Legal compliance and Secretarial Auditing are the key aspects of corporate governance practices. For targeting the best outcome from business activities, firms are required to incorporate robust auditing operations for better compliance management. Needless to mention, an audit not only implies to verification of accounts and financial statements but it also extends to the examination and investigation of the compliance-related activities which have a strong impact on the firm’s corporate governance practices. The paper is doctrinal in nature and intends to identify the nexus between legal compliance and secretarial audit as a proactive measure of corporate governance. Further, it shall also demonstrate the impact of secretarial audits in developing the compliance management of the companies under the Companies Act, 2013. The author shall also emphasize how legal compliance and secretarial audit can act as proactive measures in tackling corporate challenges.
Securing the interest of potential investors and other corporate stakeholders was the main concern of the Kumar Mangalam Birla Committee of 1999 through the implementation of a task force on corporate excellence and governance. In the exordium of the demand for an effective governance model, the code on corporate governance and its listing clauses was subjected to review on the basis of the recommendations made by the Narayan Murthy Committee. Further, the Naresh Chandra Committee was also constituted to develop the importance of corporate audit as a proactive measure of corporate governance, followed by the strong recommendations of the Uday Kotak Committee. This reveals that the importance of corporate governance practices and their reformation was in high demand in order to change the existing corporate legal framework for a decade. Corporate bodies are regulated by manifold legislations and as such the performance of the organizations must be evaluated at various levels. Besides evaluating the strategic plans and reviewing the books of accounts, it is also important to investigate and detect the areas of non-compliance made by the companies. Hence at this present juncture, secretarial audit forms an important aspect of corporate governance for authenticating the genuineness and legitimacy of the firm’s performance. To avoid the instances of non -compliance and other related penalties, the provision of section 204 of the Companies Act, 2013 was incorporated for bolstering the governance practices and compliance management through an overall investigation of the compliance activities, events, and other records of the organizations. The provision of secretarial audit under section 204 of the Companies Act, 2013 has gained impetus during the last few years, especially among the companies which are listed, public based, and other financial institutions. Secretarial Auditing is not a fault-discovering mechanism but rather a process to strengthen the compliance management of the organizations according to the business operations. It is thus mandatory for the listed entities to review their entire internal policies, plans, and strategic events by an independent secretarial officer who could better suggest and advise the firms to overlook the latches behind the existing compliance management. Thus, for ensuring the best compliance management and corporate governance practices, listed entities and their subsidiary companies are required to conduct the secretarial audit in consonance with the Regulations 24A of SEBI (Listing Obligation and Disclosure Requirements) Regulations.
Compliance Management and Secretarial Audit: An Unborn Nexus
Legal Compliance Management and Secretarial Audit are the two inter-disciplinary methods for monitoring and regulating the compliance process of any organization. Needless to mention, both concepts are symbiotic in demonstrating the compliance framework of any organization and are considered effective tools for good governance practices. The former is a conglomeration of compliance systems and processes to eradicate the instances of non-compliances and the latter is considered to be a periodical investigation for authenticating the genuineness of the compliance management by an external independent secretary. Hence it implies that both the process operates back-to-back and is interdependent in such a manner that the audit cannot be conducted until and unless the entire report of the compliance management is furnished. Further, it is a matter of paramount importance that both the process is controlled and regulated by the company secretary from internal and external perspectives which finally demands a mature understanding of the compliance-related activities and documents.
Firms indulged in security trading mechanisms have to abide by numerous legislations, rules, and regulations. Indeed, rules and regulations framed by the regulators demand varied processes of compliance and governance practices. Apart from the local laws, the listed firms have to simultaneously adhere to the guidelines of international bodies, and as such the chief responsibility falls upon the internal company secretary to ensure the best internal policies and processes for an effective compliance framework.
The nexus is built when the internal compliance team supports the external practicing secretary for the purpose of investigating and verifying the documents related to compliance. For good corporate governance, the secretarial auditor may demand the requisition of a compliance chart, advisory, and scorecard. Generally, the secretarial auditor draws an inference of the laws and regulations applicable to the organization on the basis of the compliance chart. The chart provides a central framework for how the listed organizations perform their obligations toward regulators, legislators, and stakeholders. Further, the chart also ensures how the compliance-related risks are managed and regulated by the internal compliance team. Additionally, internal policies and procedures related to compliance management which are documented are reviewed by the auditors through SOP (Standard Operating Procedures).
