of the unaudited supplementary information is not
clearly differentiated from the summary financial statements, the auditor shall ask management to
change the presentation of the unaudited supplementary information. If management refuses to do
so, the auditor shall explain in the auditor’s report on the summary financial statements that such
information is not covered by that report.
4.10 Other Information in Documents Containing
Summary Financial Statements
The auditor shall read the other information included in a document containing the summary financial
statements and related auditor’s reports to consider whether there is a material inconsistency between
the other information and the summary financial statements. If the auditor identifies a material
inconsistency, the auditor shall determine whether the summary financial statements or the other
information needs to be revised. If, the auditor becomes aware that the other information needs to be
revised, the auditor shall discuss the matter with management.

4.11 Auditor Association

If the auditor becomes aware that the entity plans to state that the auditor has reported on summary
financial statements in a document containing the summary financial statements, but does not plan
to include the related auditor’s report, the auditor shall request management to include the auditor’s
report in the document. If management does not do so, the auditor shall determine and carry out other
appropriate actions designed to prevent management from inappropriately associating the auditor
with the summary financial statements in that document.
The auditor may be engaged to report on the financial statements of an entity, while not engaged
to report on the summary financial statements. If, in this case, the auditor becomes aware that
the entity plans to make a statement in a document that refers to the auditor and the fact that
summary financial statements are derived from the financial statements audited by the auditor,
the auditor shall be satisfied that:
a. The reference to the auditor is made in the context of the auditor’s report on the audited financial
statements; and
b. The statement does not give the impression that the auditor has reported on the summary financial
statements.
If (a) or (b) are not met, the auditor shall request management to change the statement to meet them,
or not to refer to the auditor in the document. Alternatively, the entity may engage the auditor to
report on the summary financial statements and include the related auditor’s report in the document. If
management does not change the statement, delete the reference to the auditor, or include an auditor’s
report on the summary financial statements in the document containing the summary financial
statements, the auditor shall advise management that the auditor disagrees with the reference to the
auditor, and the auditor shall determine and carry out other appropriate actions designed to prevent
management from inappropriately referring to the auditor.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.17
 SPECIALISED AREAS

4.12 Timing of Work and Events Subsequent to the Date of

the Auditor’s Report on the Audited Financial Statements
When the auditor reports on the summary financial statements after the completion of the audit of
the financial statements, the auditor is not required to obtain additional audit evidence on the audited
financial statements, or report on the effects of events that occurred subsequent to the date of the
auditor’s report on the audited financial statements since the summary financial statements are derived
from the audited financial statements.

CA Harshad Jaju
8.18 Swapnil Patni Classes caharshad
98812 92971
 SPECIALISED AREAS

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 8.19
 SPECIALISED AREAS

CA Harshad Jaju
8.20 Swapnil Patni Classes caharshad
98812 92971
 9
CHAPTER
RELATED
SERVICES

Highlights

After studying this chapter, you would be able to -

1. Understand meaning of “Related Services”.
2. Know about Standards on Related Services.
3. Understand nature of “Agreed-Upon Procedures”.
4. Gain knowledge about SRS 4400 Engagements to Perform Agreed-upon Procedures regarding
Financial Information.
5. Understand reporting requirements of SRS 4400.
6. Understand meaning and nature of “Compilation engagement”.
7. Gain knowledge about SRS 4410 Compilation Engagements.
8. Understand reporting requirements of SRS 4410.

1. INTRODUCTION
Chartered Accountants in practice are often asked to provide services to clients which do not involve
the expression of an opinion on the truth and fairness of the financial statements. For the purpose
of standardising the procedures to perform such kind of non-assurance services, the AASB of ICAI
issued two Standards on two different services i.e. Standards on Related Services.
The following standards have been issued under Standards on Related Services: -
• SRS 4400 Engagements to Perform Agreed-upon Procedures Regarding Financial Information
• SRS 4410 Compilation Engagements
What are Related Services?
“Assurance engagement” means an engagement in which a practitioner expresses a conclusion
designed to enhance the degree of confidence of the intended users other than the responsible party
about the outcome of the evaluation or measurement of a subject matter against criteria. It means that
the practitioner gives an opinion about specific information due to which users of information are able
to make confident decisions knowing well that chance of information being incorrect is diminished.

Not all engagements performed by practitioners are assurance engagements. Other frequently
performed engagements that do not meet the definition of assurance engagements include: -
• The preparation of tax returns where no conclusion conveying assurance is expressed.
• Consulting (or advisory) engagements such as management and tax consulting.
• Engagements covered by Standards for Related Services, such as agreed-upon procedures
engagements and compilations of financial or other information.

CA Harshad Jaju
Swapnil Patni Classes caharshad 9.1
98812 92971
 RELATED SERVICES

The above engagements are in nature of related services.

What are Agreed-upon Procedures?
In an engagement to perform agreed-upon procedures, the auditor is engaged by the client to issue
a report of factual findings, based on specified procedures performed on specified subject matter of
specified elements, accounts or items of a financial statement.
For example, an engagement to perform agreed-upon procedures may require the auditor to perform
certain procedures concerning individual items of financial data, say, accounts payable, accounts
receivable, purchases from related parties and sales and profits of a segment of an entity, or a financial
statement, say, a balance sheet or even a complete set of financial statements.
However, a person performing related services need not necessarily be the auditor of the entity’s
financial statements.
2. SRS 4400 ENGAGEMENTS TO PERFORM
AGREEDUPON PROCEDURES REGARDING
FINANCIAL INFORMATION
SRS 4400 provides guidance on the auditor’s professional responsibilities when an engagement to
perform agreed-upon procedures regarding financial information is undertaken and, on the form, and
content of the report that the auditor issues in connection with such an engagement.

2.1 Objective in Accordance with SRS 4400

The objective of an agreed-upon procedures engagement is to carry out procedures of an audit
nature to which the auditor and the entity and any appropriate third parties have agreed and to
report on factual findings. No assurance is provided in such a report. Such agreed-upon procedures
engagements are non-assurance engagements.

2.2 Audit Vs. Agreed-upon Procedures

A key difference between an audit and agreed-upon procedures relates to assurance.
1. An audit expresses an opinion and provides assurance to users.
2. However, in an agreed-procedures engagement, only a report of the factual findings of agreed-upon
procedures is provided. No assurance is given to users. Instead, users draw their own conclusions
based on factual findings stated in the report.

For example, an agreed upon procedures engagement to evaluate validity of

accounts payable may state the following:

Comparing of names of major suppliers and the amounts outstanding as on a date to

the related names and amounts in the trial balance

Obtaining suppliers statements or confirmations from suppliers to confirm balances

outstanding on a date

Comparison of such statements or confirmations to the amounts in trial balance

CA Harshad Jaju
9.2 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

Further, actual findings like variation in balances reflected in trial balance and statements or
confirmations are given. The actual findings are reported as such without providing an assurance.

2.3 General Principles of an Agreed-

upon Procedures Engagement
The auditor should comply with
1. The Code of Ethics, issued by the Institute of Chartered Accountants of India.
2. Ethical principles governing the auditor’s professional responsibilities for this type of engagement
include integrity, objectivity, professional competence and due care, confidentiality,
professional conduct and technical standards.
3. Independence is not a requirement for agreed-upon procedures engagement. However, the
terms or objective of the engagement may require the auditor to comply with the independence
requirements of the Code of Ethics issued by the Institute of Chartered Accountants of India.
Where the auditor is not independent, a statement to that effect should be made in the report of
factual findings.

2.3.1 Defining the Terms of the Engagement

1. The auditor should ensure with representatives of the entity and, ordinarily, other specified parties
who will receive copies of the report of factual findings, that there is a clear understanding regarding
the agreed procedures and the conditions of the engagement.

Matters to be agreed include the following: -

a. Nature of the engagement including the fact that the procedures performed will not
constitute an audit or a review and that accordingly no assurance will be expressed.

b. Stated purpose for the engagement.

c. Identification of the financial information to which the agreed-upon procedures

will be applied.

d. Nature, timing and extent of the specific procedures to be applied.

e. Limitations on distribution of the report of factual findings. When such limitation

would be in conflict with the legal requirements, if any, the auditor would not accept
the engagement.

2. It is in the interests of both the client and the auditor that the auditor sends an engagement letter
documenting the key terms of the appointment. An engagement letter confirms the auditor’s
acceptance of the appointment and helps avoid misunderstanding regarding such matters as the
objectives and scope of the engagement, the extent of the auditor’s responsibilities and the form of
reports to be issued.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.3
 RELATED SERVICES

Matters that would be included in the engagement letter include: -

• A listing of the procedures to be performed as agreed-upon between the parties.

• A statement that the distribution of the report of factual findings would be restricted
to the specified parties who have agreed to the procedures to be performed.

2.3.2 Planning
The auditor should plan the work so that an effective engagement will be performed.

2.3.3 Procedures and Evidence

The auditor should carry out the procedures agreed-upon and use the evidence obtained as the basis
for the report of factual findings.

The procedures applied in an engagement to perform agreed-upon procedures may include:

• Inquiry and analysis
• Re computation, comparison and other clerical accuracy checks
• Observation
• Inspection
• Obtaining confirmations
Procedures Re computation,
perform Agreed- Inquiry and comparison and
upon Procedures analysis other clerical
engagements: accuracy checks

Obtaining
Observation Inspection
confirmations

2.4 Reporting
The report on an agreed-upon procedures engagement needs to describe the purpose and the agreed-
upon procedures of the engagement in sufficient detail to enable the reader to understand the nature
and the extent of the work performed. The report should also clearly mention that no audit or review
has been performed.

CA Harshad Jaju
9.4 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

The report of factual findings should contain: -

a. Title
b. Addressee (ordinarily, the appointing authority)
c. Identification of specific financial or non-financial information to which the agreed upon procedures
have been applied
d. A statement that the procedures performed were those agreed-upon with the recipient
e. A statement that the engagement was performed in accordance with the Standard on Related
Services applicable to agreed-upon procedures engagements
f. Identification of the purpose for which the agreed-upon procedures were performed
g. A listing of the specific procedures performed
h. A description of the auditor’s factual findings including sufficient details of errors and exceptions
found
i. A statement that the procedures performed do not constitute either an audit or a review and, as
such, no assurance is expressed
j. A statement that had the auditor performed additional procedures, an audit or a review, other
matters might have come to light that would have been reported
k. A statement that the report is restricted to those parties that have agreed to the procedures to be
performed
l. A statement (when applicable) that the report relates only to the elements, accounts, items or
financial and non-financial information specified and that it does not extend to the entity’s financial
statements taken as a whole
m. Date of the report
n. Place of signature and
o. Auditor’s signature

2.5 Documentation
The auditor should document matters which are important in providing evidence to support the report
of factual findings, and evidence that the engagement was carried out in accordance with this SRS and
the terms of the engagement.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.5
 RELATED SERVICES

3. SRS 4410 COMPILATION ENGAGEMENTS

1. SRS 4410 deals with the practitioner’s responsibilities when engaged to assist management with
the preparation and presentation of historical financial information without obtaining any
assurance on that information, and to report on the engagement in accordance with this SRS.
It applies to compilation engagements for historical financial information.
2. Compilation engagements for financial information other than historical financial information,
and compilation engagements for non-financial information can be performed under this Standard
after necessary adaptation.
SQC 1 is applicable to all Engagement Standards. Since SRS 4410 is also one of Engagement
Standards, SQC 1 applies to firms in respect of firm’s compilation engagements too.
What is a Compilation engagement?
1. Compilation engagement is an engagement in which a practitioner applies accounting and financial
reporting expertise to assist management in the preparation and presentation of financial information
of an entity in accordance with an applicable financial reporting framework and issues a report.
2. Management may request a professional accountant in public practice to assist with the preparation
and presentation of financial information of an entity.
compilation engagement may be required for
Financial information that is the subject of a

• For management or those charged with

governance, prepared on a basis appropriate for
To comply with mandatory periodic their particular purposes (such as preparation
financial reporting requirements of financial information for internal use).
established in law or regulation, if any or
various purposes including: -

• For periodic financial reporting undertaken for

For purposes unrelated to mandatory external parties under a contract or other form
financial reporting under relevant law or of agreement (such as financial information
regulation, including for example: - provided to a funding body to support provision
or continuation of a grant).

• For transactional purposes, for example to

support a transaction involving changes to the
entity’s ownership or financing structure (such
as for a merger or acquisition).

A compilation engagement is not an assurance engagement. A compilation engagement does not

require the practitioner to verify the accuracy or completeness of the information provided by
management for the compilation, or otherwise to gather evidence to express an audit opinion or a
review conclusion on the preparation of the financial information.

CA Harshad Jaju
9.6 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

3.1 Objectives in accordance with SRS 4410

The practitioner’s objectives in a compilation engagement under this SRS are to: -
a. Apply accounting and financial reporting expertise to assist management in the preparation and
presentation of financial information in accordance with an applicable financial reporting framework
based on information provided by management and
b. Report in accordance with the requirements of this SRS.

3.2 Scope of Compilation Engagements

1. The scope of a compilation engagement will vary depending on the circumstances of the engagement.
However, in every case it will involve assisting management in the preparation and presentation of
the entity’s financial information in accordance with the financial reporting framework, based on
information provided by management. In some compilation engagements, management may have
already prepared the financial information itself in a draft or preliminary form.
2. Management retains responsibility for the financial information and the basis on which it is
prepared and presented. That responsibility includes application by management of the judgment
required for the preparation and presentation of the financial information, including the selection
and application of appropriate accounting policies and, where needed, developing reasonable
accounting estimates.
3. Different financial reporting frameworks can be used to prepare and present financial
information, ranging from a simple entity-specific basis of accounting to established financial
reporting standards. The financial reporting framework adopted by management to prepare and
present the financial information will depend on the nature of the entity and the intended use of the
information.

3.3 Ethical Requirements

The practitioner shall comply with relevant ethical requirements. In complying with the Code of
Ethics, threats to the practitioner’s compliance with relevant ethical requirements are required to be
identified and appropriately addressed.
Being in nature of non-assurance engagement, independence requirements do not apply to compilation
engagements. However, laws or regulations may specify requirements or disclosure rules pertaining
to independence.

3.4 Engagement Acceptance and Continuance

The practitioner shall not accept the engagement unless the practitioner has agreed the terms of
engagement with management, and the engaging party if different, including: -

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.7
 RELATED SERVICES

a. The intended use and distribution of the financial information, and any restrictions on either its
use or its distribution where applicable
b. Identification of the applicable financial reporting framework
c. The objective and scope of the compilation engagement
d. The responsibilities of the practitioner, including the requirement to comply with relevant ethical
requirements
e. The responsibilities of management for: -

The responsibilities of management for

ii.
i. iv.
Design,
iii.
The financial implementation Judgments needed
information, and for and maintenance of in the preparation
The accuracy and
the preparation and such internal control and presentation
completeness of the
presentation thereof, as management of the financial
records, documents,
in accordance with determines is information,
explanations and
a financial reporting necessary to enable including those
other information
framework that is the preparation for which the
provided by
acceptable in view of financial practitioner may
management for
of the intended statements that are provide assistance
the compilation
use of the financial free from material in the course of
engagement and
information and the misstatement, the compilation
intended users whether due to fraud engagement
or error

f. The expected form and content of the practitioner’s report.

The practitioner shall record the agreed terms of engagement in an engagement letter or other suitable
form of written agreement, prior to performing the engagement.
On recurring compilation engagements, the practitioner shall evaluate whether circumstances,
including changes in the engagement acceptance considerations, require the terms of engagement to
be revised and whether there is need to remind management of the existing terms of engagement.

CA Harshad Jaju
9.8 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

3.5 Performing the Engagement

• The practitioner shall obtain an understanding of the following matters sufficient to be able to
perform the compilation engagement: -

a. The entity’s business and operations, including the entity’s accounting

system and accounting records and

b. The applicable financial reporting framework, including its application in

the entity’s industry.
• The practitioner shall compile the financial information using the records, documents, explanations
and other information, including significant judgments, provided by management.
• The practitioner shall discuss with management, or those charged with governance as
appropriate, those significant judgments, for which the practitioner has provided assistance in the
course of compiling the financial information.
• Prior to completion of the compilation engagement, the practitioner shall read the compiled
financial information in light of the practitioner’s understanding of the entity’s business and
operations, and of the applicable financial reporting framework.
• If, in the course of the compilation engagement, the practitioner becomes aware that the records,
documents, explanations or other information, including significant judgments, provided by
management for the compilation engagement are incomplete, inaccurate or otherwise unsatisfactory,
the practitioner shall bring that to the attention of management and request the additional or
corrected information.
• If the practitioner is unable to complete the engagement because management has failed to
provide records, documents, explanations or other information, including significant judgments,
as requested, the practitioner shall withdraw from the engagement and inform management and
those charged with governance of the reasons for withdrawing.
• If the practitioner becomes aware during the course of the engagement that: -

a. b.
c.
The compiled financial Amendments to the
information does not compiled financial
The compiled financial
adequately refer to or information are required
information is otherwise
describe the applicable for the financial
misleading,
financial reporting information not to be
framework materially misstated; or

the practitioner shall propose the appropriate amendments to management.

• If management declines, or does not permit the practitioner to make the proposed amendments
to the compiled financial information, the practitioner shall withdraw from the engagement and
inform management and those charged with governance of the reasons for withdrawing.
• If withdrawal from the engagement is not possible, the practitioner shall determine the professional
and legal responsibilities applicable in the circumstances.
• The practitioner shall obtain an acknowledgement from management or those charged with
governance, as appropriate, that they have taken responsibility for the final version of the compiled
financial information.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.9
 RELATED SERVICES

3.6 Communication with Management and

Those Charged with Governance
The practitioner shall communicate with management or those charged with governance, as appropriate,
on a timely basis during the course of the compilation engagement, all matters concerning the
compilation engagement that, in the practitioner’s professional judgment, are of sufficient importance
to merit the attention of management or those charged with governance, as appropriate.

3.7 The Practitioner’s Report

An important purpose of the practitioner’s report is to clearly communicate the nature of the compilation
engagement, and the practitioner’s role and responsibilities in the engagement. The practitioner’s
report is not a vehicle to express an opinion or conclusion on the financial information in any form.
The practitioner’s report issued for the compilation engagement shall be in writing, and shall
include the following elements: -
a. The report title
b. The addressee(s), as required by the terms of the engagement
c. A statement that the practitioner has compiled the financial information based on information
provided by management
d. A description of the responsibilities of management, or those charged with governance as
appropriate, in relation to the compilation engagement, and in relation to the financial information
e. Identification of the applicable financial reporting framework and, if a special purpose financial
reporting framework is used, a description or reference to the description of that special purpose
financial reporting framework in the financial information
f. Identification of the financial information, including the title of each element of the financial
information if it comprises more than one element, and the date of the financial information or
the period to which it relates
g. A description of the practitioner’s responsibilities in compiling the financial information, including
that the engagement was performed in accordance with this SRS, and that the practitioner has
complied with relevant ethical requirements
h. A description of what a compilation engagement entails in accordance with this SRS
i. Explanations that: -
i. Since a compilation engagement is not an ii. Accordingly, the practitioner does not express
assurance engagement, the practitioner an audit opinion or a review conclusion on
is not required to verify the accuracy or whether the financial information is prepared
completeness of the information provided by in accordance with the applicable financial
management for the compilation and reporting framework.
j. If the financial information is prepared using a special purpose financial reporting
framework, an explanatory paragraph that: -

CA Harshad Jaju
9.10 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

ii. Draws the attention of readers of the report

i. Describes the purpose for which the financial
to the fact that the financial information
information is prepared and, if necessary, the
is prepared in accordance with a special
intended users, or contains a reference to a
purpose framework and that, as a result, the
note in the financial information that discloses
information may not be suitable for other
this information and
purposes
k. The date of the practitioner’s report
l. The practitioner’s signature and
m. The place of signature.

3.8 Engagement Level Quality Control

The engagement partner shall take responsibility for: -

a. b.

The overall quality of each compilation The engagement being performed in

engagement to which that partner is accordance with the firm’s quality control
assigned and policies and procedures

3.9 Documentation

The practitioner shall include in the engagement documentation: -

a. Significant matters arising during the compilation engagement and how those matters were
addressed by the practitioner
b. A record of how the compiled financial information reconciles with the underlying records,
documents, explanations and other information, provided by management and
c. A copy of the final version of the compiled financial information for which management or
those charged with governance, as appropriate, has acknowledged their responsibility, and the
practitioner’s report.

The practitioner may consider also including in the engagement documentation a copy of the entity’s
trial balance, summary of significant accounting records or other information that the practitioner
used to perform the compilation.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.11
 RELATED SERVICES

CA Harshad Jaju
9.12 Swapnil Patni Classes caharshad
98812 92971
 RELATED SERVICES

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 9.13
 RELATED SERVICES

CA Harshad Jaju
9.14 Swapnil Patni Classes caharshad
98812 92971
 10
CHAPTER
REVIEW OF
FINANCIAL
INFORMATION

Highlights

After studying this chapter, you would be able to -

1. Understand the meaning of review.
2. Know about Standards on Review Engagements.
3. Gain the Knowledge about SRE 2400 Engagements to Review Historical Financial Statements.
4. Know about the importance of “Inquiry” and “Analytical Procedures” in a review engagement.
5. Gain the Knowledge about SRE 2410 Review of Interim Financial Information Performed by the
Independent Auditor of the Entity.
6. Understand in detail about contents of review reports under SRE 2400 and SRE 2410 respectively.

1. INTRODUCTION
What is REVIEW?
“Review” is a limited assurance engagement.
1. Limited assurance is the level of assurance obtained where engagement risk is reduced to a level
that is acceptable in the circumstances of the engagement, but where that risk is greater than for a
reasonable assurance engagement, as the basis for expressing a conclusion.
2. The combination of the nature, timing and extent of evidence gathering procedures is at least
sufficient for the practitioner to obtain a meaningful level of assurance. To be meaningful, the level
of assurance obtained by the practitioner is likely to enhance the intended users’ confidence about
the financial statements.
1.1 Standards on Review Engagements
Standards on Review Engagements apply where “Review” of financial information is undertaken by
the practitioner. Following Standards on review engagements have been issued in this regard:

Standards on Review Engagements

• SRE 2400 Engagements to Review Historical Financial Statements

• SRE 2410 Review of Interim Financial Information Performed by the Independent Auditor of the
Entity

CA Harshad Jaju
Swapnil Patni Classes caharshad 10.1
98812 92971
 REVIEW OF FINANCIAL INFORMATION

2. SRE 2400 ENGAGEMENTS TO REVIEW

HISTORICAL FINANCIAL STATEMENTS

SRE 2400 deals with: -

The practitioner’s responsibilities when

engaged to perform a review of historical
financial statements, when the practitioner
is not the auditor of the entity’s financial
statements and

The form and content of the practitioner’s

report on the financial statements.

1. In a review of financial statements, the practitioner expresses a conclusion that is designed to

enhance the degree of confidence of intended users regarding the preparation of an entity’s
financial statements in accordance with an applicable financial reporting framework. Such
financial statements may have been prepared using general purpose framework or special purpose
framework.
2. The practitioner’s conclusion is based on the practitioner obtaining limited assurance. The
practitioner’s report includes a description of the nature of a review engagement as context for the
readers of the report to be able to understand the conclusion.
3. The practitioner performs primarily inquiry and analytical procedures to obtain sufficient and
appropriate evidence as the basis for a conclusion on the financial statements as a whole.
4. If the practitioner becomes aware of a matter that causes the practitioner to believe the financial
statements may be materially misstated, he/she designs and performs additional procedures, as he/
she considers necessary in the circumstances, to be able to conclude on the financial statements.

2.1 Objectives in a review of financial statements in accordance with SRE 2400

The practitioner’s objectives in a review of financial statements in accordance with SRE 2400 are as
under:
a. Obtain limited assurance, primarily by making an inquiry and performing analytical procedures,
about whether the financial statements as a whole are free from material misstatement, thereby
enabling the practitioner to express a conclusion on whether anything has come to his attention
that causes him to believe the financial statements are not prepared, in all material respects, in
accordance with an applicable financial reporting framework
b. Report on the financial statements as a whole and communicate, as required by this SRE.

CA Harshad Jaju
10.2 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

In all cases when limited assurance cannot be obtained and a modified conclusion in the practitioner’s
report is insufficient in the circumstances, this SRE requires that the practitioner either to disclaim
a conclusion in the report issued for the engagement or, where appropriate to withdraw from the
engagement if withdrawal is possible under applicable law or regulations.

2.2 Compliance with Ethical Requirements and Engagement Level Quality Control
The practitioner shall comply with relevant ethical requirements, including those pertaining to
independence and the engagement partner is responsible for overall quality of each review engagement.
Factors affecting Acceptance and Continuance of Client Relationships and Review Engagements:

Unless required by law or regulation, the practitioner shall not accept a review engagement if:
a. The practitioner is not satisfied:
i. That there is a rational purpose for the ii. That a review engagement would be appropriate
engagement. Assurance engagements may only in the circumstances. When the practitioner’s
be accepted when the engagement exhibits preliminary understanding of the engagement
certain characteristics that are conducive to circumstances indicates that accepting a review
achieving the practitioner’s objectives specified engagement would not be appropriate, the
for the engagement. practitioner may consider recommending that
It may be unlikely that there is a rational purpose another type of engagement be undertaken.
for the engagement if, for example, there is Depending on the circumstances, the practitioner
a significant limitation on the scope of work may, for example, believe that performance of
or the practitioner suspects association of the an audit engagement would be more appropriate
practitioner’s name with the financial statements than a review. In other cases, if the engagement
in an inappropriate manner. Similarly, when the circumstances preclude the performance of an
engagement is intended to meet compliance assurance engagement, the practitioner may
requirements of relevant law or regulation and recommend a compilation engagement, or other
such law or regulation requires the financial accounting services engagement, as appropriate.
statements to be audited, there is no rational
purpose for such a review engagement.
b. The practitioner has reason to believe that relevant ethical requirements, including independence,
will not be satisfied.
c. The practitioner’s preliminary understanding of the engagement circumstances indicates that
information needed to perform the review engagement is likely to be unavailable or unreliable.
d. The practitioner has cause to doubt management’s integrity such that it is likely to affect proper
performance of the review or
e. Management or those charged with governance impose a limitation on the scope of the practitioner’s
work in the terms of a proposed review engagement such that the practitioner believes that the
limitation will result in the practitioner disclaiming a conclusion on the financial statements.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.3
 REVIEW OF FINANCIAL INFORMATION

2.3 Preconditions for Accepting a Review Engagement

Acceptability of financial reporting framework applied in preparation of financial statements.
Agreement of management in acknowledging and understanding its responsibility for preparation of
financial statements and internal control.
Providing access to all information to the practitioner for the purpose of review and unrestricted
access to persons within the entity.
Prior to accepting a review engagement, the practitioner shall: -

a. Determine whether the financial reporting framework applied in the preparation of the financial
statements is acceptable including, in the case of special purpose financial statements, obtaining an
understanding of the purpose for which the financial statements are prepared and of the intended
users, and;
b. Obtain the agreement of management that it acknowledges and understands its responsibilities:
i. For the preparation of the financial statements in accordance with the applicable financial reporting
framework, including, where relevant, their fair presentation.
ii. For such internal control as management determines is necessary to enable the preparation of
financial statements that are free from material misstatement, whether due to fraud or error; and
iii. To provide the practitioner with: -
a. Access to all information of b. Additional information that c. Unrestricted access to persons
which management is aware that the practitioner may request within the entity from whom
is relevant to the preparation of from management for the the practitioner determines it
the financial statements, such purpose of the review; and necessary to obtain evidence.
as records, documentation and
other matters;
• If the practitioner is not satisfied as to any of the matters set out above as preconditions for accepting
a review engagement, the practitioner shall discuss the matter with the management or those charged
with governance.
• If changes cannot be made to satisfy the practitioner as to those matters, the practitioner shall
not accept the proposed engagement unless required by law or regulation to do so. However, an
engagement conducted under such circumstances does not comply with this SRE. Accordingly, the
practitioner shall not include any reference within the practitioner’s report to the review having
been conducted in accordance with this SRE.
• If it is discovered after the engagement has been accepted that the practitioner is not satisfied as to
any of the above preconditions, the practitioner shall discuss the matter with the management or
those charged with governance and shall determine:

(b) Whether it is appropriate (c) Whether and, if so, how to

(a) Whether the matter can be
to continue with the communicate the matter in the
resolved
engagement and practitioner’s report.

CA Harshad Jaju
10.4 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

2.4 Agreeing to the Terms of Engagement

• The practitioner shall agree to the terms of the engagement with the management or those charged
with governance, as appropriate, prior to performing the engagement.
• The agreed terms of engagement shall be recorded in an engagement letter or other suitable form
of written agreement.
• On recurring review engagements, the practitioner shall evaluate whether circumstances, including
changes in the engagement acceptance considerations, require the terms of engagement to be
revised and whether there is a need to remind management or those charged with governance, as
appropriate, of the existing terms of engagement.
• The practitioner shall not agree to a change in the terms of the engagement where there is no
reasonable justification for doing so. If, prior to completing the review engagement, the practitioner
is requested to change the engagement to an engagement for which no assurance is obtained, the
practitioner shall determine whether there is reasonable justification for doing so.
• If the terms of engagement are changed during the course of the engagement, the practitioner and
the management or those charged with governance, as appropriate, shall agree on and record the
new terms of engagement in an engagement letter or any other suitable form of written agreement.
Overview of performing the review engagement after its acceptance in accordance
with SRE2400

Determine materiality for financial statements as a whole

Obtain understanding of entity and applicable financial reporting

framework to identify areas of possible material misstatements

Design and perform “Inquiry” and “Analytical procedures”

Perform procedures to address specific circumstances

Perform other procedures, if necessary, in circumstances

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.5
 REVIEW OF FINANCIAL INFORMATION

(i) Materiality in a Review of Financial Statements

a. The practitioner shall determine materiality for the financial statements as a whole and apply this
materiality in designing the procedures and in evaluating the results obtained from those procedures.
The practitioner’s judgment about what is material in relation to the financial statements as a whole
is the same regardless of the level of assurance obtained by a practitioner as the basis for expressing
the conclusion on the financial statements.
b. The practitioner shall revise materiality for the financial statements as a whole in the event of
becoming aware of any information during the review that would have caused the practitioner to
have determined a different amount initially.

(ii) Obtaining Understanding of the Entity

The practitioner shall obtain an understanding of the entity and its environment and the applicable
financial reporting framework to identify areas in the financial statements where material misstatements
are likely to arise and thereby provide a basis for designing procedures to address those areas.

(iii) Designing and Performing Procedures

a. In obtaining sufficient appropriate evidence as the basis for a conclusion on the financial statements
as a whole, the practitioner shall design and perform inquiry and analytical procedures: -

a. To address all material

items in the financial b. To focus on addressing areas
statements, including in the financial statements
disclosures and where material misstatements
are likely to arise.

The requirements relating to designing and performing of inquiry and analytical procedures, and
procedures addressing specific circumstances, are designed to enable the practitioner to achieve the
objectives of this SRE. The circumstances of review engagements vary widely and, accordingly,
there may be circumstances where the practitioner may consider it effective or efficient to design and
perform other procedures.
For example, if in the course of obtaining an understanding of the entity, the practitioner becomes
aware of a significant contract the practitioner may choose to read the contract.
b. The fact that the practitioner may deem it necessary to perform other procedures does not alter
the practitioner’s objective of obtaining limited assurance in relation to the financial statements as a
whole.

CA Harshad Jaju
10.6 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

The practitioner may consider, reviewing the accounting records with a view to identifying significant
or unusual transactions that may require specific attention in the review.
a. Inquiry:
i. In a review, inquiry includes seeking information from management and other persons within the
entity, as the practitioner considers appropriate in the engagement circumstances.
ii. Inquiries may include matters such as those relating to making of accounting estimates, identification
of related parties, about significant, complex or unusual transactions, existence of any actual,
suspected or alleged fraud, events occurring between the date of the financial statements and
practitioner’s report, basis for management’s assessment of the entity’s ability to continue as a
going concern, events or conditions that appear to cast doubt on the entity’s ability to continue
as a going concern, material commitments, contractual obligations or contingencies that have
affected or may affect the entity’s financial statements including disclosures and material non-
monetary transactions or transactions for no consideration in the financial reporting period under
consideration.
iii. The practitioner may also extend Inquiries to obtain non-financial data if appropriate.
iv. Evaluating the responses provided by the management is integral to the inquiry process.

Depending on the engagement circumstances, inquiries may also include

inquiries about:
• Actions taken at meetings of
owners, those charged with
governance and committees • Communications the entity
thereof, and proceedings at has received, or expects • Matters arising in the course
other meetings, if any, that to receive or obtain, from of applying other procedures.
affect the information and regulatory agencies.
disclosures contained in the
financial statements.
v. When performing further inquiries in relation to identified inconsistencies, the practitioner considers
the reasonableness and consistency of management’s responses in light of the results obtained from
other procedures, and the practitioner’s knowledge and understanding of the entity and the industry
in which it operates.
b. Analytical procedures: In designing analytical procedures, the practitioner shall consider whether
the data from the entity’s accounting system and accounting records are adequate for the purpose
of performing the analytical procedures.
In a review, the practitioner mainly focuses upon inquiry and analytical procedures for obtaining
sufficient appropriate evidence as the basis for conclusion on financial statements as a whole.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.7
 REVIEW OF FINANCIAL INFORMATION

Why “Inquiry” and “Analytical procedures” are important in Review?

• Evidence obtained through inquiry is often the principal source of evidence about management
intent. However, information available to support management’s intent may be limited. In that
case, understanding management’s past history of carrying out its stated intentions, management’s
stated reasons for choosing a particular course of action, and management’s ability to pursue a
specific course of action may provide relevant information to corroborate the evidence obtained
through inquiry.
• Application of professional scepticism in evaluating responses provided by management is
important to enable the practitioner to evaluate whether there are any matters that would cause the
practitioner to believe the financial statements may be materially misstated.
• Performing inquiry procedures also assists the practitioner in obtaining or updating the practitioner’s
understanding of the entity and its environment, to be able to identify areas where material
misstatements are likely to arise in the financial statements.

In a review of financial statements, performing analytical procedures assists the practitioner

in:
• Obtaining or updating the practitioner’s understanding of the entity and its environment,
including to be able to identify areas where material misstatements are likely to arise in the
financial statements.
• Identifying inconsistencies or variances from expected trends, values or norms in the financial
statements such as the level of congruence of the financial statements with key data, including
key performance indicators.
• Providing corroborative evidence in relation to other inquiries or analytical procedures already
performed.
• Serving as additional procedures when the practitioner becomes aware of matters that cause the
practitioner to believe that the financial statements may be materially misstated.
• An example of such an additional procedure is a comparative analysis of monthly revenue and
cost figures across profit centers, branches or other components of the entity, to provide evidence
about financial information contained in line items or disclosures made in the financial statements.
• Various methods may be used to perform analytical procedures ranging from performing simple
comparisons to performing complex analysis using statistical techniques. The practitioner may, for
example, apply analytical procedures to evaluate the financial information underlying the financial
statements and assessment of results for consistency with expected values. Expectations may be
developed by the practitioner on information obtained from relevant sources like information
regarding the industry in which entity operates.

CA Harshad Jaju
10.8 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

(iv) Procedures to Address Specific Circumstances

• Related parties: During the review, the practitioner shall remain alert for arrangements or
information that may indicate the existence of related party relationships or transactions that the
management has not previously identified or disclosed to the practitioner. If the practitioner identifies
significant transactions outside the entity’s normal course of business during the course of review,
the practitioner shall inquire with the management about the nature of those transactions, possible
involvement of related parties and the business rationale (or lack thereof) of those transactions.
• Fraud and non-compliance with laws or regulations: When there is an indication that fraud
or non-compliance with laws or regulations, or suspected fraud or non-compliance with laws
or regulations, has occurred in the entity, the practitioner shall communicate that matter to the
appropriate level of senior management or those charged with governance as appropriate and
request management’s assessment of the effects, if any, on the financial statements.
The practitioner has to consider the effect, if any, of management’s assessment of the effects of
fraud or non-compliance with laws or regulations communicated to him on his conclusion on the
financial statements and on his report and determine whether there is a responsibility to report the
occurrence or suspicion of fraud or illegal acts to a party outside the entity.
• Going concern: A review of financial statements includes consideration of the entity’s ability to
continue as a going concern. If, during the performance of the review, the practitioner becomes
aware of events or conditions that may cast significant doubt about the entity’s ability to continue
as a going concern, the practitioner shall:

a. Inquire of management about plans for future actions affecting the entity’s ability to continue
as a going concern and about the feasibility of those plans, and also whether management
believes that the outcome of those plans will improve the situation regarding the entity’s ability
to continue as a going concern.
b. Evaluate the results of those inquiries, to consider whether management’s responses provide a
sufficient basis to: -
i. Continue to present the financial statements on the going concern basis if the applicable
financial reporting framework includes the assumption of an entity’s continuance as a going
concern or
ii. Conclude whether the financial statements are materially misstated, or are otherwise
misleading regarding the entity’s ability to continue as a going concern and
c. Consider management’s responses in light of all relevant information of which the practitioner is
aware as a result of the review.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.9
 REVIEW OF FINANCIAL INFORMATION

• Use of work performed by others: In performing the review, it may be necessary for the practitioner
to use work performed by other practitioners, or the work of an individual or organization possessing
expertise in a field other than accounting or assurance. If the practitioner uses work performed by
another practitioner or an expert in the course of performing the review, the practitioner shall take
appropriate steps to be satisfied that the work performed is adequate for the practitioner’s purposes.
When the practitioner is engaged to review the financial statements of a group of entities, the planned
nature, timing and extent of the procedures for the review are directed at achieving the practitioner’s
objectives for the review engagement in accordance with this Standard but in the context of the group
financial statements.

(v) Additional procedures when the practitioner becomes aware that the financial statements
may be materially misstated:
If the practitioner becomes aware of matters that causes the practitioner to believe that the financial
statements may be materially misstated, the practitioner shall design and perform additional procedures
sufficient to enable the practitioner to:

a. Conclude that the matter(s)

b. Determine that the
is not likely to cause the
matter(s) causes the financial
financial statements as
statements as a whole to be
a whole to be materially
materially misstated.
misstated or

Additional procedures focus on obtaining sufficient appropriate evidence to

enable the practitioner to form a conclusion on matters that the practitioner
believes may cause the financial statements to be materially misstated. The
procedures may be:
• Additional inquiry or analytical procedures, for example, being performed in greater detail or
being focused on the affected items (i.e. amounts or disclosures concerning the affected accounts
or transactions as reflected in the financial statements); or
• Other types of procedures, for example, substantive test of details or external confirmations.
Example explaining when additional procedures may be necessary in Review
In course of performing inquiry and analytical procedures for review, analysis of accounts receivable
shows a material amount of past due accounts receivable, for which there is no allowance for bad
or doubtful debts. This causes the practitioner to believe that the accounts receivable balance in
the financial statements may be materially misstated. The practitioner then inquire of management
whether there are uncollectible accounts receivable that would need to be shown as being impaired.
Depending on management’s response, the practitioner’s evaluation of the response may:
a. Enable the practitioner to conclude that the accounts receivable balance is not likely to be
materially misstated. In that case, no further procedures are required.
b. Enable the practitioner to determine that the matter causes the financial statements to be materially
misstated. No further procedures are required, and the practitioner would form the conclusion
that the financial statements as a whole are materially misstated.

CA Harshad Jaju
10.10 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

c. Lead the practitioner to continue to believe that the accounts receivable balance is likely to be
materially misstated, while not providing sufficient appropriate evidence for the practitioner to
determine that they are in fact misstated.
In that case, the practitioner is required to perform additional procedures, for example, requesting
from management an analysis of amounts received for those accounts after the balance sheet
date to identify uncollectible accounts receivable.
The evaluation of the results of the additional procedures may enable the practitioner to get to (a)
or (b) above.
If not, the practitioner is required to: -
i. Continue performing additional procedures until the practitioner reaches either (a) or (b) above or
ii. If the practitioner is not able to either conclude that the matter is not likely to cause the financial
statements as a whole to be materially misstated or to determine that the matter does cause the
financial statements as a whole to be materially misstated, then a scope limitation exists and the
practitioner is not able to form an unmodified conclusion on the financial statements.

Subsequent Event
• If the practitioner becomes aware of events occurring between the date of the financial statements
and the date of the practitioner’s report that require adjustment of, or disclosure in, the financial
statements, the practitioner shall request management to correct those misstatements.
• The practitioner has no obligation to perform any procedures regarding the financial statements
after the date of the practitioner’s report. However, if, after the date of the practitioner’s report but
before the date the financial statements are issued, a fact becomes known to the practitioner that,
had it been known to the practitioner at the date of the practitioner’s report, may have caused the
practitioner to amend the report, the practitioner shall: -

a. c.
b.
Discuss the matter with If so, inquire how
Determine whether the
management or those management intends to
financial statements need
charged with governance, address the matter in the
amendment and
as appropriate financial statements.

• If management does not amend the financial statements in circumstances where the practitioner
believes they need to be amended, and the practitioner’s report has already been provided to the
entity, the practitioner shall notify management and those charged with governance not to issue
the financial statements to third parties before the necessary amendments have been made. If the
financial statements are nevertheless subsequently issued without the necessary amendments, the
practitioner shall take appropriate action k to prevent reliance on the practitioner’s report.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.11
 REVIEW OF FINANCIAL INFORMATION

(vi) Written Representations

• Written representations are an important source of evidence in a review engagement. If management
modifies or does not provide the requested written representations, it may alert the practitioner to
the possibility that one or more significant issues may exist. Further, a request for written, rather
than oral, representations in many cases may prompt management to consider such matters more
rigorously, thereby enhancing the quality of the representations.

The practitioner shall request management to provide a written representation

that management has fulfilled its responsibilities described in the agreed terms
of engagement.
The written representation shall include that: -
a. Management has fulfilled its responsibility for the preparation of financial statements in
accordance with the applicable financial reporting framework, including where relevant their
fair presentation, and has provided the practitioner with all relevant information and access to
information as agreed in the terms of the engagement; and
b. All transactions have been recorded and are reflected in the financial statements.

• If law or regulation requires management to make written public statements about its responsibilities,
and the practitioner determines that such statements provide some or all of the representations
required above, the relevant matters covered by such statements need not be included in the written
representation.
• In addition to the written representations required under this SRE, the practitioner may consider
it necessary to request other written representations about the financial statements. These may
be needed, for example, to complete the practitioner’s evidence with respect to certain items or
disclosures reflected in the financial statements where the practitioner considers such representations
to be important in forming a conclusion on the financial statements on either a modified or unmodified
basis.

The practitioner shall also request management’s written representations that

management has disclosed to the practitioner: -
a. The identity of the entity’s related parties and all the related party relationships and transactions
of which management is aware;
b. Significant facts relating to any frauds or suspected frauds known to management that may have
affected the entity;
c. Known actual or possible non-compliance with laws and regulations for which the effects of non-
compliance affect the entity’s financial statements;
d. All information relevant to use of the going concern assumption in the financial statements;
e. That all events occurring subsequent to the date of the financial statements and for which the
applicable financial reporting framework requires adjustment or disclosure, have been adjusted or
disclosed;
f. Material commitments, contractual obligations or contingencies that have affected or may affect
the entity’s financial statements, including disclosures;
g. Material non-monetary transactions or transactions for no consideration undertaken by the entity
in the financial reporting period under consideration.
CA Harshad Jaju
10.12 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

If management does not provide one or more of the requested written representations, the
practitioner shall: -

b.
c.
Re-evaluate the integrity
a. Take appropriate actions,
of management, and
including determining
Discuss the matter with evaluate the effect
the possible effect on
management and those that this may have
the conclusion in the
charged with governance, on the reliability of
practitioner’s report in
as appropriate; representations (oral or
accordance with this
written) and evidence in
SRE.
general; and

The practitioner shall disclaim a conclusion on the financial statements, or withdraw from the
engagement if withdrawal is possible under applicable law or regulation, as appropriate, if: -
a. The practitioner concludes that there is sufficient doubt about the integrity of management such that
the written representations are not reliable or
b. Management does not provide the required representations in respect of its responsibilities for
preparation of financial statements and recording of all transactions in financial statements.

(vii) Evaluating evidence obtained from the procedures performed

• The practitioner shall evaluate whether sufficient appropriate evidence has been obtained from the
procedures performed and, if not, the practitioner shall perform other procedures judged by the
practitioner to be necessary in the circumstances to be able to form a conclusion on the financial
statements.
• In some circumstances, the practitioner may not have obtained the evidence that the practitioner had
expected to obtain through the design of primarily inquiry and analytical procedures and procedures
addressing specific circumstances.
In these circumstances, the practitioner considers that the evidence obtained from the procedures
performed is not sufficient and appropriate to be able to form a conclusion on the financial statements.

The practitioner may:

• Extend the work performed or
• Perform other procedures judged by the practitioner to be necessary in the circumstances.
• Where neither of these is practicable in the circumstances, the practitioner will not be able to obtain
sufficient appropriate evidence to be able to form a conclusion and is required by this SRE to
determine the effect on the practitioner’s report, or on the practitioner’s ability to complete the
engagement, for example, if a member of management is unavailable at the time of the review to
respond to the practitioner’s inquiries on significant matters.
• If the practitioner is not able to obtain sufficient appropriate evidence to form a conclusion, the
practitioner shall discuss with management and those charged with governance, as appropriate, the
effects such limitations have on the scope of the review.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.13
 REVIEW OF FINANCIAL INFORMATION

• Inability to perform a specific procedure does not constitute a limitation on the scope of the review
if the practitioner is able to obtain sufficient appropriate evidence by performing other procedures.
Limitations on the scope of the review imposed by management may have other implications for the
review, such as for the practitioner’s consideration of areas where the financial statements are likely
to be materially misstated, and engagement continuance.

(viii) Forming the practitioner’s conclusion on the financial statements

In forming conclusion, the practitioner shall also consider the impact of: -
a. Uncorrected misstatements identified during the review, and in the previous year’s review of the
entity’s financial statements, on the financial statements as a whole
b. Qualitative aspects of the entity’s accounting practices, including indicators of possible bias in
management’s judgments.

If the financial statements are prepared using a fair presentation framework,

the practitioner’s consideration shall also include: -
a. The overall presentation, structure and content of the financial statements in accordance with the
applicable framework and
b. Whether the financial statements, including the related notes, appear to represent the underlying
transactions and events in a manner that achieves fair presentation or gives a true and fair view, as
appropriate, in the context of the financial statements as a whole.
The practitioner’s conclusion on the financial statements, whether unmodified or modified, shall be
expressed in the appropriate form in the context of the financial reporting framework applied in the
financial statements.
Unmodified Conclusion: The practitioner shall express an unmodified conclusion in the practitioner’s
report on the financial statements as a whole when the practitioner has obtained limited assurance to
be able to conclude that nothing has come to the practitioner’s attention that causes the practitioner to
believe that the financial statements are not prepared, in all material respects, in accordance with the
applicable financial reporting framework.
When the practitioner expresses an unmodified conclusion, the practitioner
shall, unless otherwise required by law or regulation, use one of the following
phrases, as appropriate: -
a. “Based on our review, nothing has come to our attention that causes us to believe that the financial
statements do not give a true and fair view (or do not present fairly, in all material respects), in
accordance with the applicable financial reporting framework,” (for financial statements prepared
using a fair presentation framework); or
b. “Based on our review, nothing has come to our attention that causes us to believe that the financial
statements are not prepared, in all material respects, in accordance with the applicable financial
reporting framework,” (for financial statements prepared using a compliance framework).
Modified Conclusion: The practitioner shall express a modified conclusion in the practitioner’s report
on the financial statements as a whole when:

CA Harshad Jaju
10.14 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

b.
a. The practitioner is unable to obtain
The practitioner determines, based sufficient and appropriate evidence in
on the procedures performed and the relation to one or more items in the
evidence obtained, that the financial financial statements that are material in
statements are materially misstated or relation to the financial statements as a
whole.
When the practitioner modifies the conclusion expressed on the financial statements, the
practitioner shall:

b.
Provide a description of the matter
giving rise to the modification, under
a. an appropriate heading (for example,
Use the heading “Qualified Conclusion,” “Basis for Qualified Conclusion,”
“Adverse Conclusion” or “Disclaimer “Basis for Adverse Conclusion” or
of Conclusion,” as appropriate, for “Basis for Disclaimer of Conclusion,”
the conclusion paragraph in the as appropriate) in a separate paragraph
practitioner’s report and in the practitioner’s report immediately
before the conclusion paragraph
(referred to as the basis for conclusion
paragraph).

Financial statements are materially misstated.

If the practitioner determines that the financial statements are materially misstated, the
practitioner shall express:
a. A qualified conclusion, when the practitioner
b. An adverse conclusion, when the effects of the
concludes that the effects of the matter(s)
matter(s) giving rise to the modification are
giving rise to the modification are material,
both material and pervasive to the financial
but not pervasive to the financial statements;
statements.
or

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.15
 REVIEW OF FINANCIAL INFORMATION

When the practitioner expresses a qualified conclusion on the financial statements

because of a material misstatement, the practitioner shall, unless otherwise
required by law or regulation, use one of the following phrases, as appropriate: -
a. “Based on our review, except for the effects of the matter(s) described in the Basis for Qualified
Conclusion paragraph, nothing has come to our attention that causes us to believe that the financial
statements do not give a true and fair view (or do not present fairly, in all material respects), in
accordance with the applicable financial reporting framework,” (for financial statements prepared
using a fair presentation framework) or
b. “Based on our review, except for the effects of the matter(s) described in the Basis for Qualified
Conclusion paragraph, nothing has come to our attention that causes us to believe that the financial
statements are not prepared, in all material respects, in accordance with the applicable financial
reporting framework,” (for financial statements prepared using a compliance framework).

