Internal audit plays a critical role in ensuring the smooth functioning and ethical conduct of businesses. It’s an independent appraisal activity designed to provide assurance to an organization’s management about the effectiveness of its risk management, control, and governance processes. In India, internal audits have gained prominence due to increasing regulatory requirements and the need for transparency in business operations. Let’s delve deeper into the intricacies of internal audit within the legal and regulatory framework.

Regulatory Framework

The significance of internal audit in India is underscored by several key Acts and regulations:

Companies Act, 2013 (Section 138): The Companies Act, 2013, is a significant piece of legislation that governs internal audits in India. Section 138 of the Act mandates the appointment of an internal auditor for certain classes of companies, such as:

• Every listed company
• Every unlisted public company with:

• • Paid-up share capital of ₹50 crore or more during the preceding financial year
  • Turnover of ₹200 crore or more during the preceding financial year
  • Outstanding loans or borrowings from banks or public financial institutions exceeding ₹100 crore at any point during the preceding financial year
  • Outstanding deposits of ₹25 crore or more at any point during the preceding financial year

• Every private company with:

• • Turnover of ₹200 crore or more during the preceding financial year
  • Outstanding loans or borrowings from banks or public financial institutions exceeding ₹100 crore at any point during the preceding financial year.
    
    

The Institute of Chartered Accountants of India (ICAI) Guidance Note on Internal Audit: The Institute of Chartered Accountants of India (ICAI) has issued Standards on Internal Audit (SIA) to provide a framework for the conduct of internal audits. These standards guide internal auditors in planning, performing, and reporting their audit activities. Key SIAs include:

SIA 1: Planning an Internal Audit

SIA 2: Basic Principles Governing Internal Audit

SIA 3: Documentation

SIA 4: Reporting

How to Appoint an Internal Auditor?

The Board of Directors is responsible for appointing an internal auditor. According to the Companies Act, 2013, this requires passing a formal resolution at a Board meeting, specifying the qualifications, experience required, and the scope of the internal audit engagement.The process of appointing an internal auditor typically involves the following steps: 

Eligibility Check:

The Board ensures the chosen candidate meets the eligibility criteria as outlined in the Companies Act and relevant guidance notes. This could include being a Chartered Accountant, Cost Accountant, or another qualified professional deemed suitable by the Board.

Selection Process:

The Board may shortlist candidates based on their qualifications, experience, and expertise in internal audit. confirmation from the selected individual affirming their consent to be appointed as the internal auditor.

Board Meeting and Resolution:

Following the selection process, the Board formally approves the appointment of the internal auditor through a resolution passed at a Board meeting.

Documentation and Filing:

After the Board meeting, the company prepares necessary documentation regarding the appointment, including certified copy of the order and details of the appointed internal auditor.

Filing with ROC (Registrar of Companies):

Within 30 days of the Board meeting, the company must file Form MGT-14 with the ROC, notifying them of the internal auditor’s appointment. A prescribed fee is to be paid during submission.

Letter of Appointment:

A formal letter of appointment is sent to the selected internal auditor, detailing their duties and responsibilities.

Internal Audit Process

The internal audit process typically follows a structured approach with well-defined phases. Here’s a breakdown of the common stages involved:

1. Planning and Scoping: The internal audit process begins with identifying the areas or departments to be audited based on risk assessments and organizational priorities. The audit team gathers information about the organization’s goals, strategies, and risk profile to develop an audit program outlining objectives, scope, methodology, and timeline. Resource allocation is then determined, including necessary auditor expertise and time allocation.
   
   
2. Fieldwork: During the fieldwork phase, the internal audit team conducts interviews with personnel, reviews relevant documentation, and tests internal controls to assess adherence to guidelines and identify inconsistencies. Continuous communication is maintained with management to keep them informed about progress and preliminary findings.
   
   
3. Reporting: After fieldwork, the team drafts a comprehensive report detailing audit findings, observations, and recommendations for improvement. This draft is reviewed and discussed with management for feedback and accuracy before issuing the final report to the Board of Directors or Audit Committee, depending on the organizational structure.
   
   
4. Follow-Up: The internal audit team follows up with management on the implementation of recommended actions and monitors progress to ensure corrective measures are effective.

Key Areas of Focus

Internal audit departments or outsourced internal audit firms offer a variety of services to organizations:

• Financial Statement Audit: Internal auditors may review and test the accuracy and completeness of financial statements, complementing the work of statutory auditors.
  
  

• Operational Audit: This type of audit assesses the effectiveness, efficiency, and economy of operational processes across different departments within an organization.
  
  

• Compliance Audit: Internal auditors ensure the organization’s adherence to various laws, regulations, and industry standards.
  
  

• IT Audit: This specialized audit evaluates the organization’s information technology infrastructure, controls, and security measures.
  
  

• Fraud Detection and Investigation: Internal auditors play a crucial role in preventing, detecting, and investigating fraudulent activities within an organization.
  
  

Benefits of Internal Audit

An effective internal audit function provides several advantages to organizations, including:

• Strengthening internal controls and enhancing risk management
• Ensuring compliance with laws, regulations, and company policies
• Detecting and preventing fraud
• Improving the reliability and accuracy of financial reporting
• Enhancing operational efficiency and effectiveness
• Providing independent and objective assessments to management
• Building trust and confidence among stakeholders
  
  

Challenges and Best Practices

Internal audits offer significant advantages to Indian businesses, but they also face hurdles. Limited resources, resistance to change, and a complex regulatory environment can hinder their effectiveness. To overcome these challenges, organizations should prioritize internal audit. This includes investing in training for auditors, building a strong and well-supported internal audit function, and fostering a culture that embraces accountability and continuous improvement. By addressing these concerns, businesses can unlock the full potential of internal audit and achieve greater operational efficiency and risk mitigation.

In short, Internal audit plays a vital role in fostering a culture of good governance, risk management, and ethical conduct within Indian businesses. By adhering to relevant legal and regulatory frameworks, adopting a risk-based approach, and maintaining independence, internal auditors can significantly contribute to an organization’s long-term success.

The vigilant internal audit team, at BCL India, armed with the necessary technical expertise, can help your entity achieve robust and standard practices in finance, risk management, and statutory compliance. By providing objective assessments and actionable recommendations, BCL India supports businesses in mitigating risks and fostering sustainable growth.