Listen to this post
NFRA Circular on Fraud Reporting and India Inc.’s Dilemma

Context:

In recent years, India has witnessed a slew of accounting frauds, especially in the booming start-up ecosystem. Even established players have not been able to escape the ‘fraud virus’, thereby tarnishing reputations built over centuries. Over the years, businesses in various key sectors of the Indian economy have been rife with corporate governance issues, as is evident from recent reports of alleged violations of accounting norms, overstatement of revenues and underreporting of expenses[1], delayed filing of documents for foreign direct investment received[2], as well as adoption of fraudulent practices for ever-greening of NPAs[3]. Despite the commendable work done by regulators in tightening various statutory provisions, corporate fraud seems to continue to plague India Inc.

The National Financial Reporting Authority’s (“NFRA”) Circular of June 2023 (“NFRA Circular”) on auditors’ responsibilities in relation to fraud in a company has put India Inc. and the audit community in a dilemma.[4] The circular provides that: “In course of discharge of its statutory functions, NFRA has noticed that auditors are not fulfilling their statutory responsibilities relating to reporting of fraud as mandated under the Companies Act, 2013 (CA 2013) read with the relevant Rules and the applicable Standards on Auditing (SAs).”

The circular ends with a direction in Para 4.4: “The statutory auditor shall exercise his/her own professional skepticism while evaluating fraud and need not be influenced by legal opinion provided by the Company or its Management.”

This circular departs from the prevailing practice followed by Corporate India, of reporting only those frauds to the Ministry of Corporate Affairs (“MCA”) that are discovered by the auditor in the course of performance of his/ her duties. The fact that fraud is now a scheduled offence[5] under the Prevention of Money-Laundering Act, 2002 (“PMLA”), has further complicated the situation as companies are weary of the consequence once the matter is reported by the auditor to the MCA.

Regulatory Architecture:

NFRA was established pursuant to the provisions of Section 132 of the Companies Act, 2013 (“Act”), as a regulatory body for matters relating to accounting and auditing standards under the Act. NFRA has been conferred with wide powers to monitor and enforce compliance with accounting and auditing standards as well as act as a disciplinary body for the profession, and has also been conferred with the same powers vested in a civil court, inter alia on aspects relating to discovery and production of books of account, summons, inspection of books, registers etc.

Section 143(12) of the Act and related Rules place certain reporting obligations on the auditor, in relation to frauds: “Notwithstanding anything contained in this section, if an auditor of a company in the course of the performance of his duties as auditor, has reason to believe that an offence of fraud involving such amount or amounts as may be prescribed, is being or has been committed in the company by its officers or employees, the auditor shall report the matter to the Central Government within such time and in such manner as may be prescribed: …”

Rule 13 of the Companies (Audit and Auditors) Rules 2014, prescribes detailed steps that an auditor needs to take if he has reason to believe that an offence of fraud, which involves or is expected to involve individually an amount of Rupees one crore or above, is being or has been committed against the company by its officers or employees. The auditor is required to report the matter to the Board or Audit Committee and to the Central Government in Form ADT-4.

The Company’s Auditors Report Order, 2020 (“CARO 2020”), also requires auditors to make statements relating to reporting of fraud. Further, Para 2.3 of the NFRA Circular provides:

“Section 140(5) of the Companies Act, 2013 contains consequences for auditors if they have acted, directly or indirectly, in a fraudulent manner or abetted or colluded in any fraud by, or in relation to, the company or its directors or officers. Under the section, the auditor shall also be liable for action under Section 447 of Companies Act, 2013 apart from removal and debarment for a period of five years.”