When the practitioner expresses an adverse conclusion on the financial statements, the practitioner
shall, unless otherwise required by law or regulation, use one of the following phrases, as appropriate:
a. “Based on our review, due to the significance of the matter(s) described in the Basis for Adverse
Conclusion paragraph, the financial statements do not give a true and fair view (or do not
present fairly, in all material respects), in accordance with the applicable financial reporting
framework,” (for financial statements prepared using a fair presentation framework); or
b. “Based on our review, due to the significance of the matter(s) described in the Basis for
Adverse Conclusion paragraph, the financial statements are not prepared, in all material
respects, in accordance with the applicable financial reporting framework,” (for financial
statements prepared using a compliance framework).

In the basis for conclusion paragraph, in relation to material misstatements that

give rise to either a qualified conclusion or an adverse conclusion, the practitioner
shall: -
a. Describe and quantify the financial effects of the misstatement if the material misstatement
relates to specific amounts in the financial statements (including quantitative disclosures), unless
impracticable, in which case the practitioner shall so state;

b. Explain how disclosures are misstated if the material misstatement relates to narrative disclosures;
or

c. Describe the nature of omitted information if the material misstatement relates to the nondisclosure
of information required to be disclosed. Unless prohibited by law or regulation, the practitioner
shall include the omitted disclosures where practicable to do so.

Narrative accounting disclosures are an integral part of the corporate financial reporting package.
They are deemed to provide a view of the company “through the eyes of management”. The narratives
represent management’s construal of corporate events and are largely discretionary.

CA Harshad Jaju
10.16 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

Inability to obtain sufficient and appropriate evidence:

If the practitioner is unable to form a conclusion on the financial statements due to the inability to
obtain sufficient appropriate and evidence, the practitioner shall:
a. Express a qualified conclusion if the practitioner concludes that the possible effects on the financial
statements of undetected misstatements, if any, could be material but not pervasive or
b. Disclaim a conclusion if the practitioner concludes that the possible effects on the financial
statements of undetected misstatements, if any, could be both material and pervasive.
The practitioner shall withdraw from the engagement if the following conditions are present: -
a. Due to a limitation on the
scope of the review imposed
b. The practitioner has
by management after the
determined that the possible
practitioner has accepted the
effects on the financial c. Withdrawal is possible under
engagement, the practitioner
statements of undetected applicable law or regulation.
is unable to obtain sufficient
misstatements are material and
appropriate and evidence
pervasive and
to form a conclusion on the
financial statements;
When the practitioner expresses a qualified conclusion on the financial statements due to
inability to obtain sufficient and appropriate evidence, the practitioner shall, unless otherwise
required by law or regulation, use one of the following phrases, as appropriate:
a. “Based on our review, except for the possible effects of the matter(s) described in the Basis for
Qualified Conclusion paragraph, nothing has come to our attention that causes us to believe that
the financial statements do not give a true and fair view (or do not present fairly, in all material
respects) in accordance with the applicable financial reporting framework,” (for financial statements
prepared using a fair presentation framework); or
b. “Based on our review, except for the possible effects of the matter(s) described in the Basis for
Qualified Conclusion paragraph, nothing has come to our attention that causes us to believe that
the financial statements are not prepared, in all material respects, in accordance with the applicable
financial reporting framework,” (for financial statements prepared using a compliance framework).

When disclaiming a conclusion on the financial statements the practitioner shall

state in the conclusion paragraph that:
a. Due to the significance of the matter(s) described in the Basis for Disclaimer of Conclusion
paragraph, the practitioner is unable to obtain sufficient appropriate evidence to form a conclusion
on the financial statements; and
b. Accordingly, the practitioner does not express a conclusion on the financial statements.
In the basis for conclusion paragraph, in relation to either the qualified conclusion due to inability
of obtaining sufficient and appropriate evidence or when the practitioner disclaims a conclusion, the
practitioner shall include the reason(s) for the inability to obtain sufficient and appropriate evidence.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.17
 REVIEW OF FINANCIAL INFORMATION

(ix) The Practitioner’s Report

The practitioner’s report for the review engagement shall be in writing and shall contain the following
elements: -

(a) A title, which shall clearly indicate that it is the report of an independent practitioner for a review
engagement
(b) The addressee(s), as required by the circumstances of the engagement
(c) An introductory paragraph that:
1. Identifies the financial statements reviewed, including identification of the title of each of the
statements contained in the set of financial statements and the date and period covered by each
financial statement
2. Refers to the summary of significant accounting policies and other explanatory information
and
3. States that the financial statements have been reviewed
(d) A description of the responsibility of management for the preparation of the financial
statements, including an explanation that management is responsible for:
1. Their preparation in accordance with the applicable financial reporting framework including,
where relevant, their fair presentation;
2. Such internal control as management determines is necessary to enable the preparation of
financial statements that are free from material misstatement, whether due to fraud or error;
(e) If the financial statements are special purpose financial statements:
1. A description of the purpose for which the financial statements are prepared and, if necessary,
the intended users, or reference to a note in the special purpose financial statements that
contains that information; and
2. If management has a choice of financial reporting frameworks in the preparation of such
financial statements, a reference within the explanation of management’s responsibility for
the financial statements to management’s responsibility for determining that the applicable
financial reporting framework is acceptable in the circumstances
(f) A description of the practitioner’s responsibility to express a conclusion on the financial statements
including reference to this SRE and, where relevant, applicable law or regulation.
(g) A description of a review of financial statements and its limitations, and the following
statements:
1. A review engagement under this SRE is a limited assurance engagement.
2. The practitioner performs procedures, primarily consisting of making inquiries of management
and others within the entity, as appropriate, and applying analytical procedures, and evaluates
the evidence obtained and
3. The procedures performed in a review are substantially less than those performed in an audit
conducted in accordance with Standards on Auditing (SAs), and, accordingly, the practitioner
does not express an audit opinion on the financial statements.

CA Harshad Jaju
10.18 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

(h) A paragraph under the heading “Conclusion” that contains:

1. The practitioner’s conclusion on the financial statements as a whole as appropriate and
2. A reference to the applicable financial reporting framework used to prepare the financial
statements.
(i) When the practitioner’s conclusion on the financial statements is modified:
1. A paragraph under the appropriate heading that contains the practitioner’s modified conclusion
as appropriate and
2. A paragraph, under an appropriate heading, that provides a description of the matter(s) giving
rise to the modification
(j) A reference to the practitioner’s obligation under this SRE to comply with relevant ethical
requirements
(k) The date of the practitioner’s report: The practitioner shall date the report no earlier than
the date on which the practitioner has obtained sufficient appropriate evidence as the basis for the
practitioner’s conclusion on the financial statements, including being satisfied that: -
1. All the statements that comprise the financial statements under the applicable financial reporting
framework, including the related notes where applicable, have been prepared and
2. Those with the recognized authority have asserted that they have taken responsibility for those
financial statements.
(l) The practitioner’s signature and
(m) The place of signature.

2.5 Emphasis of Matter and Other Matter Paragraphs in the Practitioner’s Report
a. Emphasis of matter
i. The practitioner may consider it necessary to draw users’ attention to a matter presented or disclosed
in the financial statements that, in the practitioner’s judgment, is of such importance that it is
fundamental to users’ understanding of the financial statements. In such cases, the practitioner shall
include an Emphasis of Matter paragraph in the practitioner’s report, provided the practitioner has
obtained sufficient appropriate evidence to conclude that the matter is not likely to be materially
misstated as presented in the financial statements. Such paragraph shall refer only to the information
presented or disclosed in the financial statements.
ii. The practitioner shall include an Emphasis of Matter paragraph immediately after the paragraph
that contains the practitioner’s conclusion on the financial statements under the heading “Emphasis
of Matter,” or other appropriate heading.
b. Other matter
If the practitioner considers it necessary to communicate a matter other than those that are presented
or disclosed in the financial statements that, in the practitioner’s judgment, is relevant to users’
understanding of the review, the practitioner’s responsibilities or the practitioner’s report and this is
not prohibited by law or regulation, the practitioner shall do so in a paragraph in the practitioner’s
report with the heading “Other Matter” or other appropriate heading.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.19
 REVIEW OF FINANCIAL INFORMATION

2.6 Other Reporting Responsibilities

A practitioner may be requested to address other reporting responsibilities in the practitioner’s report
on the financial statements that are in addition to the practitioner’s responsibilities under this SRE
to report on the financial statements. In such situations, those other reporting responsibilities shall
be addressed by the practitioner in a separate section in the practitioner’s report headed “Report on
Other Legal and Regulatory Requirements,” or otherwise as appropriate to the context of the section,
following the section of the report headed “Report on the Financial Statements.”
2.7 Documentation
The preparation of documentation for the review provides evidence that the review was performed in
accordance with this SRE along with legal and regulatory requirements where relevant and a sufficient
and appropriate record of the basis for the practitioner’s report.

The practitioner shall document the following aspects of the engagement in a

timely manner, sufficient to enable an experienced practitioner, having no previous
connection with the engagement, to understand:
a. The nature, timing, and extent of the procedures performed to comply with this SRE and applicable
legal and regulatory requirements
b. Results obtained from the procedures, and the practitioner’s conclusions formed on the basis of
those results and
c. Significant matters arising during the engagement, the practitioner’s conclusions reached thereon,
and significant professional judgments made in reaching those conclusions.
While documenting the nature, timing and extent of procedures performed as required in this
SRE, the practitioner shall record:

a. Who performed the work and the date such work was completed and

b. Who reviewed the work performed for the purpose of quality control for the engagement, and
the period and extent of the review.
The practitioner shall also document discussions with the management, those charged with governance,
and others as relevant to the performance of the review of significant matters arising during the
engagement, including the nature of those matters.
2.8 Audit Vs. Review
An audit engagement has many similarities with a review engagement. However, there are certain
important areas of distinction relating to the nature of engagement, its performance, objective and
reporting highlighted under: -

CA Harshad Jaju
10.20 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

Overview of distinctive areas between Audit and Review

Audit Review
Audit is a type of reasonable assurance Review is a type of limited assurance engagement
engagement providing reasonable level of providing a lower level of assurance than
assurance. reasonable assurance engagement.
It performs elaborate and extensive procedures It performs fewer procedures primarily focusing
including tests of controls and substantive on inquiry and analytical procedures.
procedures.
It draws reasonable conclusions on the basis of It draws limited conclusions on the basis of
sufficient appropriate evidence. sufficient appropriate evidence.
It provides an assurance opinion. The language It provides an assurance conclusion. The language
of assurance opinion is positively worded. of assurance conclusion is negatively worded.

3. SRE 2410 REVIEW OF INTERIM FINANCIAL INFORMATION

PERFORMED BY THE INDEPENDENT AUDITOR OF THE ENTITY
SRE 2410 deals with the auditor’s professional responsibilities when the auditor undertakes an
engagement to review the interim financial information of an audit client and on the form and content
of the report. In other words, SRE 2410 applies when review of interim financial information is
performed by the independent auditor of the financial statements of the entity.

What is Interim Financial Information?

Interim financial information is financial information that is prepared and presented in accordance
with an applicable financial reporting framework and comprises either a complete or a condensed set
of financial statements for a period that is shorter than the entity’s financial year. For example, interim
financial information may relate to financial statements of a quarter of financial year.
3.1 Objective of an Engagement to Review Interim Financial Information in
Accordance with SRE 2410
a. The objective of an engagement to review interim financial information is to enable the auditor
to express a conclusion whether, on the basis of the review, anything has come to the auditor’s
attention that causes the auditor to believe that the interim financial information is not prepared, in
all material respects, in accordance with an applicable financial reporting framework.
The auditor makes inquiries and performs analytical and other review procedures in order to reduce
to a moderate level risk of expressing an inappropriate conclusion when the interim financial
information is materially misstated.
b. The objective of a review of interim financial information differs significantly from that of an audit
conducted in accordance with Standards on Auditing (SAs).
i. A review of interim financial information does not provide a basis for expressing an opinion
on whether the financial information gives a true and fair view, or is presented fairly, in all
material respects, in accordance with an applicable financial reporting framework.
ii. A review, in contrast to an audit, is not designed to obtain reasonable assurance that the
interim financial information is free from material misstatement.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.21
 REVIEW OF FINANCIAL INFORMATION

iii. A review consists of making inquiries, primarily of persons responsible for financial and
accounting matters, and applying analytical and other review procedures.
iv. A review may bring significant matters affecting the interim financial information to the
auditor’s attention, but it does not provide all of the evidence that would be required in an
audit.
SRE 2410 applies when review of interim financial information is performed by the independent
auditor of the financial statements of the entity.
3.2 Agreeing the Terms of the Engagement
The auditor and the client should agree on the terms of the engagement. The agreed terms of the
engagement are ordinarily recorded in an engagement letter. Such communication helps to avoid
misunderstandings regarding the nature of the engagement and, in particular, the objective and scope
of the review, management’s responsibilities, the extent of the auditor’s responsibilities, the assurance
obtained, and the nature and form of the report.
3.3 Understanding the Entity and its Environment including its Internal Control
i. The auditor should have an understanding of the entity and its environment, including its internal
control, as it relates to the preparation of both annual and interim financial information, sufficient
to plan and conduct the engagement so as to be able to:

b.
Select the inquiries, analytical and other
a. review procedures that will provide the auditor
with a basis for reporting whether anything
Identify the types of potential material
has come to the auditor’s attention that causes
misstatement and consider the
the auditor to believe that the interim financial
likelihood of their occurrence and
information is not prepared, in all material
respects, in accordance with the applicable
financial reporting framework.
ii. The auditor who has audited the entity’s financial statements for one or more annual periods has
obtained an understanding of the entity and its environment, including its internal control, as it
relates to the preparation of annual financial information that was sufficient to conduct the audit.
iii. In planning a review of interim financial information, the auditor updates this understanding. The
auditor also obtains a sufficient understanding of internal control as it relates to the preparation of
interim financial information as it may differ from internal control as it relates to annual financial
information.
iv. Some of the procedures performed by the auditor to update the understanding of the entity and its
environment, including its internal control, ordinarily include the following:

CA Harshad Jaju
10.22 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

• Reading the documentation, to the extent necessary, of the preceding year’s audit and reviews
of prior interim period(s) of the current year and corresponding interim period(s) of the prior
year, to enable the auditor to identify matters that may affect the current-period interim financial
information.
• Considering any significant risks, including the risk of management override of controls, that
were identified in the audit of the prior year’s financial statements.
• Reading the most recent annual and comparable prior period interim financial information.
• Considering materiality with reference to the applicable financial reporting framework as it
relates to interim financial information to assist in determining the nature and extent of the
procedures to be performed and evaluating the effect of misstatements.
• Considering the nature of any corrected material misstatements and any identified uncorrected
immaterial misstatements in the prior year’s financial statements.
• Considering significant financial accounting and reporting matters that may be of continuing
significance such as material weaknesses in internal control.
• Considering the results of any audit procedures performed with respect to the current year’s
financial statements.
• Considering the results of any internal audit performed and the subsequent actions taken by the
management.
• Inquiring of management about the results of management’s assessment of the risk that the
interim financial information may be materially misstated as a result of fraud.
• Inquiring of management about the effect of changes in the entity’s business activities.
• Inquiring of management about any significant changes in internal control and the potential
effect of any such changes on the preparation of interim financial information.
• Inquiring of management of the process by which the interim financial information has been
prepared and the reliability of the underlying accounting records to which the interim financial
information is agreed or reconciled.

v. In order to plan and conduct a review of interim financial information, a recently appointed auditor,
who has not yet performed an audit of the annual financial statements in accordance with SAs,
should obtain an understanding of the entity and its environment, including of its internal control,
as it relates to the preparation of both annual and interim financial information.
Besides, the auditor determines the nature of the review procedures, if any, to be performed for
components and, where applicable, communicates these matters to other auditors involved in the
review.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.23
 REVIEW OF FINANCIAL INFORMATION

3.4 Inquiries, Analytical and other Review procedures

Inquiry
The auditor should make inquiries, primarily of persons responsible for financial and accounting
matters, and perform analytical and other review procedures to enable the auditor to conclude whether,
on the basis of the procedures performed, anything has come to the auditor’s attention that causes the
auditor to believe that the interim financial information is not prepared, in all material respects, in
accordance with the applicable financial reporting framework.
A review ordinarily does not require tests of the accounting records through inspection, observation
or confirmation. Procedures for performing a review of interim financial information are ordinarily
limited to making inquiries, primarily of persons responsible for financial and accounting matters,
and applying analytical and other review procedures, rather than corroborating information obtained
concerning significant accounting matters relating to the interim financial information.
Understanding of entity, Environment & Internal Control
The auditor’s understanding of the entity and its environment including its internal control, the results
of the risk assessments relating to the preceding audit and the auditor’s consideration of materiality as
it relates to the interim financial information, affects the nature and extent of the inquiries made, and
analytical and other review procedures applied.
The auditor ordinarily performs the following procedures: -

• Reading the minutes of the meetings of shareholders, those charged with governance, and other
appropriate committees to identify matters that may affect the interim financial information, and
inquiring about matters dealt with at meetings for which minutes are not available that may affect
the interim financial information.
• Considering the effect, if any, of matters giving rise to a modification of the audit or review report,
accounting adjustments or unadjusted misstatements, at the time of the previous audit or reviews.
• Communicating, where appropriate, with other auditors who are performing a review of the interim
financial information of the reporting entity’s significant components.
• Inquiring of members of management responsible for financial and accounting matters, and others
as appropriate about the following:
♦ Whether the interim financial information has been prepared and presented in accordance with
the applicable financial reporting framework.
♦ Whether there have been any changes in accounting principles or in the methods of applying them.
♦ Whether any new transactions have necessitated the application of a new accounting principle.
♦ Whether the interim financial information contains any known uncorrected misstatements.
♦ Unusual or complex situations that may have affected the interim financial information, such as
a business combination or disposal of a segment of the business.
♦ Significant assumptions that are relevant to the fair value measurement or disclosures and
management’s intention and ability to carry out specific courses of action on behalf of the entity.
♦ Whether related party transactions have been appropriately accounted for and disclosed in the
interim financial information.

CA Harshad Jaju
10.24 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

♦ Significant changes in commitments and contractual obligations.

♦ Significant changes in contingent liabilities including litigation or claims.
♦ Compliance with debt covenants.
♦ Matters about which questions have arisen in the course of applying the review procedures.
♦ Significant transactions occurring in the last several days of the interim period or the first several
days of the next interim period.
♦ Knowledge of any fraud or suspected fraud affecting the entity involving management,
employees who have significant roles in internal control or others where the fraud could have a
material effect on the interim financial information.
♦ Knowledge of any allegations of fraud, or suspected fraud, affecting the entity’s interim financial
information communicated by employees, former employees, analysts, regulators, or others.
♦ Knowledge of any actual or possible non-compliance with laws and regulations that could have
a material effect on the interim financial information.
• Applying analytical procedures to the interim financial information designed to identify relationships
and individual items that appear to be unusual and that may reflect a material misstatement in the
interim financial information.
• Reading the interim financial information, and considering whether anything has come to the
auditor’s attention that causes the auditor to believe that the interim financial information is not
prepared, in all material respects, in accordance with the applicable financial reporting framework.

Before or Simultaneously
The auditor may perform many of the review procedures before or simultaneously with the entity’s
preparation of the interim financial information. For example, it may be practicable to update the
understanding of the entity and its environment, including its internal control, and begin reading
applicable minutes before the end of the interim period.
Early Review Procedure
Performing some of the review procedures earlier in the interim period also permits early identification
and consideration of significant accounting matters affecting the interim financial information.
Audit Procedure along with Review
The auditor performing the review of interim financial information is also engaged to perform an audit
of the annual financial statements of the entity. For convenience and efficiency, the auditor may decide
to perform certain audit procedures concurrently with the review of interim financial information.
Litigation & claims
A review of interim financial information ordinarily does not require corroborating the inquiries about
litigation or claims. It is, therefore, ordinarily not necessary to send an inquiry letter to the entity’s
lawyer. Direct communication with the entity’s lawyer with respect to litigation or claims may,
however, be appropriate if a matter comes to the auditor’s attention that causes the auditor to question
whether the interim financial information is not prepared, in all material respects, in accordance with
the applicable financial reporting framework, and the auditor believes the entity’s lawyer may have
pertinent information.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.25
 REVIEW OF FINANCIAL INFORMATION

The auditor may obtain evidence that the interim financial information agrees or
reconciles with the underlying accounting records by tracing the interim financial
information to:
a. The accounting records, such as the general ledger, or a consolidating schedule that agrees or
reconciles with the accounting records; and
b. Other supporting data in the entity’s records as necessary.
Events upto date of report
The auditor should inquire whether management has identified all events up to the date of the review
report that may require adjustment to or disclosure in the interim financial information. It is not
necessary for the auditor to perform other procedures to identify events occurring after the date of the
review report.
Going Concern
i. The auditor should inquire whether management has changed its assessment of the entity’s ability
to continue as a going concern. When, as a result of this inquiry or other review procedures, the
auditor becomes aware of events or conditions that may cast significant doubt on the entity’s
ability to continue as a going concern, the auditor should:

a. Inquire of management as to its plans for future actions based on its going concern
assessment, the feasibility of these plans, and whether management believes that the outcome
of these plans will improve the situation and

b. Consider the adequacy of the disclosure about such matters in the interim financial
information.
ii. Events or conditions which may cast significant doubt on the entity’s ability to continue as a going
concern may have existed at the date of the annual financial statements or may be identified as a
result of inquiries of management or in the course of performing other review procedures.
iii. When such events or conditions come to the auditor’s attention, the auditor inquires of management
as to its plans for future action, such as its plans to liquidate assets, borrow money or restructure
debt, reduce or delay expenditures, or increase capital. The auditor also inquires as to the feasibility
of management’s plans and whether management believes that the outcome of these plans will
improve the situation. However, it is not ordinarily necessary for the auditor to corroborate the
feasibility of management’s plans and whether the outcome of these plans will improve the
situation.
iv. When a matter comes to the auditor’s attention that leads the auditor to question whether a material
adjustment should be made for the interim financial information to be prepared, in all material
respects, in accordance with the applicable financial reporting framework, the auditor should make
additional inquiries or perform other procedures to enable the auditor to express a conclusion in
the review report.
For example, if the auditor’s review procedures lead the auditor to question whether a significant sales
transaction is recorded in accordance with the applicable financial reporting framework, the auditor
performs additional procedures sufficient to resolve the auditor’s questions, such as discussing the
terms of the transaction with senior marketing and accounting personnel, or reading the sales contract.

CA Harshad Jaju
10.26 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

3.5 Evaluation of Misstatements

i. The auditor should evaluate, individually and in the aggregate, whether uncorrected misstatements
that have come to the auditor’s attention are material to the interim financial information.
ii. Misstatements which come to the auditor’s attention, including inadequate disclosures, are
evaluated individually and in the aggregate to determine whether a material adjustment is required
to be made to the interim financial information for it to be prepared, in all material respects, in
accordance with the applicable financial reporting framework.
iii. The auditor exercises professional judgment in evaluating the materiality of any misstatements
that the entity has not corrected.
3.6 Management representations
The auditor should obtain written representation from management that: -

a. It acknowledges its responsibility for the design and implementation of internal control to
prevent and detect fraud and error

b. The interim financial information is prepared and presented in accordance with the
applicable financial reporting framework

c. It believes the effect of those uncorrected misstatements aggregated by the auditor during
the review are immaterial, both individually and in the aggregate, to the interim financial
information taken as a whole. A summary of such items is included in or attached to the
written representations

d. It has disclosed to the auditor all significant facts relating to any frauds or suspected frauds
known to management that may have affected the entity

e. It has disclosed to the auditor the results of its assessment of the risks that the interim
financial information may be materially misstated as a result of fraud

f. It has disclosed to the auditor all known actual or possible non-compliance with laws
and regulations whose effects are to be considered when preparing the interim financial
information; and

g. It has disclosed to the auditor all significant events that have occurred subsequent to the
balance sheet date and through to the date of the review report that may require adjustment
to or disclosure in the interim financial information.

3.7 Auditor’s Responsibility for Accompanying Information

The auditor should read the other information that accompanies the interim financial information to
consider whether any such information is materially inconsistent with the interim financial information.
If the auditor identifies a material inconsistency, the auditor considers whether the interim financial
information or the other information needs to be amended. If an amendment is necessary in the interim
financial information and management refuses to make such amendment, the auditor considers the
implications for the review report.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.27
 REVIEW OF FINANCIAL INFORMATION

If an amendment is necessary in the other information and management refuses to make such
amendment, the auditor considers including in the review report an additional paragraph describing the
material inconsistency, or taking other actions, such as withholding the issuance of the review report
or withdrawing from the engagement. For example, management may present alternative measures
of earnings that more positively portray results of operations than the interim financial information,
and such alternative measures are given excessive prominence, are not clearly defined, or not clearly
reconciled to the interim financial information such that they are confusing and potentially misleading.
If a matter comes to the auditor’s attention that causes the auditor to believe that the other information
appears to include a material misstatement of fact, the auditor should discuss the matter with the
entity’s management.
While reading the other information for the purpose of identifying material inconsistencies, an apparent
material misstatement of fact may come to the auditor’s attention (i.e., information, not related to
matters appearing in the interim financial information, that is incorrectly stated or presented). When
discussing the matter with the entity’s management, the auditor considers the validity of the other
information and management’s responses to the auditor’s inquiries, whether valid differences of
judgment or opinion exist and whether to request management to consult with a qualified third party
to resolve the apparent misstatement of fact.
If an amendment is necessary to correct a material misstatement of fact and management refuses to
make the amendment, the auditor considers taking further action as appropriate, such as notifying
those charged with governance and obtaining a legal advice.
3.8 Communication
When, as a result of performing the review of interim financial information, a matter comes to the
auditor’s attention that causes the auditor to believe that it is necessary to make a material adjustment
to the interim financial information for it to be prepared, in all material respects, in accordance with
the applicable financial reporting framework, the auditor should communicate this matter as soon as
practicable to the appropriate level of management.
When, in the auditor’s judgment, management does not respond appropriately within a reasonable
period of time, the auditor should inform those charged with governance. The communication is made
as soon as practicable, either orally or in writing. The auditor’s decision whether to communicate
orally or in writing is affected by factors such as the nature, sensitivity and significance of the matter
to be communicated and the timing of such communications. If the information is communicated
orally, the auditor documents the communication.
When, in the auditor’s judgment, those charged with governance do not respond
appropriately within a reasonable period, the auditor should consider:
a. Whether to modify the report b. The possibility of withdrawing c. The possibility of resigning
or from the engagement and from the appointment to audit
the annual financial statements.

CA Harshad Jaju
10.28 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

When, as a result of performing the review of interim financial information, a matter comes to the
auditor’s attention that causes the auditor to believe in the existence of fraud or noncompliance by the
entity with laws and regulations, the auditor should communicate the matter as soon as practicable to the
appropriate level of management. The determination of which level of management is the appropriate
one is affected by the likelihood of collusion or the involvement of a member of management. The
auditor also considers the need to report such matters to those charged with governance and considers
the implication for the review.
The auditor should communicate relevant matters of governance interest arising from the review of
interim financial information with those charged with governance. As a result of performing the review
of the interim financial information, the auditor may become aware of matters that in the opinion
of the auditor are both important and relevant to those charged with governance in overseeing the
financial reporting and disclosure process. The auditor communicates such matters to those charged
with governance.
3.9 Reporting the Nature, Extent and Results of the Review of Interim Financial
Information
The auditor should issue a written report that contains the following: -
Content of Written Report:
(a) An appropriate title.
(b) An addressee, as required by the circumstances of the engagement.
(c) Identification of the interim financial information reviewed, including identification of the title
of each of the statements contained in the complete or condensed set of financial statements and the
date and period covered by the interim financial information.
(d) If the interim financial information comprises a complete set of general-purpose financial
statements prepared in accordance with a financial reporting framework designed to achieve fair
presentation, a statement that management is responsible for the preparation and fair presentation of
the interim financial information in accordance with the applicable financial reporting framework.
(e) In other circumstances, a statement that management is responsible for the preparation and
presentation of the interim financial information in accordance with the applicable financial reporting
framework.
(f) A statement that the auditor is responsible for expressing a conclusion on the interim financial
information based on the review.
(g) A statement that the review of the interim financial information was conducted in accordance
with Standard on Review Engagements (SRE) 2410, “Review of Interim Financial Information
Performed by the Independent Auditor of the Entity,” and a statement that that such a review consists
of making inquiries, primarily of persons responsible for financial and accounting matters, and
applying analytical and other review procedures.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.29
 REVIEW OF FINANCIAL INFORMATION

(j) In other circumstances, a conclusion as to whether anything has come to the auditor’s attention
that causes the auditor to believe that the interim financial information is not prepared, in all material
respects, in accordance with the applicable financial reporting framework
(k) The date of the report.
(l) Place of Signature.
(m) The auditor’s signature and membership number assigned by the Institute of Chartered
Accountants of India (ICAI).
(n) The Firm’s registration number of the member of the Institute, wherever applicable, as allotted
by ICAI.
Besides, UDIN has also to be generated and stated for review engagement as it is also in nature of an
assurance engagement. UDIN has to be stated for engagements performed in accordance with SRE
2400 or SRE 2410.
3.10 Departure from the Applicable Financial Reporting Framework
The auditor should express qualified or adverse conclusion when a matter has come to the auditor’s
attention that causes the auditor to believe that a material adjustment should be made to the interim
financial information for it to be prepared, in all material respects, in accordance with the applicable
financial reporting framework.
If matters have come to the auditor’s attention that cause the auditor to believe that the interim financial
information is or may be materially affected by a departure from the applicable financial reporting
framework, and management does not correct the interim financial information, the auditor modifies
the review report.
The modification describes the nature of the departure and, if practicable, states the effects on the
interim financial information. If the information that the auditor believes is necessary for adequate
disclosure is not included in the interim financial information, the auditor modifies the review report
and, if practicable, includes the necessary information in the review report. The modification to the
review report is ordinarily accomplished by adding an explanatory paragraph to the review report and
qualifying the conclusion.
When the effect of the departure is so material and pervasive to the interim financial information that
the auditor concludes a qualified conclusion is not adequate to disclose the misleading or incomplete
nature of the interim financial information, the auditor expresses an adverse conclusion.
3.11 Limitation on Scope
A limitation on scope ordinarily prevents the auditor from completing the review. When the auditor is
unable to complete the review, the auditor should communicate, in writing, to the appropriate level of
management and to those charged with governance the reason why the review cannot be completed
and consider whether it is appropriate to issue a report.
3.11.1 Limitation on Scope Imposed by Management
The auditor does not accept an engagement to review the interim financial information if the auditor’s
preliminary knowledge of the engagement circumstances indicates that the auditor would be unable
to complete the review because there will be a limitation on the scope of the auditor’s review imposed
by the management of the entity.

CA Harshad Jaju
10.30 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

If, after accepting the engagement, management imposes a limitation on the scope of the review, the
auditor requests the removal of that limitation. If management refuses to do so, the auditor is unable
to complete the review and express a conclusion. In such cases, the auditor communicates, in writing,
to the appropriate level of management and those charged with governance the reason why the review
cannot be completed. Nevertheless, if a matter comes to the auditor’s attention that causes the auditor
to believe that a material adjustment to the interim financial information is necessary for it to be
prepared, in all material respects, in accordance with the applicable financial reporting framework, the
auditor communicates such matters.
The auditor also considers the legal and regulatory responsibilities, including whether there is a
requirement for the auditor to issue a report. If there is such a requirement, the auditor disclaims a
conclusion, and provides in the review report the reason why the review cannot be completed.
However, if a matter comes to the auditor’s attention that causes the auditor to believe that a material
adjustment to the interim financial information is necessary for it to be prepared, in all material respects,
in accordance with the applicable financial reporting framework, the auditor also communicates such
a matter in the report.
3.11.2 Other Limitations on Scope
A limitation on scope may occur due to circumstances other than a limitation on scope imposed by
management. In such circumstances, the auditor is ordinarily unable to complete the review and
express a conclusion. There may be, however, some rare circumstances where the limitation on the
scope of the auditor’s work is clearly confined to one or more specific matters that, while material, are
not in the auditor’s judgment pervasive to the interim financial information. In such circumstances,
the auditor modifies the review report by indicating that, except for the matter which is described in
an explanatory paragraph to the review report, the review was conducted in accordance with this SRE,
and by qualifying the conclusion.
The auditor may have expressed a qualified opinion on the audit of the latest annual financial statements
because of a limitation on the scope of that audit. The auditor considers whether that limitation on
scope still exists and, if so, the implications for the review report.
3.12 Going Concern and Significant Uncertainties
If, as a result of inquiries or other review procedures, a material uncertainty relating to an event or
condition comes to the auditor’s attention that may cast significant doubt on the entity’s ability to
continue as a going concern, and adequate disclosure is made in the interim financial information the
auditor modifies the review report by adding an emphasis of matter paragraph.
The auditor may have modified a prior audit or review report by adding an emphasis of matter
paragraph to highlight a material uncertainty relating to an event or condition that may cast significant
doubt on the entity’s ability to continue as a going concern. If the material uncertainty still exists
and adequate disclosure is made in the interim financial information, the auditor modifies the review
report on the current interim financial information by adding a paragraph to highlight the continued
material uncertainty.
If a material uncertainty that casts significant doubt about the entity’s ability to continue as a going
concern is not adequately disclosed in the interim financial information, the auditor should express a
qualified or adverse conclusion, as appropriate. The report should include specific reference to the fact
that there is such a material uncertainty.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.31
 REVIEW OF FINANCIAL INFORMATION

3.13 Other Considerations

The terms of the engagement include management’s agreement that where any document containing
interim financial information indicates that such information has been reviewed by the entity’s
auditor, the review report will also be included in the document. If management has not included the
review report in the document, the auditor considers seeking legal advice to assist in determining the
appropriate course of action in the circumstances.
If the auditor has issued a modified review report and management issues the interim financial
information without including the modified review report in the document containing the interim
financial information, the auditor considers seeking legal advice to assist in determining the appropriate
course of action in the circumstances, and the possibility of resigning from the appointment to audit
the annual financial statements.
Interim financial information consisting of a condensed set of financial statements does not necessarily
include all the information that would be included in a complete set of financial statements, but may
rather present an explanation of the events and changes that are significant to an understanding of the
changes in the state of affairs and performance of the entity since the annual reporting date. This is
because it is presumed that the users of the interim financial information will have access to the latest
audited financial statements, such as is the case with listed entities.
In other circumstances, the auditor discusses with management the need for such interim financial
information to include a statement that it is to be read in conjunction with the latest audited financial
statements. In the absence of such a statement, the auditor considers whether, without a reference
to the latest audited financial statements, the interim financial information is misleading in the
circumstances, and the implications for the review report.
3.14 Documentation
The auditor should prepare review documentation that is sufficient and appropriate to provide a basis
for the auditor’s conclusion and to provide evidence that the review was performed in accordance
with this SRE and applicable legal and regulatory requirements.

CA Harshad Jaju
10.32 Swapnil Patni Classes caharshad
98812 92971
 REVIEW OF FINANCIAL INFORMATION

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 10.33
 REVIEW OF FINANCIAL INFORMATION

CA Harshad Jaju
10.34 Swapnil Patni Classes caharshad
98812 92971
 PROSPECTIVE FINANCIAL
11
CHAPTER
INFORMATION AND
OTHER ASSURANCE
SERVICES

Highlights

After studying this chapter, you would be able to -

1. Gain knowledge about Standards on Assurance Engagements.
2. Understand the meaning of Prospective financial information.
3. Know about the responsibilities of professional accountants in examining and reporting on
prospective financial information under SAE 3400.
4. Understand the meaning of Service Organization.
5. Understand the importance of controls of a service organization to a user entity’s internal controls
relating to financial reporting.
6. Know about the responsibilities of professional accountants under SAE 3402.
7. Understand the meaning of Pro forma financial information.
8. Understand about responsibilities of practitioners in assurance engagements to report on the
compilation of Pro forma financial information included in a prospectus under SAE 3420.

1. INTRODUCTION
Future oriented financial statements are generally known as Prospective Financial Statements.
For example - The shareholders of X Limited have given consent to board of directors to plan to raise
funds from the prospective equity investor and have asked your firm to report on the accuracy of the
profit forecast and Statements of Financial Position of the entity for the following five years so that it
could be placed before the equity investor.
1.1 Standards on Assurance Engagements
An assurance engagement may relate to examination of subject matters other than examination of
financial statements prepared on basis of “historical financial information”. In such type of assurance
engagements, examination may relate to prospective financial information or to providing assurance
regarding non-financial matters like design and operation of internal control in an entity.

CA Harshad Jaju
Swapnil Patni Classes caharshad 11.1
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

Standards on Assurance Engagements deal with responsibilities of professional accountants

in assurance engagements dealing such matters. The level of assurance provided by these
Standards on Assurance Engagements is moderate.

Following Standards on Assurance Engagements have been issued: -

• SAE 3400 The Examination of Prospective Financial Information
• SAE 3402 Assurance Reports on Controls at a Service Organisation
• SAE 3420 Assurance Engagements to Report on the Compilation of Pro Forma Financial
Information Included in a Prospectus

2. SAE 3400 THE EXAMINATION OF

PROSPECTIVE FINANCIAL INFORMATION
SAE 3400 provides guidance on engagements to examine and report on prospective financial
information including examination procedures for best-estimate and hypothetical assumptions.
Examination of prospective financial information need not necessarily be performed by statutory
auditor of the entity’s financial statements.

What is Prospective financial information?

“Prospective financial information” is Financial information based on:
• Assumptions about events that may occur in the future and
• Possible actions by an entity.
It is highly subjective in nature and its preparation requires the exercise of considerable judgment.
Prospective financial information can be in the form of :
• a forecast,
• a projection,
• or a combination of both (for example a 1-year, forecast plus a 5-year, projection.)

What is Forecast?
Forecast means Prospective Financial Information prepared on the basis of:
• Assumptions as to future events which management expects to take place and
• The actions management expects to take as of the date the information is prepared. (Bestestimate
assumptions- An assumption that reflects anticipated experience with no provision for risk of
adverse deviation.).
In present market conditions, supply availability, historical buying patterns and seasonal trends,
the CFO of a X ltd a expects sales to increase by 5% over the next quarter. Therefore, a 5% sales
increase is his financial forecast for the period.

CA Harshad Jaju
11.2 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

What is Projection?
Prospective Financial Information prepared on the basis of:
• Hypothetical assumptions about future events and management actions which are not necessarily
expected to take place, such as when some entities are in a start-up phase or are considering a
major change in the nature of operations; or
• A mixture of best-estimate and hypothetical assumptions (imagined or suggested)

1. X Ltd may project a course of action to take when one or more hypothetical situations arise,
such as creating a new product to meet the demand of expected market growth. As a result of
assuming the possibility of different events occurring, financial projections typically serve as an
outline for evaluating the desired outcomes x ltd. is expects to see, including its financial, cash
flow and operational outcomes.
2. A company plans to raise funds from a prospective equity investor and has asked a firm of
Chartered Accountants to examine the profit forecast for placing it before prospective equity
investor.
3. A company is in the process of setting up a new plant. It needs financial assistance from bank in
shape of term loan and working capital credit facilities. The company has prepared a projection
of its profits, cash flows for next seven years along with its underlying assumptions.
2.1 Scope of SAE-3400
i. The purpose of this Standard on Assurance Engagement (SAE) is to establish standards and provide
guidance on engagements to examine and report on prospective financial information including
examination procedures for best-estimate and hypothetical assumptions.
ii. This SAE does not apply to the examination of prospective financial information expressed in
general or narrative terms, such as that found in management’s discussion and analysis in an
entity’s annual report, though many of the procedures outlined herein may be suitable for such an
examination. Further, the principles laid down in the other Standards on Auditing, issued by the
Institute of Chartered Accountants of India, should be used by the auditor, to the extent practicable,
in applying this SAE.
iii. The term “auditor” is used throughout this SAE when describing services involving examination of
prospective financial information. Such reference is not intended to imply that a member performing
such services need necessarily be the statutory auditor of the entity’s financial statements.

2.2 Nature of Assurance Regarding Prospective Financial Information

Prospective financial information relates to events and actions that have not yet occurred and might not
occur. While evidence may be available to support the assumptions on which the prospective financial
information is based, such evidence is itself generally future- oriented and, therefore, speculative in
nature, as distinct from the evidence ordinarily available in the examination of historical financial
information. Therefore, an opinion as to whether the results shown in the prospective financial
information will be achieved cannot be expressed.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.3
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

2.3 Responsibility of Preparation and Presentation of Prospective Financial

Information
Management is responsible for the preparation and presentation of the prospective financial information
including the :
• Identification and disclosure of Prospective Financial Information;
• Explaining the basis of forecast;
• Underlying assumptions.
Can Professional Accountants be associated with Prospective Financial Information?

i. Traditionally, the attest function performed by a Chartered Accountant in practice has been in
relation to “historical financial information”. Recognizing the professional skill and competence
of Chartered accountants, varied stakeholders like banks, financial institutions and prospective
investors intend to place greater reliance on reports of projected cash flow and profitability
statements examined and signed by Chartered accountants.
ii. Clause 3 of the Second Schedule to the Chartered Accountants Act, 1949 states that that a chartered
accountant in practice shall be deemed to be guilty of professional misconduct, if he permits his
name or the name of his firm to be used in connection with an estimate of earnings contingent upon
future transactions in a manner which may lead to the belief that he vouches for the accuracy of the
forecast.
iii. The above clause does not preclude a Chartered accountant from associating his name with
prospective financial statements. A chartered accountant can participate in the preparation of profit
or financial forecasts and can review them, provided he indicates clearly in his report the sources of
information, the basis of forecasts and also the major assumptions made in arriving at the forecasts
and so long as he does not vouch for the accuracy of the forecasts.
iv. The same also applies to projections made on the basis of hypothetical assumptions about future
events and management actions which are not necessarily expected to take place so long as vouching
for the accuracy of the projection is not made.
2.4 Duties of Member who is Examining the Prospective Financial Information
In an engagement to examine prospective financial information, the auditor should obtain
sufficient appropriate evidence as to whether:
a. Management’s best-estimate assumptions on which the prospective financial information is based
are not unreasonable and, in the case of hypothetical assumptions, such assumptions are consistent
with the purpose of the information;
b. The prospective financial information is properly prepared on the basis of the assumptions;
c. The prospective financial information is properly presented and all material assumptions are
adequately disclosed, including a clear indication as to whether they are best-estimate assumptions
or hypothetical assumptions; and
d. The prospective financial information is prepared on a consistent basis with historical financial
statements, using appropriate accounting principles.
While examining prospective financial information, principles laid down in other Standards on
Auditing should be applied to the extent practicable.

CA Harshad Jaju
11.4 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

2.5 Nature of Assurance regarding Prospective Financial Information

Prospective financial information relates to events and actions that have not yet occurred and might not
occur. While evidence may be available to support the assumptions on which the prospective financial
information is based, such evidence is itself generally future- oriented and, therefore, speculative in
nature, as distinct from the evidence ordinarily available in the examination of historical financial
information. Therefore, an opinion as to whether the results shown in the prospective financial
information will be achieved cannot be expressed.

2.6 Acceptance of Engagement: Precautions to be taken by Auditor Before Accepting

such an Engagement
Before accepting an engagement to examine prospective financial information, the auditor would
consider, amongst other things:
• The intended use of the information;
• Whether the information will be for general or limited distribution;
• The nature of the assumptions, that is, whether they are best estimates or hypothetical Assumptions;
• The elements to be included in the information; and
• The period covered by the information.

Acceptance of
Engagement

The nature
Whether the of the
information assumptions, The elements to
The intended The period
will be for that is, whether be included in
use of the covered by the
general they are best- the information;
information; information.
or limited estimates or and
distribution; hypothetical
assumptions;

Further, the auditor should not accept, or should withdraw from, an engagement when the assumptions
are clearly unrealistic or when the auditor believes that the prospective financial information will be
inappropriate for its intended use. The auditor should consider the extent to which reliance on the
entity’s historical financial information is justified. Like in other engagements, it is necessary that
terms of engagements should be agreed with client by sending an engagement letter.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.5
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

2.7 Examination Procedures

i. When determining the nature, timing and extent of examination procedures, the following
matters should be considered such as: -

(a) the knowledge obtained during any previous engagements

(b) management’s competence regarding the preparation of prospective
financial information
(c) the likelihood of material misstatement
(d) the extent to which the prospective financial information is affected by
Examination the management’s judgment
(e) the sources of information considered by the management for the purpose,
Procedures their adequacy, reliability of the underlying data, including data derived
from third parties, such as industry statistics, to support the assumptions
(f) the stability of entity’s business and
(g) the engagement team’s experience with the business and the industry
in which the entity operates and with reporting on prospective financial
information
ii. In performing these procedures, source and reliability of the evidence supporting management’s
best-estimate assumptions needs to be assessed. Such evidence may be available from varied
sources like entity’s budgets, debt agreements, industry publications etc.
iii. When hypothetical assumptions are used, all significant implications of such assumptions should
have been taken into consideration. For example, if sales are assumed to grow beyond the entity’s
current plant capacity, the prospective financial information will need to include the necessary
investment in the additional plant capacity or the costs of alternative means of meeting the
anticipated sales, such as subcontracting production. It needs to be verified that the hypothetical
assumptions are consistent with the purpose of the prospective financial information and that there
is no reason to believe they are clearly unrealistic.
2.8 Presentation and Disclosure
When assessing the presentation and disclosure of the prospective financial information and the
underlying assumptions, in addition to the specific requirements of any relevant statutes, regulations
as well as the relevant professional pronouncements, it needs to be considered whether: -

CA Harshad Jaju
11.6 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

(a) the presentation of prospective financial information is informative and not misleading

(b) the accounting policies are clearly disclosed in the notes to the prospective financial
information;

(c) the assumptions are adequately disclosed in the notes to the prospective financial information. It
needs to be clear whether assumptions represent management’s best-estimates or are hypothetical
and, when assumptions are made in areas that are material and are subject to a high degree of
uncertainty, this uncertainty and the resulting sensitivity of results needs to be adequately disclosed

(d) the date as of which the prospective financial information was prepared is disclosed. Management
needs to confirm that the assumptions are appropriate as of this date, even though the underlying
information may have been accumulated over a period of time

(e) the basis of establishing points in a range is clearly indicated and the range is not selected in
a biased or misleading manner when results shown in the prospective financial information are
expressed in terms of a range and

(f) if there is any change in the accounting policy of the entity from that disclosed in the most
recent historical financial statements, whether reason for the change and the effect of such change
on the prospective financial information has been adequately disclosed.

2.9 Report on Examination of Prospective Financial Information

The report for an examination of prospective financial information should contain the
following:
(a) Title
(b) Addressee
(c) Identification of the prospective financial information
(d) Reference to the Standards on Auditing applicable to the examination of prospective financial
information
(e) Statement that management is responsible for the prospective financial information including the
underlying assumptions
(f) When applicable, a reference to the purpose and/or restricted distribution of the prospective
financial information
(g) Statement that the examination procedures included examination, on a test basis, of evidence
supporting the assumptions, amounts and other disclosures in the forecast or projection
(h) Statement of negative assurance as to whether the assumptions provide a reasonable basis for the
prospective financial information

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.7
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

(i) Opinion as to whether the prospective financial information is properly prepared on the basis of
the assumptions and is presented in accordance with the relevant financial reporting framework
(j) Appropriate caveats concerning the achievability of the results indicated by the prospective
financial information
(k) Date of report (which should be the date procedures have been completed)
(l) Place of signature and
(m) Signature.

Such a report would: -

• State whether, based on the examination of the evidence supporting the assumptions, anything has
come to attention, which causes the belief that the assumptions do not provide a reasonable basis
for the prospective financial information.
• Express an opinion as to whether the prospective financial information is properly prepared on
the basis of the assumptions and is presented in accordance with the relevant financial reporting
framework.
• State that: -

Actual results are likely to be different from the prospective financial information since anticipated
events frequently do not occur as expected and the variation could be material. Likewise, when the
prospective financial information is expressed as a range, it would be stated that there can be no
assurance that actual results will fall within the range and

In the case of a projection, the prospective financial information has been prepared for (intended
use), using a set of assumptions that include hypothetical assumptions about future events and
management’s actions that are not necessarily expected to occur. Consequently, readers are
cautioned that the prospective financial information should not be used for purposes other than the
above mentioned intended use.
• When it is believed that the presentation and disclosure of the prospective financial information is
not adequate, a qualified or adverse opinion in the report on the prospective financial information
should be expressed or withdrawal from engagement should be made as appropriate.
• An example would be where financial information fails to disclose adequately the consequences of
any assumptions, which are highly sensitive.
• When it is believed that one or more significant assumptions do not provide a reasonable basis
for the prospective financial information prepared on the basis of best-estimate assumptions or that
one or more significant assumptions do not provide a reasonable basis for the prospective financial
information given the hypothetical assumptions, an adverse opinion setting out the reasons in the report
on the prospective financial information should be expressed, or withdrawal from the engagement
should be made.
• When the examination is affected by conditions that preclude application of one or more procedures
considered necessary in the circumstances, either withdrawal from the engagement or disclaimer of
the opinion and describing the scope limitation in the report on the prospective financial information
is considered.
CA Harshad Jaju
11.8 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

2.10 Documentation
Matters, which are important in providing evidence to support report on examination of prospective
financial information, and evidence that such examination was carried out in accordance with this
SAE should be documented.

