The National Financial Reporting Authority (NFRA) of India is reportedly proposing to establish a method for auditors that would assist them in keeping their audit documentation files and information safe in a tamper-proof way, to avoid KPMG-like tampering. This would be similar to DigiLocker, which caters to individual users, as reported by ET News.
Following the recent regulatory action taken by its American counterpart, the Public Company Accounting Oversight Board (PCAOB), the regulator for auditors of listed and large Indian companies, the NFRA has also moved in the same direction in the matter of instances of manipulation of audit document files. PCAOB has levied a penalty of one million dollars on the audit firm KPMG India and a penalty of seventy-five thousand dollars on the engagement partner of the firm, CA Sagar Pravin Lakhani, in addition to a one-year suspension from associating with a registered public accounting firm.
It has been brought to the attention of the PCAOB that CA Sagar Pravin Lakhani, the engagement partner, along with other members of the KPMG India engagement team, signed off on dozens of blank working papers. These papers were subsequently replaced, after the issuance of the audit report, with completed working papers; however, in many instances, the signoff dates were not updated on the completed working papers. Because of this approach, the working papers did not accurately reflect the dates on which the audit work was really finished and evaluated. In addition, KPMG India was aware of the fact that its audit software enabled its workers to edit or amend audit paperwork without changing the signoff date.
As a consequence of this, the NFRA has been debating whether or not to implement the technology known as “digilocker” in order to prevent auditors from potentially manipulating data and audit paperwork. The law mandates that auditors finish their audit files and prohibits them from making any changes to the information later on in any way. Only the audit files are subject to oversight by regulatory authorities such as the NFRA, and if any of those files are tampered with, the oversight will be rendered ineffective.
It has been reported that the NFRA intends to mandate that the audit files be archived electronically with time stamps placed on the documents in a manner that is analogous to the technique used by DigiLocker. Even if they are going to be kept in an impartial location, the audit firms will have access to all of the records. At any time that the NFRA requires access to the records, it will make a request for access, and the company in question will be obligated to provide it.
In the event that any additions or adjustments are made, the originals cannot be removed without causing a chain reaction. Additionally, the records of these adjustments and additions will be accessible to users.