1. INTRODUCTION- OBJECTIVES OF AUDIT UNDER CGST ACT, 2017
This chapter outlines the principles and policies of audits conducted under the CGST Act, 2017 and the rules made thereunder, viz., CGST Rules, 2017. The objective of audit of taxpayers under GST is to measure the level of their compliance in the light of the provisions of the CGST laws. Audit examines the declaration of taxpayers to not only test the accuracy of the declaration and the accounting systems that produce the declared liability, but also evaluate the credibility of the declared or assessed tax liability.
1.1 Audit is a systematic examination of financial records, statements, transactions and operations of a business to ensure accuracy, compliance with laws and financial management. An effective audit program generally results in the discovery of under-declared liabilities either by omission, error or deliberate deception and is dependent on the effectiveness of audit planning and implementation. An efficient and effective audit system promises voluntary compliance and facilitates the tax administration’s aim of getting “the right tax at the right time.”
1.2 The provisions of CGST Act, 2017 and CGST Rules, 2017 relevant to this Chapter are as under –
| Sr. No. | Section/Rules | Provisions pertaining to |
| 1 | Section 65 | Audit by Tax authorities |
| 2 | Section 66 | Special Audit |
| 3 | Rule 101 | Audit |
| 4 | Rule 102 | Special Audit |
| 5 | Section 71 | Access to Business premises |
2. DEFINITION OF AUDIT:
Audit under CGST Act, 2017 implies – Section 2(13) of the CGST Act, 2017 (Section 2(13) of the CGST Act, 2017)
(a) Detailed examination of
(i) records,
(ii) returns and
(iii) other documents
– maintained/ furnished by a registered person, under GST law/any other law or rules-
(b) For verification of correctness of –
(i) turnover declared
(ii) taxes paid
(iii) refund claimed
(iv) input tax credit availed and
(v) assessment of compliance with provisions of GST law and rules.
2.1 Principles of Audit: The basic principles of audit are –
(i) conducting audit in a systematic and comprehensive manner
(ii) scrutinizing the records maintained in the normal course of business with emphasis on the identified risk areas
(iii) applying audit techniques based on materiality, i.e., degree of scrutiny and application of an audit tool depending upon the identified nature of risk factors
(iv) proper recording of all checks and findings made during the entire audit
(v) identifying unexplored compliance verification parameters
(vi) educating the taxpayer for voluntary compliance.
2.2 Types of audits under CGST Act, 2017: The CGST Act, 2017 prescribes the following two types of audits:
Note: This chapter mainly deals with audit by tax authorities, as prescribed under section 65 of the CGST Act, 2017 and Rule 101 of the CGST Rules, 2017.
3. LEGAL PROVISIONS ASSOCIATED WITH AUDIT BY TAX AUTHORITIES AND THE PROCEDURE TO CONDUCT AUDIT THEREOF-
3.1(i) The Commissioner or any officer authorised by him is empowered to conduct audit. The audit may be conducted at the place of business of the registered person or in the office of the auditor. However, as a measure of taxpayer facilitation, in the case of small taxpayers, the audit may be conducted in the office of the auditor. A visit to the premises of the small taxpayer should only be considered in case of non-cooperation. The audit shall be conducted for a financial year or any part thereof or multiples thereof – Section 65(1) & (2) of CGST Act, 2017 and Rule 101(1) of CGST Rules, 2017.
(ii) A prior notice shall be issued to the auditee at least fifteen working days in advance, notifying him of the audit and to obtain documents required for conduct of audit as per Section 65(3) of the CGST Act, 2017. The notice is issued as per Form GST ADT- 01, as prescribed under Rule 101(2) of the CGST Act, 2017. (Section 65(3) of the CGST Act, 2017 Rule 101(2) of the CGST Rules, 2017)
(iii) The audit should be completed normally within a period of three months from the date of commencement of the audit, except in cases where approval of the Commissioner has been obtained for completing audit in a period beyond three months, which can be extended by a further period of six months, for the reasons to be recorded in writing. The expression ‘commencement of audit’ is as defined under Explanation to Section 65(4) of the CGST Act, 2017. (Section 65 (4) of the CGST Act, 2017)
(iv) During the audit, the Proper Officer, along with his team of officers shall conduct audit and verify auditee’s books of accounts and other documents and returns maintained and/or furnished during the course of business to ascertain the accuracy of turnover, exemptions, deductions claimed, applicable tax rates for goods and/or services supplied, availment and utilization of input tax credit, refunds claimed and other relevant matters. The auditee may afford necessary facilities to the auditor/s to verify the required books of account or other documents, including any other required information and assistance for timely completion of the audit. Section 35 of the CGST Act, 2017 prescribes these books of accounts and other records, which are required to be kept and maintained by the registered person at his principal place of business, as mentioned in the certificate of registration. The auditors record the audit observations in the audit notes – (Section 65 (5) of the CGST Act, 2017 and Section 35 of the CGST Act, 2017 Rule 101(3) of the CGST Rules, 2017)
(v) If any discrepancies are noticed during the audit, the proper officer shall notify the registered person, who then shall have the opportunity to respond. After considering the reply provided by the registered person, the proper officer shall finalise the audit findings –. (Rule 101(4) of the CGST Rules, 2017)
(vi)The audit is deemed to be concluded once the audit findings are approved by the Commissioner in the Monitoring Committee Meeting. The audit findings in the form of Final Audit Report (FAR) should be communicated to the auditee within 30 days. The FAR is issued in FORM GST ADT-02. The FAR should include the reasons for the audit findings and inform the auditee of his rights and obligations . (Section 65 (6) of the CGST Act, 2017 Rule 101(5) of the CGST Rules, 2017)
(vii) The detections made during the audit may either be recovered from the auditee or notice for recovery may be issued to him by the proper Officer – (Section 73&/74 of the CGST Act, 2017)
3.2 Access to the business premises for audit:
Besides desk-based audit prescribed for audit of small taxpayers, the audit may be conducted by visiting the business premises of the auditee, for which access is authorised to the auditors – (Section 71 of the CGST Act, 2017)
(1) An officer holding the rank of Joint Commissioner or above is authorised to delegate officers to inspect the business premises of a registered person. This inspection includes examining books of account, documents, computers, computer programmes, software and any other things necessary for conducting an audit – (Section 71(1) of the CGST Act, 2017)
(2) The auditee is obligated to make available the documents and information required for conduct of audit to the auditor, which may include – (Section 71(2) of the CGST Act, 2017)
(i) Records prepared or maintained by the registered person and declared to the proper officer as prescribed.
