Corporate Governance provisions under the erstwhile listing agreement popularly known as the Clause 49
requirements have been overhauled by the Companies Act 2013, recent adoptions of SEBI (Listing Obligations and
Disclosure Requirements) Regulations, 2015 (“LODR Regulations”) particularly in Schedule II.
ILLUSTRATIVE CHECKLIST FOR AUDITING CORPORATE GOVERNANCE SYSTEMS in a COMPANY
- Accountability
- Fairness
- Transparency
- Responsibility
- Shareholder Interests
The Compliance certificate shall be given either the practicing
company secretaries or auditors regarding compliance of conditions of corporate governance which shall be
annexed with the directors’ report.
CORPORATE GOVERNANCE-DUE DILIGENCE AREAS
- Board Independence & Governance
- Board Systems/Procedure
- Board Committees
- Transparency/Disclosures Compliances
- Consistent Shareholder/Stakeholder Value enhancement (net worth/dividend/EPS)
- CSR
SECRETARIAL Audit
- for non-financial aspects
- S.204 read with Rule 9 of the Companies (Appointment and Remuneration of Managerial Personnel) Rules, 2014
- MR-3 within 60 days from FY end
INTERNAL Audit
- responsible for audit within an org
- assess the effectiveness and efficiency of the organization’s operations, the reliability of financial reporting, and compliance with laws and regulations.
- Internal auditors also identify areas of potential risk and recommend improvements to the organization’s internal controls and processes.
- for adding value and improving operations
- wide scope covering compliance systems
- control systems
- compliance
- risk mgmt.
- identifying waste, inefficiency and duplication of effort
- reducing fraud
- Rule 13 of Co. (accounts) Rules, 2014
CS can also act as an internal auditor
CSR Audit
- includes the way company treats and proactively contributes to its community, promotes fair working conditions and a non-discriminatory environment, conveys transparent and honest accounting reports, and generally earns a reputation of trust and integrity in the society.
- Applicability: S.135- during immediately preceding FY
- Net Profit of ≧ 5 crores
- Net Worth of ≧ 500 crores
- Turnover of ≧ 1000 crores
- CSR Committee (3 out of which 1=independent,if required)
- CSR policy/Roadmap
- spend every FY,2% of avg. Net Profit in 3 immediately preceding year
- METHODOLOGY
- Review policy,committee,governance structure,strategy,projects
- interact with beneficiaries,project team,mgmt,stakeholders
- budget,allocation,outcomes,monitoring and reporting
- expenditure (directs/indirect)
- annex CSR report with board's report per co. act,2013
TAKEOVER Audit
- related to Pricing, Open Offer and compliance verification of takeover under co. act/SEBI (SAST) 2011.
- acquirer/PAC;timely disclosures;holdings of promoter (Group);timely intimation to stock exchanges;timely reports
- failure to comply might result In penalties laid out in SEBI Act/Regulations
- furnishing a cost-benefit analysis for a durable long term investment
- awareness of all prospects of the proposed business deals and understanding used to negotiate price.
INSIDER TRADING Audit
- initial trading disclosures by promoter/KMPs/Directors
- continual disclosures of trades >10 lakhs over a calendar quarter and notify exchanges within 2 trading days
- trading plans
- appointing compliance officer
- trading pre-clearance
- codes of fair disclosures and conduct
- The role of designated person
- method of UPSI dealing
illustrative checkpoints for SEBI(PIT) compliance In the book itself
INDUSTRIAL & LABOUR Law Audit
- detecting non-compliance of labour/employment and taking corrective measures to avoid unwarranted actions.
- promoting cordial relations + better governance/value creation
- systematic record scrutiny and reporting by a professional
- differs as per business/country as considers human values/workman rights
- A secretarial audit also involves observing compliance under Industrial/Labour laws
- Illustrative Checklist (For detailed checklist,check Study Material)
- Factories Act,1948
- Industrial Disputes Act,1947
- Payment of Wages Act,1936
- Minimum Wages Act,1948
- ESIC,1948
- EPF and Misc. Provisions Act,1952
- Payment of Bonus Act,1965
- Payment of Gratuity,1972
- Contract Labour (Regulation and Abolition) Act,1970
- Maternity benefit act,1961
- The Child and Adolescent Labour (Prohibition and Regulation) Act, 1986
- The Industrial Employment (Standing Orders) Act, 1946
- The Employees’ Compensation Act, 1923
- Equal Remuneration Act, 1976
- The Employment Exchange (Compulsory Notification of Vacancies) Act, 1959
CYBER Audit
minimizing financial loss,damage to rep from IT failure;assessing operative effectiveness of cyber security policies and procedures and sub-processes like asset mgmt.,awareness training,data security,resource planning and communications to identify internal control and regulatory deficiencies.