3. SAE 3402 Assurance Reports on

Controls at a Service Organisation
SAE 3402 deals with assurance engagements undertaken by a professional accountant in public practice
to provide a report for use by user entities and their auditors on the controls at a service organization
that provides a service to user entities that is likely to be relevant to user entities’ internal control as it
relates to financial reporting. It complements SA 402, in that reports prepared in accordance with this
SAE are capable of providing appropriate evidence under SA 402.

3.1 Scope of SAE 3402

SAE 3402 applies only when the service organization is responsible for, or otherwise able to make
an assertion about, the suitable design of controls. It does not deal with assurance engagements:
(a) To report only on whether controls at a service organization operated as described or
(b) To report only on controls at a service organization other than those related to a service that is
likely to be relevant to user entities’ internal control as it relates to financial reporting (for example,
controls that affect user entities’ production or quality control).

I. What is a Service Organisation?

Service organization refers to a third-party organization (or segment of a third-party organization)
that provides services to user entities that are likely to be relevant to user entities internal control as it
relates to financial reporting. User entity refers to an entity that uses a service organization.

II. Why controls of a service organization are important to a user entity’s internal controls
relating to financial reporting?
Controls related to a service organization’s operations and compliance objectives may be relevant to a
user entity’s internal control as it relates to financial reporting. Such controls may pertain to assertions
about presentation and disclosure relating to account balances, classes of transactions, or disclosures,
or may pertain to evidence that the user auditor evaluates or uses in applying auditing procedures.
For example, a company has outsourced its payroll processing functions to a service organization.
The service organization is responsible for the accurate preparation of payrolls and timely remittance
of statutory dues to government authorities on behalf of the company. Payroll processing service
organization’s controls related to the timely remittance of payroll deductions to government
authorities may be relevant to the company (user entity) as late remittances could result in interest
and penalties resulting in liabilities for the user entity.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.9
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

“Controls at the service organization” includes aspects of user entities’ information systems maintained
by the service organization, and may also include aspects of one or more of the other components of
internal control at a service organization.
For example, such controls at a service organization may include aspects of a service organization’s
control environment, monitoring, and control activities when they relate to the services provided. It
does not, however, include controls at a service organization that are not related to the achievement
of the control objectives stated in the service organization’s description of its system, for example,
controls related to the preparation of the service organization’s own financial statements.
The determination of whether controls at a service organization related to operations and compliance
are likely to be relevant to user entities’ internal control as it relates to financial reporting is a matter
of professional judgment, having regard to the control objectives set by the service organization and
the suitability of the criteria.

III. User Auditor and Service Auditor

User auditor refers to an auditor who audits and reports on the financial statements of a user entity.
Service auditor refers to a professional accountant in public practice who, at the request of the service
organization, provides an assurance report on controls at a service organization.

3.2 Objectives of Service Auditor in Accordance with SAE 3402

The objectives of the service auditor are: -
a. To obtain reasonable assurance about whether, in all material respects, based on suitable
criteria: -
i. The service organization’s description of its system fairly presents the system as designed and
implemented throughout the specified period (or in the case of a type 1 report, as at a specified date)
ii. The controls related to the control objectives stated in the service organization’s description of its
system were suitably designed throughout the specified period (or in the case of a type 1 report, as
at a specified date)
iii. Where included in the scope of the engagement, the controls operated effectively to provide
reasonable assurance that the control objectives stated in the service organization’s description of
its system were achieved throughout the specified period.
b. To report on the matters in (a) above in accordance with the service auditor’s findings.

CA Harshad Jaju
11.10 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

3.3 Type 1 Report & Type 2 Report

Type 1 report is a report that comprises: Type 2 report is a report that comprises:
i. The service organization’s description of its i. The service organization’s description of its
system; system
ii. A written assertion by the service organization ii. A written assertion by the service organization
that, in all material respects, and based on suitable that, in all material respects, and based on suitable
criteria: criteria:
a. The description fairly presents the service a. The description fairly presents the service
organization’s system as designed and organization’s system as designed and
implemented at the specified date implemented throughout the specified period
b. The controls related to the control objectives b. The controls related to the control objectives
stated in the service organization’s description stated in the service organization’s description
of its system were suitably designed as at the of its system were suitably designed
specified date and throughout the specified period and
iii. A service auditor’s assurance report that c. The controls related to the control objectives
conveys reasonable assurance about the matters stated in the service organization’s description
referred to in (ii) of its system operated effectively throughout
the specified period and
iii. A service auditor’s assurance report that: -
a. Conveys reasonable assurance about the
matters in (ii) and
b. Includes a description of the tests of controls
and the results thereof.
Type 1 report is a report on the description and design of controls at a service organization whereas
type 2 report is a report on the description, design and operating effectiveness of controls at a service
organization.

3.4 How such an Engagement is Proceeded with?

1. Compliance with ethical requirements: The service auditor shall comply with relevant ethical
requirements, including those pertaining to independence, relating to assurance engagements.
2. Determination of Management and those charged with governance and communication
with them: The service auditor shall inquire of, request representations from, communicate with,
or otherwise interact with the service organization wherever required. The service auditor shall
determine the appropriate persons within the service organization’s management or governance
structure with whom to interact.
3. Acceptance and changes in terms of engagement: Before, accepting such an engagement, it
has to be ensured by service auditor that necessary capabilities and competence to carry out such
engagement are possessed by him. It also needs to be ensured that the criteria to be applied by
the service organization to prepare the description of its system will be suitable and available to
user entities and their auditors and the scope of the engagement and the service organization’s
description of its system will not be so limited that they are unlikely to be useful to user entities
and their auditors.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.11
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

If the service organization requests a change in the scope of the engagement before the completion
of the engagement, the service auditor shall be satisfied that there is a reasonable justification for
the change.
4. Assessing of suitability of the Criteria: The service auditor shall assess whether the service
organization has used suitable criteria in preparing the description of its system, in evaluating
whether controls are suitably designed, and, in the case of a type 2 reports, in evaluating whether
controls are operating effectively.
5. Determination of Materiality: When planning and performing the engagement, the service auditor
shall consider materiality with respect to the fair presentation of the description, the suitability of
the design of controls and, in the case of a type 2 report, the operating effectiveness of controls.
6. Obtaining an understanding of the Service organization’s system: The service Auditor shall
obtain an understanding of the service organization’s system, including controls that are included
in the scope of engagement.
7. Obtaining evidence regarding the description: The service auditor shall obtain and read
the service organization’s description of its system and evaluate whether those aspects of the
description included in the scope of engagement are fairly presented.
8. Obtaining evidence regarding the design of controls: The service auditor shall determine which
of the controls at the service organization are necessary to achieve the control objectives stated in
the service organization’s description of its system and shall assess whether those controls were
suitably designed.
9. Obtaining evidence regarding operating effectiveness of controls: When providing a type 2
report, the service auditor shall test those controls that the service auditor has determined are
necessary to achieve the control objectives stated in the service organization’s description of its
system, and assess their operating effectiveness throughout the period.
10. Understanding the internal audit function: If the service organization has an internal audit
function, the service auditor shall obtain an understanding of the nature of the responsibilities
of the internal audit function and of the activities performed in order to determine whether the
internal audit function is likely to be relevant to the engagement in order for the service auditor to
use specific work of the internal auditors.
11. Asking for Written Representations: The service auditor shall request the service organization
to provide written representations: -

CA Harshad Jaju
11.12 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES
Asking for Written Representation from

(a) That reaffirm the assertion

accompanying the description of
the service organization -

the system (i) Non-compliance with laws and

regulations, fraud, or uncorrected
(b) That it has provided the service deviations attributable to the
auditor with all relevant information service organization that may affect
and access agreed to and one or more user entities

(c) That it has disclosed to the (ii) Design deficiencies in controls

service auditor any of the following
of which it is aware:-
(iii) Instances where controls have
not operated as described and

(iv) Any events subsequent to

the period covered by the service
organization’s description of its
system up to the date of the service
auditor’s assurance report that
could have a significant effect on
the service auditor’s assurance
report.

12. Subsequent Events: The service auditor shall inquire whether the service organization is aware
of any events subsequent to the period covered by the service organization’s description of its
system up to the date of the service auditor’s assurance report that could have a significant effect
on the service auditor’s assurance report.
3.5 Reporting
The service auditor’s assurance report shall include the following basic elements: -

a. A title that clearly indicates the report is an independent service auditor’s assurance report.
b. An addressee.
c. Identification of:
i. The service organization’s description of its system, and the service organization’s assertion,
which includes the matters for a type 2 report, or for a type 1 report.
ii. Those parts of the service organization’s description of its system, if any, that are not covered by
the service auditor’s opinion.
iii. If the description refers to the need for complementary user entity controls, a statement that the
service auditor has not evaluated the suitability of design or operating effectiveness of complementary
user entity controls, and that the control objectives stated in the service organization’s description

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.13
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

of its system can be achieved only if complementary user entity controls are suitably designed or
operating effectively, along with the controls at the service organization.
iv. If services are performed by a subservice organization, the nature of activities performed by the
subservice organization as described in the service organization’s description of its system.
(d) Identification of the criteria, and the party specifying the control objectives.
(e) A statement that the report and, in the case of a type 2 report, the description of tests of controls
are intended only for user entities and their auditors, who have a sufficient understanding to
consider it, along with other information including information about controls operated by user
entities themselves, when assessing the risks of material misstatements of user entities’ financial
statements.
(f) A statement that the service organization is responsible for: -
(i) Preparing the description of its system, and the accompanying assertion, including the
completeness, accuracy and method of presentation of that description and that assertion;
(ii) Providing the services covered by the service organization’s description of its system;
(iii) Stating the control objectives (where not identified by law or regulation, or another party, for
example, a user group or a professional body) and
(iv) Designing and implementing controls to achieve the control objectives stated in the service
organization’s description of its system.
(g) A statement that the service auditor’s responsibility is to express an opinion on the service
organization’s description, on the design of controls related to the control objectives stated in that
description and, in the case of a type 2 report, on the operating effectiveness of those controls, based
on the service auditor’s procedures.
(h) A statement that the engagement was performed in accordance with SAE 3402, “Assurance
Reports on Controls at a Service Organization,” which requires that the service auditor comply with
ethical requirements and plan and perform procedures to obtain reasonable assurance about whether,
in all material respects, the service organization’s description of its system is fairly presented and
the controls are suitably designed and, in the case of a type 2 report, are operating effectively.
(i) A summary of the service auditor’s procedures to obtain reasonable assurance and a statement
of the service auditor’s belief that the evidence obtained is sufficient and appropriate to provide a
basis for the service auditor’s opinion, and, in the case of a type 1 report, a statement that the service
auditor has not performed any procedures regarding the operating effectiveness of controls and
therefore no opinion is expressed thereon.
(j) A statement of the limitations of controls and, in the case of a type 2 report, of the risk of
projecting to future periods any evaluation of the operating effectiveness of controls.
(k) The service auditor’s opinion, expressed in the positive form, on whether, in all material respects,
based on suitable criteria:

CA Harshad Jaju
11.14 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

(i) In the case of a type 2 report: - (ii) In the case of a type 1 report: -
a. The description fairly presents the service a. The description fairly presents the service
organization’s system that had been designed organization’s system that had been designed
and implemented throughout the specified and implemented as at the specified date and
period; b. The controls related to the control objectives
b. The controls related to the control objectives stated in the service organization’s description
stated in the service organization’s description of its system were suitably designed as at the
of its system were suitably designed throughout specified date.
the specified period; and
c. The controls tested, which were those
necessary to provide reasonable assurance that
the control objectives stated in the description
were achieved, operated effectively throughout
the specified period.
(l) The date of the service auditor’s assurance report, which shall be no earlier than the date on
which the service auditor has obtained sufficient appropriate evidence on which to base the opinion.
(m) Signature-The report should be signed by the practitioner.
(n) The place of signature – the report should name specific location, which is ordinarily the city
where the report is signed.
Additional matters requiring reporting in type 2 report: In the case of a type 2 report, the service
auditor’s assurance report shall include a separate section after the opinion, or an attachment, that
describes the tests of controls that were performed and the results of those tests.
1. In describing the tests of controls, the service auditor shall clearly state which controls were tested,
identify whether the items tested represent all or a selection of the items in the population, and
indicate the nature of the tests in sufficient detail to enable user auditors to determine the effect of
such tests on their risk assessments.
2. If deviations have been identified, the service auditor shall include the extent of testing performed
that led to identification of the deviations (including the sample size where sampling has been
used), and the number and nature of the deviations noted.
3. The service auditor shall report deviations even if, on the basis of tests performed, the service
auditor has concluded that the related control objective was achieved.
Modified Opinions
If the service auditor concludes that:
(c) In the case of a type 2
(d) The service auditor is
report, the controls tested,
unable to obtain sufficient
which were those necessary
(a) The service appropriate evidence, the
(b) The controls related to provide reasonable
organization’s description service auditor’s opinion
to the control objectives assurance that the control
does not fairly present, in shall be modified, and
stated in the description objectives stated in the
all material respects, the the service auditor’s
were not suitably designed, service organization’s
system as designed and assurance report shall
in all material respects description of its system
implemented; contain a clear description
were achieved, did not
of all the reasons for the
operate effectively, in all
modification.
material respects or
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.15
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

3.6 Documentation
The service auditor shall prepare documentation that is sufficient to enable an experienced service
auditor, having no previous connection with the engagement, to understand:
a. The nature, timing, and extent of the procedures performed to comply with this SAE and applicable
legal and regulatory requirements
b. The results of the procedures performed, and the evidence obtained and
c. Significant matters arising during the engagement, and the conclusions reached thereon and
significant professional judgments made in reaching those conclusions

4. SAE 3420 Assurance Engagements to Report on the Compilation

of Pro Forma Financial Information Included in a Prospectus
SA 3420 deals with reasonable assurance engagements undertaken by a practitioner to report on
the responsible party’s compilation of pro forma financial information included in a prospectus. It
applies where such reporting is required by securities law or regulation of the security exchange in
the jurisdiction in which the prospectus is to be issued or this reporting is generally accepted practice
in such jurisdiction.
I. What is Pro forma financial information?
Pro forma financial information refers to financial information shown together with adjustments to
illustrate the impact of an event or transaction on unadjusted financial information as if the event
had occurred or the transaction had been undertaken at an earlier date selected for purposes of the
illustration.
The Pro forma financial information is, normally, used in the offer documents to demonstrate the
effect of a transaction on the financial statements of a company as if those transactions had occurred
at an earlier date. The Pro forma financial information may take the form of Statement of Profit and
Loss and Balance Sheet to illustrate how the transactions might have affected the assets, liabilities and
earnings of the Issuer. They also include notes in relation to the significant aspects of the transactions,
assumptions used to prepare the Pro forma financial information and the adjustments made.
The purpose of pro forma financial information included in a prospectus is solely to illustrate the
impact of a significant event or transaction on unadjusted financial information of the entity as if the
event had occurred or the transaction had been undertaken at an earlier date selected for purposes
of the illustration. This is achieved by applying pro forma adjustments to the unadjusted financial
information. Pro forma financial information does not represent the entity’s actual financial position,
financial performance, or cash flows.

4.1 Objectives in Accordance with SA 3420

The objectives of the practitioner in accordance with SA 3420 are: -
a. To obtain reasonable assurance about whether the pro forma financial information has been
compiled, in all material respects, by the responsible party on the basis of the applicable criteria
and
b. To report in accordance with the practitioner’s findings.

CA Harshad Jaju
11.16 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

4.2 Compilation of Pro forma financial information

The compilation of pro forma financial information involves the responsible party gathering, classifying,
summarising and presenting financial information that illustrates the impact of a significant event or
transaction on the unadjusted financial information of the entity as if the event had occurred or the
transaction had been undertaken at the selected date.
Steps involved in this process include:-
Identifying the source of the unadjusted financial information to be used in compiling the pro forma
financial information, and extracting the unadjusted financial information from that source

Making pro forma adjustments to the unadjusted financial information for the purpose for which the
pro forma financial information is presented and

Presenting the resulting pro forma financial information with accompanying disclosures.

4.3 Nature of the Practitioner’s Responsibility

In such an engagement performed under this SAE, the practitioner has no responsibility to compile
the pro forma financial information for the entity. Such responsibility rests with the responsible party.
The practitioner’s sole responsibility is to report on whether the pro forma financial information has
been compiled, in all material respects, by the responsible party on the basis of the applicable criteria.
It is a reasonable assurance engagement to report on the compilation of pro forma financial information
involving performing the procedures to assess whether the applicable criteria used by the responsible
party in the compilation of the pro forma financial information provide a reasonable basis for presenting
the significant effects directly attributable to the event or transaction.

4.4 Steps involved in such an Engagement

Planning and Preparing

Engagement Written Forming the
performing the the assurance
acceptance Representations opinion
engagement report

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.17
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

4.4.1 Engagement Acceptance

Before agreeing to accept an engagement to report on whether pro forma financial information included
in a prospectus has been compiled, in all material respects, on the basis of the applicable criteria,
the practitioner shall consider matters stated below. “Applicable criteria” are criteria used by the
responsible party when compiling the pro forma financial information. Criteria may be established by
an authorized or recognized standard-setting organization or by law or regulation. Where established
criteria do not exist, they will be developed by the responsible party.
a. Determine that the practitioner has the capabilities and competence to perform the engagement
b. On the basis of a preliminary knowledge of the engagement circumstances and discussion with the
responsible party, determine that the applicable criteria are suitable and that it is unlikely that the
pro forma financial information will be misleading for the purpose for which it is intended.
c. Evaluate the wording of the opinion prescribed by the relevant law or regulation, if any, to determine
that the practitioner will likely be able to express the opinion so prescribed based on performing
the procedures specified in this SAE
d. Where the sources from which the unadjusted financial information and any acquiree or divestee
financial information have been extracted have been audited or reviewed and a modified audit
opinion or review conclusion has been expressed, or the report contains an Emphasis of Matter
paragraph, consider whether or not the relevant law or regulation permits the use of, or reference
in the practitioner’s report to, the modified audit opinion or review conclusion or the report
containing the Emphasis of Matter paragraph with respect to such sources
e. If the entity’s historical financial information has never been audited or reviewed, consider whether
the practitioner can obtain a sufficient understanding of the entity and its accounting and financial
reporting practices to perform the engagement
f. If the event or transaction includes an acquisition and the acquiree’s historical financial information
has never been audited or reviewed, consider whether the practitioner can obtain a sufficient
understanding of the acquiree and its accounting and financial reporting practices to perform the
engagement and
g. Obtain the agreement of the responsible party that it acknowledges and understands its responsibility
for:

CA Harshad Jaju
11.18 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

(i) Adequately disclosing and a. Access to all information (including,

Agreement of the Responsible Part:

describing the applicable criteria to when needed for purposes of the

the intended users if these are not engagement, information of the
publicly available acquiree(s) in a business combination),
such as records, documentation and
(ii) Compiling the pro forma other material, relevant to evaluating
financial information on the basis whether the pro forma financial
of the applicable criteria and information has been compiled, in all
material respects, on the basis of the
applicable criteria
(iii) Providing the practitioner
with:-
b. Additional information that the
practitioner may request from the
responsible party for the purpose of the
engagement

c. Access to those within the entity and

the entity’s advisors from whom the
practitioner determines it necessary to
obtain evidence relating to evaluating
whether the pro forma financial
information has been compiled, in all
material respects, on the basis of the
applicable criteria; and

d. When needed for purposes of the

engagement, access to appropriate
individuals within the acquiree(s) in a
business combination.

4.4.2 Planning and Performing the Engagement

• The practitioner shall assess whether the applicable criteria are suitable, as required by the
Framework for Assurance Engagements
• When planning and performing the engagement, the practitioner shall consider materiality with
respect to evaluating whether the pro forma financial information has been compiled, in all material
respects, on the basis of the applicable criteria.
• An understanding of how the responsible party has compiled the pro forma financial Information
and other engagement circumstances
• The practitioner shall obtain evidence about the appropriateness of the source from which the
unadjusted financial information has been extracted

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.19
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

• If there is no audit or review report on the source from which the unadjusted financial information
has been extracted, the practitioner shall perform procedures to be satisfied that the source is
appropriate.
• The practitioner shall determine whether the responsible party has appropriately extracted the
unadjusted financial information from the source.
• The practitioner shall obtain evidence about the appropriateness of the pro forma adjustments.

In relation to unadjusted financial information, Pro forma adjustments include:

a. Adjustments to unadjusted financial information that illustrate the impact of a significant event or transaction
as if the event had occurred or the transaction had been undertaken at an earlier date selected for purposes of the
illustration and
b. Adjustments to unadjusted financial information that are necessary for the pro forma financial information to
be compiled on a basis consistent with the applicable financial reporting framework of the reporting entity and its
accounting policies under that framework.

• The practitioner shall evaluate the presentation of pro forma financial information.
• The practitioner shall read the other information included in the Prospectus containing the pro
forma financial information to identify material inconsistencies, if any, with pro forma financial
information.
4.4.3 Written Representations
The practitioner shall request written representations from the responsible party that:-

a.
In compiling the pro forma financial
information, the responsible party b. The pro forma financial
has identified all appropriate pro information has been compiled, in
forma adjustments necessary to all material respects, on the basis of
illustrate the impact of the event the applicable criteria.
or transaction at the date or for the
period of the illustration and

4.4.4 Opinion
Unmodified Opinion
The practitioner shall express an unmodified opinion when the practitioner concludes that the pro
forma financial information has been compiled, in all material respects, by the responsible party on
the basis of the applicable criteria.

Modified Opinion
a. Where the relevant law or regulation precludes publication of a prospectus that contains a modified
opinion with regard to whether the pro forma financial information has been compiled, in all
material respects, on the basis of the applicable criteria and the practitioner concludes that a
modified opinion is nevertheless appropriate in accordance with the Framework for Assurance
Engagements, the practitioner shall discuss the matter with the responsible party.

CA Harshad Jaju
11.20 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

Withdraw from the

engagement or
If the responsible party does
not agree to make the necessary
changes, the practitioner shall: -
Consider seeking
legal advice.

b. Where the relevant law or regulation may not preclude publication of a prospectus that contains a
modified opinion with regard to whether the pro forma financial information has been compiled,
in all material respects, on the basis of the applicable criteria and the practitioner determines that a
modified opinion is appropriate in accordance with the Framework for Assurance Engagements, the
practitioner shall apply the requirements in the Framework for Assurance Engagements regarding
modified opinions.
Emphasis of Matter Paragraph
In some circumstances, the practitioner may consider it necessary to draw the user’s attention to a
matter presented or disclosed in the pro forma financial information or the accompanying explanatory
notes. This would be the case when, in the practitioner’s opinion, the matter is of such importance that
it is fundamental to the user’s understanding of whether the pro forma financial information has been
compiled, in all material respects, on the basis of the applicable criteria.
In such circumstances, the practitioner shall include an Emphasis of Matter paragraph in the
practitioner’s report provided that the practitioner has obtained sufficient appropriate evidence that the
matter does not affect whether the pro forma financial information has been compiled, in all material
respects, on the basis of the applicable criteria. Such a paragraph shall refer only to information
presented or disclosed in the pro forma financial Information or the accompanying explanatory notes.
4.4.5 Preparing the Assurance Report
The practitioner’s report shall include the following basic elements: -

Basic elements of Assurance Report

(a) A title that clearly indicates that the report is an independent assurance report
(b) An addressee(s), as agreed in the terms of engagement
(c) Introductory paragraphs that identify: -
(i) The pro forma financial information
(ii) The source from which the unadjusted financial information has been extracted and whether or
not an audit or review report on such a source has been published
(iii) The period covered by, or the date of, the pro forma financial information and
(iv) A reference to the applicable criteria on the basis of which the responsible party has performed

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.21
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

the compilation of the pro forma financial information, and the source of the criteria
(d) A statement that the responsible party is responsible for compiling the pro forma financial
information on the basis of the applicable criteria
(e) A description of the practitioner’s responsibilities, including statements that: -
(i) The practitioner’s responsibility is to express an opinion about whether the pro forma financial
information has been compiled, in all material respects, by the responsible party on the basis of the
applicable criteria
(ii) For purposes of this engagement, the practitioner is not responsible for updating or reissuing
any reports or opinions on any historical financial information used in compiling the pro forma
financial information, nor has the practitioner, in the course of this engagement, performed an audit
or review of the financial information used in compiling the pro forma financial information and
(iii) The purpose of pro forma financial information included in a prospectus is solely to illustrate
the impact of a significant event or transaction on unadjusted financial information of the entity
as if the event had occurred or the transaction had been undertaken at an earlier date selected for
purposes of the illustration. Accordingly, the practitioner does not provide any assurance that the
actual outcome of the event or transaction at that date would have been as presented
(f) A statement that the engagement was performed in accordance with SAE 3420, ‘Assurance
Engagements to Report on the Compilation of Pro Forma Financial Information Included in a
Prospectus’, which requires that the practitioner comply with ethical requirements and plan
and perform procedures to obtain reasonable assurance about whether the responsible party has
compiled, in all material respects, the pro forma financial information on the basis of the applicable
criteria
(g) Statements that: -
(i) A reasonable assurance engagement to report on whether the pro forma financial information has
been compiled, in all material respects, on the basis of the applicable criteria involves performing
procedures to assess whether the applicable criteria used by the responsible party in the compilation
of the pro forma financial information provide a reasonable basis for presenting the significant
effects directly attributable to the event or transaction and to obtain sufficient appropriate evidence
about whether: -

The pro forma financial information

The related pro forma adjustments give reflects the proper application of those
appropriate effect to those criteria; and adjustments to the unadjusted financial
information

CA Harshad Jaju
11.22 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

(ii) The procedures selected depend on the practitioner’s judgment, having regard to
the practitioner’s understanding of the nature of the entity, the event or transaction in
respect of which the pro forma financial information has been compiled, and other
relevant engagement circumstances and
(iii) The engagement also involves evaluating the overall presentation of the pro forma
financial information
(h) Unless otherwise required by law or regulation, the practitioner’s opinion using
one of the following phrases, which are regarded as being equivalent: -
(i) The pro forma financial information has been compiled, in all material respects, on
the basis of the applicable criteria or
(ii) The pro forma financial information has been properly compiled on the basis
stated.
(i) The practitioner’s signature
(j) The date of the report and
(k) The place of signature.
4.5 Documentation
As in case of all assurance engagements, documentation has to be ensured by the practitioner while
performing engagement under SAE 3420.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.23
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

CA Harshad Jaju
11.24 Swapnil Patni Classes caharshad
98812 92971
PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 11.25
 PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE SERVICES

CA Harshad Jaju
11.26 Swapnil Patni Classes caharshad
98812 92971
 12 DIGITAL
AUDITING AND
CHAPTER ASSURANCE

Highlights

After studying this chapter, you would be able to -

1. Understand the key features of digital auditing and auditing digitally.
2. Understand IT environment and its complexity.
3. Know how to identify the IT dependencies impacting the audit.
4. Gain the knowledge of how to identify IT related risks and controls that exists in an automated
environment.
5. Learn key considerations to assess the cyber risks and remote audit.
6. Learn the control objectives that auditor should consider in performing IT audit.
7. Know the types and tools available to perform digital audit.
8. Learn the usage of data analytics in assessing and analysing the key data.

1. DIGITAL AUDIT
1.1 What is a Digital Audit?
Digital Audit is placing assurance on the effectiveness of the IT systems implemented in an
organization. Technology is becoming an integral part of day-to-day business operations. It is essential
that organizations review their technology-related controls to identify gaps and risks for continuous
improvement and to ensure regulatory compliance. A strong controls and security position will allow
organizations to build trust with their stakeholders.

1.2 Key Features of a Digital Audit

• Digital audit encourages the auditee to embrace the latest technological advancements and
provides confidence to auditee to stay updated in a constantly evolving environment.
• A digital audit improves the quality of opinion. This consequently leads to a more reliable audit
report
• Digital Audit leads to savings in time, cost and human effort which can be utilized towards
more productive tasks. Many of today’s digitally enabled processes can be orchestrated to operate
autonomously 24x7, driving real-time transactions.
• Digital Audit allows to standardize processes and allow controls to be implemented to mitigate
risk.
CA Harshad Jaju
Swapnil Patni Classes caharshad 12.1
98812 92971
 DIGITAL AUDITING AND ASSURANCE

• The digital audit will help organization gain a more comprehensive overview of end-toend
processes and how technologies are utilized, controlled and optimized against standards set.
• The digital audit will help create a future for a digital strategy and paves way for adopting new
technologies such as AI and Robotic, usage of analytics and automation.
• It can help auditee to make informed decisions.
1.3 Advantages of Digital Audit
i. Enhanced Effectiveness & Efficiency: Increased efficiency is one of the key benefits of digital
audit. With the use of tools and automation techniques, auditee can standardize the processes and
routine tasks can be automated like automating a reconciliation process that previously involved
hours increase efficiency and saves time and costs.
ii. Better Audit Quality: Technology can correctly evaluate massive volumes of data quickly. This
can assist auditors in determining the areas that require more testing, lowering the chance that
serious misstatements or other problems would go unnoticed.
iii. Lower Costs: By automating processes that were previously done manually, technology can assist
with the cost of auditing. This may shorten the time needed to complete an audit, which may lower
the audit’s overall cost.
iv. Better Analytics: Improved analytics capabilities can aid management and auditors in seeing
trends and patterns that may be challenging to spot manually. For instance, AI can examine a lot
of financial data to spot possible fraud, which is hard for auditors to spot manually.
v. Improved Risk Assessment: Creating a number of automations to assist with the audit process and
streamlined testing improves the risk assessment procedure. Management and auditors put their
testing efforts on sites with a higher risk of material misstatement and make informed decisions.

1.4 Consideration and Challenges of Digital Audit:

Some considerations that organization should keep in mind while using digital techniques &
automation:

Know what business

Think people first and do Target the right processes
benefits the organization
not underestimate change – this is a key for
wants to achieve with
is difficult successful automation.
automation

Automation introduces
Automation is not a Ensure the process works
new challenges for
standalone solution and it is standardised
organization. Don’t forget
and should be part of a before automating. Bots
about governance and
broader digitalization do not easily adapt to
data security in the risk
strategy. process change
framework.

CA Harshad Jaju
12.2 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

As auditors will obtain an understanding of management’s implementation and oversight of new

technologies, they also will perform procedures to understand the changes to the company’s business,
including any changes to the information technology environment. Areas of focus could include
understanding of the following:
• New activities or changes to existing processes due to new technology (e.g., new revenue streams,
changes in the roles and responsibilities of entity personnel, automation of manual tasks, changes
in staffing levels that affect an entity’s internal control environment)
• Changes in the way the entity’s systems are developed and maintained and whether these changes
introduce new risks and require new controls to respond to those risks
• The impact the new technology as how the organization obtains or generates and uses relevant,
quality information to support the functioning of internal control.

2. AUDITING DIGITALLY
2.1 What is the concept of auditing digitally?
Auditing Digitally is using advancements in technology for conducting an effective and efficient
audit. With a rapidly growing IT environment it is essential to adapt technology in auditing practices.

Using Sampling Tools for selection of a sample size from a population based on materiality or
using Bot for analysis of statutory payments compliance as part of an audit assignment.
It is time to digitize the way an audit is delivered through automation and innovation. There are new
technologies to help capture data, automate procedures, analyse information and focus on the real
risks of the client. The opportunity is in understanding how technology can help and then applying it
to the auditing challenges.
Expectations from an Auditor
Audit teams need to involve the experts on different software applications and technologies. Having
the right level of expertise of new technology (such as RPA, AI, blockchain technology allows auditors
to provide the highest quality of audit.
Investment in digitally upskilling the people is the real secret to quality technology audit. Investment in
technology across the profession has largely been focused on developing and using tools to automate
and enhance existing processes, such as data analytics and collaboration and sharing tools, which help
to drive quality in audits today.
Due to the usage of BOT manual intervention has been reduced, more accurate results are populated,
it results in saving auditors time as well and exceptions highlighted can be readily reviewed.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.3
 DIGITAL AUDITING AND ASSURANCE

2.2 Key Features or Advantages of Auditing Digitally:

Following are key features or advantages of Auditing Digitally:
i. Improved Quality of Audits: The impact on quality is evident, through automation, data analytics
techniques we can easily move from sample auditing to full population of transactions being
reviewed or re-performed. This ultimately free up time for audit teams to analyses the information
and better understand the business they audit. Technology requires an element of upfront investment,
and it can be challenging to implement with regards to resources and people, but the value once it
is up and running is undeniable.
ii. Decreasing human dependency: Using technology minimizes the manual intervention which
ultimately results in reducing the risk of manual errors. Technology helps in streamlining the
process of testing for auditors which decreases the errors which occur from the judgement of
different individuals.
iii. Increases Transparency: With the technological advancement transparency has been increased.
New ERPs and tools have audit trail feature available to trace the transaction end to end. It helps
the management or auditors to review the details like the date on which any change is made, who
made the change, what has been changed, all such details are captured and can be used while
performing audit.
iv. Automation and Ease: Automating tasks like recording work in repositories, extracting data and
sampling have improved the quality of audit and reduced the manual error. Using dashboards
(e.g., Power BI) for reporting helps in understanding the position and helps the auditor to form his
opinion.
v. Improved Efficiency: What used to take weeks to learn and programme using deep experts, is now
easily available to auditors after some simple training and digital upskilling. The result may be
increased efficiency and fewer errors, but the benefits are wider reaching and personal. This also
results in improved retention of talent and confidence.
Better risk assessment: With usage of automation and technology in audit, auditor may focus on
the real challenges and assess the potential risk precisely. It gives time to auditors to focus on the
bigger picture rather than being involved with repetitive tasks. Dashboards, visual presentations
and other tools helps in understanding where the risk lies and what all areas need more attention.
2.3 Considerations in Auditing Digitally
While all industry sectors are affected by the emergence of new technologies it is important to remember
that the auditor’s needs are unique. There are few questions it is important to ask and answer – at all
stages of tech journey:

2.3.1 What problems are you trying to solve?

Continuously evaluate the emerging technologies and latest tools to see what can benefit the audit.
Think about what would make your audit easier or better and how you will measure return on your
investment.

CA Harshad Jaju
12.4 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

2.3.2 Which technology can help you?

There are a number of tools available and many vendors and start-ups using data acquisition,
manipulation and visualization tools. Consider how comfortably these solutions will integrate into
your current processes and flag any potential implementation issues early on.

2.3.3 How will you upskill your people to make best use of the technology available?
Technology is only as good as the people using it. Training and development are critical to ensure
teams understand how and why they are using the technology. Reluctance to change is obvious,
however continuous training help them to get better.

2.3.4 Range of automated solutions:

There is a range of automation solutions, from low to high sophistication, which helps to standardize
the repeatable tasks and optimize the efforts resulting in doing better. Some of the techinques are
using robotics and automation for data gathering activities, use of data analytics for planning and
budgetting and reporting by dashboards.

Business Process Robotic Process Intelligent Process

Macros and Scripts
Automation (BPA) Automation (RPA) Automation (IPA)

Combining RPA
Automating
with artificial
Reengineering labourintensive,
Rules-based intelligence
existing business repetitive activities
automation within a technologies to
processes e.g. across multiple
specific application identify patterns,
workflows systems and
learn over time, and
interfaces
optimize workflows

3. UNDERSTAND THE IT ENVIRONMENT

• Understanding the ways in which the entity relies upon IT and how the IT environment is set up
to support the business. This allows the auditor to better understand where risks might arise from
the entity’s use of IT (required as per SA 315).
• Understanding how IT is used by the entity helps in identifying controls over the entity’s IT
processes.
• Assessing the complexity of the IT environment helps the teams consider whether to involve IT
specialists or experts in the planning and/or execution of the audit, including initial consideration
of whether to include specialists in the complexity assessment.

Understand Identify Assess

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.5
 DIGITAL AUDITING AND ASSURANCE

The auditor’s understanding of the automated environment should include the following:
• The applications that are being used by the company.
• Details of the IT infrastructure components for each of the application.
• The organization structure and governance.
• The policies, procedures and processes followed.
• Extent of IT integration, use of service organizations.
• IT risks and controls.
The illustration below is an example of how an auditor can document details of an automated
environment:
Operating Server and
Application Used for Database Network
System Storage
Integrated
SAP ECC/ HP Server and
application Oracle 19c HP-UX LAN, WAN
HANA NAS
software
Front Desk,
MS-SQL Windows 2016 In-house HP Server
REVS Guest
Server 2018 Server developed Internal HDD
Reservations
Restaurant
MS-SQL Windows 2016 In-house HP Server
KOTS and Kitchen
Server 2018 Server developed Internal HDD
Orders
Windows 2016 Packaged HP Server
BILLSYS Billing Oracle 12c
Server Software Internal HDD

3.1 Key Areas for an Auditor to Understand IT Environment

Key Areas for an Auditor to Understand IT Environment are as follows:
1. Understand the flow of transaction: The auditor’s understanding of the IT environment may focus
on identifying and understanding the nature and number of the specific IT applications and other
aspects of the IT environment that are relevant to the flows of transactions and processing of
information in the information system. Changes in the flow of transactions, or information within
the information system may result from program changes to IT applications, or direct changes to
data in databases involved in processing or storing those transactions or information.
2. Identification of Significant Systems: The auditor may identify the IT applications and supporting
IT infrastructure concurrently with the auditor’s understanding of how information relating to
significant classes of transactions, account balances and disclosures flows into, through and out the
entity’s information system.
3. Identification of Manual and Automated Controls: An entity’s system of internal control contains
manual elements and automated elements (i.e., manual and automated controls and other
resources used in the entity’s system of internal control). An entity’s mix of manual and automated
elements varies with the nature and complexity of the entity’s use of IT. The characteristics of
manual or automated elements are relevant to the auditor’s identification and assessment of the
risks of material misstatement.
CA Harshad Jaju
12.6 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

4. Identification of the technologies used: The need to understand the emerging technologies
implemented and the role they play in the entity’s information processing or other financial
reporting activities and consider whether there are risks arising from their use.
Given the potential complexities of these technologies, there is an increased likelihood that the
engagement team may decide to engage specialists and/or auditor’s experts to help understand
whether and how their use impacts the entity’s financial reporting processes and may give rise to
risks from the use of IT.
Some examples of emerging technologies are:
• Blockchain, including cryptocurrency businesses (e.g., token issuers, custodial services,
exchanges, miners, investors)
• Robotics
• Artificial Intelligence
• Internet of Things
• Biometrics
• Drone
5. Assessing the complexity of the IT environment: Not all applications of the IT environment have
the same level of complexity. The level of complexity for individual characteristics differs across
applications. Complexity is based on the following factors – automation used in the organization,
entity’s reliance on system generated reports, customization in IT applications, business model
of the entity, any significant changes done during the year and implementation of emerging
technologies.
After considering the above factors for each application the over complexity is assessed of the IT
environment.

4. IDENTIFYING THE RISKS

ARISING FROM USAGE OF IT
4.1 How to identify the IT Risks?
In identifying the risks arising from the use of IT, the auditor may consider the nature of the identified
IT application.
Applicable risks arising from the use of IT may also be identified related to cyber security.
It is more likely that there will be more risks arising from the use of IT when the volume or complexity
of automated application controls is higher, and management is placing greater reliance on
those controls for effective processing of transactions or the effective maintenance of the integrity of
underlying information.

4.2 Risks arising from use of IT

• Unauthorized access to data that may result in destruction of data or improper changes to data,
including the recording of unauthorized or non-existent transactions, or inaccurate recording of
transactions. Particular risks may arise where multiple users access a common database.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.7
 DIGITAL AUDITING AND ASSURANCE

• The possibility of IT personnel gaining access privileges beyond those necessary to perform their
assigned duties thereby breaking down segregation of duties. Unauthorized changes to data in
master files.
• Unauthorized changes to IT applications or other aspects of the IT environment.
• Failure to make necessary update IT applications or other aspects of the IT environment.
• Inappropriate manual intervention.
• Data loss or data corruption is a major risk which arises from use of IT. If appropriate cybersecurity
controls and protocols not followed it may lead to loss of sensitive data, hackers might encrypt your
system or illegally break into your system. Risk of fraud can arise if users alter the information or
there is a case of physical security breach or theft of sensitive information.
• There is a risk of system downtime which is caused by hardware failures, faulty configurations,
cyberattacks or power outage. It means the IT systems will not be operational or will be unavailable/
offline which may hamper the business.
• Since companies uses more than one IT systems to support their business system integration
(means integrating one or more systems) and system compatibility comes in place. However,
system integration and compatibility have some risks. In case of system failure in one system may
also lead to widespread failure in integrated systems. Or if the integration between two systems is
not appropriate the end result would be incorrect. System compatibility means sharing compatible
hardware, software and operating system while performing the integration. Compatibility risks
arises if different versions of same software are used, if the patches are not upgraded which may
lead to bugs.
• With advancement in usage of IT the risk of regulatory compliances increases. Any change in the
law, order, guidelines or agreements will impact the business, its related costs, investments etc.
A FMCG sector will be subject to different regulatory requirements than a financial company,
however both businesses will need to manage their respective compliance risks.
Performance Issues arises with the way requests are processed in the IT systems. Heavy data
load, network usage impacts the application performance and its responsiveness. To overcome the
performance issues of IT systems, resources or hardware can be added to an existing nodes, which is
known as scaling. However, scaling can be expensive therefore an informed decision should be made
in case of adding a hardware or changing the architecture.

4.3 Know how to identify the IT dependencies impacting the Audit

4.3.1 Why is it important to identify IT dependencies?
Identifying and documenting the entity’s IT dependencies in a consistent, clear manner helps to
identify the entity’s reliance upon IT, understand how IT is integrated into the entity’s business
model, identify potential risks arising from the use of IT, identify related IT General Controls and
enables us to develop an effective and efficient audit approach.
4.3.2 How IT dependencies arise?
IT Dependencies are created when IT is used to initiate, authorize, record, process, or report transactions
or other financial data for inclusion in financial statements.

CA Harshad Jaju
12.8 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

There are five types of IT dependencies as described below:

Type Description
Automated controls are designed into the IT environment to enforce business rules.
For example,
Automated Purchase order approval via workflow or format checks (e.g., only a particular date
Controls format is accepted), existence checks (e.g., Duplicate customer number cannot exist),
and/or reasonableness checks (e.g., maximum payment amount) when a transaction
is entered.

System generated reports are information generated by IT systems. These reports

are often used in an entity’s execution of a manual control, including business
Reports performance reviews, or may be the source of entity information used by us when
selecting items for testing, performing substantive tests of details or performing a
substantive analytical procedure. E.g. (Vendor master report, customer ageing report)

Calculations are accounting procedures that are performed by an IT system instead of

a person. For example, the system will apply the ‘straight-line’ depreciation formula
to calculate depreciation of an asset (i.e., cost of the asset, less the residual value
Calculations
of the asset at the end of its useful life divided by the useful life of the asset) or the
system will calculate the value of the amount invoiced to a customer by multiplying
the item price times the quantity shipped.
Security including segregation of duties is enabled by the IT environment to restrict
access to information and to determine the separation of roles and responsibilities
Security
that could allow an employee to perpetrate and conceal errors or fraud, or to process
errors that go undetected.
Interfaces are programmed logic that transfer data from one IT system to another.
Interfaces For example, an interface may be programmed to transfer data from a payroll
subledger to the general ledger.

4.3.3 Understanding and responding to risks arising from IT dependencies

When auditors identify IT dependencies that are relevant to the entity’s flow of transactions and
processing of financial information, they need to understand how management responds to the
associated risks that may arise from them.
Management may implement information technology general controls (ITGCs) to address risks
related to IT dependencies.
The illustration below is an overview of the Control Objectives and controls for each area of
General IT Controls:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.9
 DIGITAL AUDITING AND ASSURANCE

• Access requests to the application are properly reviewed and authorized by management
Access Security Objective :
• Access of terminated user is removed on a timely basis
To ensure that access to programs • Access rights to applications are periodically monitored for appropriateness
and data is authenticated and • Transactions of administrative and sensitive generic IDs are monitored
authorized to meet financial • Security policies are procedures are maintained
reporting objectives • Access to operating system and database is restricted.

• Change Management policy and procedures are maintained.

• Development, testing and production environments are segregated for changes to application
Program Change Objective : configurations

To ensure modified systems • Changes are adequately tracked and recorded.

continue to meet financial • Changes to application configurations are adequately tested and approved before being
migrated into production
reporting objectives
• Emergency changes are approved.
• Segregation of duties is mainatined between developer and implementor.

Data Centre and network • Policies and procedures for data back and recovery is maintained.
operations Objective : • Data is appropriately backed up and recoverable

To ensure production systems are • Restoration testing is perfomed

appropriately backed up to meet • Monitoring and complaince of service level agreements.

financial reporting objectives • Batch job scheduled are monitored for failures and access is restricted.

IT dependencies may also affect the design of the entity’s controls and how they are implemented.
Therefore, auditors consider IT dependencies relevant to audit and evaluate the related risks. Auditor
should scope in ITGCs to tests when there are IT dependencies identified in the system. If the controls
around IT environment are not implemented or operating effectively it will result in not relying on
ITGCs which means the IT dependencies could not be relied upon.

5. ASSESSING CYBER RISKS

(INCLUDING REMOTE AUDIT)
5.1 What is Cyber Risk:
A cyber-attack is an attempt to gain unauthorized access to a computing system or network with the
intent to cause damage, steal, expose, alter, disable, or destroy data.
Regulators across the globe have placed the topic of cyber risk management under increasing scrutiny,
requiring financial institutions to assess the maturity of their cybersecurity program, manage cyber
risks, and enhance resiliency against cyber-attacks. Most common types of cyberattacks are:
• Malware : Malware or malicious software is any program or code that is created with the intent to
do harm to a computer, network or server. Malware is the most common type of cyberattack, its
subsets are ransomware, fileless Malware trojans, viruses etc.

CA Harshad Jaju
12.10 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Type Description
Spear-phishing is a type of phishing attack that targets specific individuals or
Spear organizations typically through malicious emails. The goal of spear phishing is to
Phishing steal sensitive information such as login credentials or infect the targets’ device with
malware.
A whaling attack is a type of social engineering attack specifically targeting senior
Whaling or C-level executive employees with the purpose of stealing money or information
or gaining access to the person’s computer in order to execute further cyberattacks.
Smishing is a type of fraudulent practice of sending text messages purporting to
Smishing be from reputable companies in order to induce individuals to reveal personal
information, such as passwords or credit card numbers.
Vishing, a voice phishing attack, is the fraudulent use of phone calls and voice
Vishing messages pretending to be from a reputable organization to convince individuals to
reveal private information such as bank details and passwords.

• Spoofing: Spoofing is a technique through which a cybercriminal disguises themselves as a known

or trusted source. In so doing, the adversary is able to engage with the target and access their
systems or devices with the ultimate goal of stealing information, extorting money or installing
malware or other harmful software on the device.

Type Description
Domain spoofing is a form of phishing where an attacker impersonates a known
Domain business or person with fake website or email domain to fool people into the trusting
Spoofing them. Typically, the domain appears to be legitimate at first glance, but a closer look
will reveal subtle differences.
Email spoofing is a type of cyberattack that targets the businesses by using emails
Email with forged sender addresses. Because the recipient trusts the alleged sender, they
Spoofing are more likely to open the email and interact with its contents, such as a malicious
link or attachment.

• Identity-Based Attacks : When a valid user’s credentials have been compromised and an
adversary is pretend to be that user. For e.g., people often use the same user ID and password
across multiple accounts. Therefore, possessing the credentials for one account may be able to
grant access to other, unrelated account.
• Insider Threats : When current or former employees that pose danger to an organization
because they have direct access to the company network, sensitive data, and intellectual property
(IP), as well as knowledge of business processes, company policies or other information that
would help carry out such an attack.
• DNS Tunneling : DNS Tunneling is a type of cyberattack that leverages domain name system
(DNS) queries and responses to bypass traditional security measures and transmit data and code
within the network. This tunnel gives the hacker a route to unleash malware and/or to extract data,
IP or other sensitive information by encoding it bit by bit in a series of DNS responses.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.11
 DIGITAL AUDITING AND ASSURANCE

• IoT-Based Attacks: An IoT attack is any cyberattack that targets an Internet of Things (IoT)
device or network. Once compromised, the hacker can assume control of the device, steal data,
or join a group of infected devices
5.2 Stages of Cyber Risks:
Following are 3 Stage of cyber risk :

Stage 1 - Stage 2 - Stage 3 -

Assessing the Impact of cyber Managing the
cyber risk risk cyber risk

1. Stage 1 - Assessing the cyber risk: No organization is completely immune to a cyber risk. Different
clients will have different levels of risks, even with the same industry. Every organization should
consider at least the common threats-
• Ransomware disabling their organization (including their plants and manufacturing facilities)
• Common criminals using email phishing and hacks for fraud and theft.
• Insiders committing malicious activities or accidental activities resulting in unintended discourse
of information theft and frauds.
2. Stage 2 - Impact of cyber risk: Cyber-attack can impact one, two or more types of risks. The
impact of the attack would vary from organization to organization and most importantly from an
attack to attack. Some of the indicative areas can be –
• Regulatory costs
• Business interruptions causing an operational challenge for an organization.
• Data loss, reputational loss and litigation.
• Ransomware - more common these days where entire systems are encrypted
• Intellectual property theft which may not only take the competitive advantage, but we may also
result in any impairment/impediment charge because of the loss of IP.
• Incident response cost which could be for investigations & remediations
• Breach of Privacy, if personal data of a consumer is hacked it could have a significant impact on
the organization.
• Fines and penalties
3. Stage 3 - Managing the cyber risk: A strategic approach to cyber risk management can help
an organization to:
• Gain a holistic understanding of the cyber risks, threats facing their organization and other financial
institutions
• Assess existing IT and cybersecurity program and capabilities against the relevant regulatory
requirements
• Align cybersecurity and IT transformation initiatives with strategic objectives and critical risks
• Understand accepted risks & documented compensating controls

CA Harshad Jaju
12.12 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

5.3 Cyber Security Framework

Cybersecurity framework includes how management is identifying the risk, protecting and
safeguarding its assets (including electronic assets) from the risk. Management preparedness to
detect the attacks, anomalies and responsiveness to the adverse event.