(ii) Trial balance or its equivalent.
(iii) Annual financial account statements, duly audited, when necessary.
(iv) Cost audit report under section 148 of the Companies Act, 2013, if applicable.
(v) Income – tax audit report under section 44AB of the Income Tax Act, 1961, if applicable; and
(vi) Any other relevant records.
These documents must be made available by the registered person for scrutiny within fifteen working days from the date of demand made by the officer or the audit party. Access to business premises also includes online access to the taxpayer’s books and accounts and records, in addition to physical access.
3.3 Accounts and other records: The accounts and other records which a registered person is required to keep and maintain at his registered principal place of business are prescribed under Section 35 of the CGST Act, 2017 and the same may be required for conduct of audit. However, following documents may not be asked for from taxpayers due to their online availability in the GST Systems: (Section 35 of the CGST Act, 2017)
LIST OF DOCUMENTS AVAILABLE ONLINE:
| S. No. | Documents/ Returns |
Description of document | Source |
| 1 | Form GST REG-06 | GST Registration Certificate provides the details such as Legal Name, Trade Name, Constitution of business, Principal place of business, date of issue of GST Registration | All-in-One(pdf)(GSTN) |
| 2 | GSTR 9 | Annual Return | All-in-One: Visible and downloadable (GSTN) |
| 3 | GSTR 1 | Monthly/quarterly return that summarizes all sales (outward supplies) of a taxpayer | All-in-One: in Excel. Invoice level details can also be accessed by downloading the uploaded return JSON Zip file. (GSTN) |
| 4 | GSTR 3B | Self-declared summary GST return filed every month (quarterly for the QRMP scheme). Taxpayers need to report the summary figures of sales, ITC claimed, and net tax payable in GSTR-3B. | All-in-One(pdf)(GSTN) |
| 5 | GSTR 4 | Return for financial year of registered person who has opted for composition levy or availing benefit of Notification no. 02/2019-Central Tax (Rate) | All-in-One(pdf)(GSTN) |
| 6 | GSTR 5 | Monthly return for Non-resident taxable | All-in-One(pdf)(GSTN) |
| 7 | GSTR 6 | Monthly return for Input Service Distributor | All-in-One(pdf)(GSTN) |
| 8 | GSTR 7 | Monthly return to be furnished by the person liable to deduct TDS | All-in-One(pdf)(GSTN) |
| 9 | GSTR 8 | Monthly return to be filed by e-commerce operators required to collect TDS | All-in-One(pdf)(GSTN) |
| 10 | GSTR 2A | Purchase –related dynamic tax return that is automatically generated for each business by the GST portal. GSTR 2A is auto-populated from the returns of sellers viz. GSTR 1(filed by regular registered seller), GSTR-5 (filed by Non-resident), GSTR 6 (filed by Input Service Distributor), GSTR 7 (filed by person liable to deduct TDS), GSTR 8 (field by e- Commerce operator | All-in-One (Excel) Month-wise after individual request (GSTN) |
| 11 | Tax Liability vs ITC Comparison (GSTR-1 vs GSTR-3B and GSTR-2A vs GSTR-3B) | Comparison of Tax Liability vs ITC | All-in-One (GSTN) |
| 12 | Summary of GSTR 3B | Summary of GSTR 3B return | All-in-One return dashboard (view only) |
| 13 | Summary of GSTR 1 | Summary of GSTR 1 return | All-in-One return dashboard (view only) |
| 14 | FORM GST PMT-05 (Electronic Cash Ledger) | Every deposit made by a person by internet banking or by using credit or debit cards or NEFT or RTGS or by over-the-counter deposit on account of tax, interest, penalty, fee or any other amount is credited to the respective electronic cash ledger. The amount available in the electronic cash ledger may be used for making any payment towards tax, interest, penalty, fees or any other amount payable | All-in-One (GSTN) |
| 15 | FORM GST PMT-02 (Electronic Credit Ledger | Input Tax Credit as self-assessed in the return by a registered person is credited to his electronic credit ledger | All-in-One (GSTN) |
| 16 | Analytical reports | Various analytical reports | ADVAIT |
| 17 | Form GST DRC-03 | Voluntary tax payment form in which a taxpayer can pay the tax by raising its liability voluntarily or in response to the show-cause notice (SCN) raised by the department | All-in-One (GSTN) |
| 18 | Refund application along with annexure | Application for refund | All-in-One (GSTN) |
| 19 | TRAN-01 | Transition form to claim the Input Tax Credit of the old (pre-GST) regime in the GST regime | All-in-One (GSTN) |
| 20 | TRAN-02 | Transition form to claim the Input Tax Credit of the old (pre-GST) regime in the GST regime by a person who was unregistered in old regime | All-in-One (Excel) (GSTN) |
| 21 | E-way bills | A document to be carried by the person in charge of conveyance, on commencement of movement of goods exceeding the value of Rs.50,000/- in relation to supply or for reasons other than supply or due to inward supply from an unregistered person. | E-way bill portal |
| 22 | Annexure- GSTAM-1 | Registered person’s master file | All the information except HSN-wise detail in Part 3 of Annexure GSTAM-1 is already available with the Department and the same can be filled by auditors. |
| 23 | Form GST CMP-08 | Quarterly return to be filed by taxpayer opting for composition scheme. This return replaces the erstwhile quarterly GSTR-4 filled by composition dealers. | All-in-One (GSTN) |
| 24 | Form GST ITC-04 | Half-yearly (for turnover more than Rs.5 cr.) and yearly (for turnover upto Rs. 5 cr.) return showing the details for goods/capital goods sent to job workers and received back. | All-in-One (GSTN) |
3.4 Special Audit – Section 66 of CGST Act, 2017
