Auditor’s Duty: How Auditors Can Legally Report Fraud in Companies

As auditors, have a central role to play in upholding the financial integrity and transparency among the business world values by identifying and reporting fraud in companies, their work is guided by statutory rules, professional guidelines, and ethical codes, which make them central figures in the war against corporate fraud.

As per companies act there are professionals who conduct the audit which includes chartered accountants, cost accountants.etc. They are assigned their respective responsibilities to follow and it is well defined under the act. According to Section 143(12) of the Companies act, 2013 requires reporting of the fraud by the CAs, Cost accountants and company secretaries.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Auditor and Its Responsibilities

Who is an Auditor

An auditor, typically a chartered accountant, is an independent professional appointed to examine a company’s financial records, transactions, and internal controls. With regards to section 143(12), CAs, cost accountants..etc are bound to report the fraud. They are legally entitled to access the books of accounts and vouchers at any time, whether maintained at the registered office or elsewhere. The auditor may seek necessary explanations and information from the company’s officers to perform their duties effectively.

Areas of Investigation by Auditor

While conducting an audit, the auditor must specifically examine:

• Security and terms of loans and advances
• Propriety of book-entry transactions
• Undervaluation of investments
• Misclassification of deposits
• Inclusion of personal expenses in company accounts
• Authenticity of cash received against share allotments

In the case of holding companies, the auditor also has access to the records of subsidiaries and associate companies for the purpose of consolidating financial statements.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Auditor’s Report and Responsibilities

statements to be presented in the general meeting. The report should:

• Comply with the Companies Act and applicable auditing/accounting standards
• Present a true and fair view of the company’s financial position
• State whether proper books were maintained
• Confirm whether adequate information and explanations were received
• Disclose compliance with prescribed financial standards

The report should also highlight any:

• Adverse transactions or observations
• Disqualification of directors
• Issues in internal financial controls
• Other prescribed matters

Any qualifications or negative remarks must be explained with appropriate reasons.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Audit of Government Companies

In the case of government companies or those controlled by the government:

• The Comptroller and Auditor General of India (CAG) appoints the auditor
• CAG may issue directions for audit conduct
• Auditor submits the report to CAG
• CAG may carry out a supplementary or test audit and provide comments to be attached with the financial statements

Audit of Branch Offices

For companies with branch offices:

• The branch may be audited by the company’s main auditor or a qualified branch auditor
• In case of foreign branches, a foreign-qualified auditor may be appointed
• The branch auditor’s report must be submitted to the main auditor, who includes it in the overall audit report

Compliance with Auditing Standards

Auditors must follow the auditing standards:

• Recommended by the Institute of Chartered Accountants of India (ICAI)
• Prescribed by the Central Government in consultation with the National Financial Reporting Authority (NFRA)

The Central Government may also require the inclusion of additional reporting matters for specified classes of companies.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Mandatory Fraud Reporting Obligations

If an auditor suspects fraud by officers or employees of the company, they must report it as follows:

• To the Central Government, in case of significant frauds
• To the Audit Committee or Board, in minor cases

Such frauds must also be disclosed in the Board’s Report. Reporting in good faith shields the auditor from liability.

These obligations apply equally to:

• Cost accountants conducting cost audits
• Company secretaries conducting secretarial audits

Non-compliance can result in penalties, with higher fines for listed companies.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Fraud Reporting: Who Is Covered Under Section 143(12) of the Companies Act, 2013?

Section 143(12) of the Companies Act, 2013 mandates that statutory auditors, cost accountants conducting cost audits, and company secretaries conducting secretarial audits must report frauds committed by officers or employees of the company. This obligation does not extend to professionals performing other types of audits, such as tax or VAT audits.

Section 143(12) reporting obligation is for company statutory auditors and also the same applies to the cost accountant in practice who carries out the cost audit under Section 148 of the Act; and for the company secretary in practice carrying out the secretarial audit under Section 204 of the Act.

It may be noted that internal auditors appointed under Section 138 of the Companies Act are not specified as persons required to report frauds under Section 143(12). This obligation is limited to statutory auditors, including those appointed under Section 139.