5.3.1 Identify the risk:

Auditor has to determine whether the entity’s risk assessment process considers cybersecurity risks.
Entity should conduct a periodic risk assessment & develop a management strategy which identifies
cybersecurity risks around IT system failure affecting the entity’s primary business or potential loss of
data or inability to access data as required, Risk of unauthorized access to the IT network.
The entity should maintain and periodically reviews an inventory of their information assets- i.e.,
Asset Management (e.g., intellectual property, patents, copyrighted material, trade secrets and other
intangibles).
The entity should classify and prioritize protection of their information assets based on sensitivity
and business value and periodically reviews the systems connected to the network on which digital
assets reside.
From the governance perspective management should review how cybersecurity risks affect internal
controls over financial reporting. In case of adverse attack how management is going to assess the
impact on the recoverability of financial data and impact on revenue recognition.
Management needs to identify if any established a risk-based cybersecurity program can be
leveraged e.g. (NIST, ISO etc.)
To determine overall responsibility for cybersecurity in the business environment entity should
establish roles and responsibilities over cybersecurity (CISO, CIO). Further the risk assessment
should be discussed with those charged with governance (e.g., the Audit Committee or Board of
Directors).

5.3.2 Protect the risk

Obtained an understanding of the entity’s processes for safeguarding of assets subject to cybersecurity.
Entity monitors whether there has been unauthorized access to electronic assets and any related impact
on financial reporting.
Formal training should be conducted to make the teams aware of the risk associated with cyberattacks.
Entity should implement effective controls for data security. Entity should have a process & procedures
in place for identifying material digital/electronic assets on the balance sheet subject to cybersecurity
risk (e.g., intellectual property, patents, copyrighted material, trade secrets) and prioritizing their
protection based on criticality.

5.3.3 Detect The risk

Entity should have controls and procedures that enable it to identify cybersecurity risks and incidents
and to assess and analyse their impact on the entity’s business, evaluate the significance associated
with such risks and incidents, and consider timely disclosures.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.13
 DIGITAL AUDITING AND ASSURANCE

Review entity’s processes to monitor and detect security breaches or incidents. If management
has implemented anti-virus in the system to secure it from anomalies or if firewall logs are being
continuously monitored to detect any repetitive attacks. A monitoring process should be established
to review how many such events have been denied by the firewall. Monitoring process should also
include if any upgrades or updates are required to safeguard the systems from vulnerabilities.

5.3.4 Respond to the risk

In case of material cybersecurity or data breach has been identified management should capture the
details of nature of incident and how the incident or data breach was identified. Entity should have
a response planning in place to capture the details of nature of incident and the same needs to be
communicated with those who are ultimately responsible for this framework and with those charge
with governance.
The security incident response plan helps in analysing the impact and severity of the attack and
helps the organisation in taking the appropriate actions. Management should assess Litigation
costs, Regulatory investigation costs and Remediation costs as a part of mitigation process and
improvement management should assess the future action plans that needs to be taken to safeguard
the organisation from such attacks.

5.3.5 Recover from risk

Entity should undertake appropriate actions to recover from the attack and make sure the business is
up and running.
Once the impact evaluated and communicated with the regulators the recovery plan needs to be
implemented to overcome the impact. Necessary improvements – like patch upgrades, better
controls, improved technology in terms of firewall, anti-virus, tools etc needs to be implemented to
safeguard the entity.

CA Harshad Jaju
12.14 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

5.4 Control considerations for Cyber Risks:

Apart from having the cyber security policies, procedures, framework and regular assessment in
place, management should have a strong and updated internal controls to ensure they are covered
from cyber risks:
1) Controls around vendor setup and modifications:
Certain cyber schemes exist in which changes to bank account or other critical vendor information are
requested through email phishing scams by individuals purporting to be authorized vendor personnel.
Entities have inappropriately dispersed funds to these individuals and therefore inappropriately
reduced the liability owed to the actual vendor, resulting in an impact to the financial statements (i.e.,
loss of cash and related expense)
• Who is responsible for making changes to vendor master data? Is the process centralized or
decentralized?

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.15
 DIGITAL AUDITING AND ASSURANCE

• Are other communication channels, such as email, used to request changes to vendor master data?
(If yes, consider if multi-factor authentication is enabled for email).
• What systems and technologies are used to initiate, authorize and process requests related to
changes to vendor master data?
• Are authentication protocols defined to verify modifications to vendor master data (e.g., call back
procedures, multi-factor authentication)?
2) Controls around electronic transfer of funds:
Wire transfers or electronic funds transfers, similar to vendor changes noted above, cyber schemes
pertaining to fraudulent requests for wire transfers are made relating to business transactions and
vendor payments, as well as fraudulent requests appearing to come from financial institutions
requesting disbursement from customer asset accounts.
• Are personnel responsible for wire transfers educated on the relevant threats and information related
to common phishing scams associated with fraudulent requests for wire transfers?
• Are authentication protocols defined to verify wire transfer requests (e.g., call back procedures,
dual-authentication procedures)?
• What systems and technologies are used to facilitate the request/initiation, authorization and release
of 0 wire transfers?
3) Controls around patch management:
Cyber and ransomware attacks exploit known security vulnerabilities resulting in the manipulation or
the destruction of data. Exploitations of known security vulnerabilities are often caused by unapplied
patches or upgrades.
• Does the entity have a patch management program?
• Does the entity run periodic vulnerability scans to identify missing/unapplied patches?
• How is the entity notified of patches by external vendors (e.g., Microsoft for Windows patches)?

5.5 Remote Audit

Remote audit or virtual audit is when the auditor uses the online or electronic means to conduct the
audit. It could be partially or completely virtual, auditor engages using technology to obtain the audit
evidence or to perform documentation review with the participation of the auditee.
Audit planning and scoping is crucial in every audit. This includes a discussion of the scope and
schedule, and the ways to conduct audit. The COVID-19 pandemic has changed the entire business
landscape and processes have been adjusted to this new situation, where remote audit is appreciated
by clients as well.

CA Harshad Jaju
12.16 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Considerations for remote audit:

Auditors must develop tailored strategies to ensure the remote audit meets the requirements and
deliver results equivalent to traditional onsite audits.
Feasibility and Planning
• Planning should involve agreeing on audit timelines, meeting platform (Zoom calls/ Microsoft
Teams/Google Meet) to be used for audit sessions, data exchange mechanisms, any access
authorization requests. Ensure feasibility is determining what technology may be used, if auditors
and auditees have competencies and that resources are available.
• The execution phases of a remote audit involve video/tele conferencing with auditees. The
documentation for audit evidence should be transferred through a document sharing platform.
Confidentiality, Security and Data Protection
• To ensure data security and confidentiality, access to document sharing platform should be
sufficiently restricted and secured by encrypting the data that is sent across the network. The
information, once reviewed and documented by auditor, is removed from the platform, and stored
according to applicable archiving standards and data protection requirements.
Auditors should take into consideration legislation and regulations, which may require additional
agreements from both sides (e.g., there will be no recording of sound and images, or authorizations
to using people’s images). Auditors should not take screenshots of auditees as audit evidence. Any
screenshots of documents or records or other kind of evidence should be previously authorized
by the audited organization. In case of accessing the auditee’s IT system auditor should use VPN
(Virtual private network). VPN is a service which creates safe and encrypted online connection. It
prevents unauthorized users to enter into network and allows the users to perform work remotely.
Risk assessment
• The communication from auditor as well as auditees need to clear and consistent, and this becomes
crucial during remote audit. The risks for achieving the audit objectives are identified, assessed and
managed. The assessment if remote audit would be sufficient to achieve the audit objectives should
be done and documented for each audit involving all members of the audit team and the audited
organization representative.
Considerations for remote audit:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.17
 DIGITAL AUDITING AND ASSURANCE

ADVANTAGES DISADVANTAGES
Cost and time effective: No travel time and travel Due to network issues, interviews and meetings
costs involved. can be interrupted.

Limited or no ability to visualize facility culture

Comfort and flexibility to the audit team as they of the organization, and the body language of the
would be working from home environment, auditees. Time zone issues could also affect the
efficiency of remote audit session

The opportunity to present doctored documents

Time required to gather evidence can spread over
and to omit relevant information is increased.
several weeks, instead of concentrated into a
This may call for additional planning, some
small period that takes personnel from their daily
additional/different audit procedures, Security
activities.
and confidentiality violation.

Remote access to sensitive IT systems may not

Auditor can get first-hand evidence directly from
be allowed. Security aspects related to remote
the IT system as direct access may be provided.
access and privacy needs to be assessed

Cultural challenges for the auditor. Lack of

knowledge for local laws and regulations could
Widens the selection of auditors from global
impact audit. Audit procedures like physical
network of experts.
verification of assets and stock taking cannot be
performed.

6. EMERGING TECHNOLOGIES IN AUDIT

Emerging technologies are altering the financial reporting environment substantially, and this change is
accelerating. Some examples of emerging technologies are – Data analytics (CAATs (ACL, Alteryx,
Power BI, CaseWare), artificial intelligence (AI), robotic process automation, and blockchain.
These are changing the way business gets done, and auditors are leading by transforming their own
processes.
As the use of emerging technologies in the financial reporting process increases, it becomes important
for auditor and the client to upskill on the emerging technologies.
Data Analytic Techniques
i. Generating and preparing meaningful information from raw system data using processes, tools,
and techniques is known as Data Analytics.
ii. Audit analytics or audit data analytics involves analyzing large sets of data to find actionable
insights, trends, draw conclusions and for informed decision making. The use of audit analytics
enables greater efficiencies and more accurate findings from the review process.
iii. As a result, businesses will be able to create strategies based on verifiable data and professional
assumptions and auditors can improve the audit quality. It allows auditors to more effectively audit
the large amounts of data held and processed in IT systems in larger clients.

CA Harshad Jaju
12.18 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Audit analytics helps:

• To discover and analyze patterns
• Identifying anomalies
• Extract other useful information in data
iv. The data analytics methods used in an audit are known as Computer Assisted Auditing
Techniques or CAATs. It involves use of multiple data analytical tool or visualization tools that
can help the auditor to deep dive into the problem statement and hence increase the audit quality.
This also minimizes the scope of missing out on key attributes that might be of a higher risk to the
organization and its respective business.
v. Auditor performing audit analytics can make use of various applications and tools that help them
to analyse large data sets and obtain insights that help them to make the quality of the audit better.
Some of the popular tools used across the industry as part of CAATs are listed below:
1. ACL - Audit Command Language (ACL) Analytics is a data extraction and analysis software
used for fraud detection and prevention, and risk management. It samples large data sets to find
irregularities or patterns in transactions that could indicate control weaknesses or fraud.
ACL (Audit Command Language) is used to analyse and check complete data sets to perform Trial
Balance reconciliations during the Audits. In such case scenarios, the entity provided the General
Ledger dump and system Trial Balance. Using ACL, the completeness of the data can be ensured as
the data set exceeded beyond the capacity of the excel and basic functions like record count, sum,
pivoting can be performed within ACL where excel could not perform such actions.
2. Alteryx - Alteryx is used to consolidate financial or operational data to assess controls. A fully
transparent audit trail of every action is performed in Alteryx in form of a workflow which makes it
easier for the user to learn as no prior knowledge of coding or scripting is required. Alteryx can also be
leveraged to automate analytics and perform Machine Learning to search for patterns indicative of
fraud or irregularities speed up your processes like accounting close, tax filings, regulatory reporting,
forecast creation etc. It can also be used to automate set procedures that are performed periodically
like reconciliations, consolidations, marketing workflows, system integrations, continuous audits etc.
Alteryx used for logistics organization to recompute the revenue entries recorded by the system
to match with the financials that showcased the expected revenue turnover. Due to Alteryx’s
processing speed and ease to implement functions, auditors could perform re-computation for all
the transactions entry and noted that the revenue was being understated as the expected revenue
was more than the actual calculated. This was due the fact that the addendum between the logistic
company and the client was not revised in the system and old versions of rates were used to compute
the revenue. Alteryx helped in analysing and recomputing the huge data set and to focus on actual
risk.
3. Power BI – Power Bi is a business intelligence (BI) platform that provides nontechnical business
users with tools for aggregating, analyzing, visualizing and sharing data. From audit perspective,
such visualization tools can be used to find the outliers in the population, it can also be used for
reporting purpose (audit reports) in an interactive dashboard to the higher management.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.19
 DIGITAL AUDITING AND ASSURANCE

Power BI dashboard used for checking the outliers of the apparel company. Auditors were required
to analyse the trends of the sales during the year. By the use of Power BI, the sales data provided
by the client was further converted into dashboard to analyse the trends and patterns as per the
market standards. In analysis performed on untimely sales, it was noted that sales transactions were
performed during non-business hours. Illustrative charts below which were utilized as part of the
analysis by the auditors.

4. CaseWare – CaseWare is a data analysis software & provide tools that helps in conducting
audit and assurance engagements quickly, accurately and consistently. It shares analytical insights
which help in taking better informed decisions. It helps in streamlining processes and eliminating
the routine tasks. Used by accounting firms, governments and corporations worldwide, this trusted
platform integrates everything you need to conduct assurance and reporting engagements.

CaseWare provides the solutions to build accounting software which turns any document, including
financial statements into cost effective client ready report. It automatically links to client data and
securely communicate with the client in real time. Regardless of location, all authorized users have
access to the same documents. Consistency of data is ensured. Refer screenshot below to illustrate
audit, review and compilation process maintained on-screen.

CA Harshad Jaju
12.20 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

7. AUTOMATED TOOLS IN AUDIT

i. Enterprises are adopting emerging technologies at a rapid pace to create synergies and harness the
latest technologies.
ii. Robotic process automation (RPA), blockchain, machine learning, Internet of Things (IOT) and
artificial intelligence (AI) are some prime examples of automation.
iii. Automation and use of technology often requiring auditors to understand and perform procedures
on a larger group of systems that produce information relevant to the production of financial
statements.
iv. Based on managements and auditors’ independent risk assessment procedures, the audit’s scope
may need to include peripheral systems, as well as testing general IT and application controls
relative to those systems due to the increased use of technology that is relevant to financial
reporting.

7.1 Internet of Things

IoT is the concept of connecting any device (cell phones, coffee makers, washing machines, and so
on) to the internet. Key components of IoT are data collection, analytics, connectivity, and people
and process. IoT not only changes the business model, but also affects the strategic objectives of the
organization. The risk profile of the entity changes with exposure to new laws and regulations.

Connected Cars, connected manufacturing equipment’s, smart home security, (The options for
home security from doorbell cameras or outdoor cameras - users can view video feeds when
they are away from home) or Data from machines can be used to predict whether equipment will
break down, giving manufacturers advance warning to prevent long stretches of downtime. Or a
refrigerator placing an order with a grocery store whenever the supply of eggs falls below a certain
number. Or smart oven works by scanning QR or bar codes and connecting to Wi-Fi, which it then
uses to determine the best temperature and time to cook the food to avoid undercooking or burning.
Researchers uses IoT devices to gather data about customer preferences and behavior, though that
can have serious implications for privacy and security.

Audit Implications
i. A shift to connected devices and systems may result in auditors not being able to rely only on
manual controls. Instead, auditors may need to scope new systems into their audit. Audit firms
may need to train and upskill auditors to evaluate the design and operating effectiveness of
automated controls.
ii. Consumer-facing tools that connect to business environments in new ways can impact the flow of
transactions and introduce new risks for management and auditors to consider. Consider payment
processing tools that allow users to pay via credit card at a retail location through a mobile device.
This could create a new path for incoming payments that may rely, in part, on a new service
provider supplying and routing information correctly. Auditors would need to consider the volume
of those transactions and the processes and controls related to it.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.21
 DIGITAL AUDITING AND ASSURANCE

Common risks of IoT:

The key risks associated with IoT, including, device hijacking, data siphoning, denial of service
attacks, data breaches and device theft.

7.2 AI (Artificial intelligence)

Artificial intelligence (AI) refers to a system or a machine that can think and learn. AI systems utilize
data analysis and algorithms to make decisions based on predictive methods. Complex algorithms are
developed to propose decisions based on a pattern or behavior learned over time.
Self-driving cars, manufacturing robots, smart assistants, marketing chatbots, virtual travel booking
agent. The self-deploying robots can determine how much vacuuming there is to do based on a
room’s size, uses AI to scan room size, identify obstacles and remember the most efficient routes
for cleaning.
Siri to help find your Air Pods or told Amazon Alexa to turn off the lights, quick commands to open
a phone camera or start a particular playlist, AI to predict when to book the lowest prices for flights,
hotels, car and vacation home rentals. Using historical flight and hotel data, AI will also recommend
to the user whether the booking has reached its lowest price point or if the user should hold out a bit
longer for the price to drop.
Auditor Implications
Given the invisible nature of algorithms, audits must focus on the logical flow of processes. A review
of AI should ascertain whether unintended bias has been added to the algorithms. Auditors should
assess the effectiveness of algorithms and whether their output is appropriately reviewed and
approved. Because AI is built on software modules, auditors must also consider cybersecurity and
search for possible bugs and vulnerabilities that can be exploited to impact AI functionality. Auditors
should confirm their understanding of how the use of AI affects the entity’s flows of transactions,
including the generation of reports or analytics used by management. Auditors also should consider
whether the AI is making decisions—or being utilized by management as part of the decision-making
process.
If management shifts its focus on oversight by relying on AI, auditors should understand what shift
occurred, how new risks might be addressed, and whether existing risks may not be getting the same
level of attention. Understanding these changes could drive changes in the audit approach.
Common risks for AI
AI comes with list of risks. Security is one of the key risks – the more data the system uses, from
more sources, the more entry points and connections are formed and the greater the potential risks.
Inappropriate configuration - AI may also be used to diagnose medical conditions. If it is badly
configured or malfunctions, it could harm people before the problem is spotted. Data privacy - The
data used and shared should have the necessary explicit consent from data providers.

7.3 Blockchain
Blockchain is based on a decentralized and distributed ledger that is secured through encryption.
Each transaction is validated by the blockchain participants, creating a block of information that is

CA Harshad Jaju
12.22 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

replicated and distributed to all participants. All blocks are sequenced so that any modification or
deletion of a block disqualifies the information.
Despite resistance, the benefits associated with blockchain technology are being recognized across a
variety of other industries.

Bitcoin, cryptocurrency transfer application - Blockchain in money transfer, blockchain smart

contracts.

Audit Implications
Auditors should consider the appropriate governance and security transactions around the transactions.
Although blockchain’s core security premise rests on cryptography, there are risk factors associated
with it. As blockchain interacts with legacy systems and business partners, concerns related to insecure
application programming interfaces (APIs), data confidentiality and privacy cannot be ignored.
Weak blockchain application development protocols are something auditors cannot overlook.
Similarly, data privacy laws and regulations may be area of concern as data are communicated across
geographic boundaries. Auditors must be able to determine whether the data put on blockchain will
expose the enterprise to liability for noncompliance with applicable laws and regulations.
Common risks for blockchain technology
The strengths of blockchain can also be its weaknesses. The inability to reverse transactions and
to access data without the required keys make the system secure, but also mean that organisations
need specific protocols and management processes to ensure that they are not locked out and have
clear contingency plans. Operating through network nodes could also expose the organisation
to cyber-attacks and data hacks, so security issues are important. Auditors should also ensure that
the organisation has the necessary data management processes and complies with regulations. The
regulatory landscape is still evolving for blockchain, so audit teams should check that compliance
managers are following developments constantly and adapting processes accordingly.

7.3.1 NFT (Non-Fungible Token)

NFT means something is unique and cannot be replaced. Unlike physical money and cryptocurrencies
are fungible (means they can be traded or exchanged for one another) NFTs are non-fungible tokens.
NFTs contains the digital signature which make them unique. NFTs are digital assets, e.g., photos,
videos, artwork, sports collectibles etc.
NFTs are tokens used to represent ownership of unique items. NFTs allow their creators to tokenize
things like art, collectibles, or even real estate. They are secured by the blockchain and can only have
one official owner at a time. No one can change the record of ownership or copy/paste a new NFT
into existence.
Key Features of NFT -
• Digital Asset - NFT is a digital asset that represents Internet collectibles like art, music, and games
with an authentic certificate created by blockchain technology that underlies Cryptocurrency.
• Unique - It cannot be forged or otherwise manipulated.
• Exchange - NFT exchanges take place with cryptocurrencies such as Bitcoin on specialist sites.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.23
 DIGITAL AUDITING AND ASSURANCE

Challenges of NFT –
NFTs has its own challenges like ownership and copyright concerns, security risks, market is not that
wide, online frauds etc. NFT audit considerations includes comprehensive code review for verifying
the safety of a token, valid contract, data privacy and potential cyber threat.
7.4 Robotic Process Automation
RPA is the automation of the repetitive processes performed by users. It is a software technology that
emulate humans’ actions interacting with digital systems and software. Process efficiency, customer
experience and control effectiveness contributed to RPA. Robotic Process Automation software bots
can interact with any application or system the same way people do—except that RPA bots can operate
around the clock, nonstop, much faster and with 100% reliability and precision.

Case Study
A large passenger carrier is having an AI bot for passenger ticket booking with following processes:
User Interaction: The bot interacts with passengers through various channels such as a website,
mobile app, or messaging platforms. Passengers can initiate a conversation with the bot by providing
their travel details, preferences, and other required information.
Natural Language Processing (NLP): The bot utilizes natural language processing techniques to
understand and interpret the passenger’s queries and requests. It can process text or voice inputs
and extract relevant information to facilitate ticket booking.
Query Handling: The bot responds to passenger queries related to ticket availability, fares, train
schedules, seat preferences, and other relevant information. It can provide real-time updates and
answers to common passenger questions.
Booking Process: Upon receiving a booking request, the bot collects the necessary details from
the passenger, including travel dates, destinations, class preferences, and passenger information.
It validates the inputs, checks seat availability, and calculates fares based on the carrier’s pricing
structure.
Integration with Booking Systems: The bot interfaces with the carrier’s booking systems to check
seat availability, reserve seats, and process payment transactions. It securely communicates with
the backend systems to initiate the booking process.
Payment Processing: The bot facilitates secure payment transactions, allowing passengers to
provide payment details and complete the booking. It may integrate with various payment gateways
or services to process credit card payments, net banking, or other payment methods.
Confirmation and Ticket Generation: Once the booking is successfully processed, the bot
generates a booking confirmation along with a unique ticket number. It provides the passenger with
the necessary information, including the ticket details, train information, and any other relevant
instructions.
Ancillary Services: The bot may offer additional services such as seat upgrades, meal selection,
travel insurance, or other ancillary offerings. It can provide information and assist passengers in
availing these services during the booking process.

CA Harshad Jaju
12.24 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Post-Booking Support: The bot can assist passengers with post-booking support, including
itinerary changes, cancellations, or ticket modifications. It handles these requests, checks the
carrier’s policies, and processes the necessary changes as per the passenger’s requirements.
Integration with Customer Support: The bot may be integrated with customer support systems
to escalate complex queries or issues to human agents when necessary. It can provide a seamless
transition from automated assistance to human interaction, ensuring a high level of customer service.
Following are the illustrative steps to audit ticket booking bot system:
• Identify the objectives and goals of auditing the IRCTC ticket booking bot.
• Determine the scope of the audit, including the specific aspects of the bot’s functionality and
operations to be evaluated.
• Review relevant regulatory and compliance standards applicable to the ticket booking process,
such as data protection and privacy regulations, payment card industry standards, and any specific
industry guidelines.
• Identify and assess potential risks associated with the ticket booking bot, such as unauthorized
access to customer data, system failures, or inaccurate booking information.
• Develop a comprehensive set of audit procedures to assess the effectiveness, efficiency, and
compliance of the ticket booking bot. This may include:
• Reviewing the system architecture, design, and documentation.
• Evaluating the security measures in place, including authentication, access controls, and
encryption.
• Testing the bot’s functionality by simulating booking scenarios and verifying the accuracy of the
results.
• Assessing the performance of the bot, such as response times and scalability.
• Analyzing logs and audit trails to detect any unusual or suspicious activities.
• Examining the data handling processes, ensuring proper encryption, storage, and protection of
customer data.
• Verifying compliance with relevant regulations, policies, and procedures.
• Conducting penetration testing or vulnerability assessments to identify potential weaknesses in
the bot’s security.
• Decide on the appropriate sampling methodology to evaluate the bot’s performance and
compliance. This may involve selecting a representative sample of booking transactions or data
for analysis.
• Conduct the audit based on the defined procedures, following best practices and professional
audit standards.
• Document your findings, including any issues or areas of improvement identified during the audit.
• Compile the audit findings into a comprehensive report, detailing the audit objectives, scope,
procedures performed, and results.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.25
 DIGITAL AUDITING AND ASSURANCE

• Provide recommendations for addressing any identified weaknesses, risks, or noncompliance

issues.
• Present the report to relevant stakeholders, such as management, IT teams, and compliance
officers.
• Track the implementation of recommended actions and ensure appropriate measures are taken to
address any identified weaknesses.
• Periodically review and monitor the bot’s performance, security, and compliance to ensure
ongoing effectiveness.

Audit Implications:
i. It is of utmost importance for auditors to understand RPA processes, which include data extraction,
aggregation, sanitization and cleansing. Unless auditors understand these processes, they will not
be in a position to initiate an audit.
ii. A comprehensive assurance process might demand review of the source code. To perform substantive
testing, auditors must have an understanding of the tools used to develop and maintain RPA. This
will be helpful when auditors review logs, configuration controls, privileged access controls and
the like. General IT controls are applicable as always.
Common Risks of RPA:
Operational and execution risks - Robots are deployed without proper operating model. Buying the
wrong tool, making wrong assumptions, taking shortcuts, and jeopardizing security and compliance.
Assigning proper responsibilities, training and clearly stating about changing roles also can help you
reduce operational risk to a great extent.
Change management risks: Not following the change management implementation lifecycle,
improper and incomplete testing (not covering all scenarios) leads to inaccurate results.
RPA Strategy Risk: Setting wrong expectations, improper KPIs, and unrealistic business goals
creates an environment of uncertainty. Management should discuss, and analyse the complete working
characteristics, potential, and limitations of RPA before drafting a robotic process automation.
RPA to check IND AS, IFCoFR and Standards on Auditing.
Incorporating Standards on Auditing, IFCoFR, IND AS (para-wise details of | Para reference |
Accounting policy | Relevant data to be captured | Relevant calculation to be made | Presentation in
financial statements | IFCoFR | Audit procedures as per Standards on auditing |) in audit practices
ensures accurate financial reporting, effective internal controls, and reliable audit procedures.
Leveraging RPA in conjunction with these frameworks can significantly enhance audit efficiency,
accuracy, and compliance. RPA developers and auditors should collaborate to align RPA workflows
with relevant standards and guidelines, ultimately improving the effectiveness of audits and enhancing
client assurance given below:

CA Harshad Jaju
12.26 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Columnar Presentation of IND AS 16 - Property, Plant & Equipment with IFCoFR and Audit
Procedures
Audit
Relevant Presentation
Para Accounting Relevant data procedures as
calculation to in financial IFCoFR
ref. policy to be captured per Standards
be made statements
on auditing
6 Define PPE as Identify PPE Apply Disclose Establish Verify the
tangible assets items and recognition PPE items internal existence,
that are held their cost criteria and and their controls ownership,
for use in the components. measurement carrying over the valuation, and
production principles. amounts, identification, disclosure
or supply depreciation recognition, of PPE by
of goods methods measurement, inspection,
or services, and rates, depreciation, confirmation,
for rental to useful lives, impairment, vouching,
others, or for impairment and disclosure analytical
administrative losses, etc. of PPE. procedures,
purposes; and etc.
are expected to
be used during
more than one
period.
7 Recognize an Assess the Apply cost Disclose Establish Verify the
item of PPE probability model or the basis of internal recognition
as an asset if and reliability revaluation recognition controls criteria and
it is probable of future model for and over the measurement
that future economic subsequent measurement assessment basis of PPE
economic benefits and measurement of PPE items. of probability items by
benefits cost of PPE of PPE items. and inspection,
associated items. reliability confirmation,
with the item of future vouching,
will flow to economic analytical
the entity; and benefits and procedures,
the cost of cost of PPE etc.
the item can items.
be measured
reliably.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.27
 DIGITAL AUDITING AND ASSURANCE

8 Measure the Identify the Calculate the Disclose the Establish Verify the
cost of an item cash price present value cash price internal cash price
of PPE as the equivalent of deferred equivalent controls equivalent
cash price and the payments and the over the and present
equivalent at present value using an present identification value of
the recognition of deferred appropriate value of and deferred
date. If payments for discount rate. deferred calculation payments for
payment PPE items. payments of cash price PPE items by
is deferred for PPE equivalent inspection,
beyond normal items. and present confirmation,
credit terms, value of vouching,
measure the deferred analytical
cost at the payments for procedures,
present value PPE items. etc.
of all future
payments.
9 Include in the Identify Allocate Disclose Establish Verify the
cost of an item the directly the directly the directly internal controls directly
of PPE any attributable attributable attributable over the attributable
costs directly costs and the costs to PPE costs and the identification costs and
attributable nonattributable items based nonattributable and allocation nonattributable
to bringing costs for PPE on a rational costs for PPE of directly costs for PPE
the asset to items. and consistent items. attributable items by
the location basis. costs and inspection,
and condition Exclude any nonattributable confirmation,
necessary for nonattributable costs for PPE vouching,
it to be capable costs from PPE items. analytical
of operating items. procedures,
in the manner etc.
intended by
management.
Exclude any
costs that are
not directly
attributable to
bringing the
asset to that
location and
condition.

CA Harshad Jaju
12.28 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

10 Include in the Identify the Allocate the Disclose the Establish Verify the
cost of an item borrowing borrowing borrowing internal borrowing
of PPE any costs and the costs to costs controls costs and
borrowing costs qualifying qualifying and the over the qualifying
that are directly assets for PPE assets based qualifying identification assets for
attributable to items. on a rational assets for and PPE items by
the acquisition, and consistent PPE items. allocation of inspection,
construction basis. borrowing confirmation,
or production costs and vouching,
of a qualifying qualifying analytical
asset as part assets for procedures,
of the cost of PPE items. etc.
that asset in
accordance
with Ind AS
23 Borrowing
Costs. A
qualifying asset
is an asset that
necessarily
takes a
substantial
period of time
to get ready for
its intended use
or sale.
11 Exclude from Identify Deduct Disclose Establish Verify
the cost of an the trade the trade the trade internal the trade
item of PPE discounts and discounts and discounts controls discounts and
any trade rebates for rebates from and rebates over the rebates for
discounts and PPE items. the cost of for PPE identification PPE items by
rebates PPE items. items. and inspection,
deduction confirmation,
of trade vouching,
discounts and analytical
rebates for procedures,
PPE items. etc.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.29
 DIGITAL AUDITING AND ASSURANCE

15 Recognize Identify the Apply Disclose the Establish Verify the

the cost of a selfconstructed the same internal
selfconstructed selfconstructed
selfconstructed assets and principles assets and controls assets and
asset as the their cost as for an their costs. over the their costs by
cost of an item components. acquired identification inspection,
of PPE. asset. and confirmation,
measurement vouching,
of self- analytical
constructed procedures,
assets. etc.
31 Review the Identify the Assess Adjust the Establish Verify the
residual value, residual whether depreciation internal residual
useful life and value, useful there is any charge controls value, useful
depreciation life and indication accordingly over the life and
method of an depreciation of change in and disclose review and depreciation
asset at least at method of expectations the nature adjustment method of
each financial PPE items. from previous and effect of of residual PPE items by
year end and, estimates. the change value, useful inspection,
if expectations in estimate. life and confirmation,
differ from depreciation vouching,
previous method of analytical
estimates, PPE items. procedures,
account for etc.
the change as
a change in
an accounting
estimate in
accordance
with Ind AS
8 Accounting
Policies,
Changes in
Accounting
Estimates and
Errors.

CA Harshad Jaju
12.30 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

41 Recognize Identify the Assess the Allocate Establish Verify the

the cost of replacement probability the cost of internal replacement
replacing part parts and their and reliability replacement controls parts and
of an item costs for PPE of future parts to PPE over the their costs for
of PPE as an items. economic items and recognition PPE items by
asset if it is benefits remove the and inspection,
probable that and cost of carrying measurement confirmation,
the future replacement amount of of vouching,
economic parts. replaced replacement analytical
benefits parts. parts for PPE procedures,
embodied Disclose the items. etc.
within the replacement
part will flow parts and
to the entity; their costs
and the cost of for PPE
the item can items.
be measured
reliably.
Derecognize
the carrying
amount of the
replaced part.
57 Derecognize Identify the Calculate Recognize the Establish Verify the
an item of PPE disposed or the gain gain or loss on internal disposed or
on disposal or retired PPE or loss on derecognition controls retired PPE
when no future items and derecognition in profit or over the items and
economic their carrying as the loss. Disclose identification their gain
benefits are amounts. difference the disposed and or loss on
expected between or retired PPE calculation of derecognition
from its use net disposal items and their gain or loss on by inspection,
or disposal. proceeds gain or loss on derecognition confirmation,
Gain or loss and carrying derecognition. of PPE items. vouching,
arising from amount. analytical
derecognition procedures,
is included etc.
in profit or
loss when
the item is
derecognized.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.31
 DIGITAL AUDITING AND ASSURANCE

8. CONTROL CONSIDERATIONS OR
OBJECTIVES OF AUDITING DIGITALLY
Emerging technologies can bring great benefits, but they also come with a varied set of substantial
risks.
The strength of the auditing profession is the assessment of risks and controls. As they address
the challenge of assessing technology risk, auditors can and should focus on the following control
considerations:
1. Auditors should gain a holistic understanding of changes in the industry and the information
technology environment to effectively evaluate management’s process for initiating, processing,
and recording transactions and then design appropriate auditing procedures.
2. Auditors, as appropriate, should consider risks resulting from the implementation of new
technologies and how those risks may differ from those that arise from more traditional, legacy
systems.
3. Auditors should consider whether digital upskilling or specialists are necessary to determine the
impact of new technologies and to assist in the risk assessment and understanding of the design,
implementation, and operating effectiveness of controls. E.g., cybersecurity control experts, IT
specialists in the team etc.
Some examples of technology risks where auditors should test the appropriate controls for relying
on the digital systems
• Reliance on systems or programs that are inaccurately processing data, processing inaccurate data,
or both
• Unauthorized access to data that might result in destruction of data or improper changes to data,
including the recording of unauthorized or non-existent transactions or inaccurate recording of
transactions (specific risks might arise when multiple users access a common database)
• The possibility of information technology personnel gaining access privileges beyond those
necessary to perform their assigned duties, thereby leading to insufficient segregation of duties
• Unauthorized or erroneous changes to data in master files
• Unauthorized changes to systems or programs
• Failure to make necessary or appropriate changes to systems or programs
• Inappropriate manual intervention
• Potential loss of data or inability to access data as required
• Risks introduced when using third-party service providers
• Cybersecurity risks

CA Harshad Jaju
12.32 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

8.1 Key Steps for Auditors in a Changing Technology Environment

As auditors obtain an understanding of the impact of technology on a company’s business, its systems
of internal control, and its financial reporting, some important reminders include the following:
• Maintain sufficient professional skepticism when reviewing management’s risk assessment for new
systems.
• Understand the direct and indirect effects of new technology and determine how its use by the entity
impacts the auditor’s overall risk assessment.
• Understand how the technologies impact the flow of transactions, assess the completeness of the
in-scope ICFR systems, and design a sufficient and appropriate audit response.
• Assess the appropriateness of management’s processes to select, develop, operate, and maintain
controls related to the organization’s technology based on the extent the technology is used.

9. NEXT GENERATION AUDIT

The Next Generation Audit is human-led, tech-powered and data-driven. It is based on combining
emerging technologies to redefine how audits are performed.
Next Generation Audit aims to the following:

We live in an era of fast technological progress, with new digital devices, applications, and tools
being developed almost on a daily basis. 3D printing, augmented reality (AR) and virtual reality
(VR), biotechnology, auditing through drones (also known as an ‘Unmanned Aerial Vehicle’ (UAV)
and quantum technology are some of the most rapidly advancing areas, with many implications for
society.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.33
 DIGITAL AUDITING AND ASSURANCE

Drone Technology: Using drone technology in the remote locations for stock counts. Drones
have great payload capacity for carrying sensors and cameras, thus they can photograph and
physically examine the count of large quantities of fixed assets and inventory.
Drone captured audit information can be combined with various alternative sources of information
such as QR code readers, handheld bar scanners, manual counts etc. to optimise quality of
deliverables, consolidate audit information and enhance the execution speed while ensuring
correctness and completeness of data.

Drone Technology: Using drone technology in the remote locations for stock counts. Drones have
great payload capacity for carrying sensors and cameras, thus they can photograph and physically
examine the count of large quantities of fixed assets and inventory.
Drone captured audit information can be combined with various alternative sources of information
such as QR code readers, handheld bar scanners, manual counts etc. to optimise quality of deliverables,
consolidate audit information and enhance the execution speed while ensuring correctness and
completeness of data.
Augmented reality: The technology allows users to view the real-world environment with augmented
(added) elements, generated by digital devices.
One famous example was Pokémon Go, a game for mobile devices in which players chase imaginary
digital creatures (visible on their mobile phones) around physical locations.
Virtual reality: VR goes a step forward and replaces the real world entirely with a simulated
environment, created through digitally generated images, sounds, and even touch and smell. Using
special equipment, such as a custom headset, the user can explore a simulated world or simulate
experiences such as flying or skydiving.
Examples of augmented and virtual reality? In architecture and engineering businesses, AR and
VR allow architects to see their building plans come to life before being built. In the business sector,
these technologies allow products to be previewed or customised, thus improving productivity and
offering new marketing possibilities.
In the health sector, AR can provide surgeons with additional information when operating on a
patient, such as heartbeat and blood pressure monitoring and virtual x-rays. Vision Pro is essentially
an augmented-reality (AR) headset that “seamlessly” blends the real and digital worlds. The device
can switch between augmented and full virtual reality (VR) using a dial.
Metaverse: The metaverse is the emerging 3-D digital space that uses virtual reality, augmented
reality, and other advanced internet technology to allow people to have lifelike personal and business
experiences online. It represents a convergence of digital technology to combine and extend the reach
and use of Cryptocurrency, Artificial Intelligence (AI), Augmented Reality (AR) and Virtual Reality
(VR)
The internet offers many experiences today, but tomorrow’s Metaverse will feel more interconnected
than ever before. We are heading towards mature landscape of virtual spaces with transferable identities
and assets enabled by blockchains (NFTs) that are interoperable or interchangeable. It further includes
highly automated systems, immersive interfaces, hyperconnected networks and digital reflections.

CA Harshad Jaju
12.34 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

Some considerations for future –

• Beyond cryptocurrencies, coins, and exchanges, players in the Metaverse will need to consider how
to build digital monetary systems and apply economic principles to things like digital land.
• Governance models will become ever more difficult to balance openness and user contribution with
strategic direction and innovation.
• Identity in the digital world has historically been different based on the platform utilized. The
practical challenge of identity will also have to be considered in the Metaverse (e.g., KYC)
• Synchronicity is the ability for aspects of the Metaverse to be multiplayer, simultaneous, and real-
time. This includes transactions and actions happening in the Metaverse and are dependent on the
infrastructure of digital economies, networking and computing power required to operate a digital
world.
Case scenarios to illustrate the potential application of the metaverse in the financial domain:
• Virtual Banking and Transactions: A forward-thinking financial institution, establishes a presence
in the metaverse to offer virtual banking services. Users can create virtual bank accounts, access
personalized financial dashboards, and perform transactions using virtual currencies. Customers
can seamlessly transfer funds, make virtual purchases, and engage in virtual commerce, all within
the immersive environment of the metaverse. XYZ Bank leverages the metaverse to provide a
convenient and interactive banking experience, attracting tech-savvy customers who value digital
innovation.
• Digital Asset Management: A digital asset management company, recognizes the growing popularity
of virtual assets in the metaverse. They launch a virtual asset trading platform within the metaverse,
allowing users to buy, sell, and trade NFTs and other digital assets. Investors can diversify their
portfolios, participate in virtual auctions, and even showcase their virtual art collections in virtual
galleries. Crypto Investments Ltd. leverages the metaverse’s decentralized and secure infrastructure
to facilitate transparent and efficient transactions of virtual assets.
• Virtual Financial Education and Training: A Financial Learning Academy aims to enhance financial
literacy using the metaverse. They create a virtual classroom environment where participants
can attend interactive financial education sessions. Students can engage in simulated investment
activities, learn about budgeting and financial planning, and gain handson experience through
virtual trading simulations. Financial Learning Academy leverages the immersive nature of the
metaverse to provide an engaging and practical financial education platform, preparing individuals
for real-world financial challenges.
• Virtual Meetings and Conferences: For a leading industry even an organisation hosts a virtual
conference within the metaverse. Participants from around the world can access the conference
through their virtual avatars. They can attend keynote speeches, panel discussions, and networking
events in virtual conference halls. Attendees can interact with industry experts, explore virtual
exhibition booths, and establish valuable connections in the financial sector. Global Finance
Summit leverages the metaverse to create a global and inclusive conference experience, fostering
collaboration and knowledge sharing.
• Data Visualization and Analytics: A company utilizes the metaverse to offer advanced data
visualization and analytics tools to financial professionals. Their virtual analytics platform allows
users to visualize complex financial data in interactive and immersive 3D environments. Users

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.35
 DIGITAL AUDITING AND ASSURANCE

can explore data trends, conduct simulations, and analyze financial performance through intuitive
interfaces within the metaverse. Analytics Solutions Inc. leverages the metaverse’s immersive
capabilities to enhance data-driven decision-making, enabling financial professionals to gain
deeper insights into market trends and make informed investment decisions.
Common Risks associated:
Beyond their potential, these technologies also come with challenges such as public safety,
cybersecurity, data privacy, data protection, lack of standards and technical challenges. Since they
often track movements and data, massive amounts of data are generated about the whereabouts of
users. It also raises questions about taxation, jurisdiction, and customer protection. Regulators and
auditors have to think of the controls around privacy, data security, governance to make it more
regulated.

10. CONCLUSION
Emerging technologies bring opportunities to organizations, but they also expose the enterprise to new
risk. Auditors are expected to identify the right balance between cost and benefit of internal controls
for mitigating these risk factors. This includes understanding how technology integrates with business,
how it is governed, which activities are automated and how they are controlled, what the business
impacts are as a result of this automation, and how negative impacts are controlled and monitored.
Though auditors are not expected to be experts in every technology, they should be able to identify
the risk inherent with these technologies. This includes understanding the technology architecture, the
internal control framework embedded in the technology and its integration with business.

CA Harshad Jaju
12.36 Swapnil Patni Classes caharshad
98812 92971
 DIGITAL AUDITING AND ASSURANCE

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 12.37
 DIGITAL AUDITING AND ASSURANCE

CA Harshad Jaju
12.38 Swapnil Patni Classes caharshad
98812 92971
 13
CHAPTER
GROUP
AUDITS

Highlights

After studying this chapter, you would be able to -

1. Understand the concept of Audit of Consolidated Financial Statements.
2. Identify the responsibility of Parent and Auditor in Consolidation of Financial Statements.
3. Gain the knowledge of Audit Considerations during the Audit of Consolidated Financial
Statements.
4. Recognise the manner of Permanent Consolidation Adjustment and Current Period Consolidation
Adjustments.
5. Learn the reporting requirements as per the given circumstance and understand audit of group
financial statements including the work of component auditors.
6. Understand and interpret SA 600-“Using the Work of Another Auditor”

1. INTRODUCTION
Consolidated Financial Statements are the financial statements of a group in which the assets, liabilities,
equity, income, expenses and cash flows of the parent and its subsidiaries are presented as those of a
single economic entity.
In other words, consolidated financial statements present the financial position of an entire group
including the parent and its group companies

Financial Statements of Financial Statements of

Parent Company (MNO Subsidiaries (ABC Ltd.
Ltd.) and XYZ Ltd.)

Consolidated Financial
Statements of the group

Once the consolidated financial statements are prepared, such financial statements are audited by the
principal auditor. Now, we need to consider the following points.
♦ The responsibility of the parent company in consolidation of financial statements.
♦ Manner of permanent adjustment and current period consolidation adjustment.

CA Harshad Jaju
Swapnil Patni Classes caharshad 13.1
98812 92971
 GROUP AUDITS

♦ The principal auditor’s procedures.

♦ Coordination and division of responsibility between both the auditors.
♦ Reporting requirements.
Consolidated financial statements are presented, to the extent possible, in the same format as adopted
by the parent for its separate financial statements. The formats for preparation of balance sheet,
statement of profit and loss and a statement of change in equity (if applicable) are prescribed under
the Schedule III of the Companies Act, 2013.

Consolidated Financial
Statements include

Consolidated Any
Consolidated Consolidated statement explanatory
Consolidated
statement of cash flow of change notes annexed
balance sheet
profit and loss statement in equity (if to, or forming
applicable) and part thereof

An entity which prepares the consolidated financial statements, either under any law or regulation
governing the entity or suo motu, might be required to or otherwise engage the auditor for conducting
the audit of consolidated financial statements.
However, a law or regulation governing the entity may require the consolidated financial statements
to be audited by the statutory auditor of the entity (i.e. the auditor who audits standalone financial
statements of the entity).
Accounting Standard (AS) 21 ‘Consolidated Financial Statements’ and Indian Accounting Standard
(Ind AS) 110, ‘Consolidated Financial Statements’ lay down principles and procedures for preparation
and presentation of consolidated financial statements under AS and Ind AS respectively

1.1 Consolidation of Financial Statements - Mandatory under Companies Act, 2013

• According to Section 129(3) of the Companies Act, 2013, where a company has one or more
subsidiaries, including associate company and joint venture, it shall, in addition to its own financial
statements prepare a consolidated financial statement of the company and of all the subsidiaries in
the same form and manner as that of its own.
• Further, section 129(4) of the said Act, provides that the provisions applicable to the preparation,
adoption and audit of the financial statements of a holding company shall, mutatis mutandis, also
apply to its the consolidated financial statements.
• The consolidated financial statements shall also be approved by the Board of Directors before they
are signed on behalf of the Board, along with its standalone financial statements and shall also
be laid before the annual general meeting of the company along with the laying of its standalone
financial statement.
• The company shall also attach along with its financial statement, a separate statement containing
the salient features of the financial statement of its subsidiary(ies) in Form AOC-1.

CA Harshad Jaju
13.2 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

• According to the Companies (Accounts) Rules, 2014, the consolidation of financial statements of
the company shall be made in accordance with the provisions of Schedule III to the Act and the
applicable accounting standards. However, a company which is not required to prepare consolidated
financial statements under the Accounting Standards, it shall be sufficient if the company complies
with provisions of consolidated financial statements provided in Schedule III of the Act.

However, the requirement related to preparation of consolidated financial statements shall not
apply to a company if it meets the following conditions:
i. it is a wholly-owned subsidiary, or is a partially-owned subsidiary of another company and all its
other members, including those not otherwise entitled to vote, having been intimated in writing and
for which the proof of delivery of such intimation is available with the company, do not object to the
company not presenting consolidated financial statements;
ii. it is a company whose securities are not listed or are not in the process of listing on any stock
exchange, whether in India or outside India; and
iii. its ultimate or any intermediate holding company files consolidated financial statements with the
Registrar which are in compliance with the applicable Accounting Standards.
As per sub-section 6 of the section 129 of the Companies Act, 2013, the Central Government may, on
its own or on an application by a class or classes of companies, by notification, exempt any class or
classes of companies from complying with any of the requirements of section 129 or the rules made
thereunder, if it is considered necessary to grant such exemption in the public interest and any such
exemption may be granted either unconditionally or subject to such conditions as may be specified in
the notification.
Thus, the companies having subsidiaries, which have previously never prepared the consolidated
financial statements, must prepare their consolidated financial statements in adherence with this
mandatory requirement. This will provide the holding companies’ stakeholders more transparency
about the companies’ businesses.
Further, an investment entity need not present consolidated financial statements if it is required, in
accordance with paragraph 31 of Ind AS 110, to measure all of its subsidiaries at fair value through
profit or loss. A parent shall determine whether it is an investment entity.
An investment entity is an entity that:
(a) obtains funds from one or (b) commits to its investor(s) (c) measures and evaluates the
more investors for the purpose that its business purpose is to performance of substantially all
of providing those investor(s) invest funds solely for returns of its investments on a fair value
with investment management from capital appreciation, basis.
services; investment income, or both; and

However, as per paragraph 33 of Ind AS 110, the parent of an investment entity shall consolidate all
entities that it controls, including those controlled through an investment entity subsidiary, unless the
parent itself is an investment entity.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.3
 GROUP AUDITS

2. RESPONSIBILITY OF PARENT
The responsibility for the preparation and presentation of consolidated financial statements, among
other things, is that of the management of the parent. This includes:

a. identifying components, and including the financial information of the components to be included
in the consolidated financial statements;
b. where appropriate, identifying reportable segments for segmental reporting;
c. identifying related parties and related party transactions for reporting;
d. obtaining accurate and complete financial information from components;
e. making appropriate consolidation adjustments;
f. harmonization of accounting policies and accounting framework; and
g. GAAP conversion, where applicable.