(1) If at any stage of scrutiny, inquiry, investigation or any other proceedings before him, any officer not below the rank of Assistant Commissioner, having regard to the nature and complexity of the case and the interest of revenue, is of the opinion that the value has not been correctly declared or the credit availed is not within the normal limits, he may, with the prior approval of the Commissioner, direct such registered person by a communication in writing to get his records including books of account examined and audited by a chartered accountant or a cost accountant as may be nominated by the Commissioner –(Section 66 of the CGST Act, 2017)
(2) The chartered accountant or cost accountant so nominates shall, within the period of ninety days, submit a report of such audit duly signed and certified by him to the said Assistant Commissioner mentioning therein such other particulars as may be specified:
Provided that the Assistant Commissioner may, on an application made to him in this behalf by the registered person or the chartered accountant or cost accountant or for any material and sufficient reason, extend the said period by a further period of ninety days.
4. Special Audit – Section 66 of CGST Act, 2017 and Rule 102 of the CGST Rules, 2017.
4.1 If, during any phase of examination, inquiry, investigation, or other proceedings, an officer not below the rank of Assistant Commissioner, considering the nature of the case, complexity, and revenue implications, is of the opinion that the declared value is inaccurate or the credit availed exceeds normal limits, he may, with Commissioner’s approval, direct the concerned registered person in writing to have his records, including accounting books, to be reviewed and audited by a Chartered Accountant or a Cost Accountant nominated by the Commissioner. The directions to conduct such audit shall be issued in FORM GST ADT-03 as prescribed under Rule 102(1) of the CGST Rules, 2017 – (Section 66 of the CGST Act, 2017 Rule 102(1) of the CGST Rules, 2017)
4.2 The Chartered Accountant or the Cost Accountant nominated to conduct audit shall, within a period of ninety days, submit the audit report duly signed and certified by him to the said Assistant Commissioner, along with such other particulars as may be specified. However, the period may be extended by a further period of ninety days by the Assistant Commissioner, on an application made to him in this behalf by the registered person or the Chartered Accountant or the Cost Accountant for any material and sufficient reason – (Section 66(2) of the CGST Act, 2017)
4.3 On conclusion of the audit under Section 66, the registered person shall be informed of the findings of the special audit in FORM GST ADT-04 – (Rule 102(2) of the CGST Rules, 2017)
4.4 The proper officer shall initiate action for recovery of tax, input tax credit and/or erroneous refund detected during the audit – (Section 73 &/or 74 of the CGST Act, 2017)
5. MANAGEMENT OF GST AUDIT
In order to monitor, co-ordinate and guide the effective implementation of the audit system, the Board has set up the Directorate General of Audit as the nodal agency. At the local level, management of audit is entrusted to GST Audit Commissionerates who conduct audits, and are supervised by respective Zonal Principal Chief Commissioners/Chief Commissioners.
5.1 Directorate General of Audit:
(i) The Directorate General of Audit, Indirect Taxes and Customs, New Delhi, headed by Principal Director General/ Director General, has been mandated with the task of formulating the comprehensive audit processes and techniques through a CGST Audit Manual [Goods and Services Tax Audit Manual, 2019 (GSTAM, 2019) is currently in force]. The Directorate, in coordination with its seven Zonal Units located at Ahmedabad, Bangalore, Chennai, Delhi, Hyderabad, Kolkata and Mumbai (each headed by a Principal Additional Director General/ Additional Director General) further ensures efficient and effective implementation of the audit system by devising, evolving and improving audit techniques and procedures under CGST Audit manual. The audit performance of the CGST audit field formations is monitored and evaluated on both quantitative and qualitative aspects through the standards prescribed in the Manual for Quality Assurance Review and Audit performance Index, 2021 (QAR & API Manual), issued and administered by DG (Audit).
(ii) The selection of registered CGST taxpayers for audit is jointly carried out by the DG Audit and the Directorate General of Analytics and Risk Management (DGARM), based on selected risk parameters.
5.2 Principal Chief Commissioner / Chief Commissioner, Central GST:
Principal Chief Commissioners/ Chief Commissioners are responsible for administrative supervision of the Audit Commissionerates under their charge. They also approve 20% of the taxpayers to be audited as selected by the CGST Audit Commissionerates out of the list of taxpayers provided by DG Audit/ DGARM based on local risk parameters,
5.3 CGST Audit Commissionerate:
The CGST Audit Commissionerate is headed by a Principal Commissioner of CGST Audit / Commissioner of CGST Audit. The Commissionerate comprises of Audit Circles, Planning and coordination section, Risk management and Quality Assurance section and other sections. The Audit Circles comprise of Audit Groups who conduct audits. The Principal Commissioner of CGST Audit / Commissioner of CGST Audit is required to ensure proper selection of taxpayers to be audited during the year under local parameters, hold Monitoring Committee Meeting (MCM) once a month to take decision about the acceptability of all audit objections, review audit performance and assess the training needs of the auditors and organize training programmes in coordination with NACIN.
