Audit is an unbiased independent examination and evaluation of a process. It is most commonly used in the context of audit of financial statements of a company, but there can also be audit of the operations and processes of a company, or an audit of the legal compliances. The purpose of audit is to determine whether a company is providing a fair and accurate representation of its position to its stakeholders.
A company is owned by its shareholders. They do not have a managerial role to play in the company. Sitting outside, it is difficult for them to assess whether the statements put out by the management are correct. In order to safeguard their interest, law and regulations have provided for some gatekeepers, who, on behalf of the shareholders, can examine whether the management is running the company on the straight and narrow path. One such important gatekeeper is the auditor. In India, law and regulations have mandated the appointment of 4 types of auditors, who can be together called Corporate Governance auditors in India, depending on the business of a company.
- Statutory or external auditor – He/she is appointed to review/ verify the accuracy and the correctness of the financial statements of a company, and to give an independent assurance that the financial statements are true and fair. In the process, he/she examines the bank balances, bookkeeping entries and financial transactions, in addition to certain legal compliances. A Statutory auditor is recommended by the Board to the shareholders, and is appointed by the shareholders, to whom he/she is ultimately accountable. Contrary to the common belief, the client of the auditor is the shareholders, and not the management, even though the latter gives the letter of engagement. Some companies, such as banks, also appoint two or more Statutory auditors, especially if the operations of the company are vast. The auditor reports to the Audit Committee of the Board, and submits his/her report post the close of each financial year.
- Internal auditor – He/she is appointed to provide an independent and objective evaluation of the business activities of a company, including the processes being followed by it. He/she is tasked with ensuring that the company has laid down proper and sufficient procedure and processes, and the same are functioning effectively. This audit focuses on all the departments of the company. As a result, the internal audit team should be multi-disciplinary, and should understand the business of the company. The Internal auditor is appointed by the management, and reports to the Audit Committee with his/her findings. The Internal audit plan, prior to the commencement of the audit process, is also approved by the Audit Committee. To ensure independence of this function, the Internal auditor should report directly to the Audit Committee, with him/her reporting to the Managing Director/ CEO of the company for administrative purpose alone. Unlike the Statutory auditor, an Internal auditor can either be an internal person/ department or the process can be outsourced. Care should however be taken to ensure that the person has the correct skillsets, required specifically for the company.
- Secretarial auditor – He/she is appointed to ascertain whether the company and its material unlisted subsidiaries, if any, are compliant with all laws and regulations applicable to it/ them, including the maintenance and proper archiving of all registers/ documents. He/she is appointed by the management, and reports to the Board. There are two different reports that are submitted post the close of each financial year. One report is called the Secretarial Audit Report, as mandated by the Companies Act, 2013, and the other report is called the Secretarial Compliance Report, as mandated under SEBI LODR Regulations, 2015. The former focuses on compliance with all laws and regulations that are applicable to the company, while the latter focuses on compliance with regulations of SEBI, as appliable to the company.
- Cost auditor – Companies, which are into manufacturing, have to appoint a Cost auditor, who is involved with the verification of cost accounts of a company. He/she is recommended by the Board to the shareholders, but is appointed by the shareholders, and reports to the Audit Committee. He/she submits his/her report post the close of each financial year.
For the audit process to run smoothly, and for it to be efficient, it is important that the independence of each of the auditors is ensured. The Board has a huge role in ensuring this. There should also be complete avoidance of any conflict of interest, real or perceived. Non-audit services being performed by the auditor is one classic example of conflict of interest, since it has the potential of reducing the independence of the auditor. It is also important for the auditors to interact with one another so that there is no aspect of the functioning of the business that escapes their attention. Forward looking companies also ensure that the auditors meet the Board/ Audit Committee without the presence of management persons, so that the auditors can articulate concerns, if any, that they may have with the management. Also, since auditors have experience and exposure to a number of companies, it is a good practice to ask them to suggest good practices that can help the company improve.