Apart from the above, the parent ordinarily issues instructions to the management of the component
specifying the parent’s requirements relating to financial information of the components to be
included in the consolidated financial statements. The instructions ordinarily cover the accounting
policies to be applied, statutory and other disclosure requirements applicable to the parent, including
the identification of and reporting on reportable segments, and related parties and related party
transactions, and a reporting timetable.

3. RESPONSIBILITY OF THE AUDITOR OF THE

CONSOLIDATED FINANCIAL STATEMENTS
Section 129(4) of the Companies Act, 2013 requires that the provisions of the Act applicable to
the preparation, adoption and audit of the financial statements of a holding company shall, mutatis
mutandis, apply to the consolidated financial statements.
Besides other matters, the principal auditor of the consolidated financial statements is responsible for
expressing an opinion on whether the consolidated financial statements are prepared, in all material
respects, in accordance with the financial reporting framework under which the parent prepares the
consolidated financial statements in addition to reporting on the additional matters as required under
the Companies Act, 2013 and any other statute to the extent applicable.

CA Harshad Jaju
13.4 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

Therefore, the auditor’s objectives in an audit of consolidated financial statements are:

a. to satisfy himself that the consolidated financial statements have been prepared in accordance
with the requirements of the applicable financial reporting framework;
b. to enable himself to express an opinion on the true and fair view presented by the consolidated
financial statements;
c. to enquire into the matters as specified in section 143(1) of the Companies Act, 2013; and.
d. to report on the matters given in the clauses (a) to (i) of section 143(3) of the Companies Act,
2013 for other matters under section 143(3)(j) read with rule 11 of the Companies (Audit and
Auditors) Rules, 2014, to comment on the matters specified in sub-rule (a),(b), (c), (d), (e), (f)
and (g)1 to the extent applicable;
e. The auditor should also validate the requirement of preparation of CFS for the company as per
applicable financial reporting framework.

Standards on Auditing, Statements and Guidance Notes on auditing matters issued by the Institute of
Chartered Accountants of India (ICAI) apply in the same manner to audit of consolidated financial
statements as they apply to audit of standalone financial statements. It means that the auditors, while
conducting the audit of consolidated financial statements are, inter alia, expected to:
a. plan their work to enable them to conduct an effective audit in an efficient and timely manner;
b. obtain an understanding of the accounting and internal control systems including IT system like
consolidation tool, sufficient to plan the audit and determine the nature, timing and extent of his
audit procedures. Such an understanding would help the auditors to develop an effective audit
approach;
c. use professional judgement to assess audit risk and to design audit procedures to ensure that the
risk is reduced to an acceptable level, etc.

4. AUDIT CONSIDERATIONS
The following features of consolidated financial statements have an impact on the related audit
procedures:
a. The consolidated financial statements are prepared on the basis of separate financial statements
of the parent and its components, using the consolidation procedures prescribed by Accounting
Standards2 under applicable financial reporting framework; and

1 The auditor of the consolidated financial statements generally report on the matters pertaining to the component, on the basis of auditors’ report
of the respective component.2 Accounting Standard (AS) 21, Consolidated Financial Statements, Accounting Standard (AS 23)- Accounting for
Investments in Associates in Consolidated Financial Statements and Accounting Standard (AS) - 27, Financial Reporting of Interests in Joint
Ventures OR Indian Accounting Standard (Ind AS) 110 – Consolidated Financial Statements, Indian Accounting Standard (Ind AS) 111- Joint
Arrangements, Indian Accounting Standard (Ind AS) 112 –Disclosure of Interests in Other Entities and Indian Accounting Standard (Ind AS) 28 –
Investments in Associates and Joint Ventures.
2 Accounting Standard (AS) 21, Consolidated Financial Statements, Accounting Standard (AS 23)- Accounting for Investments in Associates in
Consolidated Financial Statements and Accounting Standard (AS) - 27, Financial Reporting of Interests in Joint Ventures OR Indian Accounting
Standard (Ind AS) 110 – Consolidated Financial Statements, Indian

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.5
 GROUP AUDITS

b. The auditor of the consolidated financial statements may use the work of other auditors as per
requirement of Standards on Auditing unless the auditor of consolidated financial statements is
also the auditor of the other components of the group.
The consolidated financial statements (including the intermediate consolidated financial statements
prepared internally)3 are prepared using the separate financial statements of the parent and its
components and also other financial information, which might not be covered by the separate financial
statements of these entities.
The ‘other financial information’ would include disclosures to be made in the consolidated financial
statements about the components, proportion of items included in the consolidated financial statements
to which different accounting policies have been applied where permitted, adjustments made for the
effects of significant transactions or other events that occur between the financial statements of parent
and its components, as the case may be, etc. Thus, this ‘other financial information’ would be required
to be additionally disclosed.
When an auditor accepts the audit of consolidated financial statements, the auditor should assess
whether based on his work alone he would be able to express an opinion on the true and fair view
presented by the consolidated financial statements.
If the auditor is of the view that his own participation may not be enough or sufficient, he should
consider using the work of ‘other auditors’.
Such ‘other auditors’ might be the statutory auditors of the separate financial statements of one or more
of the components or the auditors appointed specifically for assisting the auditor of the consolidated
financial statements (the principal auditor).
Where the statutory auditors of one or more of the components of the parent are also requested to
assist the principal auditor, the work to be performed by such statutory auditors for use by the principal
auditor would constitute an assignment separate from the assignment to conduct the statutory audit
of the respective component.
Standard on Auditing (SA) 600, ‘Using the Work of Another Auditor’ establishes standards when
an auditor, reporting on the financial statements of an entity (the group—in the case of consolidated
financial statements), uses the work of another auditor on the financial information of one or more
components included in the financial statements of the entity (Paragraph 2 of SA 600). The principal
auditor, if he decides to use the work of another auditor in relation to the audit of consolidated financial
statements, should comply with the requirements of SA 600.
In carrying out the audit of the standalone financial statements, the computation of materiality for the
purpose of issuing an opinion on the standalone financial statements of each component would be
done component-wise on a standalone basis.

Accounting Standard (Ind AS) 111- Joint Arrangements, Indian Accounting Standard (Ind AS) 112 –Disclosure of Interests in Other Entities and
Indian Accounting Standard (Ind AS) 28 – Investments in Associates and Joint Ventures.
3 Intermediate consolidated financial statements are the consolidated financial statements of an intermediate parent, e.g., Company A has one
subsidiary Company B. Company B has a subsidiary Company C. In this case, Company B is the intermediate parent and the consolidated financial
statements prepared by Company B will be intermediate consolidated financial statements.

CA Harshad Jaju
13.6 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

However, with regard to determination of materiality during the audit of consolidated financial
statements (CFS), the auditor should consider the following:

The auditor is required to compute the materiality for the group as a whole. This materiality should
be used to assess the appropriateness of the consolidation adjustments (i.e. permanent consolidation
adjustments and current period consolidation adjustments) that are made by the management in the
preparation of CFS.

The parent auditor can also use the materiality computed on the group level to determine whether
the component’s financial statements are material to the group to determine whether they should
scope in additional components and consider using the work of other auditors as applicable.

The principal auditor also computes the materiality for each component and communicates to the
component auditor, if he believes is required for a true and fair view on CFS.

The principal auditor also obtains certain confirmations from component auditors like independence,
code of ethics, certain information required for consolidation and disclosure requirements etc.

However, while considering the observations (for instance modification and /or emphasis of matter
in accordance with SA 705/706) of the component auditor in his report on the standalone financial
statements, the principles of SA 600 need to be considered.

5. AUDITING THE CONSOLIDATION

i. Before commencing an audit of consolidated financial statements, the auditor should plan his
work to enable him to conduct an effective audit in an efficient and timely manner.
The auditor should make plans, among other things, for the following:

a. Understanding of the group structure and group-wide controls including assessment of Information
Technology (IT) system and related general and applications IT related controls (manual and
automated) for consolidation process;
b. understanding of accounting policies of the parent and its components as well as of the consolidation
process including the process of translation of financial statements of foreign components;
c. determining and programming the nature, timing, and extent of the audit procedures to be
performed based on the assessment of the risk of material misstatement in consolidation process;
a. determining the extent of use of other auditor’s work in the audit; and
e. coordinating the work to be performed.
ii. A parent which presents consolidated financial statements is required to consolidate all its components
in the consolidated financial statements other than those for which exceptions have been provided
in the relevant accounting standards under the applicable financial reporting framework.
iii. The auditor should obtain a listing of all the components included in the consolidated financial
statements and review the information provided by the management of the parent identifying
the components. The auditor should verify that all the components have been included in the
consolidated financial statements unless these components meet criterion for exclusion.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.7
 GROUP AUDITS

iv. In respect of completeness of this information, the auditor should perform the following
procedures:

(a) review his working papers for the prior years for the known components;

(b) review the parent’s procedures for identification of various components;

(c) make inquiries of the management to identify any new components or any component which
goes out of consolidated financial statements;
(d) review the investments of parent as well as its components to determine the shareholding in
other entities;
(e) review the joint ventures and joint arrangements as applicable;
(f) review the other arrangements entered into by the parent that have not been included in the
consolidated financial statements of the group;
(g) review the statutory records maintained by the parent, for example registers under section 186,
190 of the Companies Act, 2013;
(h) Identify the changes in the shareholding that might have taken place during the reporting period.

v. The auditor should document procedures performed for assessing completeness of the components
to be consolidated.
vi. There would be various means by which control, joint control or significant influence can be
obtained. In this regard, the auditor may verify the Board’s minutes, shareholder agreements
entered into by the parent, agreements with the entities to which the parent might have provided
any technology or know how, enforcement of statute, as the case may be, etc. The auditor may
also review the minutes of the meetings of the Board of Directors subsequent to the year-end
to understand if there has been any liquidation of investments or any further investments have
been made as these may provide further evidence to understand if the control was meant to be
temporary in nature or otherwise.
vii. Where a component is excluded from the consolidated financial statements, the auditor should
examine the reasons for exclusion and whether such exclusion is in conformity with the applicable
financial reporting framework, for example, under the Companies (Accounting Standards) Rules,
2006, there could be two reasons for exclusion of a subsidiary, associate or jointly controlled
entityone, that the relationship of parent with the subsidiary, associate or jointly controlled entity is
intended to be temporary or the subsidiary, associate or joint venture operates under severe longterm
restrictions which significantly impair its ability to transfer funds to the parent. Similarly, under
the Companies Act, 2013, intermediate subsidiary in India is not required to present consolidated
financial statements, if a company meets the following conditions:

CA Harshad Jaju
13.8 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

(i) it is a wholly-owned subsidiary, or is a partially-owned subsidiary of another company and all

its other members, including those not otherwise entitled to vote, having been intimated in writing
and for which the proof of delivery of such intimation is available with the company, do not object
to the company not presenting consolidated financial statements;

(ii) it is a company whose securities are not listed or are not in the process of listing on any stock
exchange, whether in India or outside India; and

(iii) its ultimate or any intermediate holding company files consolidated financial statements with
the Registrar which are in compliance with the applicable Accounting Standards.

viii. Ind AS 110 also prescribes certain criteria where consolidated financial statements are not required.
In such cases, the auditor should satisfy himself that the exclusion made by the management falls
within these categories, example in the case of an entity which is excluded from consolidation
on the ground that the relationship of parent with the other entity as subsidiary, associate or joint
venture is temporary, the auditor should verify that the intention of the parent, to dispose off the
subsidiary, investment in associate or interest in jointly controlled entity, in the near future, existed
at the time of acquisition of the subsidiary, making investment in associate or jointly controlled
entity. The auditor should also verify that the reasons for exclusion are given in the consolidated
financial statements. If an entity is excluded from the consolidated financial statements for reasons
other than those allowed by the applicable financial reporting framework, the auditor should
consider its effect on the auditor’s report to be issued.
ix. The auditor should also examine whether there is any change in the status of a component (e.g.,
subsidiary to associate, JV to associate or vice – versa). The auditor, in such cases, should examine
whether these changes have been appropriately accounted for in the consolidated financial
statements as required by the relevant accounting standards/Ind AS under the applicable financial
reporting framework.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.9
 GROUP AUDITS

a. In preparing consolidated financial statements in accordance with the Companies (Accounting

Standards) Rules, 2006, the financial statements of the parent and its subsidiaries are combined
on a line-by-line basis by adding together like items of assets, liabilities, income, expenses
and cash flows and then certain calculations like determination of goodwill or capital reserve,
minorities interest and adjustments like elimination of intra group transactions, balances and
unrealised profits etc. are made in accordance with the requirements of Accounting Standard
(AS) 21, “Consolidated Financial Statements”. Investments in associates are accounted for using
the Equity Method as prescribed in Accounting Standard (AS) 23, “Accounting for Investments
in Associates in Consolidated Financial Statements”. A parent that has an interest in a jointly
controlled entity, reports its interest in the consolidated financial statements using proportionate
consolidation method in accordance with Accounting Standard (AS) 27, “Financial Reporting
of Interests in Joint Ventures”. Many of the procedures appropriate for the application of equity
method and the proportionate consolidation method are similar to the consolidation procedures
set out in Accounting Standard (AS) 21, “Consolidated Financial Statements”.

b. For consolidation of subsidiaries in accordance with the Companies (Indian Accounting

Standards) Rules, 2015:
• the financial statements of the parent and its subsidiaries are combined as per Ind AS 110,
“Consolidated Financial Statements” on a line-by-line basis by adding together like items of
assets, liabilities, income, expenses and cash flows;
• related goodwill/ capital reserve (or gain on bargain purchase) and non-controlling interest is
determined as per Ind AS 103;
• business combinations involving entities or businesses under common control shall be accounted
for using the pooling of interest method in accordance with Ind AS 103;
• adjustments like elimination of intra-group transactions, balances, unrealised profits and deferred
tax etc. are made in accordance with the requirements of Ind AS 110;
• investments in associates and joint ventures are accounted for using the Equity Method as
prescribed in Indian Accounting Standard (Ind AS) 28, “Investments in Associates and Joint
Ventures”. Interests in assets, liabilities, revenues and expenses in a joint operation are accounted
for as part of separate financial statements of the entity in accordance with Indian Accounting
Standard (Ind AS) 111, “Joint Arrangements”;
• in a business combination achieved in stages, the acquirer shall remeasure its previously held
equity interest in the acquiree at its acquisition-date fair value and recognise the resulting gain
or loss, if any, in profit or loss or other comprehensive income, as appropriate in accordance
with Ind AS 103.

x. The auditor should verify that the adjustments warranted by the relevant accounting standards under
the applicable financial reporting framework have been made wherever required and have been
properly approved by the management of the parent. The preparation of consolidated financial
statements gives rise to permanent consolidation adjustments and current period consolidation
adjustments. The auditor should also pay attention to off balance sheet entities which sometimes
do not qualify for the definition of subsidiary, however, parent might have transferred risks of
various business ventures to these entities. Further, de-facto control should also be considered.

CA Harshad Jaju
13.10 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

De facto control means an investor with less than the majority of the voting rights has the
practical ability to direct the relevant activities unilaterally.

6. SPECIAL CONSIDERATIONS

6.1 Permanent Consolidation Adjustments

Permanent consolidation adjustments are those adjustments that are made only on the first occasion
or subsequent occasions in which there is a change in the shareholding of a particular entity which is
consolidated. Permanent consolidation adjustments are:

a. b.
Determination of goodwill Determination of amount
or capital reserve as per of equity attributable to
applicable accounting minority/ non- controlling
standards. interests.

The auditor should verify that the above calculations have been made appropriately.
♦ The auditor should pay particular attention to the determination of pre-acquisition reserves of the
components. Date(s) of investment in components assumes importance in this regard.
♦ The auditor should also examine whether the pre-acquisition reserves have been allocated
appropriately between the parent and the minority interests/ non-controlling interests of the
subsidiary.
♦ The auditor should also verify the changes that might have taken place in these permanent
consolidation adjustments on account of subsequent acquisition of shares in the components,
disposal of the components in the subsequent years.
It may happen that while working out the permanent consolidation adjustments, in the case of one
subsidiary, goodwill arises and in the case of another subsidiary, capital reserve arises. The parent may
choose to net off these amounts to disclose a single amount in the consolidated balance sheet where
permitted by the applicable financial reporting framework. In such cases, the auditor should verify
that the gross amounts of goodwill and capital reserves arising on acquisition of various subsidiaries
have been disclosed in the notes to the consolidated financial statements to reflect the excess/shortage
over the parents’ portion of the subsidiary’s equity.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.11
 GROUP AUDITS

6.2 Current Period Consolidation Adjustments

Current period adjustments are those adjustments that are made in the accounting period for which the
consolidation of financial statements is done.

Current period consolidation adjustments primarily relate to the elimination of intra-group

transactions and account balances including:
a. intra-group interest paid and received, or management fees, etc.;
b. unrealised intra-group profits on assets acquired/ transferred from/ to other subsidiaries;
c. record deferred taxes on unrealised intercompany profits elimination in accordance with Ind AS
12;
d. intra-group indebtedness;
e. adjustments related to harmonising the different accounting policies being followed by the parent
and its components;
f. adjustments to the financial statements (of the parent and the components being consolidated) for
recognized subsequent events or transactions that occur between the balance sheet date and the
date of the auditor’s report on the consolidated financial statements of the group.
There are two types of subsequent events:
i. The first type of subsequent events consists of events or transactions that provide additional
evidence about conditions that existed at the date of the financial statements, including the estimates
inherent in the process of preparing financial statements (i.e. adjusting events).
ii. The second type of subsequent events consists of events that provide evidence about conditions
that did not exist at the date of the financial statements but arose subsequent to that date (i.e. non-
adjusting events).
Events occurring after balance sheet date which do not require adjustments would not normally
require disclosure, although they may be of such significance that they may require a disclosure in
the report of approving authority in the case of accounting standards and in the financial statements
in case of Ind AS. For such events, the following shall be disclosed:
CA Harshad Jaju
13.12 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

i. The nature of the event; and

ii. An estimate of its financial effect or a statement that such an estimate cannot be made.
g. adjustments for the effects of significant transactions or other events that occur between the date of
the components balance sheet and not already recognised in its financial statements and the date of
the auditor’s report on the group’s consolidated financial statements when the financial statements
of the component to be used for consolidation are not drawn upto the same balance sheet date as
that of the parent;
h. In case of a foreign component, adjustments to convert a component’s audited financial statements
prepared under the component’s local GAAP to the GAAP under which the consolidated financial
statements are prepared;
i. determination of movement in equity attributable to the minorities interest/non-controlling interest
since the date of acquisition of the subsidiary. It should also be noted that under Ind AS, non-
controlling interest can also result in negative balance. Unlike earlier AS, as per paragraph 28 of
Ind AS 27, if the net worth of subsidiary is negative, non-controlling interest could have deficit
balance;
j. adjustments of deferred tax on account of temporary differences arising out of elimination of profit
and losses resulting from intragroup transactions and undistributed profits of the component in
case of consolidated financial statements prepared under Ind AS.
The adjustments required for preparation of consolidated financial statements are made in memorandum
records kept for the purpose by the parent. The auditor should review the memorandum records to
verify the adjustment entries made in the preparation of consolidated financial statements.

Apart from reviewing the memorandum records, the auditor should inter alia:

a. verify that the intra group transactions and account balances have been eliminated;
b. verify that the consolidated financial statements have been prepared using uniform accounting
policies for like transactions and other events in similar circumstances;
c. verify that adequate disclosures have been made in accordance with AS 21 in the consolidated
financial statements of application of different accounting policies in case, it was impracticable
to harmonize them. Applying a requirement is impracticable when the entity cannot apply it after
making every reasonable effort to do so4 but while preparing CFS under Ind AS, auditors should
ensure that appropriate adjustments are made to that group member’s financial statements in
preparing the consolidated financial statements to ensure conformity with the group’s accounting
policies in accordance with Ind AS 110;

4 AS 21/ AS 23/ AS 27 permit application of different accounting policies, if it is impractical to use uniform accounting policies, that fact should
be disclosed together with the proportion of the items in the consolidated financial statements to which the different accounting policies have been
applied. Ind AS 28 permits that financial statement of an associate can be prepared using different accounting policies if it is impractical to do so
however adjustment shall be made to make the accounting policies confirm to those of parent when the financial statements are used by parent in
applying the equity method.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.13
 GROUP AUDITS

d. verify the adjustments made to harmonise the different accounting policies including adjustments
made by management to convert a component’s financial statements prepared under the component’s
GAAP to the GAAP under which the consolidated financial statements are prepared;
e. verify the calculation of minorities/non-controlling interest;

f. verify adjustments relating to deferred tax on account of temporary differences arising out of
elimination of profit and losses resulting from intergroup transactions (where the parent’s accounts
are maintained in Ind AS);
g. verify that income and expenses of the subsidiary are included in consolidated financial statements
from the date it gains control until the date when the entity ceases to control the subsidiary and
further such income and expenses are based on the amounts of the assets and liabilities recognised
in consolidated financial statements at the acquisition date5.
• The auditor should gain an understanding of the procedures adopted by the management of the
enterprise to make the above mentioned adjustments. This helps the auditor in reducing the audit
risk to an acceptably low level.
• One of the important adjustment that may be required in the current period is determination
of impairment loss that might exist for goodwill arising on consolidation. Goodwill arising on
consolidation is carried at the value determined at the date of acquisition of the component, and
the same is to be tested for impairment loss at every balance sheet date.
• The auditor should examine whether any impairment loss has been determined by the parent. If
yes, the auditor should examine the procedure followed for determination of impairment loss. The
auditor should satisfy himself that the amount of impairment loss determined is fair. In case the
impairment loss in goodwill of a component has been determined in foreign currency, the auditor
should verify if any amount of loss in local currency need to be adjusted from currency translation
reserve on account of movement in the exchange rate from the date when the goodwill was first
accounted for in the consolidated financial statement of parent, to the date of determination of
impairment loss.
• The auditor should also perform audit procedures to understand and verify whether intragroup
losses are indicating an impairment loss that requires recognition in the consolidated financial
statements.
• Apart from verifying that the calculation and disclosures regarding minorities/non-controlling
interest have been made appropriately, the auditor also determines, in cases where the minority
interests’ share of the losses exceed the minority/non-controlling interests’ share of the equity,
the excess, and any further losses applicable to the minority interest, have been accounted for in
accordance with the relevant accounting standards.
• The financial statements of the components used in the consolidation should be drawn up to the
same reporting date as that of the parent. If it is not practicable to draw up the financial statements
of one or more components to such date and, accordingly, those financial statements are drawn up
to different reporting dates, adjustments should be made for the effects of significant transactions
or other events that occur between those dates and the date of the parent’s financial statements.
In any case, the difference between reporting dates should not be more than six months in case of
5 Where the consolidated financial statements are prepared under Indian Accounting Standards.

CA Harshad Jaju
13.14 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

financial statements under AS and three months in case of financial statements under Ind AS. The
auditor of the consolidated financial statements should review other components’ results between
its financial reporting date and that of the parent for significant transactions or other events that
have taken place during the period and, therefore, need to be reflected in the consolidated financial
statements. Recognition should be given by disclosure or otherwise to the effect of intervening
events which materially affect the financial position, results of operations or cash flows.
• The fundamental accounting assumption of “consistency” requires the auditor of the consolidated
financial statements to consider whether the length of the reporting periods and any difference
in financial year-ends are the same from period to period. If there have been any changes in the
respective reporting periods of the components included in the consolidated financial statements
that have a material effect on the financial statements, the auditor should ensure that the entity
discloses such changes and the manner of treatment in the financial statements.
• The Ministry of Corporate Affairs has issued a Circular number 39/2014 dated October 14, 2014
stating that Schedule III to the Act read with the applicable Accounting Standards does not envisage
that a company while preparing its consolidated financial statements merely repeats the disclosures
made by it under separate financial statements being consolidated. In the consolidated financial
statements, the company would need to give all disclosures relevant to consolidated financial
statements only.
• Further, Accounting Standard (AS) 21 also lays down certain principles that should be observed
while giving the information which is part of the separate financial statements of the Components
but that need not be reported in the notes and other explanatory material of the consolidated
financial statements.
The auditor should:
a. examine that the notes required by the applicable standards which are necessary for presenting a
true and fair view of the consolidated financial statements have been included in the consolidated
financial statements as an integral part thereof; and
b. examine that additional statutory information disclosed in the separate financial statements of the
subsidiary and/or a parent having bearing on the true and fair view of the consolidated financial
statements have been disclosed in the consolidated financial statements.
In addition, the information required pursuant to Schedule III to the Companies Act, 2013 (‘general
instructions for the preparation of consolidated financial statements’) should be disclosed.

Example: Following information is also required to be disclosed in the consolidated financial

statements separately for the parent and each of its components (including foreign component)
which has been consolidated:
i. amount of net assets and net assets as a percentage of consolidated net assets;
ii. amount of share in profit or loss and the percentage share in profit or loss as a percentage of
consolidated profit or loss;
iii. amount in other comprehensive income (OCI) and the percentage of OCI as a percentage of
Consolidated OCI.6

6 For companies which are covered by Ind AS.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.15
 GROUP AUDITS

• As regards consolidation adjustments (including elimination of intra group transactions), it

should be ensured that these are either disclosed as a single line item separately or adjusted in the
information (e.g. net assets) disclosed for the parent and its each component.
• The Ind AS 110 does not give a list of information which is part of the separate financial statement
of the components but that need not be reported in the notes and other explanatory material of the
consolidated financial statements, however, based on section 129(4) and MCA circular 39/2014 as
referred above, it can be construed that, even in consolidated financial statements under Ind AS,
only those disclosures should be given which are relevant to consolidated financial statements.
• Based on the above discussion, in case of companies, the information such as the following given
in the notes to the separate financial statements of the parent and/or the subsidiary, need not be
included in the consolidated financial statements.
i. Source from which bonus shares are issued, e.g., capitalisation of profits or reserves or from
securities premium account.
ii. Disclosure of all unutilised monies out of the issue indicating the form in which such unutilised
funds have been invested.
iii. Disclosure required under Micro, Small and Medium Enterprises Development Act, 2006.
iv. A statement of investments (whether shown under “financial assets or non-financial assets as
stock-in-trade) separately classifying trade investments and other investments, showing the
names of the bodies corporate (indicating separately the names of the bodies corporate under
the same management) in whose shares or debentures, investments have been made (including
all investments, whether existing or not, made subsequent to the date as at which the previous
balance sheet was made out) and the nature and extent of the investment so made in each such
body corporate.
v. Value of imports calculated on C.I.F. basis by the company during the financial year in respect of:
a. raw materials;
b. components and spare parts;
c. capital goods.
vi. Expenditure in foreign currency during the financial year on account of royalty, know-how,
professional and consultation fees, interest, and other matters.
vii. Value of all imported raw materials, spare parts and components consumed during the financial
year and the value of all indigenous raw materials, spare parts and components similarly
consumed and the percentage of each to the total consumption.
viii. The amount remitted during the year in foreign currencies on account of dividends, with a
specific mention of the number of non-resident shareholders, the number of shares held by
them on which the dividends were due and the year to which the dividends related.
ix. Earnings in foreign exchange classified under the following heads, namely:
a. export of goods calculated on F.O.B. basis;
b. royalty, know-how, professional and consultation fees;
c. interest and dividend;
(d) other income, indicating the nature thereof.
CA Harshad Jaju
13.16 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

However, notwithstanding the above, the auditor needs to ensure compliance with disclosure
requirements of applicable accounting standards and other applicable laws for consolidated financial
statements.

7. MANAGEMENT REPRESENTATIONS
SA 580, “Written Representations” requires the auditor to obtain written representations from
management and, where appropriate, those charged with governance. The auditor of the consolidated
financial statements should obtain evidence that the management of the parent acknowledges its
responsibility for a true and fair presentation of the consolidated financial statements in accordance
with the financial reporting framework applicable to the parent and that parent management has
approved the consolidated financial statements. In addition, the auditor of the consolidated financial
statements obtains written representations from parent management on matters material to the
consolidated financial statements.
Examples of such representations include:

(a) Completeness of components included in the CFS;

(b) Identification of reportable segments for segmental reporting;

(c) Identification of related parties and related party transactions for reporting;

(d) Appropriateness and completeness of permanent and current period consolidation

adjustments, including the elimination of intra-group transactions.

8. REPORTING
There could be two situations in an audit of consolidated financial statements–-when the parent’s
auditor is also the auditor of all the components to be included in the consolidated financial statements
and when the parent’s auditor is not the auditor of one or more components and therefore, uses the
work of other auditors in the audit. The auditor should, while preparing the report, consider the
requirements of Standard on Auditing (SA) 700, “Forming an Opinion and Reporting on Financial
Statements”, SA 705, “Modifications to the Opinion in the Independent Auditor’s Report and SA 706,
“Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report.
Where, the auditor uses the work of other auditors in the audit of consolidated financial statements,
the requirements of SA 600, “Using the Work of Another Auditor” should also be considered.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.17
 GROUP AUDITS

Reporting

When the
Component(s)
When the
Auditor
Component(s)
When the When the Reports on
Auditor
Parent’s Parent’s Financial
Reports under
Auditor is also Auditor Statements Components
an Auditing
the Auditor is not the under an Not Audited.
Framework
of all its Auditor of its Accounting
different than
Components. Components. Framework
that of the
different than
Parent.
that of the
Parent.

8.1 When the Parent’s Auditor is also the Auditor of all its Components
While drafting the audit report, the auditor should report:
♦ Whether principles and procedures for preparation and presentation of consolidated financial
statements as laid down in the relevant accounting standards have been followed.
In case of any departure or deviation, the auditor should consider the requirements given in SA
705, Modifications to the Opinion in the Independent Auditor’s reports in the audit report so that
users of the consolidated financial statements are aware of such deviation.
♦ Auditor should issue an audit report expressing opinion whether the consolidated financial
statements give a true and fair view of the state of affairs of the Group as on balance sheet date
and as to whether consolidated profit and loss statement gives true and fair view of the results of
consolidated profit or losses of the Group for the period under audit.
♦ Where the consolidated financial statements also include a cash flow statement, the auditor should
also give his opinion on the true and fair view of the cash flows presented by the consolidated cash
flow statements.

8.2 When the Parent’s Auditor is not the Auditor of all its Components
• In a case where the parent’s auditor is not the auditor of all the components included in the
consolidated financial statements, the auditor of the consolidated financial statements should also
consider the requirement of SA 600.
• As prescribed in SA 706, if the auditor considers it necessary to make reference to the audit of the
other auditors, the auditor’s report on the consolidated financial statements should disclose clearly
the magnitude of the portion of the financial statements audited by the other auditor(s).
• This may be done by stating aggregate rupee amounts or percentages of total assets, revenues and
cash flows of components included in the consolidated financial statements not audited by the
parent’s auditor.

CA Harshad Jaju
13.18 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

• Total assets, revenues and cash flows not audited by the parent’s auditor should be presented before
giving effect to permanent and current period consolidation adjustments.
• Reference in the report of the auditor on the consolidated financial statements to the fact that part of
the audit of the group was made by other auditor(s) is not to be construed as a qualification of the
opinion but rather as an indication of the divided responsibility between the auditors of the parent
and its subsidiaries.

8.3 When the Component(s) Auditor Reports on Financial Statements under an

Accounting Framework Different than that of the Parent
• The parent may have components located in multiple geographies outside India applying an
accounting framework (GAAP) that is different than that of the parent in preparing its financial
statements. Foreign components prepare financial statements under different financial reporting
frameworks, which may be a well-known framework (such as US GAAP or IFRS) or the local
GAAP of the jurisdiction of the component. Local component auditors may be unable to report on
financial statements prepared using the parent’s GAAP because of their unfamiliarity with such
GAAP.
• When a component’s financial statements are prepared under an accounting framework that
is different than that of the framework used by the parent in preparing group’s consolidated
financial statements, the parent’s management perform a conversion of the components’ audited
financial statements from the framework used by the component to the framework under which
the consolidated financial statements are prepared. The conversion adjustments are audited by
the principal auditor to ensure that the financial information of the component(s) is suitable and
appropriate for the purposes of consolidation.
• A component may alternatively prepare financial statements on the basis of the parent’s accounting
policies, as outlined in the group accounting manual, to facilitate the preparation of the group’s
consolidated financial statements. The group accounting manual would normally contain all
accounting policies, including relevant disclosure requirements, which are consistent with the
requirements of the financial reporting framework under which the group’s consolidated financial
statements are prepared. The local component auditor can then audit and issue an audit report on
the components financial statements prepared in accordance with “group accounting policies”.
• When applying the approach of using group accounting policies as the financial accounting
framework for components to report under, the principal/parent auditors should perform
procedures necessary to determine compliance of the group accounting policies with the GAAP
applicable to the parent’s financial statements. This ensures that the information prepared under
the requirements of the group accounting policies will be directly usable and relevant for the
preparation of consolidated financial statements by the parent entity, eliminating the need for
auditing by the auditor, the differences between the basis used for the component’s financial
statements and that of the consolidated financial statements. The Principal auditor can then decide
whether or not to rely on the components’ audit report and make reference to it in the auditor’s
report on the consolidated financial statements.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.19
 GROUP AUDITS

8.4 When the Component(s) Auditor Reports under an Auditing Framework

Different than that of the Parent
a. Normally, audits of financial statements, including consolidated financial statements, are performed
under auditing standards generally accepted in India (“Indian GAAS”).
b. In order to maintain consistency of the auditing framework and to enable the parent auditor to
rely and refer to the other auditor’s audit report in their audit report on the consolidated financial
statements, the components’ financial statements should also be audited under a framework that
corresponds to Indian GAAS.

8.5 Components Not Audited

a. Generally, the financial statements of all components included in consolidated financial statements
should be audited or subjected to audit procedures in the context of a multi-location group audit.
Such audits and audit procedures can be performed by the auditor reporting on the consolidated
financial statements or by the components’ auditor.
b. Where the financial statements of one or more components continue to remain unaudited, the
auditor reporting on the consolidated financial statements should consider unaudited components
in evaluating a possible modification to his report on the consolidated financial statements. The
evaluation is necessary because the auditor (or other auditors, as the case may be) has not been able
to obtain sufficient appropriate audit evidence in relation to such consolidated amounts/balances.
In such cases, the auditor should evaluate both qualitative and quantitative factors on the possible
effect of such amounts remaining unaudited when reporting on the consolidated financial statements
using the guidance provided in SA 705, “Modifications to the Opinion in the Independent Auditor’s
Report”.

CA Harshad Jaju
13.20 Swapnil Patni Classes caharshad
98812 92971
 GROUP AUDITS

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 13.21
 GROUP AUDITS

CA Harshad Jaju
13.22 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF
14
CHAPTER
AUDIT OF BANKS &
NON-BANKING
FINANCIAL COMPANIES
UNIT 1
SPECIAL FEATURES OF AUDIT OF BANKS

Highlights

After studying this chapter, you will be able to:

1. Gain the knowledge of legal framework, form and content of financial statements of the banks.
2. Know the feature of audit of accounts and auditor’s report.
3. Understand CRR, SLR and Capital Adequacy etc.
4. Understand the prescribed procedure to be followed while doing verification of assets and
liabilities of the bank.
5. Acquire the knowledge of Concurrent Audit and types of activities to be covered in it.
6. Know the role of audit committee in audit of banks.

1. INTRODUCTION
The banking industry is the pivot of any economy and its financial system. Banks are one of the
foremost agents of financial intermediation in an economy like India and, therefore, development
of a strong and resilient banking system is of utmost importance. The banking institutions in the
country are working in a competitive environment and their regulatory framework is aligned with
the international best practices. Thus, financial deepening has taken place in India and continues to
be in progress with a focus on orderly conditions in financial markets while sustaining the growth
momentum.
Banks have certain characteristics distinguishing them from most other commercial enterprises.
Special audit considerations arise in the audit of banks because of:
• The particular nature of risks associated with the transactions undertaken;
• The scale of banking operations and the resultant significant exposures which can arise within short
period of time;
• The extensive dependence on IT to process transactions;
• The effect of the statutory and regulatory requirements;
• The continuing development of new products and services and banking practices which may not be
matched by the concurrent development of accounting principles and auditing practices.

CA Harshad Jaju
Swapnil Patni Classes caharshad 14.1
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
Evolution of technology and providing services through Net Banking and Mobiles has exposed banks
to huge operational and financial risk.
The auditor should consider the effect of the above factors in designing his audit approach. It is
imperative for Branch Auditors and SCAs (Statutory Central Auditors) to have detailed knowledge of
the products offered and risks associated with them, and appropriately address them in their audit plan
to the extent they give rise to the risk of material misstatements in the financial statements.
In today’s environment, the banks use different applications to carry out different transactions which
may include data flow from one application to other application; the auditor while designing his plans
should also understand interface controls between the various applications.

2. LEGAL FRAMEWORK
There is an elaborate legal framework governing the functioning of banks in India. The principal
enactments which govern the functioning of several types of banks are:

Further, the Reserve Bank of India Act, 1934 gives wide powers to the RBI to give directions to banks
which also have considerable effect on the functioning of banks

CA Harshad Jaju
14.2 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

3. FORM AND CONTENT OF FINANCIAL STATEMENTS

Every banking company is required to prepare a Balance Sheet and a Profit and Loss Account in the
forms set out in the Third Schedule to the Act or as near thereto as the circumstances admit. Form A
of the Third Schedule to the Banking Regulation Act, 1949, contains the form of Balance Sheet and
Form B contains the form of Profit and Loss Account.
Every banking company needs to comply with the disclosure requirements under the various
Accounting Standards, as specified under section 133 of the Companies Act, 2013, read with Rule
7 of the Companies (Accounts) Rules 2014, in so far as they apply to banking companies or the
Accounting Standards issued by the ICAI. It may be noted that implementation of Indian Accounting
Standards (Ind AS) has been deferred by RBI for all scheduled commercial banks presently.
It is pertinent to state that preparation of balance sheet of a bank usually involves preparation of
standalone financial statements and consolidated financial statements. Preparation of Standalone
financial statements involve consolidation of branch accounts and incorporation of various verticals/
departments of bank in case of a nationalized bank/public sector bank. The detailed procedures in
this regard may vary from bank to bank. In case of private banks, the processes of accounting are
centralized and there is no concept of mandatory branch audit in accordance with RBI guidelines.
Public sector banks and private banks are listed on recognized stock exchange and are required to
comply with SEBI regulations including LODR.

3.1 Audit of Accounts & Appointment of Auditor

Sub-section (1) of section 30 of the Banking Regulation Act requires that the balance sheet and profit
and loss account of a banking company should be audited by a person duly qualified under any law
for the time being in force to be an auditor of companies.

Most banks, especially those in nationalised banks or public sector, appoint four or more (depending
upon their size and Board decision, as per RBI guidelines) firms of chartered accountants to act
jointly as statutory central auditors (SCAs).
The appointment letter sent by banks in connection with the appointment of SCAs typically
contains the following:
• Period of appointment.
• Particulars of other central auditors.
• Particulars of previous auditors.
• Procedural requirements to be complied with in accepting the assignment.
Example 1. Letter of acceptance (the letter usually contains, inter alia, averment as to absence of
disqualification for appointment, way in which the audit has to be conducted and confirmation
of present name, constitution and address of the auditor), declaration of fidelity and secrecy,
restriction on accepting other assignments from the bank, etc.
• A statement of division of work and review and reporting responsibilities amongst joint auditors
in case of nationalised banks (Generally this is decided at a later stage)

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.3
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

• Scope of assignment which includes any special reports or certificates to be given by the SCAs
in addition to the main report.
• In case of statutory branch auditors (SBAs), appointment letter is given on similar lines except
in regard to particulars of other auditors and statement of division of work. However, it is to be
noted that statutory branch audit is carried out by a single firm of chartered accountants.

Authority appointing the Auditors - As per the provisions of the relevant enactments, the auditor
of a banking company is to be appointed at the annual general meeting of the shareholders, whereas
the auditor of a nationalised bank is to be appointed by the concerned bank acting through its Board
of Directors.
In either case, approval of the Reserve Bank is required before the appointment is made.

4. CONDUCTING AN AUDIT

Initial
Considerations
Execution
• Acceptance & Risk Assessment
Continuance Understanding • Engagement Team
• Identifying and Discussions
• Declaration of • Understanding Assessing the
• Prepare response Reporting
Indebtedness the Bank and Risks of Material
Its Environment to the Assessed • Independent
• Internal Misstatements
including Internal Risks Auditor’s Report
Assignments • Assess the
Control • Establish the
in Banks by Risk of Fraud • Long Form Audit
Statutory Auditors • Understand Overall Audit Report
including Money
the Bank’s Strategy
• Terms of Audit Laundering • Report any other
Accounting • Audit Planning
Engagements • Assess Specific matters to Bank,
Process Memorandum
Risks Regulator or
• Communication
• Understanding the • Determine Audit Government
with Previous • Risk Associated
Risk Management Materiality
Auditor with Outsourcing
Process
• Planning of Activities • Consider Going
Concern
• Establish
Engagement Team

Stage I: Initial Considerations

Acceptance & Continuance: The assessment of engagement risk is a critical part of the audit process
and should be done prior to the acceptance of an audit engagement since it affects the decision of
accepting the engagement and in planning decisions if the audit is accepted.
Declaration of Indebtedness: The RBI has advised that the banks, before appointing their statutory
central//branch auditors, should obtain a declaration of indebtedness i.e., a written confirmation that
auditor/firm/partners/f/family members have not been declared as wilful defaulters by any bank/
financial institution This is in addition to the declaration regarding absence of disqualifications

CA Harshad Jaju
14.4 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

stipulated in Section 141 of the Companies Act 2013 which includes borrowing above stipulated
amount. Students may refer Chapter 12 of CA Intermediate Auditing and Assurance Study Material.
Internal Assignments in Banks by Statutory Auditors: The RBI decided that the audit firms should not
undertake statutory audit assignment while they are associated with internal assignments in the bank
during the same year.
Terms of Audit Engagements: SA 210, “Terms of Audit Engagements” requires that for each period
to be audited, the auditor should agree on the terms of the audit engagement with the bank before
beginning significant portions of fieldwork. It is imperative that the terms of the engagement are
documented, to prevent any confusion as to the terms that have been agreed in relation to the audit
and the respective responsibilities of the management and the auditor, at the beginning of an audit
relationship. This is usually done in the form of engagement letter which is written by the auditor and
acknowledged by the bank.
Communication with Previous Auditor: As per Clause (8) of the Part I of the First Schedule to the
Chartered Accountants Act, 1949, a chartered accountant in practice cannot accept position as auditor
previously held by another chartered accountant without first communicating with him/her in writing.
Planning: The audit plan needs to be properly documented with respect to timing, extent of checking,
audit procedures to be followed at assertion level and should be flexible and updated or changed, as
and when necessary.
Establish the Engagement Team: The assignment of qualified and experienced professionals is an
important component of managing engagement risk. The size and composition of the engagement
team would depend on the size, nature, and complexity of the bank’s operations.

Stage II : Understanding
Understanding the Bank and Its Environment including Internal Control: An understanding of the
bank and its environment, including its internal control, enables the auditor:
• To identify and assess risk;
• To develop an audit plan to determine the operating effectiveness of the controls, and to address the
specific risks.
Understand the Bank’s Accounting Process: The accounting process produces financial and operational
information for management’s use and it also contributes to the bank’s internal control.
Thus, understanding of the accounting process is necessary to identify and assess the risks of material
misstatement whether due to fraud or not, and to design and perform further audit procedures.
Understanding the Risk Management Process: Management develops controls and uses performance
indicators to aid in managing key business and financial risks. An effective risk management system
in a bank generally requires the following:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.5
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Oversight by those Identification,

Reliable information
charged with measurement and Control activities Monitoring activities
systems
governance monitoring of risks

• Those charged • Risks that could • A bank should • Risk management • Banks require
with governance significantly have appropriate models, reliable
(BOD/Chief impact the controls to methodologies information
Executive Officer) achievement manage its risks, and assumptions systems that
should approve of bank’s including effective used to measure provide adequate
written risk goals should segregation and manage financial,
management be identified, of duties risk should be operational and
policies. The measured and (particularly, regularly assessed compliance
policies should be monitored against between front and updated. This information on
consistent with the pre-approved and back function may be a timely and
bank’s business limits and criteria offices), accurate conducted by the consistent basis.
objectives measurement independent risk Those charged
and strategies, and reporting management unit. with governance
capital strength, of positions, and management
management verification require risk
expertise, and approval management
regulatory of transactions, information that is
requirements reconciliation easily understood
and the types of positions and and that enables
and amounts of results, setting of them to assess the
risk it regards as limits, reporting changing nature
acceptable. and approval of the bank’s risk
of exceptions, profile.
physical security
and contingency
planning.

Stage III : Risk Assessment

Identifying and Assessing the Risks of Material Misstatements: SA 315 requires the auditor to
identify and assess the risks of material misstatement at the financial statement level and the assertion
level for classes of transactions, account balances, and disclosures to provide a basis for designing and
performing further audit procedures.
Assess the Risk of Fraud including Money Laundering: As per SA 240 “The Auditor’s
Responsibilities Relating to Fraud in an Audit of Financial Statements”, the auditor’s objective is to
identify and assess the risks of material misstatement in the financial statements due to fraud, to obtain
sufficient appropriate audit evidence on those identified misstatements and to respond appropriately.
The attitude of professional scepticism should be maintained by the auditor to recognise the possibility
of misstatements due to fraud.
The RBI has framed specific guidelines that deal with prevention of money laundering and “Know
Your Customer (KYC)” norms. The RBI has from time to time issued guidelines (“Know Your
Customer Guidelines – Anti Money Laundering Standards”), requiring banks to establish policies,
procedures and controls to deter and to recognise and report money laundering activities.
CA Harshad Jaju
14.6 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Assess Specific Risks: The auditors should identify and assess specific risks of material misstatement
at the financial statement level which refers to risks that relate to the banking industry and the use of
IT therein.
Risk Associated with Outsourcing of Activities: The modern-day banks make extensive use of
outsourcing as a means of both reducing costs as well as making use of services of an expert not
available internally. There are, however, certain risks associated with outsourcing of activities by
banks and therefore, it is quintessential for the banks to effectively manage those risks.

Stage IV: Execution

Engagement Team Discussions: The engagement team should hold discussions to gain better
understanding of bank and its environment, including internal control, and to assess the potential for
material misstatements of the financial statements.
Response to the Assessed Risks: SA 330 “The Auditor’s Responses to Assessed Risks” requires
the auditor to design and implement overall responses to address the assessed risks of material
misstatement at the financial statement level. The auditor should design and perform further audit
procedures whose nature, timing and extent are based on and are responsive to the assessed risks of
material misstatement at the assertion level.
Establish the Overall Audit Strategy: SA 300 “Planning an Audit of financial Statements’’ states
that the objective of the auditor is to plan the audit so that it will be performed in an effective manner.
For this purpose, the audit engagement partner should:
• Establish the overall audit strategy, prior to the commencement of an audit; and
• Involve key engagement team members and other appropriate specialists while establishing the
overall audit strategy, which depends on the characteristics of the audit engagement.
Audit Planning Memorandum: The auditor should summarise the team’s audit plan by preparing an
audit planning memorandum in order to:
• Describe the expected scope and extent of the audit procedures to be performed by the auditor.
• Highlight all significant issues and risks identified during their planning and risk assessment
activities, as well as the decisions concerning reliance on controls.
• Provide evidence that they have planned the audit engagement appropriately and have responded to
engagement risk, pervasive risks, specific risks, and other matters affecting the audit engagement.
Determine Audit Materiality: The auditor should consider the relationship between the audit
materiality and audit risk when conducting an audit. The determination of audit materiality is a matter
of professional judgment and depends upon the knowledge of the bank, assessment of engagement
risk, and the reporting requirements for the financial statements. Judgments about materiality are
made in light of surrounding circumstances and are affected by the size or nature of a misstatement,
or combination of both.
Consider Going Concern: In obtaining an understanding of the bank, the auditor should consider
whether there are events and conditions which may cast significant doubt on the bank’s ability to
continue as a going concern.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.7
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Stage V: Reporting
Students should refer to the reporting requirements explained in heading 8. Auditor’s Report of this
Chapter.
[Note: For detailed understanding of stages involved for conducting an audit, as discussed above,
students may refer Guidance Note on Audit of Banks.]

4.1 Special Considerations in IT Environment

The advent of working in CBS environment in banks coupled with changes in technology, use of
different payment systems and integration of Aadhar for cardless transactions have changed the way
banking used to be in earlier times. However, the technological developments have brought new
challenges for auditors as audit is required to be conducted through the system. Considering the
importance of IT systems in preparation and presentation of financial statements, it is imperative that
bank should share detailed information with auditors like: -
• Overall IT policy, structure and environment of Bank’s IT system
• Data processing and data interface under various systems
• Data integrity and data security
• Business Continuity plans and disaster control plans
• Accounting manual and critical accounting entries, their processes and involvement of IT systems
• Controls over key aspects, use of various account heads, expense booking, overdue identification
etc.
• Controls on recording of various e-banking and internet banking products and channels
• MIS reports being generated and their periodicity
• Major exception reports and process of generation including embedded logic
• Process of generating various information related to various disclosures in financial statements
and involvement of IT systems
Overall review of IT environment and computerized accounting system has to be taken at head office
level. The branch auditors generally do not have access to IT policy and processes implemented by the
bank. Hence, based upon guidance and information received from Statutory central auditors, branch
auditors need to ensure that data review and analysis through CBS is carried out and tests of controls
and substantive checking of sample transactions is carried out at branch level and results are shared
with statutory central auditors.

