Communications
III. Guidance Note on Direct Access to Private Sector Records for Audit by CAG– Protocol
(Reference No. 119/3-PPG/2014 dated 04th July, 2014)
The duties and powers of the Comptroller and Auditor General of India (CAG) to directly access and audit the records of the private sector have been under discussion for some time. This issue was examined by the Hon'ble Delhi High court and the Supreme Court of India in the case of access of records of private telecom companies by the CAG. The Hon'ble Courts recognized that the records of private players entrusted with the responsibility of delivering public goods and services by utilizing the state owned resources should be accessible to the CAG for audit.
Important arguments accepted, the rationale behind the judgments and the highlights of the abovementioned judgments (copies enclosed) that have wider implications for audit by the CAG of private sector organizations are brought out below:
Judgement dated 6th January 2014 of the Delhi High Court
- Applicability of Principle of 'Res Communes' - The doctrine of 'res Communes' claims that some things are common to mankind - the air, the water etc. Thus, the titles of these resources are vested with the State as the sovereign, in trust for the people. (Para No. 21)
- Licensees are the accountants of the Central Government and are expected to maintain complete, accurate and honest books of accounts as to any transaction(s) involving revenue as a fiduciary duty. (Para No. 31)
- Revenue would include any income of the nation derived from any source, to be credited into the Consolidated Fund of India. Therefore, the revenue shared by the licensees with the Central Government, flowing into the CFI is the income of the nation and is revenue under Article 266 (1) of the Constitution. (Para No. 48)
Judgement dated 17th April 2014 of the Supreme Court of India
- Article 149 of the Constitution and the Comptroller and Auditor General (DPC) Act, 1971 is to provide for Parliamentary control of executive on public funds, consequently, ambit of audit by CAG has to cover all issues that are required to be examined by the Parliament. (Para No. 18)
- Article 266 of the Constitution of India take in "all revenue receipts received by the Government of India" and submitted that a combined reading of Sections 13, 16 and 18 of the C&AG (DPC) Act would indicate that it is obligatory on the part of the CAG to audit all transactions entered into by the Union and the States pertaining to the Consolidated Fund. (Para No. 19)
- When nation's wealth/natural resources , like spectrum, is being dealt with either by the Union, State or its instrumentalities or even the private parties, like service providers, they are accountable to the people and to the Parliament. (Para No. 37)
- CAG's examination of the accounts of the Service Providers in a Revenue Sharing Contract is extremely important to ascertain whether there is an unlawful gain to the Service Provider and an unlawful loss to the Union of India, because the revenue generated out of that has to be credited to the Consolidated Fund of India. (Para No. 41)
- The expression "to audit all receipts" does not distinguish the revenue receipts and non-revenue receipts. (Para No. 45)
- Section 13 read along with Section 16 makes it clear that the expression "to audit all transactions" so also "audit of all receipts", payable into Consolidated Fund of India would take in not only the accounts of the Union and of the State and of any other authority or body as may be prescribed or under any law made by the Parliament but also to audit all transactions which Union and State have entered into which has a nexus with Consolidated Fund, especially when the receipts have direct connection with Revenue Sharing. (Para No. 45)
- Unless the underlying records which are in the exclusive custody of the Service Providers are examined, it would not be possible to ascertain whether the Union of India, as per the agreement, has received its full and complete share of revenue, by way of licence fee and spectrum charges. (Para No. 48)
- CAG is not actually auditing the accounts of the UAS Service providers as such, but examining all the receipts to ascertain whether the Union is getting its due share by way of licence fee and spectrum charges, which it is legitimately entitled to, by way of revenue sharing. (Para No. 50)
- CAG's function is separate and independent and is not similar to the audit conducted by the DoT under clause 22.5 or special audit under clause 22.6. (Para No. 51)
Role of CAG in a changing audit environment
In essence, these judgments have emphasised that the duties and powers of the CAG, being part of the basic structure of the Constitution, are to be interpreted and carried out to meet the changing needs and requirements of accountability. In the current scenario, the purpose of audit by CAG of records of private sector organisations can be stated as under:
- Providing an independent assurance that the terms and conditions of the agreements have been complied with in letter and spirit.
- Assisting in protecting the legitimate interest of public at large
- Ensuring parliamentary oversight
An independent assurance by the CAG, as an external auditor, to the Government is necessary and different from the roles of executive, the statutory auditor and the regulator. As the audit of such private sector records is to safeguard the interests of the State or its agencies or instrumentalities, it is the constitutional mandate of CAG and has been upheld in the above said judgments. Therefore, there may be no requirement of specific entrustment of such audits.
