Guidance Note for Forensic Accounting and Investigation Standard No. 330 on Conducting Work Procedures outlines the approach for professionals to prepare and execute work procedures in compliance with the Standard during a Forensic Accounting and Investigation (FAI) assignment. The guidance note aims to ensure a meticulous and efficient execution of the assignment by assisting professionals in developing relevant work procedures directly aligned with the assignment’s mandate and objectives. The work procedures should be executed in two phases, focusing on gathering pertinent information and evidence to support or challenge the assignment’s objectives. Additionally, the note emphasizes the use of tools and techniques to identify fraud risk indicators during evidence collection and emphasizes the importance of maintaining and updating documentation and communication in accordance with quality standards. The guidance note provides practical examples and illustrations to facilitate professionals in seamlessly implementing the work procedure requirements throughout the assignment.
Digital Accounting Assurance Board
The Institute of Chartered Accountants of India
1st June, 2023
GUIDANCE NOTE FOR FORENSIC ACCOUNTING AND INVESTIGATION STANDARD NO. 330 ON CONDUCTING WORK PROCEDURES
EXPOSURE DRAFT Approved by DAAB (On 1 June’23)
This Guidance Note provides technical clarifications and implementation guidance on how to prepare for and conduct work procedures on Forensic Accounting and Investigation Standard Number 330, on “Conducting Work Procedures,” issued by the Institute of Chartered Accountants of India (ICAI) and should be read in conjunction with all the Standards relevant to the topic. The contents of this Guidance Note are recommendatory in nature and do not represent the official position of the ICAI. The reader is advised to apply his best Professional judgement in the application of this Guidance Note considering the relevant context and prevailing circumstances.
1.0 Introduction
1.1 FAIS 330 on “Conducting Work Procedures” expects the Professional to conduct work procedures which give direction to effective execution of the Forensic Accounting and Investigation (FAI) assignment and help achieve its objectives.
1.2 The requirements of the Standard are expected to be implemented through:
(a) Designing work procedures based on the scope and objectives of
(b) Applying relevant tools and techniques, hypotheses, possibility of fraud indictors, etc.
(c) Documenting, communicating and reviewing progress makes the process of executing work procedures effective.
1.3 Further, the Standard has indicated how in FAI assignments, a phased approach is quite effective:
- Phase 1 (Preliminary Review), with focus on collecting data and
- Phase 2 (Detailed Investigation), through interviews and direct interactions with relevant stakeholders.
2.0 Objectives
2.1 This Guidance Note (GN) outlines the manner in which the Professional undertakes the preparation and execution of work procedures for implementing the requirements of the Standard during the course of a FAI assignment.
2.2 The GN aims to ensure that there is a meticulous approach in the execution of the assignment, and that, it is carried out effectively in an efficient manner.
2.3 The objective of the GN is to assist the Professional in developing and conducting work procedures in order to comply with the Standard as follows:
(a) Prepare a complete set of work procedures by ensuing they are directly related to the mandate of the assignment and relevant to its objectives.
(b) Execute the work procedures in two phases, where initially the focus is to gather all relevant information and evidence to prove or disprove the
(c) In the gathering of the evidence, certain tools and techniques need to be deployed and used to highlight relevant fraud risk indicators.
(d) Ensuring that basic quality aspects of documentation and communication are maintained and updated when appropriate.
2.4 The GN also provides examples and illustrations to help the Professional apply the work procedure requirements in a seamless and effective manner all through the assignment.
3.0 Procedures
3.1 As indicated in FAIS 310 on “Planning the Assignment”, the development of work procedures commences at the planning stage itself, since fraud risk and other key activities have already been conducted at that time. The Professional would therefore take the output from the planning stage as a starting point for developing the work procedures. At this stage the work procedures are finalised prior to executing them in the field.
3.2 To finalise the work procedures, the Professional would seek out some specific and detailed information, an indicative list of which is presented below:
(a) Confirm the initial understanding of the issues, allegations or suspicions.