CA Harshad Jaju
14.8 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

It is responsibility of statutory central auditors to obtain understanding of IT environment and various

controls put in place by management and evaluate whether controls are operating effectively. The
methodology adopted by the bank in implementing and monitoring controls should be discussed with head
of IT department and based on this understanding, audit procedures can be designed. The key security
control aspects that an auditor needs to address when undertaking audit in a computerised bank include:
• Ensure that authorised, accurate and complete data is made available for processing.
• Ensure that in case of interruption due to power, mechanical or processing failures, the system
restarts without distorting the completion of the entries and records.
• Ensure that the system prevents unauthorised amendments to the programmes.
• Verify whether “access controls” assigned to the staff-working match with the responsibilities as
per manual. It is important for the auditor to ensure that access and authorisation rights given to
employees are appropriate.
• Verify that segregation of duties is ensured while granting system access to users and that the
user activities are monitored by performing an activities log review.
• Verify that changes made in the parameters or user levels are authenticated.
• Verify that charges calculated manually for accounts when function is not regulated through
parameters are properly accounted for and authorised.
• Verify that exceptional transaction reports are being authorised and verified on a daily basis by the concerned
officials. It is important for auditor to understand the nature of exception and its impact on financials.
• Verify that the account master and balance cannot be modified/amended/altered except by the
authorised personnel.
• Verify that all the general ledger accounts codes authorised by Head Office are in existence in the system.
• Verify that balance in general ledger tallies with the balance in subsidiary book. .

4.2 Internal Audit and Inspection

Central audit and inspection department in Banks is a combination of centralized function with some
level of decentralization which is usually headed by a Chief Audit Executive. It is responsible for
undertaking risk-Based Internal Audit (RBIA) as per the framework as stipulated by RBI. It is also
responsible for identification of branches for revenue audit, appointment of concurrent auditors,
deciding their scope, meeting the concurrent auditors, discussing their issues, conducting trainings if
needed, and review of work of concurrent auditors. The primary function is to ensure that the audit
function is handled smoothly, effectively & efficiently.
Risk-based Internal audit is conducted based upon the risk assessment of business and control risks of
branches. The risk assessment process includes: -
• Identification of inherent business risks in various activities undertaken by branches (Business risk)
• Assessment of effectiveness of control systems for monitoring inherent risks of business activities
of branch (Control risk)
• Making an assessment of level and direction of various risk areas and assess level and direction of
overall business risk and control risk
• Drawing up of risk matrix taking into account factors viz. Risk of branch
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.9
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

5. INTERNAL CONTROL IN CERTAIN SELECTED AREAS

System of Internal Control in Banks: Banks are required to implement and maintain a system
of internal controls for mitigating risks, maintain good governance and to meet the regulatory
requirements. Given below are examples of internal controls that are typically implemented in a bank:

Area of Focus Examples of Internal Controls in a Bank

General • The staff and officers of a bank should be shifted from one position to another
frequently and without prior notice.
• The work of one person should always be checked by another person (usually
by an officer) in the normal course of business.
• The arithmetical accuracy of the books should be proved independently every
day.
• All bank forms (e.g. Cheque books, demand draft/pay order books, travelers’
cheques, foreign currency cards etc.) should be kept in the possession of an
officer, and another responsible officer should verify the issuance and stock of
such stationery.
• The mail should be opened by a responsible officer. Signatures on all the letters
and advices received from other branches of the bank or its correspondence
should be checked by an officer with the signature book.
• The signature book and the telegraphic code book should be kept with responsible
officers and access should be allowed only to authorised officers.
• The bank should take out insurance policies against loss due to all the risks such
as fire, natural calamities, theft and employees’ infidelity.
• The financial powers of officers of different grades should be clearly defined.
• There should be surprise inspection of head office and branches at periodic
interval by the internal audit department. The irregularities pointed out in the
inspection reports should be promptly rectified.

CA Harshad Jaju
14.10 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Cash • Cash should be kept in the joint custody of two responsible officers.
• In addition to normal checking by the chief cashier, cash should be test-checked
daily and counted in full occasionally by a responsible officer other than those
handling the cash. Actual cash in hand should agree with the balance shown by
the Day Book every day.
• The cashier should have no access to the customer’s ledger accounts and the
Day Book. This is an important safeguard as the Bank managements are often
tempted to use cashiers because of their shorter working hours as ledger clerks
in the absence of regular staff etc. This can result in substantial losses to the
bank.
• The counterfoil of cash receipt vouchers (e.g. counterfeits of pay-inslips lodged
by the depositors) should be signed by an officer in Cash Department, in addition
to the receiving cashier.
• Payments should be made only after the vouchers (e.g. cheques, demand drafts
etc.) have been passed for payment by the authorised officer and have been
entered in the customer’s account.
• Receipt and payment scrolls or their totals should be compared with the cash
column of the Day-Book by independent persons.
• High value cash receipts and payments should be verified by a higher officer/
branch manager and the excess cash balance should be remitted to currency
chest according to branch’s retention limit on daily basis.
Clearings • Under the Cheque Truncation System (CTS) implemented by RBI, an electronic
image of the cheque is transmitted to the paying branch through the clearing
house, along with relevant information like data on the MICR band, date of
presentation, presenting bank, etc. This effectively eliminates the associated
cost of movement of the physical cheques, reduces the time required for their
collection.
• As per RBI guidelines, the branch is required to either call the customer or email
him for any cheque received for the amount of ` 5 lakh and above in respect of
inward clearings. The Auditor may verify the compliance on test check basis.
• The Auditor is to check whether signature of the drawer of the cheque is being
verified by the staff or not as else there will be liability of the paying bank under
all circumstances.
• The unpaid cheques received in outward clearing should be either sent to the
customers at their recorded address or the customers be informed to collect the
same from bank branch.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.11
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Bills for • All the documents accompanying the bills should be received and entered in the
Collection Register by a responsible officer. At the time of dispatch, the officer should also
see that all the documents are sent along with the bills.
• The accounts of customers or principals should be credited only after the bills
have been collected or an advice to that effect received from the bank branch or
agent to which they were sent for collection.
• It should be ensured that bills sent by one branch for collection to another branch
of the bank, are not taken in the bills for collection twice in the amalgamated
balance sheet of the bank. For this purpose, the receiving branch should reverse
the entries regarding such bills at the end of the year for closing purposes.
Bills • At the time of purchase of the bills, an officer should verify that all the documents
Purchased of title are properly assigned to the bank.
• Sufficient margin should be kept while purchasing or discounting a bill to cover
any decline in the value of the security etc.
• If the bank is unable to collect a bill on the due date, immediate steps should be
taken to recover the amount from the drawer against the security provided.
• All irregular outstanding account/s should be reported to the Head Office.
• In the case of bills purchased outstanding at the close of the year the discount
received thereon should be properly apportioned between the two years.
Loans and • The bank should make advances only after satisfying itself as to the
Advances creditworthiness of the borrowers and after obtaining sanction from the proper
authorities of the bank.
• All the necessary documents (e.g., agreements, demand promissory notes,
letters of hypothecation, etc.) should be executed by the parties before advances
are made.
• Sufficient margin should be kept against securities taken to cover any decline
in the value thereof and to comply with Reserve Bank directives. Such margins
should be determined by the proper authorities of the bank as a general policy
or after detailed scrutiny for specific accounts.
• All the securities should be received and returned by responsible officer. They
should be kept in the Joint custody of two such officers.
• All securities requiring registration should be registered in the name of the bank
or otherwise accompanied by the documents sufficient to give title of the bank.
• All accounts should be kept within both the drawing power and the sanctioned
limit as per prescribed norms. Additional temporary limit may be sanctioned,
for a maximum of 20% of existing limit and 90 days maximum tenure.
• All the accounts which exceed the sanctioned limit or drawing power or are
against unapproved securities or are otherwise irregular should be brought to
the notice of the Management/Head Office regularly.
• The operation (in each advance account) should be reviewed at least once every
year.)
CA Harshad Jaju
14.12 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Demand • The signatures on a demand draft should be checked by an officer with the
Drafts Signature Book.
• All the D.Ds. sold/ issued by a branch should be immediately confirmed by an
advice to the paying branch.
• If the paying branch does not receive proper confirmation of any D.D. from
the issuing branch or does not receive credit in its account with that branch, it
should take immediate steps to ascertain the reasons.
Inter Branch • The accounts should be adjusted only on the basis of advices (and not on the
Accounts strength of entries found in the statement of account) received from other
branches,
• Prompt action should be taken preferably by central authority, if any entries
(particularly debit entries) are not responded to by any branch within a reasonable
time.
Credit Card • There should be effective screening of applications with reasonably good credit
Operations assessments.
• There should be strict control over storage and issue of cards.
• There should be a system whereby a merchant confirms the status of unutilised
limit of a credit-card holder from the bank before accepting the settlement, in
case the amount to be settled exceeds a specified percentage of the total limit of
the card holder.
• There should be a system of prompt reporting by the merchants of all settlements
accepted by them through credit cards.
• Reimbursement to merchants should be made only after verification of the
validity of merchant’s acceptance of cards.
• All the reimbursement (gross of commission) should be immediately charged to
the customer’s account.
• There should be a system to ensure that statements are sent regularly and
promptly to the customer.
• There should be a system to monitor and follow-up customers’ payments.
• Payments overdue beyond a reasonable period should be identified and attended
to carefully. For defaulting customers, credit should be stopped by informing
the merchants through periodic bulletins, as early as possible, to avoid increased
losses.
• There should be a system of periodic review of credit card holders’ accounts.
On this basis, the limits of customers may be revised, if necessary. The review
should also include determination of doubtful amounts and the provisioning in
respect thereof.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.13
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

6. COMPLIANCE WITH CRR AND SLR REQUIREMENTS

i. Cash Reserve Ratio (CRR) is a specified minimum fraction of the total deposits of customers,
which commercial banks have to hold as reserves either in cash or as deposits with the central bank.
One of the important determinants of cash balances to be maintained by banking companies and other
scheduled banks is the requirement for maintenance of a certain minimum cash reserve.
While the requirement for maintenance of cash reserve by banking companies is contained in the
Banking Regulation Act, 1949, corresponding requirement for scheduled banks is contained in the
Reserve Bank of India Act, 1934.
The RBI, from time to time, reviews the evolving liquidity situation and accordingly decides the rate
of CRR required to be maintained by scheduled commercial banks. Therefore, the auditor needs to
refer to the master circular issued from time to time in this regard to ensure the compliance of CRR
requirements.
ii. Statutory Liquidity Ratio (SLR) Requirements – SLR is the requirement that every scheduled
commercial bank in India is required to maintain in the form of certain liquid assets such as gold, cash
and government approved securities before providing credit to the customers. The Reserve Bank of
India requires statutory central auditors of banks to verify the compliance with SLR requirements of
12 odd dates in different months of a fiscal year not being Fridays. The objective of maintaining SLR
is to have an amount in the form of liquid assets which can be used to handle a sudden increase in
demand for the amount from the depositors. The resultant report is to be sent to the top management
of the bank and to the Reserve Bank.

Correctness of the compilation of Maintenance of liquid assets as

DTL (Demand and Time Liabilities) prescribed u/s 24 of Banking
position; and Regulation Act.

Audit Approach and Procedure:

Area of Focus Suggested Audit Procedures
Compliance • Obtain an understanding of the relevant circulars/ instructions of the RBI,
with CRR particularly regarding composition of items of DTL.
and SLR • Request the branch auditors to send their weekly trial balance as on Friday and
requirements these are consolidated at the head office. Based on this consolidation, the DTL
position is determined for every reporting Friday. The statutory central auditor
should request the branch auditors to verify the correctness of the trial balances
relevant to the dates selected by him/her. The branch auditors should also be
specifically requested to examine the cash balance at the branch on the selected
dates.

CA Harshad Jaju
14.14 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

• Examine, on a test basis, the consolidations regarding DTL position prepared

by the bank with reference to the related returns received from branches. The
auditor should examine whether the valuation of securities done by the bank is
in accordance with the guidelines prescribed by the RBI.
• While examining the computation of DTL, specifically examine that items have
been excluded from liabilities as per RBI guidelines. Some of these items are:-
• Paid up capital, reserve, any credit balance in profit & loss account of bank,
amount of loan taken from RBI and amount of refinance taken from EXIM
bank, NHB, SIDBI and NABARD
o Part amounts of recoveries from the borrowers in respect of debts considered
bad and doubtful of recovery.
o Amounts received in Indian currency against import bills and held in sundry
deposits pending receipts of final rates.
o Un-adjusted deposits/balances lying in link branches for agency business like
dividend warrants, interest warrants, refund of application money, etc., in
respect of shares/debentures to the extent of payment made by other branches
but not adjusted by the link branches.
o Margins held and kept in sundry deposits for funded facilities.
• Similarly, specifically examine that the items have been included in liabilities as
per RBI guidelines. Some of these items are:-
o Net credit balance in branch adjustment accounts.
o Borrowings from abroad by banks in India needs to be considered as ‘liabilities
to other’ and thus, needs to be considered at gross level unlike ‘liabilities towards
banking system in India’, which are permitted to be netted off against ‘assets
towards banking system in India’. Thus, the adverse balances in Nostro Mirror
Account needs to be considered as ‘Liabilities to other’.
o The reconciliation of Nostro accounts (with Nostro Mirror Accounts) needs to
be scrutinized carefully to analyze and ascertain if any inwards remittances
are received on behalf of the customers / constituents of the bank and have
remained unaccounted and / or any other debit (inward) entries have remained
unaccounted and are pertaining to any liabilities for the bank.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.15
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

• Examine whether the consolidations prepared by the bank include the relevant
information in respect of all the branches.
• It may be noted that, even though interest accrues daily, it is recorded in the
books only at periodic intervals. Thus, examine whether such interest accrued
but not accounted for in books is included in the computation of DTL.
• The auditor at the central level should apply the audit procedures listed above
to the overall consolidation prepared for the bank as a whole. Where such
procedure is followed, the central auditor should adequately describe the same
in the report.
• While reporting on compliance with SLR requirements, the auditor should
specify the number of unaudited branches and state that he/she has relied on the
returns received from the unaudited branches in forming an opinion. Recently,
there has been introduction of Automated Data Flow (ADF) for CRR & SLR
reporting and the auditors should develop necessary audit procedures around
this.

7. VERIFICATION OF ASSETS
Before beginning verification of assets and balances, the auditor should obtain an accurate schedule
of accounts in the prescribed format. The following are the steps involved in verification of assets and
balances. -
I. CASH, BANK BALANCES AND MONEY AT CALL AND SHORT NOTICE - The Third
Schedule to the Banking Regulation Act, 1949, requires disclosures to be made in the balance
sheet regarding cash, balances with Reserve Bank of India, balances with other banks and money
at call and short notice. Audit approach and audit procedures in respect of these items is discussed
as under: -

Balances with
Balances with Money at Call and
Cash Reserve Bank of
Other Banks Short Notice
India

Audit approach: The auditor’s basic objective in verification of these items is their existence and
completeness as on date of balance sheet and audit procedures have to be tailored to meet these.
Remember that cash would be appearing in balance sheet of almost all branches. However, in most
of the branches of a bank, there will be no bank account requiring reporting except in branches
with treasury operations. Similarly, activity pertaining to money at call and short notice is handled
by treasury department of the bank at head office level.
Banks have a robust system of internal controls pertaining to cash like joint custody of two
responsible officers, checking of cash at periodic intervals etc due to higher risk of misappropriation.
Similarly, the balance with other banks (in case of applicable branches) are reconciled periodically.
The auditor has to be satisfied about effective operation and implementation of internal controls in
this area.

CA Harshad Jaju
14.16 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Audit Procedures:
Area of Focus Suggested Audit Procedures
Cash • Carry out the physical verification of cash (including foreign currency, if any,
cash at ATM and cash at cash deposit machines) as close to the balance sheet
date as possible.
• The cash balance as physically verified should be agreed with the balance shown
in the cash register/balance in CBS.
Balance with • Verify the ledger balances in each account with reference to the bank confirmation
Reserve Bank certificates and reconciliation statements as at the year-end.
of India • Review the reconciliation statements, paying special attention to the following
items appearing in the reconciliation statements:
o Cash transactions remaining unresponded;
o Revenue items requiring adjustments/write-offs; and
o Other credit and debit entries originated in the statement provided by RBI
remaining unresponded for more than 15 days.
Balance with Apart from the procedures described above in examining the balances with Reserve
Other Banks Bank of India, while reviewing the reconciliation statements, the auditor should
(Other than pay particular attention to the following.
Reserve Bank • Examine that no debit for charges or credit for interest is outstanding and all
of India) the items which ought to have been taken to revenue for the year have been so
taken.
• Examine that no cheque sent or received in clearing is outstanding.
• Examine that all bills or outstation cheques sent for collection and outstanding
as on the closing date have been credited subsequently.
• Examine large transactions in inter-bank accounts to ensure that no transactions
have been put through for window dressing particularly towards the close of
year.
The balances with banks outside India should also be verified in the manner
described above. These balances should be converted into the Indian currency at
the exchange rates prevailing on the balance sheet date

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.17
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Money at • Examine whether there is a proper system of authorisation, general or specific,

Call and for lending of the money at call or short notice. Compliance with the instructions
Short Notice or guidelines laid down in this behalf by the head office or controlling office of
the branch, including the limits on lending’s in inter-bank call money market
should also be examined.
• Call loans should be verified with the certificates of the borrowers and the call
loan receipts held by the bank.
• Examine whether the aggregate balances comprising this item as shown in the
relevant register tally with the control accounts as per the general ledger.
• Examine subsequent repayments received from borrowing banks to verify the
amounts shown under this head as at the year-end. It may be noted that call
loans made by a bank cannot be netted-off against call loans received.
• Verify that the interest has been properly accrued and accounted for on year-end
outstanding balances of call/ short notice money.

II. INVESTMENTS
Audit approach:
The auditor’s primary objective in audit of investments is to satisfy himself as to their existence,
ownership and valuation. Examination of compliance with statutory and regulatory requirements is
also an important objective in audit of investments in as much as non-compliance may have a direct
and material effect on the financial statements. The latter aspect assumes special significance in the
case of banks where investment transactions should be carried out within the numerous parameters
laid down by the relevant legislation and directions of the RBI. The auditor should keep this in view
while designing audit procedures relating to investments. Every bank has their own investment policy,
which is drawn strictly in conjunction with RBI Master circular on investments. The entire compliance
needs to be evaluated in terms of requirements of investment policy read with master circular RBI
Audit Procedures:
Area of Focus Suggested Audit Procedures
Internal • Review the investment policy of the bank to ascertain that the policy conforms,
Control in all material respects, to the RBI’s guidelines as well as to any statutory
Evaluation provisions applicable to the bank.
and Review • It should clearly outline the broad investment objectives separately for the
of Investment investments on its own account and investments on behalf of customers.
Policy
Separation of • Check the segregation of duties within the bank staff in terms of executing
Investment trades, settlement and monitoring of such trades, and accounting of the same
Functions (generally termed as front office, middle office and back-office functions’
segregation).

CA Harshad Jaju
14.18 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Examination of • Examine the reconciliation of the investment account, physically verify the
Reconciliation securities on hand, obtain confirmations from counter-party banks for Bank
Receipts (BRs) issued by such banks and on hand, obtain confirmation of
Subsidiary General Ledger (SGL) balances with the Public Debt Office (PDO),
and examine the control and reconciliation of BRs issued by the bank.
Examination of • Ascertain whether the investments made by the bank are within its authority.
Documents • Ensure that any other covenants or conditions which restrict qualify or abridge
the right of ownership and/or disposal of investments, have been complied
with by the bank.
• The acquisition/disposal of investments should be verified with reference to the
broker’s contract note, bill of costs, receipts and other similar evidence.
Physical • Verify the investment scrips physically at the close of business on the date of
Verification the balance sheet.
• Verify investments held with public debt office of RBI, custodians and depository
with the statement of holdings as on date of balance sheet. Independent
balance confirmation requests can be made in accordance with SA-505.
In case independent confirmations are not received back, alternative audit
procedures like getting bank personnel to download investment statement
from E-Kuber for government securities (E-Kuber is CBS platform of RBI)
in auditor’s presence can be designed.
• In respect of BRs issued by other banks and on hand with the bank at the year-
end, the auditor should examine confirmations of counterparty banks about
such BRs. Where any BRs have been outstanding for an unduly extended
period, the auditor should obtain written explanation from the management
for the reasons thereof. The auditor should examine the reconciliation of BRs
issued by the bank. BRs should not be issued in respect of transactions in
government securities for which SGL facility is available.
• If certain securities are held in the names of nominees, the auditor should
examine whether there are proper transfer deeds signed by the holders and
an undertaking from them that they hold the securities on behalf of the bank.
Examination • Examine that entire investment portfolio of bank is classified under three
of classification categories i.e.HTM, HFT and AFS and shifting of securities is as per regulatory
and shifting norms and laid down policy.
• Examine whether the shifting of the investments from ‘available for sale’ to
‘held to maturity’ is duly approved by the Board of Directors of the bank.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.19
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Examination of • Examine whether the method of accounting followed by the bank in respect of
Valuation investments, including their year-end valuation, is appropriate.
• Examine whether the investments have been properly classified into the three
categories at the time of acquisition based on such intention as evidenced by the
decision of the competent authority such as Board of directors, Asset Liability
Committee (ALCO) or Investment Committee.
• Examine compliance by the bank with the guidelines of the RBI relating to
valuation of investments.
• Verify that investments are classified as non-performing investments (NPI) as
per applicable RBI guidelines. (Nonperforming investments are those where
interest/principal is in arrears and remains unpaid for more than 90 days). In
such cases, banks have not to reckon income on securities and are required to
make provisions for depreciation in value of investment.
• Examine whether income from investments is properly accounted for. This
aspect assumes special importance in cases where the bank has opted for
receipt of income through the electronic/on line medium.
• Verify whether adequate disclosure of any change in method of valuation of
investment is made.
• Examine whether the profit or loss on sale of investments has been computed
and accounted for properly.
• Verify that there is a proper system for recording and maintenance of TDS
certificates received by the bank.
Dealings in • Examine whether prior approvals for carrying out such dealings have been
Securities obtained.
on Behalf of • Examine whether bank’s income from such activities has been recorded and is
Others fairly stated in the bank’s financial statements.
• Consider whether the bank has any material undisclosed liability from a breach
of its fiduciary duties, including the safekeeping of assets.
Special-purpose • Examine whether the bank is maintaining separate accounts for the investments
Certificates made by it on their own Investment Account, on PMS clients’ account, and on
Relating to behalf of other constituents (including brokers).
Investments • As per the RBI guidelines, banks are required to get their investments under
PMS separately audited by external auditors.

CA Harshad Jaju
14.20 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Audit, Review and Reporting: Banks should undertake half-yearly reviews (as of 30th September
and 31st March) of their investment portfolio. These half yearly reviews should not only cover the
operational aspects of the investment portfolio but also clearly indicate amendments made to the
investment policy and certify the adherence to laid down internal investment policy and procedures
and RBI guidelines.
The internal auditors are required to separately conduct the concurrent audit of treasury transactions
and the results of their report should be placed before the CMD once every month. Banks need
not forward copies of the internal audit report to RBI. However, major irregularities observed in
these reports and position of compliance thereto may be incorporated in the half yearly review of the
investment portfolio.

III. ADVANCES
The Third Schedule to the Act requires classification of advances made by a bank from three
different angles, viz., nature of advance (like cash credit, overdrafts or term loans or bills purchased
and discounted), nature and extent of security(like secured by tangible assets or covered by bank/
govt guarantees), and and place of making advance (i.e. Whether in India or outside India). Further,
advances in India are also to be classified also on sectoral basis (like priority sector or public sector).
Audit Approach: Advances generally constitute the major part of the assets of the bank. There are
substantial number of borrowers to whom variety of advances are granted. The audit of advances
requires the major attention from the auditors. The auditor is primarily concerned with obtaining
evidence about the following while carrying out audit of advances:-
• Amounts included in the balance sheet in respect of advances are outstanding at the date of balance
sheet
• Advances represent amounts due to the bank
• Amounts due to the bank are appropriately supported by loan documents
• There are no unrecorded advances
• The stated basis of valuation of advances is appropriate and properly applied and recoverability of
advances is recognized in their valuation.
• Advances are disclosed, classified and described in accordance with recognized accounting policies
and practices and relevant statutory and regulatory requirements
• Appropriate provisions towards advances are made as per RBI norms, accounting standards and
generally accepted accounting practices
It would be worth recalling that there exists elaborate and detailed control system & procedure
in banks pertaining to appraisal, sanctioning, documentation, disbursal, review, monitoring and
supervision of advances. Audit approach of advances should encompass designing appropriate
audit procedures to obtain audit evidence in all these areas.
Audit Procedures - In carrying out audit of advances, the auditor is primarily concerned with obtaining
evidence about the following:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.21
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Area of Focus Suggested Audit Procedures

Evaluation • Examine area of credit appraisal and verify whether laid down procedures
of Internal regarding credit appraisals including loan applications, preparation of proposals,
Controls over obtaining satisfaction about credit worthiness of borrowers are being followed;
Advances • Examine advances are sanctioned according to delegated authority;
• Examine all necessary loan documents have been executed after sanction but
before disbursals are made to borrowers;
• Examine compliance with stipulated terms of sanction and end use of funds
more particularly in case of term loans;
• Examine existence, enforceability and valuation of securities. In respect of
securities requiring registration, examine this area also;
• Examine the validity of the recorded amounts;
• Review operations of the accounts and look for adverse features like unauthorised
over drawings beyond limits;
• Examine whether system laid down in bank for review/renewals of advances
is being followed;
• Review whether drawing power is being calculated properly on basis of stock/
book debt statements received from borrowers as stipulated in respective
sanction letters;
• Ensure compliance with Loan Policy of Bank as well as prudential norms of
RBI including appropriate asset classification and provisioning.
Substantive • Verify correctness of master data of loan accounts updated in CBS. Check
Audit parameters like instalments, EMI, rate of interest, tenure of loans etc.
Procedures • Verify that each customer of bank is tagged under single customer id in respect
of all its accounts including those in which credit facilities are granted.
• Examine all large advances while other advances may be examined on a
sample basis.
• Examine accounts identified to be problem accounts but which have not yet
slipped into NPA category. This can be done by obtaining list of SMA1 and
SMA2 borrowers from the bank and same can be considered for selection of
problematic accounts.
• Examine those accounts which have been adversely commented upon by
concurrent auditors/bank’s internal inspection/RBI inspection team.
• Examine list of restructured accounts to ensure that restructure is as per RBI guidelines.
Remember restructured account portfolio requires additional provisioning.
• Examine quick/early mortality accounts. Any advance slippage to NPA within
12 months of its sanction is called as quick/early mortality case.
• Verify completeness and accuracy of interest being charged.
• Carry out appropriate analytical procedures.

CA Harshad Jaju
14.22 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Recoverability • Review periodic statements submitted by the borrowers indicating the extent
of Advances of compliance with terms and conditions.
• Review latest financial statements of borrowers.
• Review reports on inspection of security.
• Review auditor’s reports in case of borrowers having credit facilities from the
banking system beyond a cut-off limit fixed by board of directors of bank

Verification of asset classification, income recognition and Provision for Non-performing assets:
An important aspect of audit of advances relates to their asset classification and provisioning (for
provisioning norms refer Chapter 12 of Intermediate Auditing & Assurance Study Module). This
implies that advances are classified in accordance with prudential norms on asset classification,
income is recognized on actual record of recovery and a proper provision should be made in respect
of advances where the recovery is doubtful.
Audit approach
The Reserve Bank has prescribed objective norms for determining the quantum of provisions required
in respect of advances. The auditors must take / download the latest Master Circular of RBI to
familiarise himself fully with the norms prescribed by RBI in this regard. The circulars issued by RBI
after the date of issue of Master Circular and till the date of audit should also be taken / downloaded
and reviewed by the auditors for its adherence. However, these norms should be construed as laying
down the minimum provisioning requirements and wherever a higher provision is warranted in the
context of the threats to recovery, such higher provision should be made.
In this regard, the provisions of section 15 of the Banking Regulation Act, 1949 may be noted. This
section, which applies to banking companies, nationalised banks, State Bank of India and regional
rural banks, requires the bank concerned to make adequate provision for bad debts to the satisfaction
of its auditor before paying any dividends on its shares.
It may be noted that verification of applicable prudential norms on asset classification, income
recognition and provisioning is an important responsibility of statutory branch auditor as well as
statutory central auditor.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.23
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Area of Focus Suggested Audit Procedures

Classification • Verify whether bank has a system of ongoing identification and classification
and Provision of advances through CBS without manual intervention and its accuracy in
crystallising date of NPA.
• Examine whether the classification made by the branch is appropriate.
Particularly, examine the classification of advances where there are threats to
recovery.
• Examine whether the secured and the unsecured portions of advances have
been segregated correctly and provisions have been calculated properly.
• Review and compare the date of NPA of loan accounts mentioned in current
year statements with that of previous year. Reasons for any change should be
ascertained.
Accounts As per the Reserve Bank guidelines, if an account has been regularised before
regularized the balance sheet date by payment of overdue amount through genuine sources,
near Balance the account need not be treated as NPA. Where, subsequent to repayment by the
sheet date borrower (which makes the account regular), the branch has provided further
funds to the borrower (including by way of subscription to its debentures or in
other accounts of the borrower), the auditor should carefully assess whether
the repayment was out of genuine sources or not. Where the account indicates
inherent weakness based on the data available, the account should be deemed as
NPA. In other genuine cases, the banks must furnish satisfactory evidence to the
Statutory Auditors about the manner of regularisation of the account to eliminate
doubts on their performing status.
It is to be ensured that the classification is made as per the position as on date
and hence classification of all standard accounts be reviewed as on balance sheet
date. The date of NPA is significant to determine the classification and hence
specific care be taken in this regard. NPA should be recognized only based on
concept of Past Due/ Overdue concept, and not based on the Balance Sheet date.

CA Harshad Jaju
14.24 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Drawing Power • Ensure that the drawing power is calculated as per the extant guidelines (i.e.
Calculation the Credit Policy of the Bank) formulated by the Board of Directors of the
respective bank and agreed upon by the concerned statutory auditors reflected
from respective sanction letters
• Special consideration should be given to proper reporting of sundry creditors and
stocks covered under LCs/guarantees for the purposes of calculating drawing
power. It is to be ensured that declared stocks shall not cover borrower’s
liability outstanding in form of sundry creditors for goods or covered by LCs/
guarantees availed for procurement of material. Similarly, in case bank has
provided credit facility against primary security of book debts, net value of
debtors (i.e. eligible trade debtors as per terms of sanction less bills discounted
with banks) is to be arrived at. It is to be ensured that drawing power is
calculated net of stipulated margin. Further, in case of consortium accounts,
drawing power calculation and allocation made by lead bank is binding on
member banks.
• The drawing power needs to be calculated carefully in case of working capital
advances to companies engaged in construction business. The valuation of
work in progress should be ensured in consistent and proper manner. It also
needs to be ensured that mobilization advance being received by the contractors
is reduced while calculating drawing power.
• The stock audit including audit of book debts should be carried out by the bank
for all accounts having funded exposure of more than stipulated limit. The
report submitted by the stock auditors should be reviewed during the course of
the audit and special focus should be given to the comments made by the stock
auditors on valuation of security and calculation of drawing power.
Accounts with • Banks should not classify an advance account as NPA merely due to the
temporary existence of some deficiencies which are temporary in nature such as non-
deficiencies availability of drawing power based on latest available stock statement, balance
outstanding exceeding the limit temporarily and non-renewal of limits on the
due date. However, stock statements relied upon by the banks for determining
drawing power should not be older than 3 months. The outstanding in the account
based on drawing power calculated from stock statements older than 3 months
are considered as irregular. Ensure adherence to these guidelines.
Limits not • Accounts where regular/ad hoc limits are not reviewed within 180 days from
reviewed the due date/date of ad hoc sanction, should be considered as NPA. Auditors
should also ensure that the ad hoc/short reviews are not done on repetitive basis.
In such cases, auditor can consider the classification of account based on other
parameters and functioning of the account.

CA Harshad Jaju
Swapnil Patni Classes caharshad 14.25
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Asset • Ensure that asset classification is borrower wise and not facility wise. Therefore,
classification it is to be ensured that all the facilities granted by a bank to borrower will have
to be borrower to be treated as NPA and not particular facility which has become irregular.
wise and not Further, if debits arising out of devolvement of LC or invoked guarantees are
facility wise kept in separate account, the outstanding balance should be treated as part of
borrower’s principal account for purpose of application of prudential norms on
asset classification, income recognition and provisioning.
Government • If government guaranteed advance becomes NPA, then for the purpose of income
Guaranteed recognition, interest on such advance should not to be taken to income unless
Advances interest is realized. However, for purpose of asset classification, credit facility
backed by Central Government Guarantee, though overdue, can be treated as
NPA only when the Central Government repudiates its guarantee, when invoked.
This exception is not applicable for State Government Guaranteed advances,
where advance is to be considered NPA if it remains overdue for more than 90
days.
• In case the bank has not invoked the Central Government Guarantee though the
amount is overdue for long, the reasoning for the same should be taken and duly
reported in LFAR.
Agricultural • Ensure that NPA norms have been applied in accordance with the crop season
Advances determined by the State Level Bankers’ Committee in each State. Depending
upon the duration of crops – short term/ long term - raised by an agriculturist, the
NPA norms would also be made applicable to agricultural term loans availed of by
them. Also ensure that these norms are made applicable to all direct agricultural
advances listed in Master Circular on lending to priority sector.
• In respect of agricultural loans, other than those specified in the circular, ensure
that identification of NPAs has been done on the same basis as non-agricultural
advances.
Provisioning The auditor should check the latest RBI Circulars in this regard. It is be understood
Towards that provision for standard assets is also required to be made at variable rates in
Standard respect of different sectors for the funded outstanding in accordance with RBI
Assets norms as a matter of prudence. The provisions need to be checked in detail with
the statement of advances. The bifurcation of standard advances under relevant
category for proper calculation of provision should be checked and certified at
branches level. The definition of respective items specified should be adhered as
defined by RBI.

CA Harshad Jaju
14.26 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Restructured Restructuring is an act in which a lender, for economic or legal reasons relating to
Advances borrower’s financial difficulty, grants concessions to the borrower. It may involve
modification of terms of advances including alteration of amount of instalments/
alteration of repayment period/rate of interest/sanction of additional credit
facilities etc. to help in curing of default.
RBI has given revised guidelines for treatment of restructured accounts by its
circular. The auditor should verify compliance with the requirements of the
circular issued in this regard.
Banks may restructure the accounts classified under standard, substandard
or doubtful categories. Banks cannot restructure accounts with retrospective
effect. Once the bank receives an application/proposal in respect of an account
for restructuring, it implies that the account is intrinsically weak. Accordingly,
during the time the account remains pending for restructuring, the auditors need
to take a view whether provision needs to be made in respect of such accounts,
pending approval for restructuring.
On restructuring, the account will be downgraded from Standard to substandard.
NPAs will remain in the same category.
Upgradation of Examine all the accounts upgraded from NPA to standard category during the
Account year, to ensure that the upgrading of each account is strictly in terms of RBI
guidelines. There can be a possibility of incorrect upgradation of account on the
basis of partial recoveries made in the account and overdue portion might not
have wiped out completely. There can also be a possibility of recoveries being
made in the account after cut-off date and account being upgraded as on date of
balance sheet.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.27
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Sale/ Purchase In case of Sale/Purchase of NPA by Bank, the auditor should examine:
of NPAs • the policy laid down by the Board of Directors in this regard relating to procedures,
valuation and delegation of powers including non performing financial assets
that may be purchased/sold, norms or such purchase/sale, valuation procedure
and accounting policy.
• only such NPA has been sold which has remained NPA in the books of the bank
for at least 2 years.
• the assets have been sold/ purchased “without recourse’ only i.e the entire
credit risk associated with the non-performing asset should be transferred to the
purchasing bank.
• subsequent to the sale of the NPA, the bank does not assume any legal, operational
or any other type of risk relating to the sold NPAs.
• the NPA has been sold at cash basis only. Under no circumstances, NPA can be
sold to another bank at a contingent price .The entire sale consideration has to be
received on upfront basis.
• the bank has not purchased an NPA which it had originally sold. In case of sale
of an NPA, the auditor should also ensure that:
• on the sale of the NPA, the same has been removed from the books of the
account of selling bank on transfer;
• If the sale is at a price below the net book value (NBV) (i.e., book value less
provisions held), the shortfall should be debited to the profit and loss account of
that year.
• If the sale is for a value higher than the NBV, the excess provision shall not be
reversed but will be utilised to meet the shortfall/ loss on account of sale of other
non-performing financial assets.
Similarly, in case of purchase of NPAs, the auditor should verify that:
• the NPA purchased has been subjected to the provisioning requirements
appropriate to the classification status in the books of the purchasing bank.
• any recovery in respect of an NPA purchased from other banks is first adjusted
against its acquisition cost and only the recovered amount in excess of the
acquisition cost has been recognised as profit.
• for the purpose of capital adequacy, banks have assigned 100% risk weights to
the NPAs purchased from other banks.

CA Harshad Jaju
14.28 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

IV. FIXED ASSETS

The Third Schedule to the Banking Regulation Act, 1949 requires fixed assets to be classified into
two categories in the balance sheet, viz., Premises and Other Fixed Assets. Premises wholly or partly
owned by the banking company for the purpose of business including residential premises used by
employees of bank are shown under the head “Premises”. Other fixed assets include furniture &
fixture, motor vehicles, computers, office equipment etc. Though not specifically mentioned under
the Banking Regulation Act, 1949, the assets taken on lease and intangible assets should be shown
separately for proper classification and disclosure and also to comply with the requirements of the
Accounting Standards (ASs).
Section 9 of the Banking Regulation Act, 1949, prohibits a banking company from holding any
immovable property, howsoever acquired (i.e., whether acquired by way of satisfaction of claims or
otherwise), for a period exceeding seven years from the date of acquisition, except such as is required
for its own use.
Audit Approach : In most of the banks, fixed assets are generally purchased by the head office
or regional/zonal offices. Statutory branch auditor has to ascertain the procedure followed and plan
accordingly. In most of the banks, maintenance of records is centralized at head office level. In some
of the banks, information relating to purchase, sale of fixed assets is accounted for with help of Fixed
asset management software. The audit procedures have to be designed accordingly.
Audit Procedures
In carrying out the audit of fixed assets, the auditor is concerned primarily with obtaining evidence about
their ownership, existence and valuation. For this purpose, the auditor should review the following:
Area of Focus Suggested Audit Procedures
Internal Examine the system of internal controls broadly covering the following:
Controls • Control over expenditures incurred on fixed assets acquired or selfconstructed.
• Accountability and utilisation controls.
• Information controls for ensuring availability of reliable information about
fixed assets.
• Ascertain whether the accounts in respect of fixed assets are maintained at the
branch or centrally.
• Ascertain the location of documents of title or other documents evidencing
ownership of various items of fixed assets.
• Examine whether acquisitions, disposals, etc. effected at the branch during the
year have been properly communicated to the head office.
Premises • Verify the opening balance of premises with reference to schedule of fixed
assets, ledger or fixed assets register.
• Acquisition of new premises should be verified with reference to authorisation,
title deeds, record of payment, etc.
• Self-constructed fixed assets should be verified with reference to authorisation
and documents such as, contractors’ bills, work order records and record of
payments.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.29
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

• Examine whether the balances as per the fixed assets register reconcile with
those as per the ledger and the final statements.
• In the case of leasehold premises, capitalisation and amortisation of lease
premium, if any, should be examined. Any improvements to leasehold premises
should be amortised over their balance useful life.
• In case the title deeds are held at the head office or some other location, the
branch auditor should obtain a written representation to this effect from the
branch management and should bring this fact to the notice of the central statutory
auditor through a suitable mention in the report. This fact should also be brought
in the Long Form Audit Report (LFAR).
• Where premises are under construction, it should be seen that they are shown
under a separate heading, e.g., ‘premises under construction’.
• Advances/ payments to contractors for such assets should be shown under a
separate item under the head “fixed assets”.
• Where the premises (or any other fixed assets) are re-valued, the auditor should
examine the appropriateness of the basis of revaluation.
The auditor should also examine whether the treatment of resultant revaluation
surplus or deficit is in accordance with relevant Accounting Standard. The auditor
should also check the impairment, if any, by applying the principles laid down in
relevant Accounting Standard.
• Examine that no immovable properties other than those required for the own
use of the bank have been included in fixed assets (own use would cover use by
employees of the bank, e.g., residential premises provided to employees). The
branch auditor should also obtain a written representation to the above effect
from the branch management.
Other Fixed • The procedures discussed above regarding premises also apply, to the extent
Assets relevant, to verification of other fixed assets. In respect of moveable fixed assets, the
auditor should pay particular attention to the system of recording the movements
as well as other controls over such fixed assets, e.g., their physical verification
at periodic intervals by the branch management and/or by inspection/internal/
concurrent audit team. The auditor should also examine whether discrepancies
have been properly dealt with in the books of account and adequate provision in
respect of any damaged assets has been made with appropriate approvals.

CA Harshad Jaju
14.30 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

• In case of transfer of fixed assets, like furniture, office equipment, etc. from one
branch to another; the auditor should examine whether accumulated depreciation
in respect of such assets is also transferred.
• In case of intangible assets, verify whether the relevant guidelines given by RBI
by way of Circulars and the requirements of AS 26 have been followed.
• Examine whether fixed assets have been properly classified. Fixed assets of
similar nature only should be grouped together.
Example 4. Items like safe deposit vaults should not be clubbed together with the
office equipment’s or the theft alarm system of the bank.
• Examine whether any expenditure incurred on a fixed asset after it has been
brought to its working condition for its intended use, has been dealt with properly.
• The auditor at head office level should examine if the consolidated fixed assets
schedule matches in all respect and all the transfers in/out, are tallied. A broad
check on the depreciation amount vis-a-vis the gross block of assets be reviewed
with special emphasis on the computer hardware/software.
Sale of Fixed • Verify the copy of sale deed and receipt of the sale value, in respect of fixed
Assets assets sold during the year. Ensure that the profit/ loss on sale of assets has been
properly accounted for.
Leased Assets • Verify accounting and provisioning norms to be followed by banks undertaking
leasing activity in accordance with RBI circulars and guidelines. The auditor, in
respect of leased assets, should also have regard to the requirements of AS 19,
“Leases”.
Impairment of • Verify whether the guidelines given by RBI’s circular on compliance with
Assets Accounting Standards,and the requirements of AS 28 have been followed.

V. OTHER ASSETS: The auditor may carry out the audit of various items appearing under the head
‘other assets’ in the following manner:
Area of Focus Suggested Audit Procedures
Inter-Office Examine whether Inter-branch accounts are normally reconciled at the central
Adjustments level. The auditor should report on the year-end status of inter-branch accounts
indicating the dates up to which all or any segments of the accounts have been
reconciled. The auditor should also indicate the number and amount of outstanding
entries in the inter branch accounts, giving the relevant information separately
for debit and credit entries. The auditor should ensure that any discrepancies
found in inter-branch accounts have been properly dealt with in the books. The
auditor can obtain the relevant information primarily from branch audit reports.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.31
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Interest • Examine whether the interest has been accrued on the entire loans and advances
Accrued portfolio of the bank. Special consideration should be given to the overdue
bills purchased/discounted.
• Ensure that only such interest as can be realised in the ordinary course of
business should be shown under this head. This is based on the principle,
recognised in AS 9, that revenue cannot be recognised if there is a significant
uncertainty about its collectability.
Tax Paid in • Ensure that the certificates for such tax deducted at source is collected by the
Advance/Tax branch and the original copy is sent to the Head Office along with the transfer
Deducted at of such Tax Deducted at Source (TDS) amount to Head Office on periodic
Source basis as defined.
• TDS Certificates / credits in the form 26AS, and claim of the same in Income
Tax returns filed should be checked to ensure the justification of the claim
towards such certificates.
• At Head Office level, the availability of all the TDS Certificates / credits in
the form 26 AS, and claim of the same in Income Tax returns filed should be
checked to ensure the justification of the claim towards such certificates.
Stationery and • Ensure that the item “Stationery and Stamps” includes only exceptional items
Stamps of expenditure on stationery like bulk purchase of security paper which
is to be written off over a period of time. Such items should be valued at
cost. Normal expenditure on stationery is charged to profit & loss account.
Therefore, this item may not appear at branch level as considerable part of
stationery is supplied to branches by head office.
• Evaluate the existence, effectiveness and continuity of internal controls over
these items in the normal course of audit. It may be noted that the branch
auditor is required to specifically comment on the adequacy of the relevant
internal controls in the LFAR.
• Physically verify the stationery and stamps on hand as at the year-end, especially
stationery of security items. Any shortage should be inquired into as it could
expose the bank to a potential loss from misuse.
• Examine whether the cost of stationery and stamps consumed during the year
has been properly charged to the profit and loss account for the year in the
context of the accounting policy/instructions from the head office regarding
treatment of cost of stationery and stamps.

CA Harshad Jaju
14.32 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Non-Banking • Ensure that the heading includes those immovable properties/tangible assets
Assets which the bank has acquired in satisfaction of debts due or its other claims
Acquired in and these are being held with intention of being disposed off.
Satisfaction of • Verify such assets with reference to the relevant documentary evidence,
Claims e.g., terms of settlement with the party, order of the Court or the award of
arbitration, etc.
• Check that the ownership of the property is legally vested with the bank.
If there is any dispute or other claim about the property, the auditor should
examine whether the recording of the asset is appropriate or not. In case the
dispute arises subsequently, the auditor should examine whether a provision
for liability or disclosure of a contingent liability is appropriate, keeping
in view the requirements of AS 29 “Provisions, Contingent Liabilities and
Contingent Assets”.
• Ensure compliance with Section 9 of Banking Regulation Act, on holding
period of such assets.
• Ensure that as at date of acquisition, the assets should be recorded at lower of
net book value of advance or net realisable value of asset acquired.

VI. OTHERS
This is the residual heading, which will include items not specifically covered under other sub-heads,
e.g., claims which have not been received, debit items representing additions to assets or reductions in
liabilities which have not been adjusted for technical reasons or want of particulars, etc., receivables on
account of government business, prepaid expenses, accrued income other than interest (e.g., dividend
declared but not received) may also be included under this head. The audit procedures relating to
some of the major items included under this head are discussed below:
Audit Approach and Procedures

Area of Focus Suggested Audit Procedures

Non-Interest- • Examine non-interest-bearing staff advances with reference to the relevant
Bearing Staff documentation and the policy in this regard which is framed by the bank. The
Advances availability, enforceability and valuation of security, if any, should also be
examined.
• Ensure that the same relates to employees on the rolls of the bank on the date of
the preparation of financial statements.
Loans and • The auditor should verify that loans have been ordinarily sanctioned by the next
Advances to higher sanctioning authority as compared to the recipient of loan.
Officials and • Loans to senior officers or of higher amount should have been reported to the
Relatives Board.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.33
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Security • Examine security deposits with various authorities (e.g., on account of telephone,
Deposits electricity, etc.,) and with others (e.g., deposits in respect of premises taken on
rent) with reference to documents containing relevant terms and conditions, and
receipts obtained from the parties concerned.
• Ensure that the deposit amount has not become due as per the terms and
conditions. If it is so, then the recoverability of the same needs to be considered
in detail and appropriate provision be made against the amount which is doubtful
to recover.
Suspense • Obtain from the management details of old outstanding entries in suspense
Account account along with reasons for delay in adjusting the entries. Where the outstanding
balances comprised in suspense account require a provision/write-off, the auditor
should examine whether the necessary provision has been made/write-off.
Prepaid • Examine whether the basis of allocation of expenditure to different periods is
Expenses reasonable.
• Examine whether the allocation of discounting and rediscounting charges paid
by the bank to different accounting periods is in consonance with the accounting
policy followed for the bank as a whole.
Miscellaneous • Review the ageing statements pertaining to these items.
Debit Balances • Examine the recoverability of old outstanding items.
on Government
Account • Examine whether claims for reimbursement have been lodged by the branch
in accordance with the relevant terms and conditions. The net balances of the
amount recoverable at the Head Office level should also be taken along with the
age-wise analysis of the same. In case of old outstanding balances without any
confirmation or proper justification of the same, should be provided for in the
accounts.
• For major variance as compared to the previous year figures, verify whether
reasons for the same have been recorded and reviewed.

8. VERIFICATION OF CAPITAL & LIABILITIES

I. CAPITAL
The auditor may carry out the audit of various items under ‘Share Capital’ in the following manner:
Audit Approach and Procedures
The auditor should verify the opening balance of capital with reference to the audited balance sheet
of the previous year. In case there has been an increase in capital during the year, the auditor should
examine the relevant documents supporting the increase. For example, in case of an increase in
the authorised capital of a banking company, the auditor should examine the special resolution of
shareholders and the Memorandum of Association. An increase in subscribed and paid-up capital of
a banking company, on the other hand, should be verified with reference to prospectus/other offer
document, reports received from Registrars to the issue, bank statement, returns filed with the Registrar
of Companies etc.