5.4 Advisor Cost, Deputy Director Cost and Assistant Director Cost:
The officers of Indian Cost Accounts Service (ICoAS) are posted in various field formations of the CBIC. These officers are in the post of Advisor (Cost), Director/ Joint Director (Cost) and Deputy/ Assistant Director (Cost). Since they are proficient in cost and accounting matters, their services can be helpful for audit and can be utilised by auditors in understanding books of accounts and other related matters, including for training purposes.
5.5 Staffing norms prescribed in GST Audit Manual, 2019 for CGST Audit Commissionerate:
(i) The Audit Groups deployed for audit of large taxpayers may comprise 2-3 Superintendents and 3-5 Inspectors. For medium taxpayers, the audit group may include 1 – 2 Superintendents and 2 – 3 Inspectors. For small taxpayers, the Audit group may include 1 Superintendents and 1 – 2 Inspectors.
(ii) Groups for large taxpayers, medium taxpayers and small taxpayers should be in such numbers that the following distribution of manpower deployment in audit groups is achieved.
(a) 40% of manpower for large taxpayers
(b) 30% of manpower for medium taxpayers
(c) 20%of manpower for small taxpayers
(d) 10% of manpower for planning, coordination and follow up.
The taxpayers are categorised into large, medium and small categories based on their annual turnover, the threshold of which may vary in different Commissionerates.
6. AUDIT PROCESS:
(I) The Internal Audit function involves scrutiny of records of the taxpayer, selected on the basis of risk parameters, in a uniform, efficient and comprehensive manner, adhering to the stipulated principles and policies and in accordance with the best international audit standards. Detailed guidelines for conduct of audit in line with the legal provisions contained in the CGST Act, 2017 and CGST Rules, 2017 have been prescribed by the Directorate General of Audit in the GSTAM, 2019.
(II) Brief steps of the Audit Process as contained in GSTAM 2019 are as under –
(i) Creation of Audit teams.
(ii) Selection of taxpayers.
(iii) Allotment of taxpayers to the audit groups.
(iv) Intimation to the taxpayer regarding the conduct of audit (GST ADT -01).
(v) Reviewing the taxpayer data – Taxpayer at a Glance (TAG), Registration, Returns, payments, Dispute Resolution, Audit Report Utility, E-way bills & Third-Party data if available and conducting Desk Review in office.
(vi) Preparing the audit plan based on the finding of Desk Review.
(vii) Carrying out audit verification as per the Audit Plan including mandatory checks to be carried out.
(viii) Conveying the preliminary findings of the audit to the taxpayer and recording his response.
(ix) Preparing the draft audit report (DAR) for the Monitoring Committee Meeting (MCM) held by the Commissioner.
(x) Examining the audit paras in MCM.
(xi) Preparing the final audit report (FAR), within thirty days of the Meeting.
(xii) Communicating the final audit report to the taxpayer (ADT-02).
6.1 Methodology for selection of taxpayers
A scientific and well deliberated Risk Assessment programme, developed in coordination with the DGARM, is used to identify risky taxpayers.
6.1.1 Risk parameters for selection of taxpayers.
The list of risky taxpayers, which are selected based on risk parameters is shared with the Audit Commissionerates for audit. These risk parameters are subject to change depending upon audit feedback leading to their recalibration and identification of new risk parameters.
6.1.2 The CGST Audit Commissionerates are categorized based on number of large, medium and small categories of taxpayers (the criteria of which is annual turnover of the taxpayers) within their jurisdiction. A document containing Risk Flags and the action points for decision support to facilitate the auditors in identifying the areas to focus during audit is separately provided with the risk flag indicators.
The list of taxpayers provided by DGARM to each Audit Commissionerate contains-
(i) 70% of the taxpayers (risky taxpayers) selected on the basis of their risk score.
(ii) 10% of the total taxpayers selected randomly by the DGARM’s system applying different algorithms,
(iii) The remaining 20% of the taxpayers to be audited are selected by the Audit Commissionerates based on local risk factors, after obtaining approval from the jurisdictional Chief Commissioner. A comprehensive list is provided by DGARM for 20% selection to be made by the Audit Commissionerates.
GSTAM, 2019 provides indices on indicative duration for conduct of audit that is inclusive of desk review, preparation and approval of Audit plan, actual Audit and preparation of Audit report wherever necessary, for each category would be as under:
(a) For large taxpayers – 7 working days
(b) For medium taxpayers – 5 working days
(c) For small taxpayers – 3 working days
6.2 Audit intimation to the taxpayer:
As per section 65 of the CGST Act, 2017 taxpayers listed to be audited should be intimated of audit at least 15 working days before the commencement of audit verification in their premises. The CGST Rules provide that letter in FORM GST ADT-01 shall be issued at least fifteen working days prior to the conduct of audit and shall detail a request for providing records / documents which are necessary for conducting audit. In case the Registered Person does not respond to the letter, a reminder should be issued within a reasonable time. Where the registered person does not volunteer to submit the same on the basis of letters issued by the auditor, necessary action as outlined in various other provisions of the Act such as inspection can be deployed to achieve the desired outcome. Para 1.3 of the GSTAM, 2019 prescribes action to be initiated by the concerned Executive Commissionerate, which includes action through enforcement. In such cases, the Executive Commissioners should take immediate proactive action for safeguard of revenue, keeping the Audit Commissioner and DG Audit apprised of the action taken. Details of such registered persons should also be included in the Risk Parameters by DG Audit and DGARM on a reference to be made by the Audit Commissioner, so that in future the said person may be identified for audit on priority. Also, the GST compliance rating of said person may also be modulated to reflect non-compliance with the mandate of audit. (Section 65 of the CGST Act, 2017)
6.3 Audit preparation – desk review
Detailed methodology for desk review has been described in Chapter 5.5 of the GSTAM, 2019. The salient elements of Desk Review are:
(i) The desk review lays emphasis on gathering data about the taxpayers, his operations, business practices, accounting system, studying flow of materials, cash and documentation.
