A Securities Exchange Board of India (SEBI) proposal by way of a consultative paper on 18 July 2019 to amend Reg. 33 of SEBI Listing Obligations and Disclosure Requirements (LODR) Regulations seeks to lay down in the rule book of listed entities that when auditors want to resign in the middle of an auditing assignment, they cannot be allowed to leave citing reasons such as “pre-occupation”. 

 

They must be encouraged and asked to open their heart, and speak out the real reason, or confirm that there is no reason other than the one that they mention while resigning. Also, the auditor must not leave the auditee in the lurch, and complete the on-going audit engagement to the point of completing the audit of the year or limited review of the quarter. The resignation must be discussed with the audit committee chairman, and thence, with the audit committee, highlighting the concerns, if any. The views of the audit committee will be filed before the stock exchanges.

 

In essence, the proposal of SEBI tries to implement what seems to be the clear intent – that the veil of secrecy behind auditor resignation, where everyone can sense that everything is not alright but does not get to know what exactly it is – should be lifted.

 

Inspiration for the Proposed Amendment

The inspiration for the SEBI proposal comes from the recent turmoil in the corporate sector, where, mostly in the midst of worsening financial position, auditors put in their papers. There are rumours of auditors’ discomfort with the financial statements; mostly people smell transactions that may involve transfer of assets to connected entities, inflation of profits or hiding of losses. One wonders as to why most of these resignations come only when the financial position of the entity is suddenly worsening—is it that in good times, financial statements are immune from such vulnerable transactions or practices? However, it mostly seems that an impending default will bring the entity into regulatory glare, and the auditor may have to face persecution action.

 

What has made the auditor fraternity even more jittery is the action of the regulators against auditors of a failed financial entity, seeking to use the very heavy provisions of section 140 (5) of the Companies Act. It is just a matter of time when the country may witness class action suits against auditors, which abound in the Western world.

 

The instinctive action of auditors’ in such cases is, try to control the damage by quitting the scene, rather than qualify the statements which, in the past, have been affirmed by the same auditor. Of course, the reasons cited can be as slippery as “pre-occupation” or lack of bandwidth.

 

It was reported in 2018 that the minister of state for corporate affairs, PP Chaudhary’s written reply to the Rajya Sabha stated that as per the filings in MCA 21 registry, auditors of 204 listed entities had resigned between 1 January 2018 and 17 July 17 2018.

 

The Institute of Chartered Accountants of India (ICAI) also constituted a group and the task of developing guidance for the members was entrusted to the auditing and assurance standards board (AASB). 

In December 2018, ICAI released ‘Implementation Guide on Resignation/Withdrawal from an Engagement to Perform Audit of Financial Statements’, which provides matters to be included in the resignation letter (Para 19) which is similar to the Annex-B of the SEBI consultative paper. It additionally required the response from the management or those charged with governance, on the written communication made by the auditor, to be included in the resignation letter.

 

Is It Wrong To Resign? 

No, as ICAI’s auditing standards (SA-705) provide the situation under which an auditor may resign from the audit. If the auditor concludes that the possible effects on the financial statements of undetected misstatements, if any, could be both material and pervasive so that a qualification of the opinion would be inadequate to communicate the gravity of the situation, the auditor shall resign from the audit, where practicable and not prohibited by law or regulation.

 

Is It Necessary to Cite Reason for Resignation?

Section 140 (2) of Companies Act, 2013 mandates an auditor to indicate the reason and other facts as regard to its resignation while filing the statement of resignation with the registrar and the comptroller and auditor-general of India, where applicable.

 

What Is the Meaning Of Resignation?

It is important to note that the appointment of an auditor is done for a term of 5 years. Therefore, even if an auditor resigns after completion of the audit for a financial year, within the term of 5 years, it is still a case of resignation. 

 

Provisions of section 139 (9) may be interpreted to mean that the auditor may actually state before a general meeting, within the term of 5 years, that he is not willing to be reappointed. However, is that a case of resignation?

 

Read with section 140 (2), even an unwillingness to be reappointed becomes a case of resignation. This is so because the appointment is done for 5 years, and the ratification of the appointment at the annual general meeting, every year during the 5 year term, has been done way with by the Companies (Amendment) Act, 2017 w.e.f. May 7, 2018.