Standard on Auditing 240[6] (“SA 240”), which is the primary standard relating to fraud in the audit of Financial Statements, requires the auditor to maintain professional skepticism throughout the audit. However, Para 3 of SA 240 significantly limits the scope of reporting by an auditor, by providing that the auditor must only be concerned with fraud that causes a material misstatement in the financial statements. This includes two types of intentional misstatements – misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets. The auditor does not make legal determination of the occurrence of fraud, even if he has suspected or identified the same.[7]

Definition of Fraud under Section 447 of the Act:

Fraud” in relation to affairs of a company or  any body corporate, includes any act, omission, concealment of any fact or abuse of position committed by any person or any other person with the connivance in any manner, with intent to deceive, to gain undue advantage from, or to injure the interests of, the company or its shareholders or its creditors or any other person, whether or not there is any wrongful gain or wrongful loss.

Hence, the intent to deceive is a critical element to determine whether the offence of fraud has been committed. The term ‘intent to deceive’ has been judicially examined by the Supreme Court in the case of Vimla v. State[8] where it was held that the idea of deceit is a necessary ingredient of fraud, but it does not exhaust it. The court brings out the ingredients of deceit which includes: to induce a man to believe that a thing is true which is false, and which the person practicing the deceit knows or believes to be false…”[9].

Analysis of the NFRA Circular:

The NFRA Circular records the frustration of NFRA at the lack of reporting of fraud above one crore rupees to MCA on the ground that the frauds were discovered not by the auditor. In fact, Para 4.2 of the NFRA Circular expressly clarifies:

The Statutory Auditor is duty bound to submit Form ADT-4 to the Central Government u/s 143(12) even in cases where the Statutory Auditor is not the first person to identify the fraud/suspected fraud.

This does not seem to be in sync with the language of Section 143(12) of the Act and the practice followed by the audit profession. The Institute of Chartered Accountants of India (“ICAI”) published a Guidance Note on Reporting on Fraud in February 2016 (“ICAI Guidance Note”)[10].

Key features of the Guidance Note are:

Requirement to report fraud under Section 143(12) is for:

  • Frauds committed by employees and officers of the company and not third parties like vendors, customers, etc.
  • Frauds that financially affect the company (Auditor shall consider the Standard on Auditing for determining frauds)
  • Frauds identified during performance of an audit.

Given the fact that NFRA is a statutory body constituted under Section 132 of the Act, the direction issued by it will, arguably, override the ICAI Guidance Note, which has no legislative backing, as an ICAI Guidance Note is not an ‘authority of law’ and cannot be binding on the MCA, which is the authority responsible for administering the Act. However, SA 240 issued by the ICAI is pursuant to the provisions of Section 143 of the Act and the auditor is bound to comply with the auditing standards. However, there is a dichotomy here – should the auditor go by the NFRA Circular or follow the guidance given in the ICAI Guidance Note and Para 3 of SA 240 i.e., which of these two should have precedence?

Disagreement between the Auditor and the Board of Directors/Audit Committee:

There could be several instances where there are serious differences of opinion between the Auditor and the Board/Audit Committee on whether particular acts or omissions can be classified as fraud or employee corruption issues and more, a code of conduct violation. For instance, where improper documents/bills are observed by the auditor during the audit, which may have an element of impropriety or illegality involved, it would be essential for the auditor to come to a view whether or not such documents/bills could amount to a fraud, i.e., acts that are or were intended to cause injury to the interests of, the company or its shareholders or its creditors or any other person.The onus under Section 143(12) to report a fraud to the Central Government has been placed on the auditor. The auditor should be careful before submitting his report to the MCA.[11]

Concluding Thoughts:

Corporate frauds in India are as old as the hills. Every few years, a corporate fraud of humungous magnitude manages to shake the government, regulators and India Inc. out of their reverie, wiping out a significant part of shareholders’ wealth. Therefore, the NFRA taking a tough stand on reporting of fraud by auditors is a step in the right direction. If the matter of inconsistencies between the NFRA Circular, the ICAI Guidance Note and SA 240 were to go to court for adjudication, the higher judiciary in all probability, will take a view that the NFRA Circular needs to be interpreted contextually and purposively as the objective of the Circular is in the larger public interest of reporting frauds, thereby ensuring better corporate governance in India. In fact, the Circular has raised concerns among corporates as frauds will now have to be reported to the MCA, which in turn can initiate action under Section 212of the Act, read with the relevant provisions of the PMLA, as fraud is now a scheduled offence. However, this situation will arise only if the Enforcement Directorate is of the (preliminary) view that there are “proceeds of crime” as defined in the PMLA, involved.

