NFRA implement a similar mechanism for auditors to safely keep their audit files in a tamper-proof way

After DigiLocker for individuals, the National Financial Reporting Authority (NFRA) is looking to implement a similar mechanism for auditors to safely keep their audit files in a tamper-proof way.

The move comes after the regulator for auditors of listed and large Indian companies noticed instances of manipulation of the files and recent regulatory action by the Public Company Accounting Oversight Board (PCAOB), NFRA’s American counterpart, which imposed a fine on KPMG India and sanctioned the audit firm along with its engagement partner Sagar Pravin Lakhani.

While KPMG India was handed a $1-million penalty, Lakhani also faces a $75,000 penalty, and has been suspended from associating with a registered public accounting firm for one year.

“…Lakhani and other members of the KPMG India engagement team signed off on dozens of blank work papers. The blank work papers were replaced with completed work papers, in many cases after the issuance of the audit report, but the signoff dates were not updated. As a result of this practice, the work papers did not appropriately reflect the dates on which the audit work was actually completed and reviewed. KPMG India was aware that its audit software allowed personnel to modify or update audit documentation without modifying the signoff date,” PCAOB said.

Wiser from the experience, NFRA has been contemplating the use of technology to curb possible manipulation of records by auditors. The law requires auditors to complete their audit files and bars them from tampering it in any form later. Regulatory agencies such as NFRA exercise oversight only of the audit files and in case it is compromised, the oversight is not effective.

Like DigiLocker, the regulator is planning to mandate that the audit files be archived electronically with time stamps placed on the documents. Although stored in a neutral place, the access of all the records will be with the audit firms. Whenever NFRA wants to access the documents, it will seek access and the firm concerned will be required to share it.

Records of any additions that are made will be available and data once filed cannot be deleted.


NFRA is tasked with monitoring and enforcing compliance of accounting & audit standards and overseeing the quality of service.

Leave a Comment

Your email address will not be published. Required fields are marked *