 

Therefore, the following are some examples of what may be construed as a case of resignation:

(a) The auditor was appointed in the AGM of Year 1, for completing the audit for FY 1 to FY 5, until the conclusion of the AGM for Year 5. At the end of Year 2, after completing the audit of Year 2, auditor gives a letter to the management that he is not willing to audit for Year 3. 

 

(b) Same case as above, however, instead of the auditor indicating unwillingness to be reappointed, the audit committee while evaluating the performance of the auditor does not recommend continuation of appointment. 

 

(c) Same case as (a), however,  the auditor becomes ineligible to continue.

 

Case (a) is a case of resignation; (b) is a case of removal and (c) is a case of vacation of office resulting in a casual vacancy.

 

SEBI’s Prescription: Reveal the Truth

The resigning auditor shall reveal all the reasons for resignation in the resignation letter along with the efforts made by the auditor prior to resignation. Against whom was the concern raised? What was the concern was raised in relation to? Why was the concern not addressed - due to a management-imposed limitation or circumstances beyond the control of the management? The auditor is expected to pour his heart out in the resignation letter, which is in line with the prescription made in ICAI’s implementation guide.

 

Role of Audit Committee

After the auditor approaches the chairman/ audit committee, the audit committee has to communicate its views to the management and the auditor, which is also required to be disclosed to the stock exchange.

As per SEBI (LODR) Regulations, the audit committee is responsible for the appointment, performance evaluation, ensuring independence of the auditors, finalising the audit plan and reviewing and monitoring effectiveness of the audit process. The audit committee is also required to mandatorily review management letters / letters of internal control weaknesses issued by the statutory auditors.

 

Auditor’s Duty to Complete Pending Assignments

The language seems unclear. The consultative paper provides that if the auditor makes a decision to resign in August 2019 the auditor shall issue the audit report for the quarter ended 30 September. 

 

However, the proposed amendment to SEBI (LODR) Regulations mandates issuance of the limited review/audit report for that financial year/ quarter, as applicable, before such resignation (i.e. previous financial year/ quarter in reference to the date of resignation).

 

It will be logical to interpret that the auditor will resign first, and then complete the audit/ limited review for the current/ on-going quarter. 

 

Concluding Remarks

Thankfully, for all Indians, one can relate most tricky situations in life to a Bollywood song, and that really helps to dismiss the gravity of the matter. When it comes to something like auditor’s resignation (judaai), or silence (khamoshi), there will a large number of songs or flicks on such situations, evidently the popular themes for Bollywood. Therefore, without claiming to be the best for the situation, here is one that may possibly help to lighten the pain that SEBI and investors may be having:

 

 

(Vinod Kothari is a chartered accountant, trainer and author. Mr Kothari, through his firm, Vinod Kothari & Co, is also engaged in the practice of corporate law for over 25 years. CS Vinita Nair is Partner at Vinod Kothari & Co)

 

Deloitte Haskins & Sells LLP, the local auditing affiliate of international accounting group Deloitte Touche Tohmatsu, is misinterpreting an important law as it seeks to avoid a five-year ban on new business, the government has informed the National Company Law Tribunal.

 

The Ministry of Corporate Affairs has proposed the ban on the auditor for its alleged involvement in a financial fraud. 

 

The Ministry said it had noticed many violations of auditing standards by Deloitte and a KPMG affiliate during an investigation of an alleged fraud at IFIN, a unit of Infrastructure Leasing & Financial Services, whose debt defaults in 2018 revealed a financial scam. 

 

The auditors have denied any wrongdoing or cover up in the matter. Deloitte also contends that the government's case against it does not stand, because the charges have been levelled after its 10-year stint at IFIN ended. Deloitte last audited IFIN for fiscal year to March 2018. 

 

It argued that the call for ban was unjustified as the government was taking into account its previous work.

 

However, the Ministry says that any fraud, which is in continuity, can come under the purview of the law. 

 

The Ministry, in its June 28 filing with the Tribunal, countered that the auditor was not correctly interpreting the laws in place and any law cannot be read in such a "narrow and pedantic manner". 

