The Ministry of Company Affairs (MCA) in India is responsible for regulating and overseeing corporates and Limited liability partnership firms in the country. Bookkeeping is an important part of an entity and any manipulation in the same can lead to fraud and huge losses.
So Far, Companies are free to enter any transaction at any point of time and can change the same multiple times without any record of modification or deletion. In many cases, companies get their accounting done after the end of the complete year, at the time of preparation or financial statement, or they change transactions as and when required unless such transaction is reported somewhere.
To improve the transparency in books of accounts, MCA has made it mandatory for every company to have an audit trail feature in their accounting software. This requirement was initially proposed for implementation with effect from 1st April 2021. However, considering the representations received, MCA initially deferred the implementation till 1st April 2022 and further deferred the same till 1st April 2023. Now, with effect from 01.04.2023, every company is required to issue a feature of an audit trail in their accounting software.
In this article a detailed analysis is made of how the audit trail tool works, what the implications are, what challenges a company may face in implementing the same etc.
1. Amendment in Companies Act, 2013 to incorporate Audit Trail Provisions
- Companies (Accounts) Amendment Rules, 2021 amended Rule 3 of Companies (Accounts) Rules, 2014 by inserting the following proviso:
“Provided that for the financial year commencing on or after the 1st day of April 2021, every Company which uses accounting software for maintaining its books of account, shall use only such accounting software which has a feature of recording audit trail of each and every transaction, creating an edit log of each change made in books of account along with the date when such changes were made and ensuring that the audit trail cannot be disabled.”
- Date of implementation was further deferred to 1st April 2022 and finally implemented w.e.f. 1st April 2023.
- Therefore, Rule 3 created an obligation on the company to implement an audit trail feature in accounting software.
- Along with Rule 3 of the Companies (Accounts) Rules, a corresponding amendment was also made in The Companies (Audit and Auditors) Rules, 2014. A following new clause (g) was inserted in Sub-rule 11:
“(g) Whether the company, in respect of financial years commencing on or after the 1st April 2022, has used such accounting software for maintaining its books of account which has a feature of recording audit trail (edit log) facility and the same has been operated throughout the year for all transactions recorded in the software and the audit trail feature has not been tampered with and the audit trail has been preserved by the company as per the statutory requirements for record retention.]”
- Therefore, while reporting on Financial statements, the auditor is required to comment on whether the company has implemented an audit trail (edit log) in accounting software and whether the same has operated throughout the year.
2. What is an Audit Trail (Edit Log)
- Audit Trail (also called audit log) is a security-relevant chronological record, set of records, and/or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, event, or device.
- Audit Trail (Edit Log) feature is a tool that helps companies to maintain a record of all the changes made to their financial data. It is a mechanism that allows companies to track and monitor changes to financial transactions and helps in identifying any unauthorized or fraudulent activities that might occur.
- A new audit trail (edit Log) feature is required to keep track of all activities in books of accounts such as the creation, alteration, and deletion of all transactions recorded in accounting software.
- Such a feature is required not only for accounting transactions but also for all the masters, such as ledgers, stock items, and groups, including the details edited in company masters.
- Therefore, through the edit log, the auditor and company can easily identify:
- Who created the transaction and when,
- whether any further modification was made and who made the such modification,
- What modifications are made in accounting transaction
3. Challenges in the Implementation of Audit Trail
- Migration from one accounting software to another: If existing accounting software does not provide features of the audit trail then the company is required to migrate data into another accounting software which can be a big challenge as well as a costly affair.
- Roles and Responsibilities need to be defined: Presently, generally, companies do not create specific profiles of users to define their rights and responsibilities, and transactions are entered through a general profile. However, Companies are now required to define the roles and responsibilities of users to identify who has recorded or modified the transactions.
- Implementation on Data of earlier years: The feature of the audit trail is to be implemented on software that contains data of earlier years as well. Therefore, this feature will automatically get implemented for earlier years, specially for FY 2022-23 which is yet to be finalized. Therefore, the edit log feature will automatically get implemented for FY 2022-23 wherein finalization entries are to be entered after 01.04.2023.
- Higher Storage Cost: Since the software is keeping track of all transactions and every modification, therefore, now the system needs more storage space. Further, bulk data can enhance processing time in software and slow down the transaction processing time.
- Increase Compliance Cost: Small Companies generally don’t prefer to keep detailed books of accounts in any accounting software as it involves software cost as well as the cost of accounting staff and they maintain a summary of their accounting in Excel or some other tools. However, companies with less transactions or no transactions are now required to maintain books of accounts in software having the feature of an audit trail throughout the year on a real-time basis. This will increase the cost of compliance.
4. Benefit of Audit Trail
- Fraud Detection and Prevention: Fraud is something carried out with complete planning and all efforts are made to hide it. There can be a possibility when the company or accounting team may enter the transaction and later on delete the same to hide the such transaction. However, any malicious act can be easily identified with the Audit Trail feature.
- Accountability: Incorporating an audit trail helps managers maintain individual accountability. It promotes appropriate user behavior and encourages users to take personal responsibility for their actions, recorded in an audit trail. This protects the system from insufficiently used data and unauthorized database changes.
- Higher Accuracy: Many times transactions are recorded without proper review thinking that modification will be made on a later date. However, now that the audit trail will keep track of all the modifications, therefore, companies will be required to record the transaction with more accuracy and on real-time basis.
5. Frequently Asked Questions
5.1 Whether all forms of business are required to keep audit trail features in accounting software?
Companies Act has mandatory incorporation of edit logs in accounting software. Therefore, all companies, whether Limited or private limited, are required to enable edit log feature. Edit Log is not required to be maintained by the following:
1. Limited Liability Partnership Firms
2. Partnership Firm
3. Proprietorship/ Individual
5. Society etc.
5.2 Whether there be any reporting of non-maintenance of the Audit Trail feature?
As per Companies (Audit and Auditors) Rules, 2014, the auditor is required to report on the following matter of audit trail in his audit report:
1. Whether the accounting software of the company has the feature of recording an Audit trail (Edit log);
2. Whether such feature was operated throughout the year for all the transactions recorded in software;
3. Whether the Audit trail feature has been tampered;
4. Whether the audit trail has been preserved by the company or not
Therefore, if the answer to any of the above-mentioned points is negative, the auditor is required to report the same in his audit report
5.3 What are the penalties for non-compliance?
As per Section 128 of the Companies Act, 2013, If the managing director, the whole-time director in charge of finance, the Chief Financial Officer, or any other person in charge contravenes provisions with respect to books of accounts then such managing director, whole-time director in charge of finance, Chief Financial officer or such other person in charge shall be punishable with fine which shall not be less than INR 50,000 but which may extend to INR 5,00,000.
The penalty will be levied based on the nature and extent of the violation.
The audit trail is indeed a commendable step taken by the government to improvise transparency in accounting transactions. However, such an amendment has been implemented with the least clarification. Considering the impact, MCA is required to address various issues such as the definition of Audit Trail, Edit Logs, Class of companies on which such amendment is applicable, how to deal with data of earlier Financial years to be finalized after 01.04.2023, etc.