During the Covid pandemic and on and off lockdowns, auditors are finding it increasingly difficult to verify bank statements, third-party sales orders and other documents on which sales, profits and general health of a company is determined.
With several regulators already coming down hard on audit firms, the fear is also that if they do not raise enough red flags, they could be stranded with a fraud situation.
Industry trackers say in the last few months, investigators are being roped in more and more for audits.
“There have been instances when an auditor feels something is amiss, either in documents or transactions, forensic and even cyber security teams are being roped in,” said Vinayak Padwal, senior partner with an audit firm. “In most cases, these are in-house teams that a firm has, but if there’s a suspicion of money laundering or other regulatory issues, then an in-depth probe is also being done in certain cases.”
Forensic investigators have even stumbled upon several frauds involving some employees and, in some cases, senior executives and promoters.
“Verifying authenticity of the documents is a huge concern for auditors and, in many cases, forensic experts are being roped in when a question related to the veracity arises,” said Gaganpreet Puri, leader — risk and regulatory, A&M India. “But auditors have to consider a fine line around the nature, extent and timing of these procedures as their remit is audit and not investigation. These extended procedures have to be in line with audit responsibilities and not go beyond their remit.”
In a recent incident, an audit partner in a large firm found something suspicious while auditing a certain automobile component company. The auditor somehow found something fishy in the way sale had happened — large sales orders placed in a span of 30 minutes by five different companies — few days before the quarter ended.
A cyber security team was roped in and it was found that all the five orders came from the same IP address. The audit partner suspects this was a desperate attempt to placate lenders for the time being.
In another incident, an Indian audit firm found that an infrastructure company had recently entered into some agreements with an unknown company.
The contract was done through a UAE-based subsidiary. The Indian auditor doesn’t have access to the UAE-subsidiary’s accounts as it was audited by a separate auditor, but the consolidated accounts need to have a clear picture. The auditor roped in his forensic team and it was found that this could be a case of round-tripping or siphoning of funds.
The investigators traced back the ultimate ownership of the unknown company to a holding trust in the UK and it was concluded that it could be a front for one of the promoters.