Forensic Audit – Meaning, Importance, Way Ahead

forensic audit upsc essay notes mindmap

Securities and Exchange Board of India (SEBI) has amended Listing Obligations and Disclosure Requirement (LODR) regulations to remove the gaps in the availability of information on forensic audits of listed entities. However, companies may regard these requirements as onerous, as they may adversely impact their reputation. Measures must be taken to address this issue for intended objectives of improving transparency and increasing disclosure requirements to be effectively achieved.

forensic audit

What is a forensic audit?

  • “Forensic” means “suitable for use in a court of law”.
  • A forensic audit is the examination and evaluation of an individual’s or firm’s financial records to derive evidence that can be used in the court of law or legal proceedings.
  • These audits cover a wide range of investigative activities aimed at finding out frauds, embezzlement and various other financial crimes.
  • They can also be used as evidence during disputes related to bankruptcy filings, business closures and divorces.
  • Forensic audits integrate accounting, auditing and investigative skills as well as using technology and legal skills to establish facts and evidence.

How is a forensic audit different from forensic accounting?

  • There are usually two different types of frauds in the business world:
  1. Frauds against businesses: Those committed by/for employees, vendors, clients.
  2. Frauds for businesses: Those committed by promoters and shareholders of the business to deceive bankers, revenue authorities and regulators.
  • While forensic accounting involves frauds against businesses, forensic auditing relates to frauds for businesses.
  • The forensic accounting involves the finding of those involved in the fraud, the procedure followed for the fraud and the losses caused by the fraud.
  • The forensic audit, in contrast, involves checking the trail of money – from the source to the end-use.

Most probable and repeated topics of upsc prelims

How is forensic audit different from internal audit?

  • A forensic audit is the examination of the financial records to find any illegal financial activities.
  • Internal audit is the examination of a company’s accounts or activities by its own accountants or managers.
  • A forensic audit is conducted to present it as evidence in court.
  • Internal audit is prepared to be presented to the company’s governing body or owners to discuss the financial health of the organisation.

What are the applications of the forensic audit?

A forensic audit involves uncovering or confirming various types of unlawful activities. It is chosen instead of a regular audit if there is a chance that the evidence collected would be used in court. Some of the instances that necessitates the use of forensic audit investigations are as follows:

Corruption or fraud detection:

In a forensic audit, an auditor would seek to detect:

  • Conflicts of interest: Fraudster uses his/her influence for personal gains to damage the company.
  • Bribery: Offering of money to influence a situation to one’s favour.
  • Extortion: Using or threatening to use force, violence to intimidate and gain money or property from an individual or an entity.

Asset Misappropriation:

  • This is most prevalent these days.
  • Instances of asset misappropriation include misappropriating cash, submitting false invoices, making payments to non-existent suppliers or employees, misusing assets (company’s properties) and stealing the company’s inventory.

Financial Statement Fraud:

  • It involves a company showing that its financial performance is better than it actually is.
  • This is done by presenting inaccurate numbers so as to improve liquidity, to ensure that the company’s senior executives continue to receive bonuses or to cope with the pressure to perform.

Why is the forensic audit important in India?

  • Forensic audit investigations play an important role in uncovering the modus operandi of corporate misdoings like embezzlements, bribes, extortions, fictional transactions, conflict of interests etc.
  • In India, there is a rapid increase in the cases related to fraud, bribery and corruption.
  • Radical changes are required to counter white-collar crime in India and forensic audits are essential in such efforts and protecting the business stakeholders.
  • Technological development and the rise of new payment methods have created more avenues for white-collar crimes.
  • Online frauds in the Indian banking system have increased over the recent years, threatening the safety of information and safety of banks and their customers.
  • The implementation of the insolvency and bankruptcy code has led to an increase in the use of the forensic audit by creditors to validate their actions and to scrutinise promoters.
  • These audits play an important role in the proceeding of the National Company Law Tribunal (NCLT) and asset reconstruction mechanism.
  • It is also used during the investigation of Ponzi schemes.

What is SEBI’s new rules concerning forensic audit?

  • The capital market regulator, Securities and Exchange Board of India (SEBI) has recently mandated all listed entities to disclose any forensic audit initiated by companies.
  • It also mandated the disclosure of the name of the initiator of the forensic audit along with the reasons for the initiation of such audit.
  • The final forensic audit report should also be disclosed after the listed entity receives it, along with comments of the management.
  • The disclosure of forensic audits initiated by regulatory or enforcement agencies is exempted.
  • The SEBI has amended the Listing Obligations and Disclosure Requirement (LODR) regulations to make the above changes.
  • This is to address the lacunae in the availability of information on the forensic audit of listed entities.

Why are these new rules needed?

  • Historically, forensic audits and other such exercises in India are undertaken for matters of all sizes regardless of materiality.
  • However, disclosures were made only when the suspected amounts were material to a company’s operations.
  • For instance, the Corporates Affairs Ministry prescribed a threshold of Rs.1 crore (as estimated fraud value) for the case to be reported to the Centre.
  • The recent rules mandate disclosure of all forensic audits – even those matters that do not affect the overall operation of the company – so as to increase transparency and disclosure requirements.
  • The new disclosure regime may lead to an increased focus on investing in fraud prevention mechanisms to pre-empt illegal activities.
  • This, in turn, can lead to a higher emphasis on anti-fraud activities, strengthening of anti-fraud controls and whistleblower systems.
  • The SEBI mandate can also build confidence among firms, enabling them to understand fraud patterns and identify vulnerabilities in key business functions.
  • Globally, similar mandates have pushed organisations towards adopting mature fraud risk management practices. These include disclosures pertaining to the US Sarbanes-Oxley Act, 2002, The US Bank Secrecy Act of 1970 and the Anti-Kickback Enforcement Act of 1986.