- sensitive data/IP
- networks to which multiple resources are connected
- Responsibility & Accountability
- SCOPE
- Data Security Policies
- Data Loss Prevention measures
- Effective network access Controls
- Detection/prevention Systems
- Security Controls
- Incident Response Program
- DIMENSIONS
- mgmt
- risk mgmt guided by Cyber security Officer
- risk state
- risk addressing and mitigating its affects
- Internal audit
- ILLUSTRATIVE CHECKLIST
- Personnel Security
- Physical Security
- Account & Password Manager
- Data Confidentiality
- Compliance and Audit
ENVIRONMENT Audit
evaluating efficacy of resources utilisation and identifying risks & liabilities or weaknesses in mgmt. system and problems in compliance with directives of regulatory agencies with special attention towards:
- initiatives to prevent/abate/remedy the damage to the environment
- resources conservation
- consequences of legal violation
- consequence of vicarious liability
Types
- Environmental Compliance Audits
- Air Pollution
- Water Pollution
- Radiation
- Pesticides
- Miscellaneous
- Environmental Mgmt. Systems Audit
- ISO 14001 (voluntary)
Process
- understand industrial activity and pre Audit/Planning
- On-site/Field audit
- assessing impact/Post Audit
- Follow-up/Review
Checklist
- Environmental Policy
- Environmental Aspects (emissions,pollution,impact,disposal)
- legal/other requisites
INFO SYSTEMS Audit
evaluate controls,collect evidence to determine safeguarding and a comprehensive exam of a targeted system.
component evaluation in the following areas:
- systems architecture review
- Business Process mapping (dependency on IT)
- End User Id mgmt
- operating systems configurations
- app security controls
- database access controls
- anti-virus/anti-malware controls
- network controls
- logging/AUDITING Systems/processes
- IT privilege access control
- backup/restore procedures
Illustrative Checklist
- Mgmt Controls
- Security policy/Standards
- Steering Committee
- Business Continuity Planning
- systems Development Methodology
- Operation Controls
- Physical Assets
- adequate environmental controls
- org control
- app control
FORENSIC Audit
tool to combat corruption,financial crimes and frauds through investigation and resolving allegations of fraud/embezzlement.may be conducted to determine negligence.
"Forensic"=applying science to crime concerns/permissible to use in court
Forensic audit is highly specialized and requires detailed knowledge of fraud investigation techniques+legal framework along with identifying substance over form.
- Corruption
- conflict of interest
- bribery
- extortion
- Asset Misappropriation
- Financial Statement Fraud
Procedure
- accepting investigation by independent firms/groups and examining case/business/parties
- planning investigation
- Fraud Symptoms
- internal indicators
- final categories of reporting
- gather evidence
- analytical procedure
- discussions/interviews
- substantive techniques
- Forensic Data Analysis
- reporting evidence summary/conclusion/event trail
- court proceedings
ILLUSTRATIVE CHECKLIST
- mgmt level/employee level
- MO
- internal check
- designated officer?
- fraud nature
- accounting of transactions
- Fraud Triangle/Risk
- Forensic Audit Reporting Particulars
SOCIAL Audit
for social/ethical performance and narrowing gap among vision/goal with reality.it creates impact upon governance and strengthens accountability/responsibility.
focus on social responsibility and requires transparency by enforcing the right to info.evaluating social/environmental impact.
Objectives
- gaps between needs and resources
- awareness among beneficiaries
- efficiency/effectiveness
- scrutiny of policy/decisions
- estimation of opportunity costs
- info
- community development
- proper documentation
- punitive action
examines issues in internal practices/policies or how they affect society. completely voluntary so no disclosures necessary and maybe used purely to improve upon existing vulnerabilities.
Steps/Checklist
- identify stakeholders
- performance indicators
- regular review meetings
- follow-up
- establishing a group of trusted people
- sharing with all stakeholders
- policies clarity/suitability
- scrutiny of fulfillment
- necessary actions taken?
- minority considered?
No comments:
Post a Comment