As per sub-rule (3) of Rule 12 of the Companies (Audit and Auditors) Rules, 2014, the provisions of Section 143(12), read with Rule 13, regarding fraud reporting also apply to branch auditors appointed under Section 139, but only to the extent it relates to the branch concerned.

Importantly, Section 143(12) covers only fraud committed by officers or employees of the company. It does not include frauds by third parties such as vendors or customers.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Thresholds and Manner of Fraud Reporting

1. Fraud Involving ₹1 Crore or More: Reporting to Central Government

If the auditor believes a fraud involving ₹1 crore or above has been or is being committed by officers or employees, he must:

• Inform the Board/Audit Committee within 2 days of knowledge.
• Seek their reply/observations within 45 days.
• Forward report to the Central Government (MCA Secretary) within:
  • 15 days of receiving a reply/observation, along with:
    • Auditor’s report,
    • Board/Audit Committee’s response, and
    • Auditor’s comments on the response.
  • Or, if no reply is received within 45 days, forward the original report with a note regarding non-receipt of a response.
• Mode of Submission:
  • By Registered/Speed Post in a sealed cover with acknowledgment due.
  • Followed by an email confirmation.
• Report Format:
  • On auditor’s letterhead (with contact details),
  • Signed and sealed, mentioning Membership Number,
  • In Form ADT-4.

Big Changes in the Companies Act! Are You Updated? Click here to know more

2. Fraud Involving Less than ₹1 Crore: Reporting to Board/Audit Committee

• Auditor shall report within 2 days of knowledge.
• The report must include:
  • Nature of the fraud with description,
  • Approximate amount involved, and
  • Parties involved.

Disclosures in Board’s Report

For all such frauds (below ₹1 crore) reported during the year, the Board's Report shall disclose:

• Nature and description of fraud,
• Approximate amount involved,
• Parties involved (if remedial action not taken),
• Remedial action taken, if any.

Auditor’s Duty to Detect Fraud During Audit of Financial Statements

Auditor’s Duty to Report Fraud [Section 143(12)]

If an auditor, during the course of performing an audit in accordance with the Standards on Auditing (SAs), has reason to believe that a fraud has been or is being committed by officers or employees of the company, he is duty-bound to report it as per Section 143(12).

Applicability of Auditing Standards [Sections 143(9), 143(10), 143(2)]

Auditors must comply with SAs while conducting audits. Therefore, the phrase “in the course of performance of his duties as an auditor” implies duties performed strictly in accordance with SAs.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Limitations of Auditor in Detecting Fraud

Auditors may not detect frauds unless reflected in financial statements, such as:

• Undisclosed employee pay-offs.
• Misuse of passwords to access sensitive data.
• Diversion of company business by employees.

Reporting in Case of Other Services (Attest/Non-Attest)

Section 143 of the Companies Act, 2013, effective from April 1, 2014, outlines the statutory duties and responsibilities of auditors in relation to financial statements prepared under the Act. However, auditors often perform additional attest functions beyond the scope of this section, such as limited reviews under SEBI Regulation 33, audits of interim financial statements under Accounting Standard 25, tax audits under the Income-tax Act, 1961, or issuing specific certificates.

These services, though not mandated under the Companies Act, 2013, may still require the auditor to consider the provisions of Section 143(12), especially when such attest engagements are statutorily linked to the auditor of the company. The scope and procedures of such engagements typically differ from a statutory audit.

If, during these attest or non-attest services, the auditor uncovers fraud by the company’s officers or employees particularly of a magnitude prescribed under Rule 13 of the Companies (Audit and Auditors) Rules, 2014 and this information influences the statutory audit, it may trigger the obligation to report under Section 143(12).

Big Changes in the Companies Act! Are You Updated? Click here to know more

Fraud Already Reported by Others

Paragraph 4 of SA 240 and Section 134(5) of the Companies Act, 2013, establish that the responsibility for preventing and detecting fraud lies primarily with the company’s management and those charged with governance.

Section 143(12) requires an auditor to report frauds only if the auditor is the first to identify such an offence during the course of their duties. If a fraud has already been identified by the management, a vigil mechanism, or another statutory auditor (such as a cost or secretarial auditor), and the matter is being addressed, the statutory auditor is not required to report it again under Section 143(12).