(b) Prepare a timeline of events.
(c) Understand the financials and substantial events which would have taken place during the review period.
(d) Conduct preliminary public domain searches to get a sense of what is what;
(e) Understand the systems and processes followed by the entity – focus on major customers, suppliers, etc.
(f) Perform an overall financial analysis, listing potential grey areas.
(g) Chart out fraud risk indicators and “red flags”.
(h) Application and testing of hypothesis.
3.3 The Professional may deploy resources with a strategic approach to focus on various aspects of an engagement and parallelly conduct data documentation review, transaction testing, review of digital evidence, intelligence, and public domain searches, as a combination of Phase 1 and Phase 2, as required in the scope of work.
3.4 It is important to note that FAI engagements are dynamic in nature and evolve during the execution as well, therefore the Professional would be required to be prompt to adapt to the change and accordingly modify the work procedures and methodology.
3.5 Also, after which, field procedures may be conducted along with interviews and interactions to drive conclusions based on the inferences drawn and evidence extracted.
3.6 In addition, analytical analysis and other approaches need to be used including FAIS 410 and 420.
3.7 Also, it is conveyed that there may be some assignments not involving Phase 2 since the Phase 1 may provide all the evidence required to meet the objectives of the assignment.
For instance, if all the required data sets are provided to the Professional to identify any irregularities in the sales made from a particular location, and if the scope of work does not require the Professional to undertake any interviews, then Phase 2 work procedures may not be required. The Standard provides an illustrative list of the usual Work Procedures relevant in each phase, followed by an explanation of the needs, comprehension, and interpretation of the same with a practical approach.
4.0 Explanations with Examples
4.1 Example 1: Loan account has turned NPA and forensic assignment is to be undertaken by the Professional to prepare a fund trail, in such a case, following work procedures can be undertaken:
(a) Analyse the financial statement of the borrower its related parties – Associate companies, subsidiary companies, joint ventures, step-down subsidiary companies, etc. to find if funds are transferred with the intent to hide/layering. Layering can include changing the nature of assets i.e. from cash to gold & silver, real estate, etc.
(b) Analyse the Bank Statement of the borrower and its Related parties – Associate companies, subsidiary companies, joint ventures, step-down subsidiary companies, etc., Key Managerial Person (KMP), and Relatives of KMP to find the flow of funds.
(c) Verify the Income Tax Returns (ITR) of concerned companies/persons to identify the income from different sources, bank account number.
(d) Cash flow statements/all cash transactions with details.
(e) Loan statements/details.
(f) End use of funds of Loans and advances.
(g) Share Transactions of group/Related parties.
(h) Items of Profit & Loss Statements with Particular details.
(i) Details of parties to whom advances were given.
(j) Property details – ITR, CERSAI check.
(k) Comparison of Bank Statements and Book of Accounts.
(l) Any charges registered against the target company, KMP, Related companies, etc.
4.2 Example 2: Undertaking a review to identify Preferential, Undervalued, Extortionate Credit and/or Fraudulent transactions as per the regulations of the Insolvency and Bankruptcy Code, 2016, following work procedures could be carried out:
(a) Transactions/Events Analysis:
- Analysis of paper documents as well as information in the computer
(b) Financial Statement Analysis:
- Different analytical ratios to identify any unusual change in inflow/outflow.
- Comparisons of similar transactions with the historical data as well as the industry trends.
(c) Document Analysis:
- Check the authenticity of documents – whether it is approved by the defined authority as per the rules/policy.
(d) Additional Analysis:
- Sale of assets at loss to known parties shortly before the commencement of CIRP or assets turning NPA.
- Purchase and Sales records/transactions –
(i) To know bogus/fictitious purchases/sales.
(ii) To check whether transactions with related parties are carried out at a favourable rate.
- Whether Related Party Transactions (other than purchase and sale) are carried out at arm’s length basis.