Compliance Audit: A hybrid Composition of Compliance and Secretarial Management
Modern business demands the need for concrete infrastructure and as such compliance audits act as a shield against various corporate malpractices. Audit, both from the perspectives internal and external is a matter of comfort for the corporate regulators as it bestows trust and confidence of the investors in the security trading aspects. Hence the entire management and compliance-related activities are documented and subjected to stringent verification by a third party. Nowadays, listed organizations rationalize their compliance and secretarial activities on the basis of quality management through various schemes of industries like Six Sigma and ISO 9000 which further developed the quality of secretarial auditing of the companies in the long run.
Though policies and procedures adopted by the compliance team are in consonance with the updated laws and regulations yet the level of genuineness is required to be tested through some parameters of the auditing process. Legal Compliance management itself is a verification process that involves extensive research and analysis of the work undertaken while an audit provides the authenticity to the exercise undertaken. Hence, the compliance officer plays a key role as a governance professional in successfully managing the compliance and reporting the same to the external auditing team.
The nexus between these two processes is established when both the mechanism operates with the common objective of identifying and verifying the requirements of compliance under various laws and regulations applicable to the organizations. The internal compliance team is guided by the legal executives during the planning of the compliance framework as per sector-wise classification. The process involved in legal compliance management and secretarial audit depends upon the business nature of the organization such as banking, insurance, manufacturing, IFSC, health, agriculture, etc. It is thus compliance-related activities diverge as per the nature of the business but the process of compliance management and secretarial audit are identical as it is governed by the Companies Act, 2013.
In addition, it is important to clarify that the Companies Act, 2013 does not provide a concrete provision pertaining to compliance management as it is in the case of secretarial audit given under section 204, but while interpreting several important provisions of the Companies Act, 2013 the importance of compliance management can be understood with reference to the filing of minutes and records, maintenance of books and accounts and other secretarial records, copies of resolution on the basis of which decision are taken, procedures and policies relating to the appointment of directors and many more. Hence the entire responsibility to advise the management in compliance with the laws and regulations is casted on the internal compliance officer. They are under the obligation to ensure effective compliance management through reporting the correct information to the external practicing auditor. The internal compliance officer is required to ensure that organizations have:
- Complied with the updated laws and regulations in its true letter and spirit.
- Adopted appropriate policies and procedures related to compliance.
- Taken adequate measures to meet the compliance requirements and deadlines.
- Taken all the necessary arrangements to satisfy the mandates of SEBI and its allied rules and regulations.
- Taken adequate initiatives in maintaining the secretarial records etc.
The scope of secretarial audit depends upon the compliance identification made by the compliance management while furnishing the compliance report. Both the process covers a wide spectrum of laws and regulations during their actual compliance and verifying the same. Good compliance management has a positive impact on the auditing process of the company in order to achieve the best governance practices. The advantages of good compliance management are impliedly revealed in the report given by the secretarial auditor in Form MR3. These include better and timely compliance with laws and regulations, secured remedies against instances of non-compliances, speedy disposal of pending litigations before company law tribunals, avoiding penalties, cost minimization, and promotion of a better brand image in the market.
Effective secretarial auditing involves three stages i.e., planning, execution, and reporting. These three stages are connected and dependent in a sequence manner for the purpose of furnishing a true audit report. But each and every phase of auditing is collaterally dependent on the reports given by the compliance team. The audit under section 204 of the Companies Act, 2013 is based on effective planning of the reports of compliance management through which the auditor can preliminarily plan for the rest audit execution process. The planning process of the auditor is based on the above facts and information to be furnished by the compliance team:
- Learning about the objectives and scope of the Company through the Memorandum of Association and Articles of Association.
- Assessing the areas of risk management
- Finalizing the plan of audit
- Finalizing the detailed minutes of the audit program
Based on the above information supplied by the internal compliance team, the secretarial auditor is required to execute the plan of audit on the basis of multiple actions through implementations of certain methods:
- The sampling method is adopted for collecting the transactions and items
- The sampling method was adopted to test the controls.
- Identifying the specific events
- Analyzing the procedures adopted by the compliance team
- Verifying the documents and working papers
- Conducting a review of the papers
- Discussing the final draft report.