(ii) The information available with the Department is reconciled with the collected information. Results of Financial Ratios, Revenue Risk Analysis and Trend Analysis is documented.
(iii) Examination of financial statements, cost & tax audit reports and records is carried out and all receipts of taxpayer as mentioned in financial records are examined for Tax liability and to verify eligibility for any exemption.
6.4 Audit Plan
Based on the result of the preliminary Desk Review carried out by the auditor as per steps / procedure laid down in the Audit Manual, a draft Audit Plan is prepared for approval. The QAR & API Manual prescribes approval of audit plan of taxpayers for every Audit Circle in the following manner:
(i) Approval by Pr Commissioner/ Commissioner – Top five taxpayers based on turnover
(ii) Additional / Joint Commissioner – All other large and medium taxpayers.
(iii) Assistant/ Deputy Commissioner, Circle – All small taxpayers.
An audit plan outlines a logical series of review and examination steps that would meet the goals and standards of an audit in an efficient and effective manner. It should account for complexity of audits. It allows auditor to take a reasonable view regarding the vulnerable areas, the weak points in the internal control systems, abnormal trends and unusual occurrences that warrant detailed verification. Certain unanswered or inadequately answered queries about the affairs of the registered person may also be added to this list.
An illustrative Audit Plan has been prescribed in Annexure GSTAM –VII.
6.5 Mandatory checks and conduct of Audit verification-
(i) Audit verification involves verification of data and documents submitted at the time of desk review and also verification of issues mentioned in the audit plan.
(ii) The verification techniques must be appropriate for audit objectives identified in the audit plan. At times, it may be difficult to test the technical correctness of all objections owing to varied interpretations of the provisions of law. However, it should be corrected to the extent that any professional auditor, working with and having access to the same research material would likely come to the same conclusion. It also means that the auditor must demonstrate, in writing, the research and reasoning used to base his application of legislation, policies and jurisprudence.
(iii) The auditor should conduct the verification in a systematic manner, following the sequence of steps envisaged in the working papers. Special care should be taken to examine all those issues pointed out in the audit plan. The auditor should try to determine whether any apparent weakness in the internal control system of the manufacturer/service provider has led to any loss of revenue. The auditor should also identify recurrent procedural infractions. Discrepancies, if any, should be noted along with details of enquiries made regarding the cause of the discrepancies and their revenue implication.
(iv) Documents submitted to various Government departments/ Regulatory Authorities such as Customs, Income Tax, Banks, etc. by the registered person should be used in cross verification of the information filed by the registered person for the assessment of GST. Information available with open sources such as electronic and print media, internet etc. should also be used for verification of information filed by the registered person.
(v) The audit verification gives maximum opportunity to the auditor to go through the registered person’s records. As a result of which, an auditor may come across a new set of information or documents, not earlier known, during any of the earlier stages. Further, while examining an issue, the auditor may come across a fresh issue also requiring detailed examination. In such a situation, the auditor should, after obtaining the approval of higher authority, go beyond the scrutiny envisaged under the Audit Plan and record the reasons for doing so. At the end of each entry in working papers, the auditor must indicate the findings. If any of the planned verifications is not conducted, the reasons for the same must also be recorded. While the process of verification for each audit would be unique in terms of Audit Plan, it should involve some general steps as discussed below.
(vi) A detailed scrutiny of documents like Annual Financial Accounts containing Director’s Report, Statutory Auditor’s Report, Balance Sheet and Profit & Loss Account should be carried out. The auditor must also examine Trial Balance, Ledgers, Journal Vouchers, 26AS Statement, Invoices and E-Way bills. The auditor may also examine Cash Flow Statement, Groupings, Cost Audit Report and Tax Audit Report and should also check whether the registered person is maintaining the statutory records as required under other statutes like the Companies Act, 2013.
(vii) Audit objections raised must be fully supported by documentary and legal evidence.
(viii) During audit, the auditors may examine the details of procurements from unregistered persons as to whether they are liable to reverse charge mechanism- (Section 9(4) of the CGST Act, 2017)
(ix) For verifying the gap in ITC availment, the auditor should carry out a test check of the invoices of such suppliers whose details are not figuring in GSTR 2A and identify some of such suppliers with high tax value and get the particulars of tax payment verified at the supplier’s end.
6.6 Communication of Audit observations
As the Audit system adopts a transparent methodology, it is necessary that all the audit objections noticed by the Audit Group are conveyed to the registered person before preparing the Draft Audit Report. Accordingly, the audit objections should be intimated in writing to the registered person, clearly stating that the same is not in the nature of any show cause notice and is only a part of participative and fact-finding audit scheme under which even the preliminary and tentative audit observations are being shared with the registered person for ascertaining his point of view. Where satisfactory explanation or evidence is submitted to the auditor, the finding should be revised as necessary. However, if a response from the registered person is not forthcoming, draft audit paras should be prepared based on available records after citing the lack of cooperation on part of the registered person, in the Audit Report.
6.7 Draft Audit Report (DAR)
(i) After completion of audit verification, the auditor prepares the Draft Audit Report which records the results of verification conducted as per the audit plan. Any additional issue (not mentioned in the original plan) verified / point noticed is also mentioned. The initial views of the taxpayers are recorded in the verification document. Details of spot recoveries and willingness of the registered person to pay short levy are also recorded.