What are the issues with SEBI’s new forensic audit rules?


  • The non-application of materiality may make the new mandate seem burdensome for companies since historically they have disclosed only when the suspected amounts were material to a company.
  • The material here means the information that is or may be relevant to the firm’s operations.
  • For instance, when a company is experiencing losses due to fall in demand for the product, it is material information. Such information needs to be disclosed to the shareholders.
  • The concept of materiality is used to determine what is material enough to be included in the financial statement.
  • The current mandate may discourage companies to initiate forensic audits for trivial matters like employee expense reimbursement frauds, as they may fear adverse publicity and poor market sentiments.

Premature disclosure:

  • The requirement of disclosure of initiation of the forensic audit and sharing the report on the conclusion of the audit can be seen as a dilution of the independent conduct of company’s boards and inability to discharge their duties under the law.
  • The premature disclosure may result in the erosion of shareholders’ value and adversely impact the company’s reputation, especially when the investigation concludes that there is no wrongdoing.
  • Such disclosures, which occur even before the initiation of the forensic audit, can mislead investors. This may cause undesirable fluctuation in the company’s stock price.

Trust issues:

  • The requirement of sharing the forensic report may result in compromising the witness testimonies and confidential deliberations during the audit process.
  • This could damage the trust the employees and other shareholders have on forensic audit process aimed at detecting misconduct or potential violation.


  • The forensic audit encompasses a wide array of issues, which are either financial or non-financial or both.
  • The requirement to disclose relevant information during the course of the audit may tempt any individual to collude with a competitor to make an unsubstantiated whistle-blower complaint and exploit such pre-mature information to negatively impact the company’s interests.

Discourages forward-looking practices:

  • A forensic audit is a specialised skill within the larger area of audit and assurance.
  • Currently, both managements and boards have a larger role and responsibility for establishing and reviewing internal controls.
  • Therefore, the forensic audit is often supplemented with the internal audit process.
  • The role of the forensic audit is no longer curative, as it has become an important preventive tool.
  • Forensic audits are also conducted to stress-test the existence, relevance, compliance and effectiveness of their internal processes, systems and controls.
  • These aspects are overlooked by the current amendment as it only discourages such progressive practices.

What can be the way forward?

Fine-tuning disclosure requirements:

  • Prompt disclosure of information regarding adverse developments in a company is vital for preventing false market of securities of the company.
  • The report of forensic audit may be disclosed to the public only when it is initiated after the order passed by a regulatory/enforcement agency.
  • In such cases, the event may be considered as unpublished price sensitive information (UPSI) requiring the closure of the trading window for insiders.
  • UPSI is any information relating to a company’s internal matter that is undisclosed in the regular course of business. If such information is leaked, it affects the price of securities of the company in the stock market.
  • In other cases, SEBI may direct companies to disclose the summary of the forensic audit report after the conclusion of the audit only when material wrongdoing is detected.
  • Disclosure obligations should not apply to internal investigations initiated by the company itself.
  • There is also a need for a regime where all public interest entities in India are put through the forensic audit at least once in three years.
  • For this purpose, the Institute of Chartered Accountants of India (ICAI) or SEBI could set up a panel for the appointment of the forensic auditor.

Strengthening of fraud prevention frameworks:

  • Review anti-fraud policies, which are usually part of the Code of Conduct, the Gifts and Entertainment policy and the Anti-Bribery and Corruption policy. These policies must be detailed to include emerging avenues for frauds.
  • Organisations must more frequently evaluate fraudulent practices and make strategic investments to strengthen anti-fraud controls. In this regard, large-scale investments can be made in technologies that can enable forensic data analysis at the transactional level.
  • Effective whistle-blowing mechanisms must be put in place as the majority of frauds are detected via whistle-blower complaints. Companies Act, 2013 mandates the organisations of a certain size to have whistleblower mechanisms, which are highly ineffective in reality. Effectiveness of whistleblower mechanisms can be improved by providing multiple channels to report concerns, allowing for anonymous complaints from employees and third parties and ensuring the confidentiality of the complaints.
  • Conduct regular awareness programmes on fraud and its impact for employees, as they are often the first line of defence against fraud in any organisation.
  • Organisations may consider preparing qualitative reports detailing the fraud’s impact, its detection mechanism and the corrective actions taken to prevent the repetition of such instances. This could provide a holistic picture of the fraud risk management efforts, limit reputation damage and prevent scrutinies that may adversely impact the company. Such reports can be used for formulating comprehensive guidelines on reporting frauds.


SEBI’s latest mandate on disclosing of forensic audit is a step in the right direction. Complementary measures must be put in place to ensure that disclosure of the forensic audit does not result in tarnishing companies’ reputation and create uncertainty. This can ensure greater transparency and reduced instances of fraudulent practices while also protecting the firms’ interests.

Practice question for mains:

Do you agree that SEBI’s new rules on disclosure of forensic audit by listed companies are a step in the right direction? How can this mandate be further improved? (250 words)

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x