On the basis of the above information, the secretarial auditor is required to finalize the secretarial audit report through proper observations and opinion, but before finalizing and certifying the reports, auditors are under the obligation to verify the accuracy of the compliance documents and papers. Hence the activities pertaining to compliance management are subjected to a peer review by an external secretary to ensure better transparency and creditability of the corporate practices. Mere attestation is not the primary role of the auditor, the secretarial auditor is expected to examine the work, system, and practices incorporated by the compliance team in pursuance of compliance management.
Hence, the introduction of “Secretarial audit” under section 204 of the Companies Act, 2013 has a positive impact on the governance and compliance management of the companies, especially for those which are listed under stock exchanges. The assurance of external practicing company secretaries conducting the audit in the areas of compliance management and disclosures had a strong implication on the current corporate governance framework. Any instances of fraud or malpractices in connection to compliance management and governance reporting can easily be detected by the mechanism of the secretarial audit through innovative auditing techniques and measures. Additionally, the auditing techniques used under section 204 of the Companies Act, 2013 are more concrete in finding the latches of the compliance management through the defined auditing standards of CSAS. It is expected that the auditor must observe the auditing standards while verifying the report of compliance management. Effective due diligence and audit are the pillars of good governance and compliance practices. Presently, there are four auditing standards issued by the Institute of Company Secretaries for the purpose of promoting uniform and standardized secretarial and compliance practices.
Secretarial Audit: A Peer Review of Compliance Management
The Indian Corporate fraternity has experienced some of the biggest scandals since the 1950s. The list is not exhaustive and it began in 1950 with the Mundra scam of LIC (1957), followed by Raj Sethia’s scandal of PNB in 1985, and then with the Harshad Mehta scam of Unit Trust of India. The post-2000 era has also witnessed some remarkable scams including Kethan Parek’s scam of BOI, the scandal related to Global Trust Bank of 2008, and last but not least the Satyam scam of 2008 which all over makes the best reasons for failure in corporate governance in India. The Confederation of Indian Industry realized the subsequent failure in governance practices and thus demanded reformation in the Companies Act of 1956. In fact, the global corporate fraternity is still striving toward a uniform model of corporate governance but on account of various complexities present in the business code and standards, the ultimate objective is not achieved. Inference can be drawn from the major corporate downfalls that instances of non-compliances and the absence of proper business standards are the reasons behind such scams. In addition, the absence of a concrete compliance and audit framework gave space to the market manipulators to create such scams.
The majority of the scams involved cases pertaining to auditing fraud and other instances of non-compliance with the laws and regulations. The audit has been considered to be one integral aspect of corporate governance as it helps in the detection and prevention of frauds and other malpractices. The observance of Secretarial Audit under section 204 of the Companies Act, 2013 has ensured transparency and accountability in corporate governance practices. In other words, a secretarial audit involves the assurance given by a third party known as the secretarial auditor who undertakes the process of investigation and verification of the firm’s compliance and governance activities. The audit basically acts as a peer-review process of compliance management. Entities that are listed under relevant stock exchange and other prescribed classes of companies under section 204 of the Companies Act, 2013 have to submit the secretarial audit report on a timely basis. The secretarial auditor is expected to follow the auditing standards in order to make the auditing acumen stronger and smoother. The ICSI auditing standards are framed for the purpose of incorporating the best practices of auditing. Initially, the auditor engaged by the auditee company, should not have any conflicting interests with the company’s internal compliance team. However, if there exist any conflicts it must be conveyed and disclosed before the acceptance of the audit engagement letter.
The process of reviewing the legal compliance management involves the use of working papers, registers, records of minutes, and other filings. The auditor is required to plan accordingly from the evidence furnished by the team of compliance management. In addition, the documents which are furnished by the compliance team must contain proper information in order to enable the secretarial auditor to draw inferences and other findings from the document and other working papers. However, the auditor must incorporate certain policies and procedures for the purpose of keeping the documents as the auditing process is not a quick task. However, the subject matter of compliance management differs on the basis of sector-wise classification of industries and the auditing process varies as per the scope and objectives of the company.
The use of secretarial audit acts as a peer review mechanism and has enabled good governance in the compliance management of the companies. Further, the audit has also proved to be worth in reduction of corporate scams and other malpractices. The scheme of secretarial audits has also helped in the detection of fraudulent practices in the companies and has ensured an increase in the responsibility of the board of directors. Periodical audit by an external professional helps in discovering the faults of the internal system and procedures of the compliance management and further, it also guarantees the outcome of any strategic or investment decision taken by the firms. Thus, both the process of compliance management and secretarial audit has been considered an effective mechanism for corporate governance which has given immense comfort to the regulatory bodies, stakeholders, and other shareholders of the company to curb the instances of non-compliance with the laws and regulations regulating the corporate bodies. It is not only the Companies Act, of 2013 that mandates the corporate organizations to submit the secretarial audit report as a part of a good governance system but Regulation 24A of SEBI (Listing Obligation and Disclosure Requirements) Regulations, 2015.