(ii) The narrative of the objections in the audit report should be concise, to the point and self-contained and should convey the gist of the objection raised. Telegraphic narration should be avoided. Where the objections are based on any circulars or clarifications issued by the Board, they should be quoted. Cases, in which certain specified conditions are not fulfilled, giving rise to objections are backed by interpretations as decided by the court judgments, decisions of Appellate authorities or supported by technical literature, those should be cited.
(iii) The DAR should be prepared within the shortest time span possible, i.e., within 10 -15 days of the commencement of the audit in the registered person’s place and placed before the Monitoring Committee for decision.
6.8 Monitoring Committee Meeting (MCM)
Monitoring Committee Meeting (MCM) should be convened by the Audit Commissioner at least once a month, to which the Executive Commissioner or his representative shall be invited to attend. During the MCM, each of the audit objections/ observations should be examined for its sustainability. The minutes of each such meeting should be drawn, pointing out the decision on each audit objection regarding its sustainability and directions for future action. The objections rejected by the meeting will be treated as closed. The decision taken by the Audit Commissioner, with regard to settlement of audit objections after recovery of all dues or dropping of the unsustainable audit objections, shall be final.
6.9 Final Audit Report (FAR)-
Based on the decision of the MCM, the DAR should be finalized within thirty days from the date of the meeting and FAR should be prepared. A copy of the FAR (GST ADT -02), even if it is a NIL report, should be sent to the registered person, by e-mail through the system (GSTN) and necessary records confirming such action should be kept in Registered person’s Master File. It may be noted that the communication of the FAR to the auditee concludes the proceedings of audit. The format of FAR is FORM GST ADT-02.
An illustrative list of documents to be verified during audit in respect of supply of goods/ services is prescribed in Annexure GSTAM-IX.
6.10 Follow up action–
An audit objection should be closed after requisite action, i.e., either recovery of amounts due or issuance of show cause notice. After the issuance of Final Audit Report, wherever further action such as issue of Show Cause Notice is required under Section 73 and/ or 74 of the CGST Act, 2017, the Audit Group shall prepare the Draft Show Cause Notice. The Show Cause Notice should be issued by the concerned officer of the Audit Commissionerate as per the competency decided by the Board in its instructions issued from time to time and the same shall be answerable to the adjudicating authority as per the Board’s instructions issued in this regard. It is the responsibility of the Audit Commissionerate as per the competency to pursue / persuade the taxpayer for payment of tax dues, especially on the paras admitted by the Registered Person. However, for any pending action, i.e., recovery, especially on paras admitted in writing by the Registered Person, the matter can be taken up with the jurisdictional Executive Commissionerate, for follow up. In case, new facts, necessitating reconsideration of findings in an audit report, come to the knowledge of officers who are required to take action on an objection, they should send their report along with supporting material to the Planning and Coordination Section for reconsideration. But this action must be taken most expeditiously, say within one month of receipt of the Audit Report. In exceptional cases involving cogent grounds, the views taken in the Monitoring Meetings shall be taken up for review/re-consideration by the MCM only. The Audit Commissioner should send a list containing details of Show Cause Notices issued during the month to each of the Executive Commissionerates, on a monthly basis. (Section 73 (5) & 73(6) and 74 (5) & 74(6) of the CGST Act, 2017)
Note: For detailed information on audit processes, the Goods and Services Tax audit manual, 2019 (GSTAM), issued by the Directorate General of Audit may be referred to.
7. Thematic Audit- An overview
The purpose of Theme-based audit is to conduct a “focused audit” instead of a “comprehensive audit”, so that available resources are directed to check/verify compliance of sensitive issues or sectors. The results obtained from theme-based audit assists the policy makers to assess compliance level of a particular type of service/ industry or trade sectors or areas so that compliant sectors may be extended greater facilitation and special focus may be directed to ensuring compliance on sectors with relatively low compliance scores. It is a value-adding approach that helps the Auditors to determine, consolidate and report high-level insights in the business transactions and practices prevalent in a particular type of industry/service sector. Theme-based audit may have both compliance and performance audit objectives.
7.1 The following scenarios may lead to a thematic audit-
- Taxpayers in the same supply chain registered in same/different states.
- Simultaneous audit of taxpayers which have same modus operandi of tax evasion and are registered across states.
- Taxpayers dealing in supply of some goods/services which have also been determined as evasion prone.
- Thematic audit may also extend to specificity like trends in availment and utilization of ITC in any given sector.
7.2 Administrative arrangement for selection of themes for thematic audit
(i) For conducting thematic audit, GST Council has formed an All-India Coordination Committee at all India level which shall select themes for conducting theme-based audit at all India level in a coordinated manner.
(ii) The All-India Coordination Committee shall constitute a Committee of Officers in each state/UT for selecting taxpayers in a state for conducting thematic audit, coordinate among various Audit Authorities for evolving a common minimum audit plans for a given theme, monitor actual audit by the field formations and disseminate audit outcome to appropriate stakeholders.
7.3 Administrative arrangement for conduct of Thematic Audits
For coordination of actual audit, the All-India Coordination Committee has constituted a Committee of Officers (CoO) for each State/UT composed of the following two members-
- State GST Commissioner
- CGST Audit Commissioner preferably located at the same station.
The Committee of Officers shall select the taxpayers based on the themes which have been finalized by the All-India Coordination Committee. The details of the taxpayers so selected, will be shared with Audit formations of the Central and State Tax Authorities for conducting audit proceedings.