Protocol
The emerging audit scenario requires a new protocol to be established for accessing/auditing private sector records. This guidance note aims at laying down the procedure on the following aspects:
- Identification of agreements involving private sector participation
- Determination of need to access private sector records
- Scope of examination of private sector records
- Mode of interaction with private sector
- Composition of audit parties and capacity building
Identification of agreements involving private sector participation
The field audit offices are required to prepare a master data base of all agreements/ contracts entered into by the Union and State Governments State and its agencies or instrumentalities with private sector
- For delivery of public goods and services
- Dealing with transfer of natural resources (like land, water, spectrum and genetic resources) or public properties to private sector, if such transfer affects public interest
- Nexus with consolidated fund of India or State
- Having an impact on public interest
Presence of one or more of the above mentioned parameters could be the basis of identification of agreements for this purpose. These parameters would help in identifying the agreements / contracts which could require access to private sector records by CAG to provide assurance as indicated above.
Determination of need to access private sector records
The decision to access the records of any private sector organization has to be taken with the approval of controlling DAI/ ADAI. The necessity of accessing the private sector records would be decided by the HQ, on a case by case basis, depending upon the risk assessment of the subject matter and the ability/inability of the CAG to effectively fulfill his mandate only through audit of records of the government/public entity which comes under the CAG audit purview. HQ would also decide the applicable section of the CAG's DPC Act under which such audit would be conducted, deciding in turn the scope of audit. A self contained proposal giving justification/necessity for such direct access has to be sent by the field audit offices to the headquarters. While recommending the need to access/audit private sector records the following aspects may be kept in view:
- The contract may provide for specific agreement clauses requiring private sector organizations to provide access to information / records to public sector partners or any other public authority.
- In most of the cases, it may be possible to get the required information through the public sector audited entity entering into agreement with the private sector entity in question. The public sector entity should be the first port of call.
- In certain cases, it would not be possible to provide assurance that the terms and conditions of the agreement are being complied with, unless the underlying records that are in the exclusive custody of the private sector organization are examined.
- In all cases, the materiality and the risk perception need to be given due consideration.
Scope of examination of private sector records
The scope and the extent of examination of private sector records needs to be clearly understood and mentioned in the justification proposal to the controlling DAI/ADAI. Following factors are crucial for determination of the scope of examination:
- The access to private sector audit records and the audit of such records should be limited to compliance audit to ensure that the terms and conditions of the agreement/ contract in question have been complied with. A financial audit or the performance audit of the private sector organization is not to be undertaken.
- In case performance audits of public sector audited entities, there may be a need to access the records of private sector partners. However, even in such cases, the audit of private sector records would be restricted to checking of compliance with the agreed terms and conditions of the agreement/ contract.
- Only those underlying records are to be examined which are essential to provide assurance for the above; request for access to be restricted to such documents only.
- The scope should clearly indicate the time period to be covered and the records to be accessed; audit should not be open ended.
Mode of interaction with private sector
A communication protocol is required while auditing records of private sector organizations. Important components of the communication protocol are:
- Private sector should be approached, initially through administrative department /public sector audited entity. Scope and methodology of audit should be explained up front to the private sector entity, clarifying doubts, if any.
- Liaison officers from administrative department/public sector entity, private partner and the field audit office should be appointed for effective coordination. A regular communication channel would help in audit management.
- Concerned administrative department /public sector entity to be kept informed of all important developments during the course of audit.
- All possible constraints in conduct of the audit should be identified and mitigating strategies should be planned.
Composition of audit parties and Capacity Building
Prima-facie, domain knowledge is not a constraint. We have cadres having specialized knowledge in sectors such as Railways, P&T, Defence and the staff is well versed with intricacies of functioning of these sectors. Even in other sectors like oil, road, and electricity, domain knowledge is available. However, it is important to keep abreast of latest developments in these sectors. Specific attention may be paid on the following issues for proper conduct of audit:
- The audit teams deputed for carrying out such audits should possesses necessary professional competence to conduct these audits, as a group. This would include knowledge of the domain of the audited entity, sound knowledge of auditing techniques, as well as analytical, writing and communication skills. The considerations for selection of a particular audit team should be placed on record.
- In specialised areas, external experts can be used to complement the knowledge of the audit team. Auditors should evaluate whether and in what areas external expertise is required, and make the necessary arrangements. The procurement of the services of the expert or using their work will be as per the general guidelines approved by the C&AG office from time to time
- Effective supervision of the implementation of such audits will ensure that the audit is performed as planned. The audit teams should be guided by the concerned group officers on a regular basis.
- Besides, the field audit offices should also give emphasis on specific capacity development with regard to audit of agreements in the particular and sophisticated IT systems – ERPs, etc.Specific requirements for specialized training may be sent to controlling DAI / ADAI, if necessary.
The justification proposal for accessing the records of private sector organizations for audit to be sent to the controlling DAI /ADAI should contain all relevant details such as need for accessing such records, risk perception, scope of audit and list of records to be accessed among others. The heads of field audit offices are requested to implement the protocol, as applicable and also to bring it to notice of all concerned.
|