CA Harshad Jaju
14.34 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Capital Adequacy: The term ‘capital adequacy’ is used to describe the adequacy of capital resources
of a bank in relation to the risks associated with its operations.
Adequacy of capital of banks has been the subject matter of consideration by banking authorities
around the world for several decades. An international agreement on a common risk-based capital
framework and definition of bank capital was framed by the Committee on Banking Regulations
and Supervisory Practices of the G-1O Nations (popularly known as the Basel Committee) and was
formally adopted in 1988. Basel accords and frameworks were borne out of these deliberations.
The framework attempted to relate a bank’s capital needs to its risk profile. Besides serving to
strengthen the soundness and stability of the banking system, it also sought to give banks an incentive
to hold lower-risk assets, incorporate off-balance sheet exposures explicitly into capital assessments,
and achieve greater uniformity in application of capital standards to banks across different countries.

8.1. Stress Testing

RBI has required that all commercial banks (excluding RRBs and LABs) shall put in place a Board
approved ‘Stress Testing framework’ to suit their individual requirements which would integrate into
their risk management systems. Stress tests are designed to understand whether a bank has enough
capital to survive plausible adverse economic conditions and to maintain enough buffer to stay afloat
under extreme scenarios.

8.2 BASEL III framework

Basel III norms relate to the Capital Adequacy requirement compliance which the Bank has to achieve
as contained in the BASEL III accord. Basel capital adequacy norms are meant for the protection of
depositors and shareholders by prescriptive rules for measuring capital adequacy, thereby evolving
methods of determining regulatory capital and ensuring efficient use of capital.
Basel III accord strengthens the regulation, supervision and risk management of the banking sector.
It is global regulatory standard on capital adequacy of banks, stress testing as well as market liquidity
risk.
The Basel III accord, aims at:
a. Improving the banking sector’s ability to absorb shocks arising from financial and economic stress,
irrespective of reasons thereof;
b. Improving risk management and governance practices; and
c. Strengthening banks’ transparency and disclosure standards.
Capital Adequacy Measures in India: In India, the statutes governing various types of banks lay down
the minimum capital requirements for them. Besides, there are also requirements for maintenance of
statutory reserves. Considering the variations in minimum capital requirements applicable to distinct
types of banks and taking into account the approach adopted by Basel Committee, the Reserve Bank
prescribed, in year 1992, a uniform methodology for determining the capital adequacy of scheduled
commercial banks (other than regional rural banks). The Master Circular on “Prudential Guidelines
on Capital Adequacy and Market Discipline- New Capital Adequacy Framework (NCAF)”, provides
the guidelines to be followed by banks for capital adequacy. Some of the important aspects of the
circular are covered below.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.35
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

The basic approach of capital adequacy framework is that a bank should have sufficient capital to
provide a stable resource to absorb any losses arising from the risks in its business. Capital is divided
into tiers according to the characteristics/qualities of each qualifying instrument. For supervisory
purposes capital is split into two categories: Tier I and Tier II, representing different instruments’
quality as capital.

Tier I capital consists mainly of share capital and disclosed reserves and it is a bank’s highest
quality capital because it is fully available to cover losses.

Tier II capital consists of certain reserves and certain types of subordinated debt. The loss absorption
capacity of Tier II capital is lower than that of Tier I capital.

Components of Capital: The Master Circular on Capital Adequacy discusses the Capital Funds in
two categories – capital funds for Indian banks and capital funds of foreign banks operating in India.
In case of foreign banks operating in India, RBI’s Master Circular on Capital Adequacy also lays
down certain additional provisions in respect of capital to be followed by such banks.

Capital Risk Adequacy Ratio (CRAR): The CRAR is computed as follows:

_______________Eligible Total Capital Funds______________ x 100
Risk weighted assets and off-balance sheet items

The RBI requires banks to maintain a minimum CRAR of 9 per cent on an ongoing basis. The Master
Circular on Capital Adequacy contains detailed guidelines on calculation of risk weighted assets and
off-balance sheet items for CRAR.

II. RESERVES AND SURPLUS

The following are required to be disclosed in the balance sheet under the head ‘Reserves and Surplus’.

Statutory Reserves* Capital Reserves* Share Premium*

Revenue and Other Reserves

Balance in Profit and Loss
including investment
Account
Fluctuation Reserve*

*In respect of these items above, opening balance, additions during the year and deductions during the
year are to be shown separately in respect of each item
Audit Approach and Procedures
The auditor should verify the opening balances of various reserves with reference to the audited
balance sheet of the previous year. Additions to or deductions from reserves should also be verified in
the usual manner, e.g., with reference to board resolution. In the case of statutory reserves and share
premium, compliance with legal requirements should also be examined. Thus, the auditor should
specifically examine whether the requirements of the governing legislation regarding transfer of the

CA Harshad Jaju
14.36 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

prescribed percentage of profits to reserve fund have been complied with. In case the bank has been
granted exemption from such transfer, the auditor should examine the relevant documents granting
such exemption. Similarly, it should be examined whether the appropriations from share premium
account conform to the relevant legal requirements. Compliance with foreign laws in respect of
overseas branches, need to be verified by the auditor.

III. DEPOSITS
Audit Approach
Deposits represent the important source of funds for banks. In carrying out audit of deposits and
liabilities, the auditor is primarily concerned with obtaining reasonable assurance that all known
liabilities are recorded and stated at appropriate amounts.
The following areas should be considered when auditing Deposits:

Current Accounts &

Deposits Designated
Savings Accounts Term Deposits
in Foreign Currencies
(CASA)

Remember that deposits accepted by banks are primarily of two types i.e those repayable on demand
and those repayable after a fixed term. Current and saving accounts are the most common form of
demand deposits. Term deposits (fixed deposits etc. known under different nomenclature in different
banks) are repayable after a specified period of time ranging from 7 days at present to say one year or
five years. Recurring deposits are also an important variant of term deposits in which a specified sum
is deposited in the account at regular intervals for a pre-determined period. At maturity, proceeds are
repaid to depositors along with interest.
Deposits designated in foreign currencies e.g. Foreign currency non-resident deposits(FCNR) are
accounts which are opened by Non-resident Indians in form of fixed deposit only.
Besides, there are some accounts like NRE [Non-Resident (External)Rupee account scheme] and
NRO [Non-Resident Ordinary Rupee account scheme]. NRE accounts may be opened by Non-
Resident Indians and persons of Indian origin. NRO accounts may be opened by all non-residents.
These accounts may be maintained in form of savings, current, recurring or fixed deposit and are
denominated in Indian Rupees.
Deposits would be appearing in balance sheet of most of the branches. Hence, these are of concern to
auditors at branch and central/head office level.
Audit Procedures:
The auditor may verify various types of deposits in the following manner:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.37
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Area of Focus Suggested Audit Procedures

Current and • Verify on a sample basis current account and saving accounts opened
saving accounts during the year for adherence to KYC norms. Verify that saving accounts
are opened in name of individuals, HUF, some approved institutions like
trusts, educational institutes etc. Remember that saving accounts are not
opened for business or professional concern. The business transactions are
carried in current accounts which can be opened for all kind of customers
like companies, individuals, partnership firms etc.
• Verify the balances in individual accounts on a sample basis.
• Check the calculations of interest on a test check basis. Remember that no
interest is paid generally on current accounts by banks.
• Examine whether the procedure for obtaining balance confirmation periodically
has been followed consistently. Examine, on a sampling basis, the confirmations
received.
• Ensure that debit balances in current accounts are not netted out on the liabilities
side but are appropriately included under the head ‘advances’.
• Inoperative accounts (both current and saving) are a high-risk area of frauds
in banks. As per RBI guidelines, a savings/ current account should be treated as
inoperative/dormant if there are no transactions in the account for over a period
of two years. Verify on a sample basis some of inoperative accounts revived/
closed during the year. Ensure that inoperative accounts are revived only with
proper authority. In this regard, cases where there is significant reduction in
balances of such accounts as compared to previous year, examine authorisation
for withdrawals.
Term deposits • Examine whether the deposit receipts and cash certificates are issued serially
and all of them are accounted for in the registers.
• Verify in case of bulk deposits (` 2 crore and above for scheduled commercial
banks presently), correct rate of interest has been offered.
• In case of closure of term deposit, test check whether required foreclosure
penalty has been deducted from applicable rate of interest payable.
• Verify on sample basis some of recurring deposit accounts opened during the
year.
• Verify correctness of rate of interest on term deposits on sample basis.

CA Harshad Jaju
14.38 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Deposits • Verify some of FCNR accounts opened during the year on sample basis and
designated ensure these conform to RBI directions.
in foreign • Verify on sample basis permissible credits and debits in FCNR accounts as per
currencies RBI directions.
• In case of FCNR accounts, examine whether these have been converted into
Indian Rupees at rate notified in this behalf by head office.
• Examine whether any resultant increase or decrease has been taken to the profit
and loss account.
• Verify that interest on deposits has been paid on the basis of 360 days in a year.
Others • In case of NRE and NRO accounts, verify on a sample basis credits and debits
as per RBI guidelines. Also check repatriablity. NRE accounts are repatriable
whereas NRO accounts are not repatriable except for all current income subject
to certain conditions.
General • Verify that deposits of a bank are not inflated for purpose of balance sheet
presentation. For example, some customers might be given overdrafts near date
of balance sheet and the resultant overdrawn amounts may be placed as deposits
with banks and further advances may be given on strength and security of these
deposits. It would lead to inflated deposits as well as advances. The transactions
may be reversed after close of the year.
In such cases which indicate the possibility of window-dressing, the auditor
should consider making a suitable qualification in main audit report besides other
applicable reporting.
• Examine that interest accrued but not due on deposits is not included under the
relevant deposits but is shown under the head ‘other liabilities and provisions’.
• Ensure that framework relating to ‘Know Your Customer’ and Anti-Money
Laundering measures is formulated and put in place by the bank.
IV. BORROWINGS
Audit approach
Borrowings of a bank are required to be shown in balance sheet as follows.

- Reserve Bank of India

Borrowings in Borrowings
- Other Banks
India outside India
- Other Institutions & Agencies

The total amount of secured borrowings included under the above heads is to be shown by way of a
note to the relevant schedule. Secured borrowings for this purpose include borrowings/refinance in
India as well as outside India. It may be noted that the inter-office transactions are not borrowings and
therefore, should not be presented as such.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.39
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Area of Focus Suggested Audit Procedures

Borrowings • Obtain and verify confirmation certificates and other supporting documents
such as, agreements, correspondence, etc.
• External confirmations received directly by the auditor from appropriate
confirming parties may assist the auditor in obtaining audit evidence that the
auditor requires to respond to significant risks of material misstatement.
The auditor is required to comply with the requirements of SA 505 “External
Confirmations” which contains guidance on designing and performing external
confirmation procedures to obtain relevant and reliable audit evidence.
• Examine whether a clear distinction has been made between ‘rediscount’ and
‘refinance’ for disclosure of the amount under the above head since rediscount
does not figure under this head.
• Examine whether borrowings of money at call and short notice are properly
authorised. The rate of interest paid/payable on, as well as duration of such
borrowings should also be examined by the auditor.
• Examine the relevant correspondence or other documents to ensure that the
branch has been authorised by the Head Office to borrow/retain other borrowings
and that the terms on which borrowings have been made are in accordance with
the authorisation.
• Examine whether the amount shown in the branch accounts is properly classified
based on security or otherwise.

V. OTHER LIABILITIES AND PROVISIONS

The Third Schedule to the Banking Regulation Act, 1949, requires disclosure of the following items
under the head ‘Other Liabilities and Provisions’.

Inter-office Others (including

Bills payable Interest accrued
adjustments (net) provisions)

Audit Procedures:
The auditor may verify the various items under the head ‘other liabilities and provisions’ in the
following manner.

CA Harshad Jaju
14.40 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Area of Focus Suggested Audit Procedures

Bills Payable Evaluate the existence, effectiveness and continuity of internal controls over bills
payable. Such controls should usually include the following-
• Drafts, mail transfers, traveller’s cheques, etc. should be made out in standard
printed forms.
• Unused forms relating to drafts, traveller’s cheques, etc. should be kept under
the custody of a responsible officer.
• The bank should have a reliable private code known only to the responsible
officers of its branches, coding and decoding of the telegrams should be done
only by such officers.
• The signatures on a demand draft should be checked by an officer with the
specimen signature book.
• All the telegraphic transfers and demand drafts issued by a branch should be
immediately confirmed by advices to the branches concerned. On payment of
these instruments, the paying branch should send a debit advice to the originating
branch.
Examine an appropriate sample of outstanding items comprised in bills payable
accounts with the relevant registers. Reasons for old outstanding debits in respect
of drafts or other similar instruments paid without advice should be ascertained.
Correspondence with other branches after the year-end (e.g., responding advices
received from other branches, advices received from other branches in respect of
drafts issued by the branch and paid by the other branches without advice) should
be examined specially in so far as large value items outstanding on the balance
sheet date are concerned.
Inter-office The balance in inter-office adjustments account, if in credit, is to be shown under
Adjustments this head.
Interest Examine interest accrued with reference to terms of the various types of deposits
Accrued and borrowings. It should be specifically examined that such interest has not
been clubbed with the figures of deposits and borrowings shown under the head
‘Deposits and Borrowings’.
Others It may be noted that the figure of advances and investments in the balance sheet of
(Including a bank excludes provisions in respect thereof made to the satisfaction of auditors.
Provisions) The auditor should examine other provisions and other items of liabilities in the
same manner as in the case of other entities.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.41
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

VI. CONTINGENT LIABILITIES

Contingent Liabilities

- Claims against the bank not acknowledged as debts

- Liability for partly paid investments
- Liability on account of outstanding forward exchange contracts & Derivative Contracts
- Guarantees given on behalf of constituents (within India; outside India)
- Acceptances, endorsements and other obligations
- Other items for which the bank is contingently liable

Bills for Collection

Audit Approach
In respect of contingent liabilities, the auditor is primarily concerned with seeking reasonable
assurance that all contingent liabilities are identified and properly valued. The auditor should obtain
representation from management that:-
i. all off-balance sheet transactions have been accounted in the books of accounts as and when such
transaction has taken place;
ii. all off balance sheet transactions have been entered into after following due procedure laid down;
iii. all off balance sheet transactions are supported by the underlying documents;
iv. all year end contingent liabilities have been disclosed;
v. the disclosed contingent liabilities do not include any crystallised liabilities which are of the
nature of loss/ expense and which, therefore, require creation of a provision/adjustment in the
financial statements;
vi. the estimated amounts of financial effect of the contingent liabilities are based on the best
estimates in terms of Accounting Standard 29, including consideration of the possibility of any
reimbursement;
vii. in case of guarantees issued on behalf of the bank’s directors, the bank has taken appropriate
steps to ensure that adequate and effective arrangements have been made so that the commitments
would be met out of the party’s own resources and that the bank will not be called upon to grant
any loan or advances to meet the liability consequent upon the invocation of the said guarantee(s)
and that no violation of section 20 of the Banking Regulation Act, 1949 has arisen on account of
such guarantee; and
viii. such contingent liabilities which have not been disclosed on account of the fact that the possibility
of their outcome is remote include the management’s justification for reaching such a decision in
respect of those contingent liabilities.

CA Harshad Jaju
14.42 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Audit procedures
To this end, the auditor should, generally follow the audit procedures given below:

Area of Focus Suggested Audit Procedures

Contingent • Ensure that there exists a system whereby the non-fund based facilities or
Liabilities additional/ad hoc credit facilities to parties are extended only to their regular
constituents, etc.
• Ascertain whether there are adequate internal controls to ensure that transactions
giving rise to contingent liabilities are executed only by persons authorised to do
so and in accordance with the laid down procedures.
• Verify in case of LCs for import of goods, the payment to the overseas suppliers
is made based on shipping documents and after ensuring that the said documents
are in strict conformity with the terms of LCs.
• Ascertain whether the accounting system of the bank provides for maintenance
of adequate records in respect of such obligations and whether the internal
controls ensure that contingent liabilities are properly identified and recorded.
• Test the completeness of the recorded obligations.
• Review the reasonableness of the year-end amount of contingent liabilities in
the light of previous experience and knowledge of the current year’s activities.
• Review whether comfort letters issued by the bank has been considered for
disclosure of contingent liabilities.
• Examine whether the bank has given any guarantees in respect of any trade credit
(buyer’s credit or seller’s credit) and the period of guarantees is co-terminus with
the period of credit reckoned from the date of shipment.
• Verify whether bank has extended any non-fund facility or additional/ad hoc
credit facilities to other than its regular customers. In such cases, auditor should
ensure concurrence of existing bankers of such borrowers and enquire regarding
financial position of those customers.
Claims Against • Examine the relevant evidence, e.g., correspondence with lawyers/ others,
the Bank Not claimants, workers/officers, and workmen’s/officers’ unions.
Acknowledged • Review the minutes of meetings of board of directors/committees of board of
as Debts directors, contracts, agreements and arrangements, list of pending legal cases,
and correspondence relating to taxes, and duties, etc. to identify claims against
the bank.
• Ascertain from the management the status of claims outstanding as at the end
of the year.
• A review of subsequent events would also provide evidence about completeness
and valuation of claims.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.43
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Liability on • Verify the outstanding forward exchange contracts with the statement of
Account of outstanding forward exchange contracts generated from the bank’s computerised
Outstanding accounting system or manual register maintained by the branch. The auditor
Forward may physically verify the underlying documents including confirmations from
Exchange merchants to test the existence of such outstanding contracts.
Contracts & • The auditor may verify outstanding derivative contracts like options, interest
derivative rate swaps etc with reports generated in this regard.
contracts
Guarantees • Ascertain whether there are adequate internal controls over issuance of
Given on guarantees, e.g., whether guarantees are issued under proper sanctions, whether
Behalf of adherence to limits sanctioned for guarantees is ensured, whether margins
Constituents are taken from customers before issuance of guarantees as per the prescribed
procedures, etc.
• Ascertain whether there are adequate controls over unused guarantee forms,
e.g., whether these are kept under the custody of a responsible official, whether
a proper record is kept of forms issued, whether stock of forms is periodically
verified and reconciled with the book records, etc.
• Examine the guarantee register to seek evidence whether the prescribed
procedure of marking off the expired guarantees is being followed or not.
• Check the relevant guarantee registers with the list of outstanding guarantees
to obtain assurance that all outstanding guarantees are included in the amount
disclosed in this behalf.
• Examine that expired guarantees are not included in this head. Verify guarantees
with the copies of the letters of guarantee issued by the bank and with the
counter-guarantees received from the customers. The auditor should also verify
the securities held as margin. If a claim has arisen, the auditor should consider
whether a provision is required in terms of the requirements of AS 29, “Provisions,
Contingent Liabilities and Contingent Assets”.
Acceptances, • Evaluate the adequacy of internal controls over issuance of letters of credit and
Endorsements over custody of unused LC forms in the same manner as in the case of guarantees.
and Other • Verify the balance of letters of credit from the register maintained by the bank.
Obligations The register indicates the amount of the letters of credits and payments made
under them. The auditor may examine the guarantees of the customers and copies
of the letters of credit issued. The security obtained for issuing letters of credit
should also be verified.
• Examine whether the bank has incurred a potential financial obligation in respect
of letters of comfort and if such obligation has been cast, ensure the amount to be
disclosed under contingent liability.
Other Items for • Determine and verify any other items under this head as required. For example,
which the Bank outstanding underwriting contracts, bills rediscounting, disputed tax demands,
is Contingently
Liable

CA Harshad Jaju
14.44 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Bills for • Ensure that the bills drawn on other branches of the bank are not included in
Collection bills for collection.
• Verify outward bills for collection with reference to the corresponding register
maintained.
• Examine collections made subsequent to the date of the balance sheet to obtain
further evidence about the existence and completeness of bills for collection as
on the date of Balance Sheet.
• Examine the procedure for crediting the party on whose behalf a bill has
been collected. Confirm that this procedure is in consonance with the nature of
obligations of the bank in respect of bills for collection.
• Examine that adequate internal controls exist that debits the customer’s account
with the amount of bank’s commission as soon as a bill collected is credited to
the customer’s account. The auditor should also examine that no income has been
accrued in the accounts in respect of bills outstanding on the balance sheet date.

9. AUDITOR’S REPORT
In the case of a nationalised bank, the auditor is required to make a report to the Central Government
in which the auditor should state the following:

Whether, in the auditor’s opinion, the balance sheet is a full and fair balance sheet containing all
the necessary particulars and is properly drawn up so as to exhibit a true and fair view of the affairs
of the bank.

In case the auditor had called for any explanation or information, whether it has been given and
whether it is satisfactory.

Whether or not the transactions of the bank, which have come to the auditor’s notice, have been
within the powers of that bank.

Whether or not the returns received from the offices and branches of the bank have been found
adequate for the purpose of audit.

Whether the profit and loss account shows a true balance of profit or loss for the period covered by
such account.

Any other matter which the auditor considers should be brought to the notice of the Central
Government.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.45
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

9.1 Format of Audit Report

The auditors, central as well as branch, should also ensure that the audit report issued by them complies
with the requirements of SA 700, “Forming an Opinion and Reporting on Financial Statements”, SA
705, “Modifications to the Opinion in the Independent Auditor’s Report”, SA 706, “Emphasis of Matter
Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report”, SA 710, “Comparative
Information-Corresponding Figures and Comparative Financial Statements” and SA 720, The Auditor’s
Responsibility Relating to Other Information in Documents Containing Audited Financial Statements.

The auditor should ensure that not only the information relating to number of unaudited branches
is given but quantification of advances, deposits, interest income and interest expense for such
unaudited branches has also been disclosed in the audit report. Such disclosure in the audit report
is not only in accordance with the best international trends but also provides useful information to
users of financial statements.

It may be noted that, in addition to the aforesaid, the auditor of a banking company is also required
to state in the report the matters covered by Section 143 of the Companies Act, 2013. However, it
is pertinent to mention that the reporting requirements relating to the Companies (Auditor’s Report)
Order, 2020 is not applicable to a banking company as defined in clause (c) of section 5 of the Banking
Regulation Act, 1949.
As per reporting requirements cast through Rule 11 of the Companies (Audit and Auditors) Rules, 2014
the auditor’s report shall also include their views and comments on the following matters, namely:
1. Whether the company has disclosed the impact, if any, of pending litigations on its financial
position in its financial statement;
2. Whether the company has made provision, as required under any law or accounting standards, for
material foreseeable losses, if any, on long term contracts including derivative contracts;
3. Whether there has been any delay in transferring amounts, required to be transferred, to the Investor
Education and Protection Fund by the company.
4.
i. Whether the management has represented that, to the best of it’s knowledge and belief, other than
as disclosed in the notes to the accounts, no funds have been advanced or loaned or invested (either
from borrowed funds or share premium or any other sources or kind of funds) by the company
to or in any other person(s) or entity(ies), including foreign entities (“Intermediaries”), with the
understanding, whether recorded in writing or otherwise, that the Intermediary shall, whether,
directly or indirectly lend or invest in other persons or entities identified in any manner whatsoever
by or on behalf of the company (“Ultimate Beneficiaries”) or provide any guarantee, security or
the like on behalf of the Ultimate Beneficiaries;
ii. Whether the management has represented, that, to the best of it’s knowledge and belief, other than
as disclosed in the notes to the accounts, no funds have been received by the company from any
person(s) or entity(ies), including foreign entities (“Funding Parties”), with the understanding,
whether recorded in writing or otherwise, that the company shall, whether, directly or indirectly,
lend or invest in other persons or entities identified in any manner whatsoever by or on behalf of
the Funding Party (“Ultimate Beneficiaries”) or provide any guarantee, security or the like on
behalf of the Ultimate Beneficiaries; and

CA Harshad Jaju
14.46 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

iii. Based on such audit procedures that the auditor has considered reasonable and appropriate in
the circumstances, nothing has come to their notice that has caused them to believe that the
representations under sub-clause (i) and (ii) contain any material mis-statement.
5. Whether the dividend declared or paid during the year by the company is in compliance with
section 123 of the Companies Act, 2013.
6. Whether the company, has used such accounting software for maintaining its books of account
which has a feature of recording audit trail (edit log) facility and the same has been operated
throughout the year for all transactions recorded in the software and the audit trail feature has not
been tampered with and the audit trail has been preserved by the company as per the statutory
requirements for record retention.]

9.2 Long Form Audit Report

Besides the audit report as per the statutory requirements discussed above, the terms of appointment
of auditors of public sector banks, private sector banks and foreign banks (as well as their branches),
require the auditors to also furnish a long form audit report (LFAR). The long form audit report is
to be given by statutory branch auditors as well as statutory central auditors. The LFAR for branch
auditors is in form of questionnaire where observations/comments have to be provided on range of
matters including cash, balance with banks, investments, advances, deposits etc. These are submitted
by the statutory branch auditors to statutory central auditors.
The consolidation is done at head office level and LFAR for bank is submitted by statutory central
auditors to management. The LFAR, on the bank, after due examination, should be placed before the
ACB of the bank indicating the action taken/proposed to be taken for rectification of the irregularities,
if any, mentioned therein; and a copy of the LFAR and the relative agenda note, together with the
Board’s views or directions, is submitted to RBI within 60 days of submission of LFAR by statutory
auditors.

9.3 Other Reporting Requirements

The RBI issued a Circular relating to implementation of recommendations of Committee on Legal
Aspects of Bank Frauds applicable to all scheduled commercial banks (excluding Regional Rural
Banks). The said circular provides details regarding liability of accounting and auditing profession
including the professional conduct, non-disclosure of client information and need to report fraud.
Auditor should also consider the compliance with provisions of Standards on Auditing.
Further, as per sub-section 12 of section 143 of the Companies Act, 2013, if an auditor of a company,
in the course of the performance of duties as auditor, has reason to believe that an offence of fraud
involving such amount or amounts as may be prescribed, is being or has been committed in the
company by its officers or employees, the auditor shall report the matter to the Central Government
within such time and in such manner as may be prescribed.
It must be noted that auditor is not expected to consider each and every transaction but to evaluate
the system as a whole. Therefore, if the auditor while performing normal duties comes across any
instance, he/she should report the matter to the RBI in addition to Chairman/Managing Director/Chief
Executive of the concerned bank.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.47
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

9.4 Reports and certificates

Besides, as part of statutory audit process, statutory central auditor provides reports and certificates
mainly consisting of following:-

a Report on adequacy and operating effectiveness of Internal financial Controls over Financial
Reporting in case of banks
a Long form audit report.
a Report on compliance with SLR requirements.
a Report on whether the treasury operations of the bank have been conducted in accordance with
the instructions issued by the RBI from time to time.
a Certificate on reconciliation of securities by the bank (both on its own investment account as
well as PMS Banks’ account).
a Certificate on compliance by the bank in key areas of prudential and other guidelines relating
to such transactions issued by the RBI. (investment transactions)
a Report on whether the income recognition, asset classification and provisioning have been
made as per the guidelines issued by the RBI from time to time.
a Report on whether any serious irregularity was noticed in the working of the bank which
requires immediate attention (in accordance with sec 143(12) of the Companies Act, 2013.)
a Certificate in respect of custody of unused Bank Receipt forms and their utilisation.
a Authentication of capital adequacy ratio, including disclosure requirements and other ratios
reported in the notes to accounts.
a Report on status of the compliance by the bank with regard to the implementation of
recommendations of the Ghosh Committee relating to frauds and malpractices and of the
recommendations of Jilani Committee on internal control and inspection/credit system.
a Report on instances of adverse credit-deposit ratio in the rural areas.
a Asset liability management.
a Certificate on Corporate Governance in case of banks listed on Stock Exchange. In some banks
this certification may not be got done by the central auditors.
a Certification on claim of various interest subsidies and interest subvention.

CA Harshad Jaju
14.48 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

10. CONCURRENT AUDIT

Concurrent audit, as the name suggests, is an audit or verification of transactions or activities of an
organisation concurrently as the transaction/activity takes place. It is not a pre-audit. The concept in
this audit is to verify the authenticity of the transaction/activity within the shortest possible time after
the same takes place. It is akin to internal audit which is a concept recognised under the Companies
Act. In view of the complexities of economic activities it is now well recognised that there must be
a system of someone, other than the person involved in the operations, verifying the authenticity of
the transaction/activity on a regular basis, so that any deviation from the laid down procedures can be
noticed in the shortest possible time and remedial action can be taken.

The concept of concurrent audit in the public as well as the private sector banks has gained
acceptance in recent years. In some banks, this task has been entrusted to the internal inspection
staff who are not engaged in operational activities. In other banks, this work is allotted to outside
professional firms of chartered accountants. The Reserve Bank of India (RBI) has issued certain
guidelines for the conduct of this audit.
10.1 Scope of Concurrent Audit
The detailed scope of the concurrent audit should be clearly and uniformly determined for the Bank
as a whole by the Bank’s Central Inspection and Audit Department in consultation with the Bank’s
Audit Committee of the Board of Directors (ACB). In determining the scope, importance should be
given to checking high-risk transactions having large financial implications as opposed to transactions
involving lesser amounts. The detailed scope of the concurrent audit may be determined and approved
by the ACB.
Further, the guidelines issued by the RBI cover all the key areas of activities of the branch which is
under concurrent audit. Most banks have prepared an Audit Manual for this purpose. Broadly stated,
the following areas are covered by these guidelines:

Scope of Concurrent
Foreign Exchange House Keeping
Audit in Banks

Cash Investments Other Items

Deposits Advances

10.2 Concurrent Audit System in Commercial Banks

It hardly needs to be stressed that the concurrent audit system is to be regarded as part of a bank’s
early-warning system to ensure timely detection of irregularities and lapses which helps in preventing
fraudulent transactions at branches. It is, therefore, necessary for the bank’s management to bestow
serious attention to the implementation of various aspects of the system such as selection of branches/
coverage of business operations, appointment of auditors, appropriate reporting procedures, follow-
up/rectification processes and utilisation of the feedback from the system for appropriate and quick
management decisions.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.49
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

The bank should once in a year review the effectiveness of the system and take necessary measures to
correct the lacunae in the implementation of the programme.

10.3 Coverage of Business/Branches

The scope of work to be entrusted to concurrent auditors, coverage of business/branches, etc. is left to
the discretion of the head of internal audit of banks with the due prior approval of the Audit Committee
of the Board of Directors (ACB).
Banks may, however, ensure that risk sensitive areas identified by them as per their specific business
models are covered under concurrent audit. The detailed scope of the concurrent audit may be
determined and approved by the ACB.
The broad areas of coverage under concurrent audit shall be based on the identified risk of the unit and
must include random transaction testing of sufficiently large sample of such transactions wherever
required.

10.4 Types of Activities to be Covered

The areas that are typically covered as part of a concurrent audit and the suggested audit procedures
are as follows:

Area of Focus Suggested Audit Procedures

Cash • Daily cash transactions with particular reference to any abnormal/ high value
receipts and payments.
• Proper accounting of inward and outward cash remittances.
• Proper accounting of currency chest transactions, its prompt reporting to the
RBI.
• Expenses incurred by cash payment involving sizeable amount.
Investments • Ensure that in respect of purchase or sale of securities the branch has acted
within its delegated power having regard to its Head Office instructions.
• Ensure that the securities held in the books of the branch are physically held
by it.
• Ensure that the branch is complying with the RBI/head Office guidelines
regarding BRs, SGL forms, delivery of scrips, documentation and accounting.
• Ensure that the sale or purchase transactions are done at rates beneficial to the
bank.
Deposits • Check the transactions about deposits received and repaid.
• Percentage check of interest paid on deposits may be made including calculation
of interest on large deposits.
• Check new accounts opened particularly current accounts. Operations in new
current/SB accounts may be verified in the initial periods to see whether there
are any unusual operations.

CA Harshad Jaju
14.50 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Advances • Ensure that loans and advances have been sanctioned properly in accordance
with delegated authority.
• Ensure that securities and documents have been received and properly charged/
registered.
• Ensure that post disbursement supervision and follow-up is proper, such as
receipt of stock statements, instalments, recovery/ renewal of sanction limits,
etc.
• Verify whether there is any misutilisation of the loans and whether there are
instances indicative of diversion of funds.
• Check whether the letters of credit issued by the branch are within the delegated
power and ensure that they are for genuine trade transactions.
• Check the bank guarantees issued, whether they have been properly worded
and recorded in the register of the bank. Whether they have been promptly
renewed on the due dates.
• Ensure proper follow-up of overdue bills of exchange.
• Verify whether the classification of advances has been done as per RBI
guidelines.
• Verify whether the claims to DICGC and ECGC is submitted in time.
• Verify that instances of exceeding delegated powers have been promptly
reported to controlling/Head Office by the branch and have been confirmed or
ratified at the required level.
Foreign • Check foreign bills negotiated under letters of credit.
Exchange • Check FCNR and other non-resident accounts whether the debits and credits
are permissible under rules.
• Check whether inward/outward remittance have been properly accounted for.
• Examine extension and cancellation of forward contracts for purchase and
sale of foreign currency. Ensure that they are duly authorised and necessary
charges have been recovered.
• Ensure that balances in Nostro accounts in different foreign currencies are
within the limit as prescribed by the bank.
• Ensure that the overbought/oversold position maintained in different currencies
is reasonable, considering the foreign exchange operations.
• Ensure adherence to the guidelines issued by RBI/HO of the bank about dealing
room operations.
• Ensure verification/reconciliation of Nostro and Vostro account transactions/
balances.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.51
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

House Keeping • Ensure that the maintenance and balancing of accounts, ledgers and registers
including clean cash is proper.
• Early reconciliation of entries outstanding in the inter-branch and inter-bank
accounts, Suspense Account, Sundry Deposits Account, DDRR Account,
Drafts Account, etc.
• Ensure timely adjustment of large value entries.
• Carry out a percentage check of calculations of interest, discount, commission
and exchange.
• Check whether debits in income account have been permitted by the competent
authorities.
• Check the transactions of staff accounts.
• Examine the day book to verify as to how the differences in clearing have been
adjusted.
• Detection & prevention of revenue leakages through close examination of
income and expenditure accounts.
• Verify cheques returned/bills returned register and look into reasons for return
of those instruments.
• Checking of inward and outward remittances (DDs, MTs & TTs).
Other items • In case the branch has been entrusted with government business, ensure that the
transactions are done in accordance with the instructions issued by Government,
RBI & HQ.
• Ensure that the branch gives proper compliance to the internal inspection/audit
reports.
• Ensure that customers’ complaints are dealt with promptly.
• Verify the statements, returns, statutory returns etc. submitted to RBI/ HQ.

10.5 Appointment of Concurrent Auditors and Accountability

• The option to consider whether concurrent audit should be done by bank’s own staff or external
auditors is left to the discretion of individual banks.

• In case the bank has engaged its own officials, they should be experienced, well trained
and sufficiently senior. The staff engaged on concurrent audit must be independent of the
branch where concurrent audit is to be conducted.
• ACB of the bank shall decide the maximum tenure of external concurrent auditors with
the bank. Generally, tenure of external concurrent auditors with a bank shall not be more
than five years on continuous basis. However, no concurrent auditor shall be allowed to
continue with a branch/business unit for a period of more than three years.
• If external firms are appointed and any serious acts of omissions or commissions are noticed
in their working their appointments may be cancelled and the fact may be reported to RBI
& ICAI.
CA Harshad Jaju
14.52 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

10.6 Remuneration of Concurrent Auditor

Terms of appointment of the external firms of Chartered Accountants for the concurrent audit and
their remuneration may be fixed by ACB of banks keeping in view various factors such as coverage
of areas, skill sets required, number of staff required and time to be devoted to audit.

10.7 Reporting Systems

• There should be proper reporting of the findings of the concurrent auditors. For this purpose,
each bank should prepare a structured format. The major deficiencies/ aberrations noticed
during audit should be highlighted in a special note and given immediately to the bank’s branch/
controlling offices. A quarterly review containing key features brought out during the concurrent
audits should be placed before the ACB.

• There should be zone-wise reporting of the findings of the concurrent audit to ACB and an
annual appraisal/report of the audit system should be placed before the ACB.

• Before submission of the report the auditor should discuss the important issues on which he/she
wishes to report with the branch manager and concerned officers. This will enable the auditor to
take into consideration the opposite view point and clarify any doubts.
• Minor irregularities pointed out by the concurrent auditors are to be rectified in a timely manner.
Serious irregularities should be reported to the controlling offices/ Head Offices for immediate
action.
• Whenever fraudulent transactions are detected, they should immediately be reported to
Inspection & Audit Department (Head Office) as also the Chief Vigilance Officer as well as
Branch Managers concerned (unless the branch manager is involved).
• Follow-up action on the concurrent audit reports should be given high priority by the controlling
office/Inspection and Audit Department and rectification of the features done without any loss
of time.

11. AUDIT COMMITTEE

Banks are required to constitute an Audit Committee of their Board in pursuance of RBI guidelines.
One of the functions of this committee is to provide direction and also oversee the operations of
the total audit function in the bank. The committee also has to review the internal inspection/audit
function in the bank, with special emphasis on the system, its quality and effectiveness in terms of
follow up. The committee has to review the system of appointment and remuneration of concurrent
auditors.
The Audit Committee is, therefore, connected with the functioning of the system of concurrent audit.
The method of appointment of auditors, their remuneration and the quality of their work is to be
reviewed by the Audit Committee. It is in this context that periodical meetings by the members of
the audit committee with the concurrent auditors and statutory auditors help the audit committee to
oversee the operations of the total audit function in the bank.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.53
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Key Takeaways
a Special audit considerations arise in audit of banks due to particular nature of risks associated
with transactions undertaken, scale of banking operations, extensive dependence on IT to process
transactions, effect of statutory and regulatory requirements and continuous roll out of new products
and services.
a Every banking company is required to prepare a Balance Sheet and a Profit and Loss Account in
the forms set out in the Third Schedule to the Act or as near thereto as the circumstances admit.
Form A of the Third Schedule to the Banking Regulation Act, 1949, contains the form of Balance
Sheet and Form B contains the form of Profit and Loss Account.
a It is pertinent to state that preparation of balance sheet of a bank usually involves preparation of
standalone financial statements and consolidated financial statements. Preparation of Standalone
financial statements involve consolidation of branch accounts and incorporation of various verticals/
departments of bank in case of a nationalized bank/public sector bank. The detailed procedures in
this regard may vary from bank to bank. In case of private banks, the processes of accounting are
centralized and there is no concept of mandatory branch audit in accordance with RBI guidelines.
a Most banks, especially those in nationalised banks or public sector, appoint four or more (depending
upon their size and Board decision, as per RBI guidelines) firms of chartered accountants to act
jointly as statutory central auditors (SCAs)
a As per the provisions of the relevant enactments, the auditor of a banking company is to be appointed
at the annual general meeting of the shareholders, whereas the auditor of a nationalised bank is to
be appointed by the concerned bank acting through its Board of Directors. In either case, approval
of the Reserve Bank is required before the appointment is made.
a The technological developments have brought new challenges for auditors as audit is required to
be conducted through the system.
a It is responsibility of statutory central auditors to obtain understanding of IT environment and
various controls put in place by management and evaluate whether controls are operating effectively.
a Banks are required to implement and maintain a system of internal controls for mitigating risks,
maintain good governance and to meet the regulatory requirements. Areas of focus in respect of
internal control include cash, clearings, bills for collection, bills purchased, loans and advances,
inter-branch accounts and credit card operations. Audit procedures have to be designed for
verification of items of assets and liabilities taking into account special considerations relevant to
banks.
a Advances generally constitute the major part of the assets of the bank. The audit of advances
requires the major attention from the auditors. There exists elaborate and detailed control system
& procedure in banks pertaining to appraisal, sanctioning, documentation, disbursal, review,
monitoring and supervision of advances. Audit approach of advances should encompass designing
appropriate audit procedures to obtain audit evidence in all these areas.
a Concurrent audit is an audit or verification of transactions or activities of an organisation concurrently
as the transaction/activity takes place. The concept in this audit is to verify the authenticity of the
transaction/activity within the shortest possible time after the same takes place.

CA Harshad Jaju
14.54 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

a Concurrent audit system is to be regarded as part of a bank’s early-warning system to ensure timely
detection of irregularities and lapses which helps in preventing fraudulent transactions at branches.
The important areas to be covered in concurrent audit include cash, investments, deposits, advances,
foreign exchange and house- keeping etc.
a Banks are required to constitute an Audit Committee of their Board in pursuance of RBI guidelines.
One of the functions of this committee is to provide direction and also oversee the operations of
the total audit function in the bank. The committee also has to review the internal inspection/audit
function in the bank, with special emphasis on the system, its quality and effectiveness in terms of
follow up. The committee has to review the system of appointment and remuneration of concurrent
auditors.

CA Harshad Jaju
14.55
98812 92971
Swapnil Patni Classes caharshad 14.55
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

CA Harshad Jaju
14.56 98812 92971
Swapnil Patni Classes 14.56
caharshad
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

CA Harshad Jaju
14.57
98812 92971
Swapnil Patni Classes caharshad 14.57
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

CA Harshad Jaju
14.58 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF
14
CHAPTER
AUDIT OF BANKS &
NON-BANKING
FINANCIAL COMPANIES
UNIT 2
SPECIAL FEATURES OF AUDIT OF NON-BANKING FINANCIAL
COMPANIES (NBFCs)
Highlights

After studying this chapter, you will be able to:

1. Understand the definition, regulations and types of Non-Banking Finance Companies (NBFCs).
2. Difference between Banks and NBFCs.
3. Gain the knowledge of the prudential norms- Capital Requirements, Income Recognition, and
Provisioning requirements.
4. Learn the audit procedures and Audit Checklist for NBFCs.
5. Apply & analyse the above-mentioned concepts in moderately complex scenarios.

1. INTRODUCTION
Non-Banking Finance Company sector has evolved considerably in terms of its size, operations,
technological sophistication, and entry into new areas of financial services and products. NBFCs
are now deeply interconnected with the entities in the financial sector, on both sides of their balance
sheets. Being financial entities, they are exposed to risks arising out of counterparty failures, funding
and asset concentration, interest rate movement and risks pertaining to liquidity and solvency, as any
other financial sector player. At the same time there are segments within the sector that do not pose
any significant risks to the system.

Definition of NBFC: 45 I(f) of Reserve Bank of India (Amendment) Act, 1997 defines a non-
banking financial company as:
i. A financial institution which is a company;
ii. A non-banking institution which is a company and which has as its principal business the
receiving of deposits, under any scheme or arrangement or in any other manner, or lending in
any manner;
iii. Such other non-banking institution or class of such institutions, as the Bank may, with the
previous approval of the Central Government and by notification in the Official Gazette,
specify;”

CA Harshad Jaju
Swapnil Patni Classes caharshad 14.59
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Further, in order to identify a particular company as Non-Banking Financial Company (NBFC), it

will consider both assets and income pattern as evidenced from the last audited balance sheet of the
company to decide its principal business. The company will be treated as NBFC when a company’s
financial assets constitute more than 50 per cent of the total assets (netted off by intangible assets) and
income from financial assets constitute more than 50 per cent of the gross income. A company which
fulfils both these criteria shall qualify as an NBFC and would require to be registered as NBFC by
RBI.
Registration and Regulation of NBFC:
Under Section 45–IA of the Reserve Bank of India Act, 1934, no non-banking financial company is
allowed to commence or carry on the business of a non-banking financial institution without
♦ Obtaining a certificate of registration issued by the Reserve Bank of India and
♦ Having the net owned fund of twenty-five lakh rupees or such other amount, not exceeding hundred
crore rupees, as the Bank may, by notification in the Official Gazette, specify.
♦ Provided that the Bank may notify different amount of net owned fund for different categories of
non-banking financial companies.
RBI has notified different amounts of net owned fund for different categories of NBFCs including
rupees 2 crore for certain categories of NBFCs
(For certain categories companies currently applying for registration as a NBFC, the minimum net
owned fund requirement is INR 10 Crore (previously it was INR 2 Crore) (Minimum NOF amount ay
be higher depending on specific type of NBFC).

CA Harshad Jaju
14.60 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

RBI has prescribed a timeline to meet NOF amount of INR 10 Crore in a phased manner for certain
categories of existing NBFCs by 31st March 2027. However, for NBFC-P2P, NBFC-AA, and NBFCs
with no public funds and no customer interface, the NOF shall continue to be INR 2 Crore.
A company incorporated under the Companies Act and desirous of commencing business of nonbanking
financial institution as defined under Section 45–IA of the RBI Act, 1934 can apply to the Reserve
Bank of India in prescribed form along with necessary documents for registration. The RBI issues
Certificate of Registration after satisfying itself that the conditions as enumerated in Section 45-IA of
the RBI Act, 1934 are satisfied.
The Reserve Bank of India has issued directions to non-banking financial companies on acceptance
of public deposits, prudential norms like capital adequacy, income recognition, asset classification,
provision for bad and doubtful debts, risk exposure norms and other measures to monitor the financial
solvency and reporting by NBFCs.
Directions were also issued to auditors to report non-compliance with the RBI Act and the Regulations
to the RBI, Board of Directors and shareholders. RBI has also issued Fair Practices Code to be adopted
by all NBFCs while doing lending business. The guidelines inter alia, covered general principles on
adequate disclosures on the terms and conditions of a loan and also adopting a non-coercive recovery
method.
Types of NBFCs- Compliance and Regulatory Perspective:
In terms of the Section 45-I(f) read with Section 45-I (c) of the RBI Act, 1934, as amended in 1997,
non-banking financial company (NBFC) is a company registered under the Companies Act,1956/2013,
engaged in the business of loans and advances, acquisition of shares/stocks/bonds/ debentures/
securities issued by Government or local authority or other marketable securities of a like nature,
leasing, hire-purchase, insurance business, chit business but does not include any institution whose
principal business is that of agriculture activity, industrial activity, purchase or sale of any goods (other
than securities) or providing any services and sale/purchase/construction of immovable property.
A non-banking institution which is a company and has principal business of receiving deposits under
any scheme or arrangement in one lump sum or in installments by way of contributions or in any other
manner, is also a non-banking financial company (Residuary non-banking company).
NBFCs mandated to register under RBI
NBFCs registered with RBI are categorized as follows:
a. In terms deposit acceptance or otherwise into Deposit and Non-Deposit accepting NBFCs;
b. Non deposit taking NBFCs by their size into systemically important and non-systemically important
(NBFC-NDSI and NBFC-ND); and
c. By the kind of activities, they conduct.
Within the categorization mentioned in (c) above, (i.e. by the kind of activity they conduct) the
different types of NBFCs are as follows:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.61
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Non-
Asset Finance
Infrastructure Banking NBFCNon-
Systematically Non- Banking Company,
Investment Infrastructure Debt Fund- Financial Operative Investment
Important Core Financial
and Credit Finance Non- Banking Company Financial Company, Loan
Investment Company
Company Company Financial - Micro Holding Company,
Company (CIC- – Factors
(ICC) (IFC) Company Finance Company Mortgage
NDSI) (NBFCFactors) Guarantee
(IDFNBFC) Institution (NOFHC)
Companies etc
(NBFCMFI)

Types of NBFCs
All NBFCs are either deposit taking or non-deposit taking. If they are non-deposit taking, ND is
suffixed to their name (NBFC-ND).
A. Companies exempted from registration under RBI
Companies that do financial business but are regulated by other regulators are given specific exemption
by the Reserve Bank from its regulatory requirements for avoiding duality of regulation. Following
NBFCs have been exempted from the requirement of registration under Section 45-IA of the RBI Act,
1934 subject to certain conditions.

a Housing Finance Institutions (regulated by National Housing Bank);

a Merchant Banking Companies (regulated by Securities and Exchange Board of India);

a Stock Exchanges (regulated by Securities and Exchange Board of India);

a Companies engaged in the business of stock-broking/sub-broking (regulated by Securities and
Exchange Board of India);
a Venture Capital Fund Companies (regulated by Securities and Exchange Board of India);

a Nidhi Companies (regulated by Ministry of Corporate Affairs, Government of India);

a Insurance companies (regulated by Insurance Regulatory and Development Authority); and

a Chit Companies (as defined in clause (b) of section 2 of the Chit Funds Act, 1982 (Act 40 of
1982)).
a Specified Micro Finance Companies

a Securitisation and Reconstruction Companies

a Mutual Benefit Companies

a Core Investment Companies i.e. a non-banking financial company being a Core Investment
Company referred to in the Core Investment Companies (Reserve Bank) Directions, 2016,
which is not a Systemically Important Core Investment Company, as defined in subparagraph
(xxv) of paragraph 3 of the Core Investment Companies (Reserve Bank) Directions, 2016.
a Alternative Investment Fund (AIF) Companies

CA Harshad Jaju
14.62 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
Core Investment Companies with asset size of less than ₹ 100 crore, and those with asset size of ₹ 100
crore and above but not accessing public funds are exempted from registration with the RBI.
Pursuant to the announcement of Scale Based Regulation (SBR): A Revised Regulatory
Framework for NBFCs on 22 October 2021 to be effective from 01 October 2022, RBI has revised
different facets of existing NBFC Classification and regulation like Capital Requirements,
Governance Standards, Prudential Regulations, etc. based on four layers that are defined based
on their size, activity, and perceived riskiness.

These four layers are NBFC – Base Layer (NBFC-BL), then NBFC- Middle Layer (NBFC-
ML), NBFC Upper Layer (NBFC-UL) and lastly NBFC – Top Layer (NBFC-TL).

