The network effect

Review rules on audit firms providing non-audit services

The Ministry of Corporate Affairs (MCA) is right to propose amending the Chartered Accountants’ Act to build in disciplinary mechanisms to lower “network liability”, otherwise known as conflict of interest risks, between audit firms and affiliates offering non-audit services. Under the current law, audit firms are permitted to offer non-audit services, such as consultancy and related services. But recent examples of audit failures involving the collapse of Infrastructure Leasing & Financial Services (IL&FS) subsidiaries offer cautionary tales in hiring audit firms that are affiliates of national or global consultancy networks offering non-audit services. The intent of the MCA’s proposal may be focused on the sprawling global networks of the Big Four — Deloitte, KPMG, PwC, and EY. The first two were auditors of imploding IL&FS subsidiaries, and PwC’s India wing and a Kolkata-based affiliate audited the books of Global Trust Bank and Satyam Computer. But the risk obtains for many large independent domestic audit firms that look to expand the scope of their businesses, too.

The question, however, is how far the MCA should go towards containing this risk. Should it impose a blanket ban on providing all related services by audit affiliates or should it stipulate checks and balances in terms of disclosure? In October last year, a committee of experts chaired by Anurag Agarwal, then an official in the ministry of corporate affairs, set out conditions under which audit firm affiliates could provide non-audit services as part of its wider brief of recommending standards for audit firms and their networks. These included capping the fee of the network affiliate if the audit firm is part of an international network (at about 50 per cent of the audit fee) and compulsory disclosures for all such networked firms to the newly created regulator, the National Financial Reporting Authority (NFRA).

The arguments favouring an outright ban, without exceptions, to which Indian law is prone, are more compelling. For one, an unambiguous ban has the virtue of clarity, which is often lacking in corporate legislation. Second, the demonstrably poor track record of transparency in corporate India does not foster confidence that audit firms will readily comply with such requirements. Third, the MCA needs to consider the additional complexity in the regulatory ambit of the audit profession. There are now two regulators governing the audit function, with overlapping roles. One is the Institute of Chartered Accountants of India (ICAI), a largely ineffective, 70-year-old, self-regulating body that will continue to oversee its members (which is to say, most large audit firms), private-limited companies, and firms below a threshold limit. The second is the more recent creation, the NFRA, notified in 2018, which has the mandate to set standards and regulate auditors of all listed companies, unlisted companies above a prescribed net worth or paid-up capital (Rs 500 crore), or a turnover of Rs 1,000 crore, or a company listed outside India. Though both the ICAI and NFRA have defined responsibilities in terms of regulating the audit function, neither has explicit powers to monitor or check network liability.

It is worth noting that the European Union, the United Kingdom, and Australia do not permit audit firms to provide non-audit services. The example of these three relatively well-run jurisdictions would be a good example for India to study.