Corporate India is finding the monetary limit of Rs. 1 crore or above prescribed under the rules for the reporting of frauds by the Auditors to the MCA rather too low. They would like the MCA to amend the rules to increase this monetary limit which should be prescribed on a graded scale basis the size of the company, turnover, and the scale of its operations. A ‘one size fits all’ approach is inappropriate in this context.  

Given the fact that the NFRA has warned auditors not to hide behind legal opinions, this will become a contentious issue between the company management and the auditors. There is every possibility that auditors may err on the side of caution and abide by the letter and spirit of the NFRA Circular as NFRA has demonstrated its spine by acting against a large number of auditors for negligence in performance of their duties. Latest media reports suggest that the NFRA is planning an annual auditor check on the lines of global best practices.[12] The NFRA, in fact, has already carried out an inspection of the processes followed by the ‘Big 4’ firms and pointed out various deficiencies in the audit process.[13] So, all in all, these are going to be challenging times for accounting and auditing professionals.

In an earlier article titled Corporate Frauds – Emerging Legal Architecture & Judicial Trends”, the author discusses the history of corporate frauds in India and the prevailing legal regime on the subject.[14]

The author in “Non-compliance with Accounting Standards – Will it amount to an FUTP Offence?highlights the 2020 amendment to the PFUTP Regulations, dealing with the subject of non-compliance with accounting standard, which may be treated as fraud by the SEBI under the PFUTP Regulations.[15]


[1] GoMechanic fraud: How chasing growth at all costs brought down a rising startup, Money Control, Jan 20, 2023. (GoMechanic fraud).

[2] ED issues notice to Byju’s for allegedly violating foreign exchange rules, Scroll, Nov 22, 2023. (ED notice to Byju’s).

[3] IL&FS, 22 others issued summons over alleged fraud, The Indian Express, Nov 30, 2023 (IL&FS, 22 others issued summons).

[4] NFRA, Statutory Auditors’ Responsibilities in relation to Fraud in a Company, Jun 26, 2023. (2023062612.pdf).

[5] Para 29, Part A, The Schedule, Prevention of Money Laundering Act, 2002.

[6] Standard on Auditing 240, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements.( Standard on Auditing – icai.org).

[7] Para 3, Standard on Auditing 240, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements.( Standard on Auditing – icai.org).

[8]  AIR 1963 SC 1572.

[9] Re London & Globe Finance Corporation Ltd., (1903) 1 Ch 732.

[10] ICAI, Guidance Note on Reporting on Fraud under Section 143(12) of the Companies Act, 2013. (Guidance Note on Reporting on Fraud – icai.org).

[11] The NFRA Circular quotes from UoI v. Deloitte Haskins & Sells LLP [(2023) 8 SCC 56] that there is a misconception among some auditors that resigning from an audit engagement absolves them of their reporting obligations relating to fraud and the consequences under the Act for non-reporting of fraud.

[12] NFRA plans annual auditor checks, The Economic Times, Jan 09, 2024. (National Financial Reporting Authority: NFRA plans annual auditor checks).

[13] NFRA finds certain lapses in audit quality of network entities of Big 4, The Economic Times, Dec 23, 2023. (NFRA finds certain lapses in audit quality of network entities of Big 4).

[14] Bharat Vasani, Molla Hasan, Corporate Frauds – Emerging Legal Architecture & Judicial Trends, India Corporate Law, Oct 13, 2020. (Corporate Frauds – Emerging Legal Architecture & Judicial Trends).

[15] Bharat Vasani, Varun Kannan, Non-compliance with Accounting Standards – Will it amount to an FUTP Offence?, India Corporate Law, Mar 29, 2023. (Non-compliance with Accounting Standards – Will it amount to an FUTP Offence?).