The Top layer is ideally expected to be empty and will be filled by RBI based on required need.
Details of NBFCs populating the various layers is mentioned below:
Base Layer
The Base Layer shall comprise of (a) non-deposit taking NBFCs below the asset size of ₹1000
crore and (b) NBFCs undertaking the following activities- (i) NBFC-Peer to Peer Lending Platform
(NBFCP2P), (ii) NBFC-Account Aggregator (NBFC-AA), (iii) Non-Operative Financial Holding
Company (NOFHC) and (iv) NBFCs not availing public funds and not having any customer interface.
Middle Layer
The Middle Layer shall consist of (a) all deposit taking NBFCs (NBFC-Ds), irrespective of asset size,
(b) non-deposit taking NBFCs with asset size of ₹1000 crore and above and (c) NBFCs undertaking
the following activities (i) Standalone Primary Dealers (SPDs), (ii) Infrastructure Debt Fund - Non-
Banking Financial Companies (IDF-NBFCs), (iii) Core Investment Companies (CICs), (iv) Housing
Finance Companies (HFCs) and (v) Infrastructure Finance Companies (NBFC-IFCs).
Upper Layer
The Upper Layer shall comprise of those NBFCs which are specifically identified by the Reserve Bank
as warranting enhanced regulatory requirement based on a set of parameters and scoring methodology
as provided (for detailed circular scan the QR code given in Key Takeaways). The top ten eligible
NBFCs in terms of their asset size shall always reside in the upper layer, irrespective of any other
factor.
Top Layer
The Top Layer will ideally remain empty. This layer can get populated if the Reserve Bank is of the
opinion that there is a substantial increase in the potential systemic risk from specific NBFCs in the
Upper Layer. Such NBFCs shall move to the Top Layer from the Upper Layer.
Categorisation of NBFCs carrying out specific activity
As the regulatory structure envisages scale based as well as activity-based regulation, the following
prescriptions shall apply in respect of the NBFCs
a. NBFC-P2P, NBFC-AA, NOFHC and NBFCs without public funds and customer interface will
always remain in the Base Layer of the regulatory structure.
b. NBFC-D, CIC, IFC and HFC will be included in Middle Layer or the Upper Layer (and not in the
Base layer), as the case may be. SPD and IDF-NBFC will always remain in the Middle Layer.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.63
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

c. The remaining NBFCs, viz., Investment and Credit Companies (NBFC-ICC), Micro Finance
Institution (NBFC-MFI), NBFC-Factors and Mortgage Guarantee Companies (NBFC-MGC)
could lie in any of the layers of the regulatory structure depending on the parameters of the scale
based regulatory framework.
d. Government owned NBFCs shall be placed in the Base Layer or Middle Layer, as the case may
be. They will not be placed in the Upper Layer till further notice.
References to NBFC-ND, NBFC-ND-SI & NBFC-D - From October 01, 2022:
All references to NBFC-ND shall mean NBFC-BL and all references to NBFC-D and NBFC-NDSI
shall mean NBFC-ML or NBFC-UL, as the case may be. However, existing NBFC-ND-SIs having
asset size between INR 500 Crore and below INR 1000 Crore ( except those necessarily featuring in
Middle Layer) will be known as NBFC- BL (for detailed circular scan the QR code given in Key
Takeaways).

2. DIFFERENCE BETWEEN BANKS AND NBFCS

NBFCs lend and make investments and hence, their activities are akin to that of banks, however, there
are a few differences between the two as given below:

i. NBFC cannot accept demand deposits, however some NBFCs can accept Term Deposits;
ii. NBFCs do not form part of the payment and settlement system and cannot issue cheques drawn
on itself;
iii. deposit insurance facility of Deposit Insurance and Credit Guarantee Corporation (DICGC) is
not available to depositors of NBFCs, unlike in case of banks.
iv. No Minimum Exposure to Priority Sector required by NBFCs.

3. PRUDENTIAL NORMS
3.1 Capital Requirements
Every applicable NBFC as defined in the Master Direction- Non-Banking Financial Company –
Systemically Important Non-Deposit Taking Company & Deposit Taking Company (Reserve
Bank) Directions, 2016 shall maintain a minimum capital ratio consisting of Tier I and Tier II capital
which shall not be less than 15 % of its aggregate risk weighted assets on-balance sheet and of risk
adjusted value of off-balance sheet items.
The Tier I capital in respect of applicable NBFCs (other than NBFC-MFI and IDF-NBFC), at any
point of time, shall not be less than 10% by March 31, 2017.
Applicable NBFCs primarily engaged in lending against gold jewellery (such loans comprising 50
percent or more of their financial assets) shall maintain a minimum Tier l capital of 12 %.
However, in the case of Non-Systemically Important Non-Deposit Taking Company (Reserve Bank)
Directions, 2016, Net Owned Fund requirements have to be complied.
The RBI vide it’s Guidelines dated 22nd October,2021 has revised the regulatory framework for
NBFC basis the Scale. There are many changes made depending on the categorization of the NBFCs
CA Harshad Jaju
14.64 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

and those are broadly in the areas of NPA classification, Capital requirements, Prudential Guidelines
specifically for NBFC- ML and NBFC-UL relating to Concentration of credit/ Investment, Sensitive
Sector Exposure, Loans to Related parties and KMP, for NBFC-UL address Large Exposure framework,
Internal exposure limit, Stricture and more broader Governance Guidelines, etc.
Note for Students : [Students may refer detailed Guidelines given in the Appendix.
Explanations: In these Directions, degrees of credit risk expressed as percentage weightages have
been assigned to balance sheet assets. For example, percentage weights assigned to Fixed Assets is
100, Cash & Bank Balances is 0, etc. Hence, the value of each asset / item requires to be multiplied
by the relevant risk weights to arrive at risk adjusted value of assets. The aggregate shall be taken into
account for reckoning the minimum capital ratio. The risk weighted asset shall be calculated as the
weighted aggregate of funded items as detailed hereunder:

S. No. Weighted risk assets - On-Balance Sheet items Percentage weight

i. Cash and bank balances including fixed deposits and certificates of
0
deposits with banks
ii. Investments:
a. Approved securities [Except at (c) below] 0
b. Bonds of public sector banks 20
c. Fixed deposits/certificates of deposits/bonds of public financial 100
institutions
(d) Shares of all companies and debentures / bonds/ commercial 100
papers of all companies and units of all mutual funds
(e) All assets covering PPP and post commercial operations date
(COD) infrastructure projects in existence over a year of commercial 50
operation
iii. Current assets:
a. Stock on hire (net book value) 100
b. Intercorporate loans/deposits 100
c. Loans and advances fully secured against deposits held 0
d. Loans to staff 0
e. Other secured loans and advances considered good [Except at (vi) 100
below]
f. Bills purchased/discounted 100
g. Others (To be specified) 100
iv. Fixed Assets (net of depreciation):
a. Assets leased out (net book value) 100
b. Premises 100
c. Furniture & Fixture 100

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.65
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

v. Other assets:
a. Income tax deducted at source (net of provision) 0
b. Advance tax paid (net of provision) 0
c. Interest due on Government securities 0
d. Others (to be specified) 100
vi. Domestic Sovereign:
a. Fund based claims on the Central Government 0
b. Direct loan / credit / overdraft exposure and investment in State 0
Government securities
c. Central Government guaranteed claims 0
d. State Government guaranteed claims, which have not remained in 20
default / which are in default for a period not more than 90 days 20
e. State Government guaranteed claims, which have remained in
default for a period of more than 90 days 100

3.2 Income Recognition

The income recognition shall be based on recognised accounting principles. Income including interest/
discount/ hire charges/ lease rentals or any other charges on NPA shall be recognised only when it is
actually realised. Any such income recognised before the asset became non-performing and remaining
unrealised shall be reversed.
Asset classification: The asset classification norms as given below shall apply to every applicable
NBFC (except NBFC-MFIs):
1. Every NBFC shall, after taking into account the degree of well-defined credit weaknesses and
extent of dependence on collateral security for realisation, classify its lease/hire purchase assets,
loans and advances and any other forms of credit into the following classes, namely:
i. Standard assets;
ii. Sub-standard assets;
iii. Doubtful assets; and
iv. Loss assets.
2. The class of assets referred to above shall not be upgraded merely as a result of rescheduling,
unless it satisfies the conditions required for the upgradation.
3.
i. Standard asset shall mean the asset in respect of which, no default in repayment of principal or
payment of interest is perceived and which does not disclose any problem or carry more than
normal risk attached to the business;
ii. “Sub-Standard Asset” shall mean:
a. an asset which has been classified as non-performing asset for a period not exceeding 18
months (in case of NBFCs covered in Non-Banking Financial Company – Non-Systemically

CA Harshad Jaju
14.66 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Important Non-Deposit taking Company (Reserve Bank) Directions, 2016);

The period ‘not exceeding 18 months’ stipulated in this sub-clause shall be ‘not exceeding
12 months’ for the financial year ended March 31, 2018 and thereafter for NBFCs covered
in Non-Banking Financial Company - Systemically Important Non-Deposit taking Company
and Deposit taking Company (Reserve Bank) Directions, 2016.
b. an asset where the terms of the agreement regarding interest and / or principal have been
renegotiated or rescheduled or restructured after commencement of operations, until the
expiry of one year of satisfactory performance under the renegotiated or rescheduled or
restructured terms;
Provided that the classification of infrastructure loan as a sub-standard asset shall be in
accordance with the provisions of paragraph 25 of these Directions.
iii. Doubtful Asset shall mean:
a. a term loan, or
b. a lease asset, or
c. a hire purchase asset, or
d. any other asset,
which remains a sub-standard asset for a period ‘exceeding 18 months’ (in case of NBFCs covered
in Non-Banking Financial Company – Non-Systemically Important Non-Deposit taking Company
(Reserve Bank) Directions, 2016).
The period ‘exceeding 18 months’ stipulated in this sub-clause shall be ‘exceeding 12 months’
for the financial year ended March 31, 2018 and thereafter for NBFCs covered in Non-Banking
Financial Company - Systemically Important Non-Deposit taking Company and Deposit taking
Company (Reserve Bank) Directions, 2016.
iv. Loss Asset shall mean:
a. an asset which has been identified as loss asset by the applicable NBFC or its internal or external
auditor or by the Bank during the inspection of the applicable NBFC, to the extent it is not
written off by the applicable NBFC; and
b. an asset which is adversely affected by a potential threat of non-recoverability due to either
erosion in the value of security or non-availability of security or due to any fraudulent act or
omission on the part of the borrower
v. Non-Performing Asset (referred as “NPA”) shall mean:
a. an asset, in respect of which, interest has remained overdue for a period of six months or more;
b. a term loan inclusive of unpaid interest, when the instalment is overdue for a period of six
months or more or on which interest amount remained overdue for a period of six months or
more;
c. a demand or call loan, which remained overdue for a period of six months or more from the date
of demand or call or on which interest amount remained overdue for a period of six months or
more;
d. a bill which remains overdue for a period of six months or more;

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.67
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

e. the interest in respect of a debt or the income on receivables under the head ‘other current
assets’ in the nature of short term loans/advances, which facility remained overdue for a period
of six months or more;
f. any dues on account of sale of assets or services rendered or reimbursement of expenses
incurred, which remained overdue for a period of six months or more;
NBFCs covered in Non-Banking Financial Company - Systemically Important Non-Deposit
taking Company and Deposit taking Company (Reserve Bank) Directions, 2016, period of ‘six
months or more’ stipulated in sub-clauses (a) to (f) shall be ‘three months or more’, for the
financial year ended March 31, 2018 and thereafter].
This implies for NBFCs covered in Non-Banking Financial Company – Non-Systemically
Important Non-Deposit taking Company (Reserve Bank) Directions, 2016, the criteria is 6
months only.
g. the lease rental and hire purchase instalment, which has become overdue for a period of twelve
months or more;
[NBFCs covered in Non-Banking Financial Company - Systemically Important Non-Deposit
taking Company and Deposit taking Company (Reserve Bank) Directions, 2016, the period of
‘twelve months or more’ stipulated in this subclause shall be ‘three months or more’ for the
financial year ended March 31, 2018 and thereafter].
It implies that as per Non-Banking Financial Company – Non-Systemically Important Non-
Deposit taking Company (Reserve Bank) Directions, 2016, the criteria is 12 months only.
h. in respect of loans, advances and other credit facilities (including bills purchased and discounted),
the balance outstanding under the credit facilities (including accrued interest) made available to
the same borrower/beneficiary when any of the above credit facilities becomes non-performing
asset.
[Provided that in the case of lease and hire purchase transactions, an applicable NBFC shall
classify each such account on the basis of its record of recovery].

3.3 Provisioning Requirements

The provisioning requirements as given below shall apply to every applicable NBFC (except NBFC-
MFIs): Every applicable NBFC shall, after taking into account the time lag between an account
becoming non-performing, its recognition as such, the realisation of the security and the erosion over
time in the value of security charged, make provision against sub-standard assets, doubtful assets and
loss assets as provided hereunder:
The provisioning requirement in respect of loans, advances and other credit facilities including bills
purchased and discounted shall be as under:
i. Loss Assets: The entire asset shall be written off. If the assets are permitted to remain in the books
for any reason,100% of the outstanding shall be provided for;
ii. Doubtful Assets:
a. 100% provision to the extent to which the advance is not covered by the realisable value of
the security to which the applicable NBFC has a valid recourse shall be made. The realisable
value is to be estimated on a realistic basis;
CA Harshad Jaju
14.68 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

b. In addition to item (a) above, depending upon the period for which the asset has remained
doubtful, provision to the extent of 20% to 50% of the secured portion (i.e. Estimated realisable
value of the outstanding) shall be made on the following basis:

Period for which the asset has been

Percent of provision
considered as doubtful
Up to one year 20
One to three years 30
More than three years 50
iii. Sub-standard assets: A general provision of 10 percent of total outstanding shall be made.
iv. Standard asset provisioning: Every NBFC (covered under Non-Banking Financial Company
- Systemically Important Non-Deposit taking Company and Deposit taking Company (Reserve
Bank) Directions, 2016) shall make provisions for standard assets at 0.40 per cent by the end of
March 2018 and thereafter, of the outstanding, which shall not be reckoned for arriving at net
NPAs.
Note: As per Non-Banking Financial Company – Non-Systemically Important Non-Deposit taking
Company (Reserve Bank) Directions, 2016, every applicable NBFC shall make provision for standard
assets at 0.25 percent of the outstanding amount.
The provision towards standard assets need not be netted from gross advances but shall be shown
separately as ‘Contingent Provisions against Standard Assets’ in the balance sheet.
The above regulatory requirements are to be amended in a phased manner under the Scale-Based
Regulation prescribed by RBI for NBFCs.
[Students may refer Master Direction NBFC - Non-Systemically Important Non-deposit Taking
Company (Updated as on February 17, 2020) and Master Direction NBFC - Systemically Important
Non-deposit Taking Company and Deposit Taking Company (Updated as on February 17, 2020) for
detailed guidelines on prudential norms relating to Non-Banking Financial Companies covered in
these Directions.]

4. AUDIT PROCEDURES
The following are the necessary steps involved -
1. Ascertaining the Business of the Company - The first step in carrying out the audit of a NBFC
is to scan through the Memorandum and Articles of Association of the company, so as to acquaint
oneself with the type of business that the company is engaged into. Normally, the Memorandum
of Association of any company would be very wide in scope thereby permitting it to undertake a
host of business activities, but companies generally lend to specialise in and focus on a few select
activities. An auditor should, therefore, make a careful study of the business policy of the company
so as to ascertain its principal business activities. For this purpose, an auditor may also scan
through the minutes of the Board/Committee Meetings and hold discussions with the top level
management to ascertain the corporate business plan/strategy which would give him a clear picture
as to the principal objects of the company. An auditor should then independently corroborate his
findings with the actual business done by the company, as reflected by the company’s financial
results.
CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.69
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

The task of ascertaining the principal business activity of any NBFC is of paramount importance
since the very classification of a company as a NBFC and its further classification would all depend
upon its principal business activity. Based on the classification of a company, it will be required to
comply with the provisions relating to limits on acceptance of public deposits as contained in the
NBFC Public Deposit Directions.
2. Evaluation of Internal Control System - The responsibility of maintaining an adequate
accounting system incorporating various internal controls to the extent appropriate to the size and
nature of its business vests with the management. A sound internal control system would enable
an organisation to plug loopholes in its workings, particularly in the detection of frauds and would
also aid in timely decision making. An auditor should gain an understanding of the accounting
system and related internal controls adopted by the NBFC to determine the nature, timing and
extent of his audit procedures. An auditor should also ascertain whether the internal controls put
in place by the NBFC are adequate and are being effectively followed.
In particular, an auditor should review the effectiveness of the system of recovery prevalent at
the NBFC. He should ascertain whether the NBFC has an effective system of periodical review
of advances in place which would facilitate effective monitoring and follow up. The absence of a
periodical review system could result in non-detection of sticky advances at their very inception
which may ultimately result in the NBFC having an alarmingly high level of NPAs.
3. Registration with the RBI - Section 45-IA inserted in the RBI Act, 1934, w.e.f. 9th January, 1997,
has made it incumbent on the part of all NBFCs to comply with registration requirements and have
minimum net owned funds (NOF) of ` 10 crore (Although the requirement of minimum NOF
at present stands at ` 200 lakh, . However, for strengthening the financial sector and technology
adoption, and in view of the increasing complexities of services offered by NBFCs, it shall be
mandatory for all NBFCs to raise minimum NOF to ` 10 crore) for commencing/ carrying on its
business. An auditor should obtain a copy of the certificate of registration granted by the RBI or in
case the certificate of registration has not been granted, a copy of the application form filed with
the RBI for registration. It may particularly be noted that NBFCs incorporated after 9th January,
1997 are not entitled to commence business without first obtaining a registration certificate from
the RBI. An auditor should, therefore, verify whether the dual conditions relating to registration
with the RBI and maintenance of minimum net owned funds have been duly complied with by the
concerned NBFC.
Every NBFC holding public deposits is required to invest a specified percentage (as the RBI may
specify from time to time). The RBI has also prescribed a format for reporting to ensure compliance
with the requirement of maintenance of liquid assets on a quarterly basis. This quarterly return
(duly signed by an officer of the NBFC) is required to be submitted within prescribed time limit
from the end of the relevant quarter and with reference to investments held in approved securities
during the relevant quarter. The auditor should ascertain whether investment in prescribed liquid
assets have been made and whether quarterly returns as mentioned above have been regularly filed
with the RBI by the concerned NBFC.
4. NBFC Acceptance of Public Deposit Directions (Non-Banking Financial Companies
Acceptance of Public Deposits (Reserve Bank) Directions, 2016) - The auditors must ascertain
whether the company properly classified as per the requirements of various regulations. In case, the
NBFC has not been classified by the RBI, the classification of a company will have to be determined
after a careful consideration of various factors such as particulars of earlier registration granted,

CA Harshad Jaju
14.70 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

if any, particulars furnished in the application form for registration, company’s Memorandum of
Association and its financial results. Thereafter, it must be ascertained whether the company has
complied with the following aspects in relation to the activity of mobilisation of public deposits:
i. The ceiling on quantum of public deposits has been linked to its credit rating as given by an
approved credit rating agency. Obtain a copy of the credit rating assigned to NBFC and check
whether the public deposits accepted/held by it are in accordance with the level of credit rating
assigned to it.
In the event of a upgrading/downgrading of credit rating, the auditor should bear in mind
that the NBFC will have to increase/reduce its public deposits in accordance with the revised
credit rating assigned to it within a specified time frame and should ensure that the NBFC has
informed about the same to the RBI in writing.
In the event of downgrading of credit rating below the minimum specified investment grade,
a non-banking financial company, being an investment and credit company or a factor, shall
regularise the excess deposit as provided hereunder:
a. with immediate effect, stop accepting fresh public deposits and renewing existing deposits;
b. all existing deposits shall run off to maturity; and
c. report the position within 15 working days, to the concerned Regional Office of the RBI
where the NBFC is registered.
Provided no matured public deposit shall be renewed without the express and voluntary consent
of the depositor.
ii. Test check the interest calculations in respect of public deposits mobilised by a NBFC to
ascertain that the NBFC has not paid interest in excess as per specification.
Likewise, test check the brokerage/ commission/ incentive calculations with the bills and
vouchers for reimbursement of out of pocket expenses submitted by the parties to ascertain
that the NBFC has not paid brokerage/ commission/ incentive/ reimbursement of expenses in
excess as per specification.
iii. Ascertain whether the NBFC has accepted or renewed any public deposit only after a written
application form the depositor in the form to be supplied by the company, and shall contain
all particulars specified in the Non-Banking Financial Companies and Miscellaneous Non-
Banking Companies (Advertisement) Rules, 1977. Further ensure whether it contain the specific
category of depositor, i.e., whether depositor is a shareholder or a director or a promoter or a
member of public.
iv. Verify the deposit register maintained by a NBFC and test check the particulars that have been
entered therein in respect of each depositor with supporting receipts issued to the depositors.
Also check whether the NBFC is regularly paying its deposits on due dates and in the case of
a delay/default, the reasons for the delay/default and the actual date of payment.
v. Check whether the investments made in approved liquid assets by a NBFC holding public
deposits have been lodged in safe custody with a designated scheduled commercial bank as
required by the NBFC Acceptance of Public Deposits Directions and also whether. certificate
was obtained from the RBI to that effect.
vii. Check whether the NBFC has filed its prescribed returns in a timely manner.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.71
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
viii. In the case of NBFCs not accepting/holding public deposits, check whether a board resolution
has been passed by the NBFC to the effect that it has neither accepted any public deposits nor
would it accept any public deposits during the year.
ix. In the case of Group Holding Investment Companies, check whether the NBFC has passed a
board resolution to the effect that the company has invested or would invest/hold its investments
in share and securities of group companies specifying the names of the companies. In addition
to the above, group holding investment companies are required to give a further undertaking
that it would not trade in such shares/securities and that it has neither accepted nor would it
accept any public deposits during the year.
5. NBFC Prudential Norms -
i. Check compliance with prudential norms encompassing income recognition, income from
investments, accounting standards, accounting for investments, asset classification, provisioning
for bad and doubtful debts, capital adequacy norms, prohibition on granting of loans by a
NBFC against its own shares, prohibition on loans and investments for failure to repay public
deposits and norms for concentration of credit/investments.
ii. An auditor should ensure that the Board of Directors of every NBFC granting/intending to
grant demand/call loans shall frame and implement a policy for the company.
iii. An auditor should assess on the basis of examinations conducted by him whether the NBFC
has complied with the prudential norms. In particular, he should verify that advances and other
credit facilities have been properly classified as standard/substandard/doubtful/loss and that
proper provision has been made in accordance with the Directions.
iv. In respect of Non-Performing Assets, an auditor should check whether the unrealised income
in respect of such assets has not been taken to the Profit & Loss Account on an accrual basis.
Income from NPAs should be accounted for on realisation basis only.
v. Check whether all accounts which have been classified as NPAs in the previous year also
continue to be shown as such in the current year also. If the same is not treated as an NPA in
the current year, the auditor should specifically examine such accounts to ascertain whether the
account has become regular and the same can be treated as performing as per the Directions.

5. CLASSIFICATION OF FRAUDS BY NBFC

In order to have uniformity in reporting, frauds have been classified as under based mainly on the
provisions of the Indian Penal Code:
a. Misappropriation and criminal breach of trust.
b. Fraudulent encashment through forged instruments, manipulation of books of account or through
fictitious accounts and conversion of property.
c. Unauthorised credit facilities extended for reward or for illegal gratification.
d. Negligence and cash shortages.
e. Cheating and forgery.
f. Irregularities in foreign exchange transactions.
g. Any other type of fraud not coming under the specific heads as above.
CA Harshad Jaju
14.72 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Cases of ‘negligence and cash shortages’ and ‘irregularities in foreign exchange transactions’ referred
to in items (d) and (f) above are to be reported as fraud if the intention to cheat/ defraud is suspected/
proved. However, the following cases where fraudulent intention is not suspected/ proved, at the time
of detection, will be treated as fraud and reported accordingly:
a. cases of cash shortages more than ` 10,000/- and
b. cases of cash shortages more than ` 5000/- if detected by management/ auditor/ inspecting officer
and not reported on the occurrence by the persons handling cash.
NBFCs, covered in Master Direction - Monitoring of Frauds in NBFCs (Reserve Bank) Directions,
2016, having overseas branches/offices should report all frauds perpetrated at such branches/offices
also to the Reserve Bank as per the prescribed format and procedures.

6. AUDIT CHECK-LIST
Some important points that may be covered in the audit of NBFCs, in addition to the audit points that
may be covered for companies in general, are given below:
(eg. NBFC - Investment and Credit Company (NBFC-ICC)
i. Physically verify all the shares and securities held by a NBFC. Where any security is lodged
with an institution or a bank, a certificate from the bank/institution to that effect must be verified.
ii. Verify whether the NBFC has not advanced any loans against the security of its own shares.
iii. Verify that dividend income wherever declared by a company, has been duly received by an
NBFC and interest wherever due [except in case of NPAs] has been duly accounted for. NBFC
Prudential Norms require dividend income on shares of companies and units of mutual funds
to be recognised on cash basis. However, the NBFC has an option to account for dividend
income on accrual basis, if the same has been declared by the body corporate in its Annual
General Meeting and its right to receive the payment has been established. Income from bonds/
debentures of corporate bodies is to be accounted on accrual basis only if the interest rate on
these instruments is predetermined and interest is serviced regularly and not in arrears.
iv. Test check bills/contract notes received from brokers with reference to the prices vis-à-vis the
stock market quotations on the respective dates.
v. Verify the Board Minutes for purchase and sale of investments. Ascertain from the Board
resolution or obtain a management certificate to the effect that the investments so acquired are
current investments or Long-Term Investments.
vi. Check whether the investments have been valued in accordance with the NBFC Prudential
Norms and adequate provision for fall in the market value of securities, wherever applicable,
have been made there against, as required by the Directions.
vii. Obtain a list of subsidiary/group companies from the management and verify the investments
made in subsidiary/group companies during the year. Ascertain the basis for arriving at the price
paid for the acquisition of such shares and whether the Valuation is as per Prudential norms.
viii. Check whether investments in unquoted debentures/bonds have not been treated as investments
but as term loans or other credit facilities for the purposes of income recognition and asset
classification.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.73
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

ix. An auditor will have to ascertain whether the requirements of AS 13 “Accounting for Investments”
or other accounting standard, as applicable, (to the extent they are not inconsistent with the
Directions) have been duly complied with by the NBFC.
x. In respect of shares/securities held through a depository, obtain a confirmation from the depository
regarding the shares/securities held by it on behalf of the NBFC.
xi. Verify that securities of the same type or class are received back by the lender/paid by the
borrower at the end of the specified period together with all corporate benefits thereof (i.e.
dividends, rights, bonus, interest or any other rights or benefit accruing thereon).
xii. Verify charges received or paid in respect of securities lend/borrowed.
xiii. Obtain a confirmation from the approved intermediary regarding securities deposited with/
borrowed from it as at the year end.
xiv. An auditor should examine whether each loan or advance has been properly sanctioned. He should
verify the conditions attached to the sanction of each loan or advance i.e. limit on borrowings,
nature of security, interest, terms of repayment, etc.
xv. An auditor should verify the security obtained and the agreements entered into, if any, with the
concerned parties in respect of the advances given. He must ascertain the nature and value of
security and the net worth of the borrower/guarantor to determine the extent to which an advance
could be considered realisable.
xvi. Obtain balance confirmations from the concerned parties.
xvii. As regards bill discounting, verify that proper records/documents have been maintained for
every bill discounted/rediscounted by the NBFC. Test check some transactions with reference to
the documents maintained and ascertain whether the discounting charges, wherever, due, have
been duly accounted for by the NBFC.
xviii. Check whether the NBFC has not lent/invested in excess of the specified limits to any single
borrower or group of borrowers as per NBFC Prudential Norms.
xix. An auditor should verify whether the NBFC has an adequate system of proper appraisal and
follow up of loans and advances. In addition, he may analyse the trend of its recovery performance
to ascertain that the NBFC does not have an unduly high level of NPAs.
xx. Check the classification of loans and advances (including bills purchased and discounted) made
by a NBFC into Standard Assets, Sub-Standard Assets, Doubtful Assets and Loss Assets and the
adequacy of provision for bad and doubtful debts as required by NBFC Prudential Norms.
(Note: The above checklist is not exhaustive. It is only illustrative. There could be various other audit
procedures which may be performed for audit of an NBFC. Based on the nature and size of the NBFC,
the auditor will have to perform specific audit techniques in that regard)

CA Harshad Jaju
14.74 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

7. AUDITOR’S DUTY
The following are the important duties of an auditor -
7.1 Compliance with NBFC Auditor’s Report - RBI Directions
The RBI Directions have considerably increased the responsibility of auditors of NBFCs. A very
onerous task of reporting to the Board of Directors on certain specified matters and to the RBI on an
exception basis has been imposed upon him. This reporting requirement is in addition to the normal
reporting requirements to the shareholders under section 143 of the Companies Act, 2013. Auditors
will, thus, have to be very careful whilst carrying out audits of NBFCs to ensure that all matters which
they are required to take into consideration for the purposes of reporting to the RBI have been taken
due care of.
Section 45MA of the Reserve Bank of India Act, 1934 was introduced with effect from 13.12.1974.
Under this provision the auditor of a non-banking financial company or a non-banking miscellaneous
company which has accepted public deposits, has to inquire whether or not the company has furnished
to the Reserve Bank of India statements, information of particulars relating to the deposits as are
required to the furnished under Chapter IIIB of the Reserve Bank of India Act, 1934. The provision
further states that if on inquiry the auditor is not satisfied about the compliance by the company, it is
his duty to make to the Reserve Bank of India giving the aggregate amount of deposits held by the
company. The auditor is also required to incorporate the report or intended to be made to the Reserve
Bank of India in his report to the company under Section 143 of the Companies Act, 2013.
Report to Board of Directors under RBI Directions as per Master Direction No. DNBS.
PPD.03/66.15.001/2016-17 dated September 29, 2016
1. The Reserve Bank of India (RBI) has issued Non-Banking Financial Companies Auditor’s Report
(Reserve Bank) Directions, 2016 (the Directions) to auditor of every non-banking financial
companies.
2. The Directions shall apply to every auditor of a non-banking financial company as defined in
section 45 I(f) of the Reserve Bank of India Act, 1934.
Auditors to submit additional Report to the Board of Directors: In addition to the Report made
by the auditor under Section 143 of the Companies Act, 2013 or section 227 of the Companies
Act, 1956 (Act 1 of 1956) on the accounts of a non-banking financial company examined for every
financial year ending on any day on or after the commencement of these Directions, the auditor
shall also make a separate report to the Board of Directors of the Company on the matters specified
in paragraphs 3 and 4 below.
3. Material to be included in the Auditor’s report to the Board of Directors: The auditor’s report
on the accounts of a non-banking financial company shall include a statement on the following
matters, namely –
A. In the case of all non-banking financial companies:

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.75
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

I. Conducting Non-Banking Financial Activity without a valid Certificate of Registration (CoR)

granted by the RBI is an offence under chapter V of the RBI Act, 1934. Therefore, if the
company is engaged in the business of non-banking financial institution as defined in section
45-I (a) of the RBI Act and meeting the Principal Business Criteria (Financial asset/income
pattern) as laid down vide the RBI’s press release dated April 08, 1999, and directions issued by
DNBR, auditor shall examine whether the company has obtained a Certificate of Registration
(CoR) from the RBI.
II. In case of a company holding CoR issued by the RBI, whether that company is entitled to
continue to hold such CoR in terms of its Principal Business Criteria (Financial asset/income
pattern) as on March 31 of the applicable year.
III. Whether the non-banking financial company is meeting the required net owned fund
requirement as laid down in Master Direction - Non-Banking Financial Company – Non-
Systemically Important Non-Deposit taking Company (Reserve Bank) Directions, 2016 and
Master Direction - Non-Banking Financial Company - Systemically Important Non-Deposit
taking Company and Deposit taking Company (Reserve Bank) Directions, 2016.
Note: Every non-banking financial company shall submit a Certificate from its Statutory Auditor
that it is engaged in the business of non-banking financial institution requiring it to hold a Certificate
of Registration under Section 45-IA of the RBI Act and is eligible to hold it. A certificate from the
Statutory Auditor in this regard with reference to the position of the company as at end of the
financial year ended March 31 may be submitted to the Regional Office of the Department of Non-
Banking Supervision under whose jurisdiction the non-banking financial company is registered,
within one month from the date of finalization of the balance sheet and in any case not later than
December 30th of that year.
The format of Statutory Auditor’s Certificate (SAC) to be submitted by NBFCs has been issued vide
DNBS. PPD.02/66.15.001/2016-17 Master Direction- Non-Banking Financial Company Returns
(Reserve Bank) Directions, 2016.
B. In the case of a non-banking financial companies accepting/holding public deposits
Apart from the matters enumerated in (A) above, the auditor shall include a statement on the following
matters, namely-
i. Whether the public deposits accepted by the company together with other borrowings indicated
below viz.
a. from public by issue of unsecured non-convertible debentures/bonds;
b. from its shareholders (if it is a public limited company); and
c. from entities which are not excluded from the definition of ‘public deposit’ in the Non-
Banking Financial Companies Acceptance of Public Deposits (Reserve Bank) Directions,
2016, are within the limits admissible to the company as per the provisions of the Non-Banking
Financial Companies Acceptance of Public Deposits (Reserve Bank) Directions, 2016;
ii. Whether the public deposits held by the company in excess of the quantum of such deposits
permissible to it under the provisions of Non-Banking Financial Companies Acceptance of
Public Deposits (Reserve Bank) Directions, 2016 are regularised in the manner provided in the
said Directions;

CA Harshad Jaju
14.76 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
iii. Whether the non-banking financial company is accepting “public deposit” without minimum
investment grade credit rating from an approved credit rating agency as per the provisions of
Non-Banking Financial Companies Acceptance of Public Deposits (Reserve Bank) Directions,
2016;
iv. Whether the capital adequacy ratio as disclosed in the return submitted to the Bank in terms of
the Non-Banking Financial Company - Systemically Important Non-Deposit taking Company
and Deposit taking Company (Reserve Bank) Directions, 2016 has been correctly determined
and whether such ratio is in compliance with the minimum CRAR prescribed therein;
v. In respect of non-banking financial companies referred to in clause (iii) above,
a. whether the credit rating, for each of the fixed deposits schemes that has been assigned by
one of the Credit Rating Agencies listed in Non- Banking Financial Companies Acceptance
of Public Deposits (Reserve Bank) Directions, 2016 is in force; and (b) whether the aggregate
amount of deposits outstanding as at any point during the year has exceeded the limit specified
by the such Credit Rating Agency;
vi. Whether the company has violated any restriction on acceptance of public deposit as provided in
Non-Banking Financial Companies Acceptance of Public Deposits (Reserve Bank) Directions,
2016;
vii. Whether the company has defaulted in paying to its depositors the interest and/or principal
amount of the deposits after such interest and/or principal became due;
viii. Whether the company has complied with the prudential norms on income recognition, accounting
standards, asset classification, provisioning for bad and doubtful debts, and concentration of
credit/investments as specified in the Directions issued by the Bank in terms of the Master
Direction - Non-Banking Financial Company - Systemically Important Non-Deposit taking
Company and Deposit taking Company (Reserve Bank) Directions, 2016;
ix. Whether the company has complied with the liquid assets requirement as prescribed by the
Bank in exercise of powers under section 45-IB of the RBI Act and whether the details of
the designated bank in which the approved securities are held is communicated to the office
concerned of the RBI in terms of NBS 3; Non-Banking Financial Company Returns (Reserve
Bank) Directions, 2016;
x. Whether the company has furnished to the RBI within the stipulated period the return on
deposits as specified in the NBS 1 to – Non- Banking Financial Company Returns (Reserve
Bank) Directions, 2016;
xi. Whether the company has furnished to the RBI within the stipulated period the quarterly return
on prudential norms as specified in the Non-Banking Financial Company Returns (Reserve
Bank) Directions, 2016;
xii. Whether, in the case of opening of new branches or offices to collect deposits or in the case of
closure of existing branches/offices or in the case of appointment of agent, the company has
complied with the requirements contained in the Non-Banking Financial Companies Acceptance
of Public Deposits (Reserve Bank) Directions, 2016.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.77
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
C. In the case of a non-banking financial company not accepting public deposits

Apart from the aspects enumerated in (A) above, the auditor shall include a statement on the
following matters, namely: -
i. Whether the Board of Directors has passed a resolution for non- acceptance of any public
deposits;
ii. Whether the company has accepted any public deposits during the relevant period/year;
iii. Whether the company has complied with the prudential norms relating to income recognition,
accounting standards, asset classification and provisioning for bad and doubtful debts as
applicable to it in terms of Non- Banking Financial Company – Non-Systemically Important
Non-Deposit taking Company (Reserve Bank) Directions, 2016 and Non-Banking Financial
Company - Systemically Important Non-Deposit taking Company and Deposit taking Company
(Reserve Bank) Directions, 2016;
iv. In respect of Systemically Important Non-deposit taking NBFCs as defined in Non-Banking
Financial Company - Systemically Important Non-Deposit taking Company and Deposit taking
Company (Reserve Bank) Directions, 2016:
a. Whether the capital adequacy ratio as disclosed in the return submitted to the RBI in form
NBS - 7, has been correctly arrived at and whether such ratio is in compliance with the minimum
CRAR prescribed by the RBI;
b. Whether the company has furnished to the RBI the annual statement of capital funds, risk
assets/exposures and risk asset ratio (NBS-7) within the stipulated period.
v. whether the non-banking financial company has been correctly classified as NBFC Micro Finance
Institutions (MFI) as defined in the Non-Banking Financial Company – Non-Systemically
Important Non-Deposit taking Company (Reserve Bank) Directions, 2016 and Non-Banking
Financial Company - Systemically Important Non-Deposit taking Company and Deposit taking
Company (Reserve Bank) Directions, 2016.
D. In the case of a company engaged in the business of non-banking financial institution not
required to hold CoR subject to certain conditions
Apart from the matters enumerated in (A)(I) above where a company has obtained a specific advice
from the RBI that it is not required to hold CoR from the RBI, the auditor shall include a statement
that the company is complying with the conditions stipulated as advised by the RBI.
4. Reasons to be stated for unfavourable or qualified statements: Where, in the auditor’s report, the
statement regarding any of the items referred to in paragraph 3 above is unfavourable or qualified,
the auditor’s report shall also state the reasons for such unfavourable or qualified statement, as the
case may be. Where the auditor is unable to express any opinion on any of the items referred to in
paragraph 3 above, his report shall indicate such fact together with reasons therefor.
5. Obligation of auditor to submit an exception report to the RBI

CA Harshad Jaju
14.78 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

I. Where, in the case of a non-banking financial company, the statement regarding any of
the items referred to in paragraph 3 above, is unfavorable or qualified, or in the opinion
of the auditor the company has not complied with:
a. the provisions of Chapter III B of RBI Act (Act 2 of 1934); or
b. Non-Banking Financial Companies Acceptance of Public Deposits (Reserve Bank)
Directions, 2016; or
c. Non-Banking Financial Company – Non-Systemically Important Non-Deposit taking
Company (Reserve Bank) Directions, 2016 and Non-Banking Financial Company -
Systemically Important Non-Deposit taking Company and Deposit taking Company
(Reserve Bank) Directions, 2016.
It shall be the obligation of the auditor to make a report containing the details of such
unfavourable or qualified statements and/or about the non-compliance, as the case may
be, in respect of the company to the concerned Regional Office of the Department of
Non-Banking Supervision of the RBI under whose jurisdiction the registered office of
the company is located as per first Schedule to the Non-Banking Financial Companies
Acceptance of Public Deposits (Reserve Bank) Directions, 2016.
II. The duty of the Auditor under sub-paragraph (I) shall be to report only the contraventions
of the provisions of RBI Act, 1934, and Directions, Guidelines, instructions referred to
in sub-paragraph (1) and such report shall not contain any statement with respect to
compliance of any of those provisions.
7.2 Compliance with CARO 2020
As per CARO 2020, the auditor is required to report that –
I.
Whether during the year the company has made investments in, provided any guarantee or security
or granted any loans or advances in the nature of loans, secured or unsecured, to companies, firms,
Limited Liability Partnerships or any other parties, If so,
a. whether the investments made, guarantees provided, security given and the terms and conditions
of the grant of all loans and advances in the nature of loans and guarantees provided are not
prejudicial to the company’s interest;
b. in respect of loans and advances in the nature of loans, whether the schedule of repayment of
principal and payment of interest has been stipulated and whether the repayments or receipts are
regular;
c. if the amount is overdue, state the total amount overdue for more than ninety days, and whether
reasonable steps have been taken by the company for recovery of the principal and interest;
d. whether the company has granted any loans or advances in the nature of loans either repayable on
demand or without specifying any terms or period of repayment, if so, specify the aggregate amount,
percentage thereof to the total loans granted, aggregate amount of loans granted to Promoters,
related parties as defined in clause (76) of section 2 of the Companies Act, 2013; [Paragraph 3(iii)]

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.79
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
II.
a. Whether the company is required to be registered under section 45-IA of the Reserve Bank of India
Act, 1934 and if so, whether the registration has been obtained.
b. Whether the company has conducted any Non-Banking Financial or Housing Finance activities
without a valid Certificate of Registration (CoR) from the Reserve Bank of India as per the Reserve
Bank of India Act, 1934;
c. Whether the company is a Core Investment Company (CIC) as defined in the regulations made by
the Reserve Bank of India, if so, whether it continues to fulfil the criteria of a CIC, and in case the
company is an exempted or unregistered CIC, whether it continues to fulfil such criteria;
d. Whether the Group has more than one CIC as part of the Group, if yes, indicate the number of CICs
which are part of the Group; [Paragraph 3(xvi)]
(Note: Students are required to refer Guidance Note on CARO, 2020 for more details).

8. INDIAN ACCOUNTING STANDARDS (IND AS)

8.1 Applicability of Indian Accounting Standards (Ind AS) on NBFCs
As per Rule 4 (1)(iv) of the Companies (Indian Accounting Standards) Rules, 2015 and as amended
by Companies (Indian Accounting Standards) (Amendment) Rules, 2016, NBFCs are required to
comply with Indian Accounting Standards (Ind AS) as under-
i. Accounting periods beginning 1 April 2018: Listed and unlisted NBFCs having a net worth of `
500 crore or more and holding, subsidiary, joint venture or associate companies of such NBFCs;
ii. Accounting periods beginning 1 April 2019: All other listed NBFCs, unlisted NBFCs having a
net worth of ` 250 crore or more but less than ` 500 crore and holding, subsidiary, joint venture or
associate companies of such NBFCs.
The net worth shall be calculated in accordance with the standalone financial statements of the NBFCs
as on 31st March 2016 or the first audited financial statements for accounting period which ends after
that date.

8.2 Format for preparation of financial statements by NBFCs under Ind- AS

The Ministry of Corporate Affairs (MCA) vide notification dated October 11, 2018 introduced Division
III under Schedule III of the Companies Act, 2013, wherein a format for preparation of financial
statements by NBFCs complying with Ind AS has been prescribed.
Every NBFC required to comply with Ind AS shall prepare its financial statements as per below
format:
Illustrative format of Balance Sheet under Division III of Schedule III -

CA Harshad Jaju
14.80 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Particulars Note Figures as at the end Figures as at the end

No. of current reporting of previous reporting
period (`) period (`)
ASSETS
(1) Financial Assets
(a) Cash and cash equivalents
(b) Bank balance other than (a) above
(c) Derivative financial instruments
(d) Receivables
(1) Trade Receivables
(2) Other Receivables
(e) Loans
(f) Investments
(g) Other Financial assets
(2) Non-Financial Assets
(a) Inventories
(b) Current tax assets (net)
(c) Deferred tax assets (net)
(d) Investment property
(e) Biological assets other than bearer
plants
(f) Property, Plant and Equipment
(g) Capital work-in-progress
(h) Intangible assets under development
(i) Goodwill
(j) Other intangible assets
(k) Other non-financial assets (to be
specified)
Total Assets
LIABILITES AND EQUITY
LIABILITIES

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.81
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

(1) Financial Liabilities

(a) Derivative financial instruments
(b) Payables
(I) Trade Payables
(i) total outstanding dues of micro
enterprises and small enterprises
(ii) total outstanding dues of creditors
other than micro enterprises and small
enterprises
(II) Other Payables
(i) total outstanding dues of micro
enterprises and small enterprises
(ii) total outstanding dues of creditors
other than micro enterprises and small
enterprises
(c) Debt Securities
(d) Borrowings (other than debt
securities)
(e) Deposits
(f) Subordinated liabilities
(g) Other financial liabilities (to be
specified)
(2) Non-financial Liabilities
(a) Current tax liabilities (net)
(b) Provisions
(c) Deferred Tax Liabilities (net)
(d) Other non-financial liabilities (to be
specified)
(3) Non-financial Capital
(a) Equity share capital
(b) Other equity
Total Liabilities and Equity

CA Harshad Jaju
14.82 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES
Illustrative format of Statement of Profit and Loss prescribed under Division III of Schedule III
Particulars Note Figures as at the end Figures as at the end
No. of current reporting of previous reporting
period (`) period (`)

Revenue from operations

(a) Interest Income
(b) Dividend income
(c) Rental income
(d) Fee and commission income
(e) Net gain on fair vale changes
(f) Net gain on derecognition of financial
instruments under amortised category
(g) Sale of products (including Excise
duty)
(h) Sale of services
(i) Others (to be specified)
Total revenue from operations (I)
Other income (to be specified) (II)
Total Income (III= I + II)
Expenses
(a) Finance costs
(b) Fees and commission expense
(c) Net loss on fair vale changes
(d) Net loss on derecognition of financial
instruments under amortised category
(e) Impairment on financial instruments
(f) Cost of material consumed
(g) Purchases of stock-in-trade
(h) Changes in Inventories of finished
goods, stock-in-trade and work-
inprogress
(i) Employee Benefits Expenses
(j) Depreciation, amortization and
impairment
(k) Other expenses (to be specified

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.83
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Total Expenses (IV)

Profit / (loss) before exceptional items
and tax (V= III - IV)
Exceptional items (VI)
Profit / (loss) before tax (VII= V - VI)
Tax Expense (VIII):
(1) Current tax
(2) Deferred tax
Profit / (loss) for the period from
continuing operations (IX= VII - VIII)
Profit / (loss) for the period from
discontinued operations (X)
Tax Expense of discontinued operations
(XI)
Profit / (loss) for the period from
discontinued operations after tax
(XII= X - XI)
Profit / (loss) for the period (XIII= IX
+ XII)
Other Comprehensive Income (XIV)
(A) (i) Items that will not be reclassified to
profit or loss (specify items and amounts)
(ii) income tax relating to items that will
not be reclassified to profit or loss
SUB-TOTAL (A)
(B) (i) Items that will be reclassified to
profit or loss (specify items and amounts)
(ii) income tax relating to items that will
be reclassified to profit or loss
SUB-TOTAL (B)
Other Comprehensive Income (A+B)
Total Comprehensive Income for the
period (XV = XIII + XIV) (Comprising
Profit (Loss) and other Comprehensive
Income for the period)
Earnings per equity share (for
continuing operations) (XVI)
Basic (`)
Diluted (`)

CA Harshad Jaju
14.84 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Earnings per equity share (for

discontinued operations) (XVII)
Basic (`)
Diluted (`)
Earnings per equity share (for
continuing and discontinued
operations) (XVIII)
Basic (`)
Diluted (`)
Note : Student may also refer illustrative format of Statement of Changes in Equity prescribed under
Division III of Schedule III for more understanding.
8.3 Difference between Division II (Ind- AS- Other than NBFCs) and Division III (Ind- AS-
NBFCs) of Schedule III
The presentation requirements under Division III for NBFCs are similar to Division II (Non NBFC)
to a large extent except for the following:
a. NBFCs have been allowed to present the items of the balance sheet in order of their liquidity which
is not allowed to companies required to follow Division II.
b. An NBFC is required to separately disclose by way of a note any item of ‘other income’ or ‘other
expenditure’ which exceeds 1 per cent of the total income. Division II, on the other hand, requires
disclosure for any item of income or expenditure which exceeds 1 per cent of the revenue from
operations or `10 lakhs, whichever is higher.
c. NBFCs are required to separately disclose under ‘receivables’, the debts due from any Limited
Liability Partnership (LLP) in which its director is a partner or member.
d. NBFCs are also required to disclose items comprising ‘revenue from operations’ and ‘other
comprehensive income’ on the face of the Statement of profit and loss instead of showing those
only as part of the notes.
e. Separate disclosure of trade receivable which have significant increase in credit risk & credit
impaired
f. The conditions or restrictions for distribution attached to statutory reserves have to be separately
disclose in the notes as stipulated by the relevant statute.

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.85
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

Particulars Note No. Figures for year ended 31st

March, 2023 (in ` Crores)
Revenue from Operations
(i) Interest income 15 9500
(ii) Dividend income -
(iii) Rental Income 150
(iv) Fees and commission income 16 100
(v) Net gain on fair value changes 17 150
(vi) Net gain on derecognition of financial instruments
under amortised category
(I) Total revenue from operations 9900
(II) Other Income 18 100
(III) Total Income 10000

CA Harshad Jaju
14.86 Swapnil Patni Classes caharshad
98812 92971
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

CA Harshad Jaju
98812 92971
Swapnil Patni Classes caharshad 14.87
 SPECIAL FEATURES OF AUDIT OF BANKS &
NON-BANKING FINANCIAL COMPANIES

CA Harshad Jaju
14.88 98812 92971
Swapnil Patni Classes 14.88
caharshad