Delhi, India: The National Financial Reporting Authority (NFRA) is looking to implement a similar mechanism for auditors to safely store their audit files in a tamper-proof manner, following DigiLocker for individuals.
The regulator for auditors of listed and large Indian companies discovered instances of file manipulation, and the Public Company Accounting Oversight Board (PCAOB), the American counterpart of the NFRA, recently sanctioned KPMG India and its engagement partner Sagar Pravin Lakhani with a fine.
Lakhani was fined $75,000 and banned from collaborating with a registered public accounting firm for a year, while KPMG India was fined $1 million.
“...Lakhani and other KPMG India engagement team members approved dozens of unsigned work papers. After the audit report was issued, completed work papers were frequently replaced with blank work papers; however, the signoff dates were not updated. The work papers did not accurately reflect the dates on which the audit work was actually completed and reviewed as a result of this practice. According to the PCAOB, KPMG India was aware that its audit software permitted personnel to modify or update audit documentation without altering the signoff date.
The experience has taught NFRA to think about using technology to stop auditors from manipulating records. The law prohibits auditors from tampering with their audit files in any way after they have been completed. Only the audit files are under the control of regulatory agencies like NFRA, and if those files are compromised, the oversight is ineffective.
Similar to DigiLocker, the regulator intends to require that audit files be archived electronically and timestamped. Despite being stored in a neutral location, audit firms will have access to all records. The company in question will be obligated to share the documents whenever NFRA requests access to them.
There will be records of any additions, and data that has been filed cannot be deleted.
The quality of service and compliance with accounting and auditing standards are the responsibilities of NFRA.