Audit regulator NFRA seeks e-locker for auditors to keep Audit Working Papers

The National Financial Reporting Authority (NFRA) has been working to put in place a mechanism for auditors to keep their files safe and tamper-proof.

The government has been looking for a mechanism similar to DigiLocker that caters to individuals.

The action follows a recent regulatory action by the Public Company Accounting Oversight Board (PCAOB), NFRA’s American counterpart, which imposed a fine on KPMG India and sanctioned the audit firm and its engagement partner Sagar Pravin Lakhani.

KPMG India received a $1 million fine, while Lakhani received a $75,000 fine. It was also barred from collaborating with a registered public accounting firm for a year.

“Lakhani and other members of the KPMG India engagement team approved dozens of blank work papers. The blank work papers were often replaced with completed work papers after the audit report was issued, but the signoff dates were not updated. As a result of this practise, the work papers did not accurately reflect the dates that the audit work was completed and reviewed. KPMG India was aware that its audit software allowed personnel to modify or update audit documentation without changing the signoff date,” according to the PCAOB.

With the benefit of experience, NFRA is considering the use of technology to prevent auditors from manipulating records. The law requires auditors to complete their audit files and prohibits them from tampering with them later in any way. Regulatory agencies, such as NFRA, only monitor audit files, and if they are compromised, the oversight is ineffective.

The regulatory authority intends to require that audit files be archived electronically, with time stamps placed on the documents, in a manner similar to the DigiLocker mechanism. Despite being stored in a neutral location, all records will be accessible only to audit firms. Whenever the NFRA needs access to the documents, it will request it, and the firm in question will be required to share it.

Records of any additions will be kept, and data once filed cannot be deleted.

The NFRA is in charge of monitoring and enforcing compliance with accounting and audit standards, as well as overseeing service quality.