7.4 Role of Audit field formations (of Central and State Tax) for conducting thematic audit
Theme-based audit of a selected taxpayer shall be conducted by the concerned GST audit authority, i.e., the jurisdictional Central or State Audit Officer. Considering the importance of thematic audit, it is imperative to allocate appropriate resources/staff in each of the Audit formation. Audit groups dealing with Thematic Audits should be given proper training to deal with audit of records of the taxpayers of the selected themes.
7.5 Standard Operating Procedure (SOP) for conducting Thematic Audit
(a) The All-India Coordination Committee shall select the themes for Audit and communicate the Themes to the Committee of Officers responsible for Audit.
(b) For a given theme, the Committee of Officers shall select the taxpayers to be audited in that State.
(c) Audit groups earmarked for conducting the theme-based audit shall request the selected taxpayer(s) for providing necessary documents viz. Balance sheet(s), 3 CD report (Statement of particulars required to be furnished under Section 44AB of the Income Tax Act, 1961, profit and loss statement, income tax returns etc. The concerned audit group shall also take out various GST returns filed by the said taxpayer and examine/scrutinize them. They will accordingly prepare the Desk Review (DR) and the Audit Plan (AP). As with entity-based audit discussed in the earlier section above, as much data as possible may be gathered from the documents/returns already available in the system.
(d) All such Audit groups (both under Centre and State Tax Authorities) shall forward the proposed audit plan so prepared by them, to the Committee of Officers which shall examine these audit plans to ensure uniformity in approach and provide further inputs, if any. After this exercise, a common minimum Audit Plan shall be prepared and communicated to all Audit Groups for conduct of audit.
(e) The Committee of Officers for conduct of thematic audit shall also indicate a date on which audit of all such taxpayers irrespective of their jurisdiction (whether under Centre or State) shall commence.
(f) After conducting an audit, all the Audit Groups shall prepare their observations and convey to the taxpayer (s) for their written response to these observations. In their written response, the taxpayer is expected to communicate their agreement or disagreement, as the case may be, to the observations pointed out by the Audit Group. After considering the written response from the taxpayer, the Audit Group shall prepare the draft audit para(s).
(g) The Audit Group shall forward their draft audit para(s) to the Committee of Officers for approval. Before approving the draft audit para(s), the Committee of Officers may hold a meeting (physical/virtual) with concerned audit groups. This Committee may also point out certain additional areas which need to be looked into by the audit groups before finalizing the audit paras.
(h) Once draft audit para(s) are approved by the Committee of Officers, the audit group(s) shall present their draft audit report before their respective Audit Authorities for approval. The Audit Authorities may adopt a practice of holding monthly meetings of the monitoring committee for approval of audit paras presented by their audit groups.
(i) Once audit para(s) are finalized after approval of the Monitoring Committee, the concerned audit officers/groups shall issue Final Audit Report (FAR), a copy of which shall also be endorsed to the coordination committee for dissemination to Central Tax Audit Commissionerates / State Audit Officers across India for information.
(j) The audit paras which have been agreed upon by the taxpayer shall be closed after payment of the due tax amount along with appropriate interest and penalty, if any.
(k) As regards unpaid/short paid GST is concerned where the taxpayer is not in agreement with the audit para and is not willing to pay outstanding GST along with interest and penalty, the audit groups shall prepare demand cum show cause notice to be adjudicated by the appropriate Tax Officer. Before the issue of demand cum show cause notice, the taxpayers may be given pre-consultation so as to give them one more opportunity to explain their point of view before a final decision is arrived at. This will reduce unnecessary litigation which is good for both the taxpayer as well as the government.
(l) After adjudication proceedings, recovery action against the taxpayer shall be taken by the appropriate jurisdictional tax authority (i.e. Central Tax Commissionerates or State Tax Jurisdictional Authority) in accordance with Section 79 of the CGST/SGST Act read along with relevant rules and provisions issued therein. (Section 79 of the CGST Act, 2017)
(m) The jurisdictional tax authorities shall upload the audit findings (in a predetermined format), in an Audit Utility which shall be accessible to all the Audit formations across the country. These findings may be helpful in detecting similar types of anomalies in similar cases across the country.
8. AUDIT OF REPORTING ENTITIES UNDER PMLA, 2002 FROM ANTI MONEY-LAUNDERING, COUNTERING THE FINANCING OF TERRORISM AND COMBATING PROLIFERATION
FINANCING PERSPECTIVE:
8.1 DG Audit as Regulator under the Prevention of Money-laundering Act, 2002 : The Central Board of Indirect Taxes and Customs (CBIC) has been notified as the Regulator in respect of the ‘Dealers in Precious Metals and Precious Stones’ and the ‘Real Estate Agents’ under Rule 2(1)(fa) (iii) and Rule 2(1)(fa)(iv) of the Prevention of Money Laundering ( Maintenance of Records) Rules, 2005(PMLR) and accordingly, the Principal Director General/Director General, Directorate General of Audit has been appointed as Regulator’ under the Prevention of Money Laundering Act, 2002(PMLA), to work on behalf of the CBIC for these two sectors.
8.2 The Regulator has prescribed separate Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT) and Combating Proliferation Financing (CPF) Guidelines for ‘Dealers in Precious Metals and Precious Stones’ and Real Estate Agents’ under the Prevention of Money Laundering Act, 2002, the Unlawful Activities (Prevention) Act, 1967 (UAPA) and the Weapons of Mass Destruction and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMDA). The dealers and real estate agents are defined under the PMLA as the persons carrying on designated business or profession and are the reporting entities under the PMLA, 2002 and the PML (Maintenance of Records) Rules, 2005, as notified under Section 2(1)(wa) of the PMLA, 2002. The guidelines have been updated from time to time, circulated to all the stakeholders and are uploaded in the departmental website of the CBIC at www.cbic.gov.in.