However, the auditor must exercise professional skepticism to ensure that the fraud was indeed detected through these channels and not through their own procedures. In cases involving fraud of ₹1 crore or more, even if the fraud is already reported, the auditor must assess the adequacy of the steps taken by the management or those charged with governance.

If unsatisfied, the auditor must document the reasons, request further action, and, if no satisfactory response is received within 45 days, consider reporting the matter to the Central Government under Rule 13 of the Companies (Audit and Auditors) Amendment Rules, 2015.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Reporting Fraud in Consolidated Financial Statements (CFS)

As per Section 129(4) of the Companies Act, 2013, the audit provisions applicable to standalone financial statements of a holding company also extend to its consolidated financial statements. This raises a pertinent question whether the auditor of the holding company is required to report suspected frauds in its subsidiaries, joint ventures, or associates.

Under Section 143(12), an auditor must report a suspected offence involving fraud only if it is committed by the officers or employees of the company being audited. Hence, the parent company’s auditor is not obligated to report frauds committed in an Indian subsidiary, as that responsibility lies with the subsidiary’s auditor.

Similarly, no reporting is required for frauds in foreign or non-corporate components since their auditors are outside the purview of Section 143(12). However, the parent company’s auditor must report suspected frauds in such components if the offence was committed by the parent company’s officers or employees and is against the parent company, provided the fraud is either detected during the audit of the consolidated financials, directly reported by the component auditor, or involves a non-company component not covered by Section 143(12).

Fraud Relating to Pre-2013 Act Periods

Under the Companies Act, 1956, there were no provisions similar to Section 143(12) of the 2013 Act, and the Companies (Auditor’s Report) Order, 2003 (CARO) only required auditors to report frauds noticed or reported during the year. Therefore, auditors were not obligated to report frauds in the same manner as under Section 143(12) prior to the 2013 Act’s implementation.

For frauds related to periods under the 1956 Act, reporting under Section 143(12) will only apply if the suspected fraud is identified by the auditor during the audit of financial years starting on or after April 1, 2014, provided the fraud was not previously addressed in the financial statements, audit report, or Board’s report under the 1956 Act.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Reporting under Section 143(12) – Based on Suspicion - Reason to Believe, Knowledge or on Determination of Offence?

Section 143(12) of the Companies Act, 2013 requires an auditor to report if they have "reason to believe" that an offence of fraud has occurred or is occurring within the company. Rule 13 of the Companies (Audit and Auditors) Amendment Rules, 2015 further defines this requirement by specifying the thresholds of "reason to believe" and "knowledge."

The term "suspected offence involving fraud" is used in Form ADT-4 for reporting to the Central Government. To trigger the reporting requirement, the auditor must have evidence that indicates fraud is occurring or has occurred. Suspicion, based on tentative evidence, is not enough; there must be sufficient information to support a reasonable belief that fraud has taken place.

The auditor's professional skepticism and assessment of audit evidence are key in forming this belief. While the auditor may suspect fraud, the legal determination of an "offence" lies with the authorities, not the auditor. Therefore, reporting is required when the auditor has conclusive evidence, not just suspicion, that fraud has been committed by the company's officers or employees.

Big Changes in the Companies Act! Are You Updated? Click here to know more

Reporting under Section 143(12) in case of Corruption, Bribery, Money Laundering and Non-compliance with other Laws and Regulations

In cases involving corruption, bribery, money laundering, or other intentional non-compliance with laws, the impact whether beneficial or penal is directly on the company. While conducting the audit, the auditor must comply with relevant Standards on Auditing (SAs), particularly SA 240 and SA 250, which address the auditor’s responsibilities relating to fraud and legal compliance.

If such instances come to the auditor’s notice during the audit, they must assess the potential material impact on the financial statements as per SA 250. For reporting under Section 143(12), the auditor must evaluate whether such acts were committed by the company’s officers or employees.

For instance, if the auditor identifies that a fraudulent income tax return was filed to evade taxes, such a fraud must be reported under Section 143(12), regardless of whether provisions were made in the books. Additionally, Section 147(2) warns that if an auditor knowingly or willfully contravenes provisions like Section 143 with intent to deceive stakeholders, they are liable for punishment, including imprisonment and substantial fines.

Support our journalism by subscribing to Taxscan premium. Follow us on Telegram for quick updates