As a part of “Management’s Responsibility for Financial Statements”, executive management of Indian companies assert to their stakeholders the relevance of “the design, implementation and maintenance of internal controls” for the preparation and presentation of financial statements that need to give a true and fair view of financial position on a particular date and performance for the relevant period. Financial statements need to be devoid of any material misstatements, whether due to fraud or error. This responsibility is an onerous one.
Under Section 211 (7) of the Indian Companies Act, 1956, in the event that a company fails to take all reasonable steps to secure compliance, the wilful negligence may be punishable with imprisonment for a term which may extend up to six months or a fine which may extend to ten thousand rupees or with both imprisonment and a fine. The new Companies Act, 2013 has not only emphasized the above requirements, but also has upped the ante in increasing a number of corporate governance and risk management requirements.
With the changing times, there also is a need for greater accountability of companies to their shareholders and customers. A need for governance arises from the separation of management from ownership. For a firm success, companies need to concentrate on both economic and social aspects. Companies needs to be fair with producers, shareholders, customers, etc., and have various responsibilities toward employees, and communities. Companies need to serve their responsibilities in all aspects.
There are several important issues in governance and they play a great role. All the issues are inter-related and interdependent with each other. Each of the issues connected with governance has different priorities in each of the corporate bodies.
The issues are:
- Value-based corporate culture
- Holistic view
- Compliance with laws
- Disclosure, transparency, and accountability
- Governance and human resource management
- Innovation
Corporate scandals, internally or at other companies, have shed light on the need to manage strategically in an effort to avoid such catastrophes that often leave executives unemployed. Many executives believe that risks are higher than ever before. However, they are unsure about how to manage them; therefore, many executives are welcoming risk management plans and infrastructures. Finally, companies have learned that managing risk correctly can lead to increased shareholder value. Companies are hoping to shift from a simple control process to a value creation process using an enterprise wide approach.
The concept of governance hinges on total transparency, integrity and accountability of management and the board of directors. The importance of governance along with efficient risk management lies in its contribution both to business prosperity and to accountability.
In this reference, Regulations given by Companies Act, 2013 and SEBI related to governance and risk management are enunciated below which are to be taken care of while delivering the Assurance (Attestation) function.
Assurance regulatory requirements for the auditor stakeholder have been identified from the Companies Act, 2013 and Clause 49 and have been explained in the following table.
| Section Reference | Regulatory Requirement |
| Companies Act, 2013
Section – 134, Clause – 3(n) |
Every audit committee shall act in accordance with the terms of reference specified in writing by the board, which shall include evaluation of internal financial controls and risk management systems. |
| Companies Act, 2013
Section – 138 (1) |
Prescribed classes of companies shall be required to appoint an internal auditor, who is an assurance professional (auditor) decided by the board to conduct internal audit of the functions and activities of the company. |
| Companies Act, 2013
Section – 143 (3), clause – i |
The auditor’s report shall state that whether the company has adequate internal financial controls system in place and the operating effectiveness of such controls. |
| Clause 49
Section – II, Clause – d (6) |
The role of the audit committee shall include reviewing, with management, the performance of statutory and internal auditors, and adequacy of the internal control systems. |
| Clause 49
Section – II, Clause – d (7) |
The role of the audit committee shall include reviewing the adequacy of internal audit function, if any, including the structure of the internal audit department, staffing and seniority of the official heading the department, reporting structure coverage and frequency of internal audit. |
| Clause 49
Section – II, Clause – d (9) |
The role of the audit committee shall include reviewing the findings of any internal investigations by the internal auditors into matters where there is suspected fraud or irregularity or a failure of internal control systems of a material nature and reporting the matter to the board. |
| Clause 49
Section – II, Clause – d (12) |
The role of the audit committee shall include reviewing the functioning of the whistle-blower mechanism, in case the same is prevailing. |
| Clause 49
Section – II, Clause – e (1) |
The audit committee shall mandatorily review the management discussion and analysis of financial condition and results of operations. |
| Clause 49
Section – II, Clause – e (3) |
The audit committee shall mandatorily review the management letters / letters of internal control weaknesses issued by the statutory auditors. |
| Clause 49
Section – II, Clause – e (4) |
The audit committee shall mandatorily review the internal audit reports relating to internal control weaknesses. |
| Clause 49
Section – VII, Clause – 1 |
The company shall obtain a certificate from either the auditors or practicing company secretaries regarding compliance of conditions of governance as stipulated in this clause and annex the certificate with the directors’ report, which is sent annually to all the shareholders of the company. |
The Author is a student of Chartered Accountancy having deep interest in Corporate Laws, Service Tax and Cyber Security and can be reached on akshay1@outlook.com.
