By Rajat Mohan
Starting from 1st April 2023, the Ministry of Corporate Affairs (MCA) has made it mandatory for companies to maintain an audit trail for all their transactions. The new audit trail requirement introduced by the MCA is ahead of its time and is also an essential step towards greater transparency and accountability in business operations. Maintaining a detailed record of all transactions would help all stakeholders identify the source of the financial irregularities. Using these tools auditors and investigative agencies will ensure a more compliant financial reporting framework.
So, what exactly is an audit trail? An audit trail is a record of all the transactions in a company, including financial transactions, operational activities, and administrative tasks. It includes information about who initiated the transaction, when it was initiated, and the nature of the transaction. This information is recorded systematically and chronologically, making it easy to trace the history of any particular transaction.
The new requirement by the MCA means that companies will now have to maintain a detailed audit trail of all their transactions. This includes not just financial transactions but also operational and administrative activities. Companies will have to ensure that all transactions are recorded systematically and chronologically and that the records are accurate, complete, and up-to-date.
In addition to these requirements, rules also mandate that companies maintain an audit trail of their activities. The audit trail must contain the following information.
- Details of every transaction that takes place within the company, including the date, amount and nature of the transaction.
- Details of every change made to the books of accounts, including the date and nature of the change.
- Details of all authorization for transactions and changes made to the books of accounts, including the names of the persons who authorized them.
- Details of all approvals and rejections of transactions and changes made to the books of accounts, including the names of the person who approved or rejected them.
- Details of all access to the books of accounts, including the date and time of access, and the name of the person who accessed them.
- Details of all backup and restoration activities related to the books of accounts.
The audit trail must be maintained for at least eight years from the end of the financial year for which it pertains. By maintaining an audit trail, regulators can easily trace the history of any particular transaction and identify irregularities. This can help prevent financial irregularities and ensure that the company complies with all relevant laws and regulations.
Position of other developed countries on audit trails in accounting software:
United States: The Sarbanes-Oxley Act (SOX) of 2002 requires publicly-traded companies to maintain accurate financial records and to have internal controls in place to ensure the accuracy of those records. The Act does not explicitly require mandatory audit trails in accounting software, but it does require companies to be able to track changes to their financial records.
Canada: The Canadian Institute of Chartered Accountants (CICA) Handbook – Assurance includes guidelines for auditors related to computer-assisted auditing techniques (CAATs), which may include audit trails.
European Union: The EU General Data Protection Regulation (GDPR) requires companies to maintain accurate and secure records of personal data, and to be able to track changes to those records. While this is not specific to accounting software, it may require companies to implement mandatory audit trails in their accounting systems.
Australia: There was no specific requirement for mandatory audit trail features in accounting software in Australia. However, the Australian Taxation Office (ATO) does have guidelines related to record-keeping and the use of accounting software, which may include requirements for maintaining accurate and complete records of financial transactions and being able to produce those records for inspection upon request. While these guidelines do not explicitly require mandatory audit trails, they do emphasise the importance of accurate record-keeping. They suggest that audit trails may be a useful tool for ensuring the accuracy of financial records.
(Rajat Mohan is Senior Partner at AMRG & Associates. Views expressed are author’s own.)