8.3 As prescribed in the guidelines, the reporting entities are obligated upon to comply with certain regulatory requirements, as prescribed under Chapter-IV of the PMLA and PMLR. These requirements are related to conducting Client Due Diligence (CDD), Enhanced Due Diligence (EDD), undertaking KYC while entering into a transaction of a specified amount with a customer, maintaining records of all transactions, reporting transactions specified under Rule 3 of the PMLR, setting up internal controls and conducting regular AML, CFT and CPF specific training for their staff to mitigate risk of money laundering, terror financing and proliferation financing.
8.4 Though, the PMLA and the PMLR notify ‘Dealers in Precious Metals and Precious Stones’ and the ‘Real Estate Agents’ as the Reporting Entities based on their cash transactions and the annual turnover, respectively, as specified in the respective guidelines, and most of the regulatory requirements are subjected to the reporting entities only, the provisions of Section 51A of the UAPA and Section 12 A of the WMDA apply to all the ‘ Dealers in Precious Metals and Precious Stones’ and the ‘Real Estate Agents’, irrespective of any threshold of cash transaction or annual turnover. These provisions are related to the entities and individuals who are subjected to the United Nations Security Council (UNSC) and the Government of India sanctions measures related to terror financing and the proliferation financing. The Details of such entities and individuals are regularly provided to all the reporting entities and other stakeholders, including the Centre and the State GST authorities, immediately on receipt. In this regard, the relevant procedures have been prescribed under the Orders issued under Section 12 A of the WMDA and Section 51A of the UAPA.
8.5 Guidelines for risk-based supervision of the reporting entities under the PMLA, 2002:
(i) The Pr. ADG/ADG, DG Audit has been notified as the Director to exercise powers under section 13 of the PMLA, 2002. The Director is competent to make or cause enquiry with regard to the obligations of the reporting entities under Chapter-IV of the PMLA, read with the PMLR and to impose penalties thereof.
(ii) In view of the aforesaid powers vested under Section 13 of the PMLA, the Regulator has prescribed separate Guidelines for Supervision of ‘Dealers in Precious Metals and Precious Stones’ and ‘Real Estate Agents’ on a Risk-Sensitive Basis, issued on 03.11.2023. These guidelines prescribed various risk matrices, which classify the reporting entities under high, medium and low risk. Accordingly, frequency of audit based on their risk categorization is prescribed in the guidelines, which is yearly for high risk and two-yearly for medium risk entities. The low risk shall be audited as and when they move up to medium and high-risk categories.
(iii) Presently, it has been decided to conduct the audit of the reporting entities in the two sectors, i.e., ‘Dealers in Precious Metals and Precious Stones’ and ‘Real Estate Agents’ through the GST audit authorities of the Centre and the States. The audit process involves a comprehensive review of the reporting entity’s policies, procedures, and systems related to anti-money laundering (AML) and combating the financing of terrorism (CFT).
(iv) Checklist for Audit: The aforesaid guidelines for risk-based supervision are supplemented by an 18-Point Checklist prescribed by the Regulator. These checkpoints can be changed or expanded based on feedback received from audits of the reporting entities.
| Sr. No. | Checkpoints | Remark |
| 1 | Whether the Reporting Entities have received the Guidelines for Reporting Entities under the Prevention of Money Laundering Act,2002? | (Yes/No) |
| 2 | Whether any AML/CFT/TF/PF policy and/ or procedure was in place prior to the issuance of the Guidelines by DG Audit as Regulator? | (Yes/No) |
| 3 | If yes, details thereof. | If yes, details thereof. |
| 4 | Details of Principal Officer and the Designated Director? Whether appointed? | |
| 5 | Whether records as prescribed by PMLR guidelines are maintained? Such records should capture/contain the following info (as per Rule 3 and 4 of the Prevention of Money-Laundering (Maintenance of Records Rules), 2005: (i)Details of the reporting entity
(ii) Details of the Principal Officer and the Designated Director (i) Details of clients/ customers including contact number. (ii) KYC records of the clients (PAN/Aadhar, Voter Id, Passport etc. (iii) Records of all transactions including cash transactions. (iv) Cash/ suspicious transaction (CTR/STR) details and reports submitted to FIU-IND, if any. |
(Yes/No) |
| 6 | Where are these records maintained? | |
| 7 | Who maintains them? | |
| 8 | Whether they are maintained physically or electronically? | |
| 9 | What are the policy and procedures to ensure that confidentiality of information referred to above is maintained? | |
| 10 | What steps are being taken to ensure that no-tipping happens in case a Cash Transaction Report and Suspicious Transaction Report (CTR/STR) is generated? (The reporting entity may not actually have generated one) | |
| 11 | What is the policy/ Procedure for intra-group and intra-organization exchange of information related to AML/CFT/TF/PF? | |
| 12 | Is any third-party database/ public source information received for Know Your Client (KYC)/ Client Due Diligence/ EDD? | |
| 13 | Have all the directors/Officers/ employees been trained at AML/CFT/TF/PF requirement? If so, details thereof? | |
| 14 | Have you received any TF/PF related information? If so, how has it been handled? | |
| 15 | What are the difficulties, if any, you envisage in implementation of these guidelines? | |
| 16 | How is it checked that a non-resident party/ Parties to a transaction if/are PEP or not? | |
| 17 | Has the identity of persons designated to the UN Sanction List been taken into consideration while dealing with clients? | |
| 18 | Whether Reporting Entity has on –boarded with FIU and are aware of the on-boarding procedure? |
*****
Source: Handbook of GST Law and Procedures for Departmental Officers issued by Ministry of Finance.
