The spotlight is now firmly on the key aspects of the governance framework. Particular emphasis has been laid on the audit and finance functions in addition to the board-level committees, all of which have a legal and moral responsibility to identify and disclose aspects of a promoter-driven agenda that could harm the interests of other stakeholders.
The requirement relating to the mandatory change of auditors stipulates a five-year period for rotation in the case of an individual and a 10-year period for a firm, to be calculated retrospectively, albeit with a relatively short cooling-off period.
Listed companies, unlisted public companies with a paid up share capital of R10 crore or more, private limited companies with a paid up share capital of R20 crore or more; and companies with public borrowings from financial institutions, banks or public deposits of R50 crore or more, need to rotate their statutory auditors. With companies being given only three years to work towards this change, this time-based limitation has essentially set the proverbial cat among the pigeons.
The situation is not so complex in the case of PSUs, which were already undergoing different levels of audit checks for their working and expenditures. Independent statutory auditors are appointed by the CAG for a period of three years at a time, followed by an independent audit by the CAG auditors. This is in addition to the stock exchange norms for quarterly reviews. There is a specific requirement in the context of the audit of companies where the equity participation by the government is 51% or more.
The 2013 Act has also unveiled a new era, where there is a clear preference towards disclosure norms over regulatory approvals. A key aspect in this context is related party transactions (RPTs). While the 1956 Act warranted central government approval for RPTs by large-cap companies, the 2013 Act necessitates a greater set of disclosures with shareholders approval. The scope of RPTs in the 2013 Act is deeply layered with provisions for a wider scope and coverage.
While the requirements for RPTs appear to be onerous, the same can be addressed by determining the scope of related parties with reference to AS-18, Clause 49 and the Income-tax Act, 1961, before mapping parties under these regulations. A one-time risk assessment of RPTs ensures a consistent approach, which needs to be integrated with the policy framework for recurring transactions. This can also be automated to track RPTs.
In the case of PSUs, although the government may no longer be the sole shareholder, as a good governance practice it is important for the government to demonstrate adequate regard for minority shareholders interest, notwithstanding the change in law.
Then there is the issue relating to whistle blowing, where the Act requires companies to establish a vigil mechanism for employees to report genuine concerns to the management. Clearly the intent of the Act is to ensure that the audit committee oversees the operation of the mechanism. However, while the Act requires companies to ensure safeguards against victimisation, it is silent on the important aspect of anonymity.
PSUs can only succeed in the long run, if they have a strong backbone of accountability and transparency, which facilitates the free flow of information from within. A legislation which can facilitate this free flow has to be one where the whistle-blowers are protected. As a best practice, allowing the reporter to remain anonymous helps in ensuring protection against victimisation for whistle blowing.
This apart, companies should maintain adequate and auditable documentation of all the concerns received. And what does this mean for independent directors
The code for independent directors is set out in Schedule IV (section 149(8)) contained in the Act. According to this code, the duties of independent directors include ascertaining and ensuring that the company has an adequate and functional vigil mechanism and that the interests of the person using this mechanism are not prejudiced due to use of the mechanism.
What about the role of the auditors Clearly it would be a mistake to contend that the auditor of the company is powerful and competent enough to address this problem solely. After all, why should the auditor be the lynchpin for ensuring financial and accounting probity and the supreme whistle-blower, especially when collusive fraud can go undetected for years Or are we fast approaching the point, where the debate as to which way to develop the corporate governance framework, must move from the esoteric to the practical.
The author is partner, leader (consulting & markets), Mazars