Laws Governing Legal Compliance Management and Secretarial Audit
Business operations are guided by manifold laws and regulations. It is a dynamic phenomenon and as such laws and regulations are dependent on the sector-wise classification of business. However, for every corporate organization operating within the periphery of the Indian economy, the Companies Act, of 2013 is identical legislation that governs the entire corporate fraternity. Compliance and Audit is a prime concerns for the present business fraternity and as such there are multiple laws and regulations which regulate the business sector of our economy. It is important to clarify that besides complying with the statutory laws, regulations, and other standards it is equally important that companies must adhere to the internal policies, procedures, and other standards.
In order to avoid the regulatory risks, companies are required to create a legal regulatory framework. The framework includes a set of laws, rules, and regulations which varies according to the following factors:
- Business Category
- Operational area in terms of geographical domain
- Company size in terms of investment, turnover, and number of employees.
- A public company, whether listed or not.
- Form of company viz., private, public, and government.
- On the basis of regulatory authority viz., SEBI, IRDA, etc.
From the above-highlighted points, it can be deduced that legal compliance management depends on a variety of factors and the laws and regulations are specific as per the domain and area of operation. The concept of “secretarial audit” is governed under section 204 of the Companies Act, 2013 and is considered to be a device for verifying the reporting system of the compliance process of any organization. The scope of the secretarial audit is similar to a compliance audit and is used in verifying whether the organization has duly complied with the mandates of the Companies Act, 2013 and its allied rules, Security Contract (Regulation) Act, 1956 and its allied rules, regulations and guidelines prescribed by the SEBI time to times and other appropriate laws, regulations, and standards specifically applicable to an organization. The auditor is also required to identify and examine whether the companies are adhering to the applicable Secretarial Standards as mentioned under clause 118 (10) of the Companies Act, 2013. At present Secretarial Standard, I and Secretarial Standard II have been made obligatory upon the companies, and the rest other standards have been recommended for future demand. Additionally, the Secretarial audit report shall examine the balance and composition of the board and any changes if occurred, the report shall also deal whether prior notice has been served to all the members in respect of meetings of the board including the agenda and other detailed notes, recording of the minutes relating to the decision taken, internal systems of the company are at par with the size and operations of the organizations, etc.
Effective legal compliance and secretarial audit have been made compulsory in order to promote and develop the compliance framework of the companies. The recent amendment has widened the scope of section 204 by extending its touch to the companies had taken loans from banking institutions or other financial companies of 100 crores or more. This means legal compliance and secretarial audit is a mandate for the business structure and hence companies’ secretaries are now highly responsible for its proper execution. In addition, companies which are trading their shares on stock exchanges are largely responsible for submitting the secretarial audit report as a means third-party assurance before the regulators and public at large. The emergence of scams has lifted the corporate veil to realize the ultimate cause of downfall and as such both, the process finds a strong place in monitoring the compliance process of the company. However, the mere filing of the secretarial audit reports is not sufficient rather its proper execution is much more important in determining whether the company’s internal management is in conformity with the applicable rules and regulations. The current business regime felt that instances of non-compliances can be better regulated and controlled by this mechanism. Quality review of the compliance process is an essential attribute of corporate governance and can help the business to sustain itself in the long run. To cherish the corporate goals, companies are required to conduct this audit process which would enhance the confidence of the stakeholders to a larger extent.
This article has been written by Subhajit Chakraborty, Assistant Professor of Law, University Law College, Vinoba Bhave University, Hazaribagh and Jaydip Sanyal, Principal, University Law College, Vinoba Bhave University, Hazaribagh
 PTI, SEBI norms on secretarial audit to improve corporate governance, transparency, Business Line, The Hindu, (2019)
 Narayanswamy R. & Raghunandan K, Corporate Governance in the Indian Context, Accounting Horizons, Volume 26 Issue 3, pp-583-599, (2012)
 Sharpe A.P & Durga A, Compliance and role of Enterprise, Insight. CFO Connect, pp. 32-34, (2010)