(e) Loan and/or Advances and/or Borrowings:
(i) To know the Repayment Sequence of secured and unsecured loans to identify any irregularities.
(ii) Checking whether the loan has been utilized for the purpose for which they were taken.
(f) Cash transactions/Receipt-Payment records:
(i) To identify duplicate receipts and payments.
(g) Employee master and Salary records
(i) Identifying Duplicate/Ghost employees by analysing the employee master and salary records.
(ii) To check if a higher salary has been paid to any employee who is a relative/known person or has a relative working in the same
(iii) To know the regularity and disparity in paying salary to normal employees with that of a relative.
4.3 Example 3: Management wants a proactive review to be undertaken from forensic accounting perspective through a Professional with regard to the Inventory area of the Financial Statement, in such a case, following work procedures can be undertaken:
(a) Matching the vendor invoices with payment made; to see if correct Goods Receipt Note (GRN) was submitted by store manager to Finance Department.
(b) Check if there is any abnormal frequency of Purchase Orders (PO) that shows signs of stock embezzlement.
(c) To verify if the suspected employee has any relatives working in the company to check for collusion, if any.
(d) In case of perishable goods/foodstuffs, look for date of expiry and the date of embezzlement if any.
(e) Match the quantity of goods in the invoice with the physical quantity by performing volumetrics analysis.
(f) Check the Invoice No. of goods with the same invoice value to find any theft/alteration.
(g) Check whether intimation was done by store manager on the day of
(h) Check the tagging of stock.
(i) Asking for vendor confirmation of invoice sent to notice any deflation in value of GRN sent by Store Department in order to compensate for stock
(j) Check shifts undertaken by employees are according to the agreement or not.
4.4 Example 4: The Professional is appointed by the management of an entity that has received allegations and tips stating that the book debts are potentially non-existent – the following are illustrative work procedures that could be formulated:
(a) Call for balance confirmations.
(b) Perform data analysis and tests like same-same-same, same-same-different tests on the customer master.
(c) Thoroughly review the documentation for material movement/deliverables of services.
(d) Perform detailed ledger scrutiny to analyse the year-on-year movement, during the year movement, identify any trend, etc.
(e) Conduct site visits of the trade receivable accounts to check the actual existence
(f) Perform public domain checks – to understand the business in which they operate, etc.
(g) Verify the receipts and cross-check with the Bank Statements and the narrations present in the same.
4.5 Example 5: A review of electronic data has to be undertaken by a Professional as a part of the FAI assignment to identify if there have been any irregularities perpetrated by the employee of an entity, following could be the general work procedures to review the emails and data files extracted as a part of the digital evidence:
(a) Perform analytics through forensic tools on the email traffic to identify trends / patterns / sharp decline in the number of emails / user files to ascertain if any emails / user files were deleted.
(b) Highlight instances where no emails were identified with regard to communication of Target with the suspected party even though Target was involved in the process.
(c) Review all the email communications of Target at / around the time period of processes.
(d) Review the electronic communications between the Target and the suspected party so as to:
i. Compare the documents as sent by suspected party to the Target with the hardcopy documents submitted to ascertain any alterations made such as rates, quotes, description of services etc.
ii. Reconcile the sequence of events and timelines to ascertain and identify if there were any exceptions such as any bids shared by the suspected party with the Target or vice versa, etc.
(e) Review one to one correspondences of Target with suspected party.
(f) Review communications between the Target and suspected vendor pertaining to day-to-day operational activities for procurement of materials/items, representatives of suspected party, inter-communications between the Target and other employees, etc.
(g) Review communications of Target with addresses that were outside the Company domain (e.g. Gmail, Hotmail, Yahoo, etc.), mails which were marked as high importance, mails where Target was marked / had marked individuals in BCC, mails with blank subject lines, mails present in the deleted folders, etc.
(h) Perform a focus search on the user files and emails to identify red flags and anomalies through the voluminous data. Two types of keywords i.e. Priority 1 and Priority 2 for the targeted searches can be developed.
