Over the past couple of years, the role of an auditor has been under constant scrutiny. More is expected of auditors today than has ever been in the past, says Jamil Khatri, head of audit at BSR & Co. He tells BusinessLine how auditors are trying to make stakeholders understand their role. Excerpts:
A lot of the language in an audit report is legalistic and difficult to understand, and contains negative assurances (that financial statements are accurate, unless the auditor finds an explicit issue). How can an auditor’s work, which is contained in the audit report, be communicated more effectively to all stakeholders, including shareholders?
There are three elements to this. First, there is a need to say something meaningful in audit reports. One of the ways to do this is through the new Key Audit Matters (KAM) section in the audit report. This section, which will be in simple language, requires the auditors to disclose the procedures they used to arrive at a few significant conclusions. But it is up to the auditor to decide what he/she includes in KAM.
Second, there is a legal liability element to audit reports. As the responsibility and the liability go up, auditors are likely to protect their liability. In most countries around the world, you will find negative assurances in audit reports; some of this is the reality around the liability that exists and how it’s being mitigated.
The third part is a little provocative. I think investors in India also need to put in a little bit more effort to understand the reports, compared with what we see globally.
We have transitioned to a new accounting standard — Ind AS (Indian Accounting Standards). But the Ind AS deadline for the banking sector has been delayed. Also, a problem that has come up is the comparability of past years’ financials. How does one deal with that?
I don’t see that as a big issue today. It was a big issue in the first couple of years of Ind AS implementation. Ind AS came into being in FY17. So, now we have three years of information since then. In today’s environment, what happened 4-5 years ago is not relevant, considering the way many businesses have changed. Having said that, one area where comparability becomes an issue is for specific sectors such as NBFCs.
There are a huge amount of different practices, and there can be significant impact of Ind AS on the sector’s financial statements. There is a need for some level of guidance on bringing uniformity in reporting, as far as some of the sector-related matters are concerned. RBI and other regulators need to engage and come out with some guidance on this; the work is ongoing.
A number of auditors resigned from their posts in 2018, and that led to the erosion of a lot of investors’ wealth. How is the situation being handled by the chartered accountancy sector to keep investors calm?
I don’t think they should feel calm. An investor should absolutely not feel calm when an auditor resigns. For many years, auditors were resigning or qualifying their reports, and investors were not reacting as they should have done. I think, good corporate governance has now taken centre-stage. Now, auditors are also specifying the reasons why they resigned from their positions.
Do you think there should be a regulation that mandates the auditor to specify the circumstances of his/her abrupt resignation?
I think, there is always a need to sharpen the disclosure requirements. For example, in the US, if an auditor disagrees with the management on something, they are directly required to report to the Securities and Exchange Commission, the US market regulator.
Our law in this area is evolving. But we have moved the needle on disclosing the reasons for auditors resigning, from what it was earlier.
Auditors are under increased scrutiny from stakeholders such as the government and investors. There have been many cases where auditors have not done their job well. How do we hold errant auditors to account?
I am not saying for a minute that auditors should not be held accountable. What you want to hold them accountable for is the moot point here. If there’s an area where the auditor is not even responsible for, for example, risk management, it is unfair for somebody to jump and say the auditor be held accountable.
The board’s risk management committee is responsible for that. The accountability should be set to the right set of stakeholders, and then they should be held accountable. And the process should be completed quickly.
If we believe the auditor should do more than what the mandate calls for currently, there needs to be a debate, and, if needed, supporting regulations need to be issued. Without a mandate, we can’t start auditing risk management factors.
We look at internal controls and how they operate today, but if the board and the risk management committee approved a risk management framework, it is not in my authority to poke my nose in that.
How do you see the relationship among auditors, investors and other stakeholders five years from now?
I don’t see the relationship of the investors and the auditors changing a lot in the short term. Investors in India will become more sophisticated in matters of reporting and corporate governance.
The play between auditors, audit committees and regulators will become intense in the next five years. Increasingly, auditors and audit committees will depend on each other.
Regulators will take swift action. And CAs will become a lot more conscious and work with the regulator to improve audit quality.
The Corporate Affairs Secretary recently said that the Ministry of Corporate Affairs is considering a complete ban on auditors providing non-audit services. This is similar to what is being attempted in the UK. How do you view this attempt by the Ministry?
The Indian regulatory framework already includes several safeguards to prevent conflict of interest between audit and non-audit work.
For example, the Companies Act specifically prohibits certain non-audit work for audit clients. These prohibited services are generally similar to the services prohibited under the Sarbanes-Oxley Act in the US.
Further, under the Companies Act, all non-audit work needs to be approved by an independent Audit Committee.
Similarly, recent SEBI regulations require disclosures of any non-audit fees paid to an auditor, and the Code of Ethics of the ICAI (Institute of Chartered Accountants of India) caps the fees for non-audit work paid to an auditor. These regulations incorporate several best practices that are widely accepted worldwide.