 

Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

The Reserve Bank of India (RBI) failed to do any credit analysis of the top-20 borrowers of ICICI Bank, even as their share had grown to 20.30% and had exposed the Bank to increased risk. Research undertaken by Moneylife, on the other hand, indicates that RBI deliberately concealed data that reflects on its own shortcomings in the quality of its annual inspections, its findings and its ability to ensure compliance.

 

RBI, in its role as banking regulator, conducts annual inspections / reviews of banks to ensure compliance with rules and maintenance of acceptable risk profile. 

 

Risk assessment reports (RAR) evaluate management and organisation risk, credit risk, market risk, liquidity risk, and operational risk in three facets, viz., information technology (IT), non-IT, and other risks. 

 

RAR also identifies the control-gap which causes the inherent risk and computes the aggregate risk as a weighted average of the inherent and control-gap parameters. 

 

The findings on capital and earnings help in the estimation of capital to risk-weighted assets ratio (CRAR), and to identify and correct major areas of financial divergence. Identification of major areas of non-compliance is done to ensure compliance by the bank.

 

In the third article in this series of annual reports released by the RBI to activist Girish Mittal following his long battle with the regulator, I am examining the inspection reports of ICICI Bank for the years FY12-13, FY13-14 and FY14-15. 

 

The aggregate bank risk score was 2.040 in FY12-13 (which is described as medium risk) which rose to 2.396 in FY14-15 denoting heightened overall risk.

 

What happened with the Bank in the subsequent period after these reports, as well as the controversies surrounding its managing director and CEO, Chanda Kochhar are all in the public domain. What is clear is that RBI, in its inspections and evaluation of management, had no advance warning of the storm to come. 

 

A worrying fact that emerges is that the credit risk of ICICI Bank is higher than that of Axis Bank in all three years. More about this later.

 

 

Do the RBI reports capture critical risk factors adequately? Do they prescribe remedial measures and ensure adoption of such measures?  While it is difficult to answer the first question in the absence of more material, the answer to second question is clearly a negative.

 

Mismatch between Credit Score & Comments

 

In FY12-13 report, the effectiveness of the board was evaluated on the basis of participation in the meetings of the board and committees of the board, and a survey that captured board members' response to a questionnaire. 

 

It is unclear how such a survey can help evaluate the board’s efficacy. Given that the board members make strategic and operational decisions of the company, their efficacy can be tested only based on an empirical study of the quality of the board decisions. This was not done. 

 

In FY13-14, the board was stated to be providing strategic directions and was described as well-functioning. Calendar year 2015 was the year when asset quality review (AQR) was introduced by RBI. 

 

The FY14-15 report stated that the board and ACB had not examined why the Bank's internal system had not identified the divergences as identified by successive RBI onsite inspections including the AQR exercise. The comments on the board’s performance are not fully consistent with the deteriorating risk score from 1.656 to 2.006.

 

Risk Governance

 

In the FY12-13 report, RBI came down heavily on the risk governance. The board-approved policy on internal capital adequacy assessment process (ICAAP) was deficient in communicating the actual level of risk and its direction in operationalising the Bank's business strategy. 

 

Further, the report stated that the risk taking did not follow a well-defined strategic path. The FY13-14 report stated that the supervisory engagement under risk-based supervision (RBS) during the off-site risk discovery process had shown significant non-compliances. 

 

The FY14-15 report broadly examined the risk handling by the credit risk management group of the Bank. The risk governance aspects were not consistent and varied in all the three reports.

 

Credit Risk Assessment

 

For credit risk assessment, RBI has assessed the credit exposure based on sensitive sector exposure, exposure in restructured advances, unsecured advances, divergence in risk-weighted assets, shortfall in provisioning, recovery from NPAs (non-performing assets), upgradation from NPA, etc.

 

Looking at the parameters (table below) considered for credit risk, it appears that RBI has followed different algorithms to compute the credit risk score.

 

 

Stress Testing

 

Stress test is helpful to set the spread above the risk free rate, aside from assessing the impact of possible loss events. In the FY12-13 report, RBI observed that there was no internal minimum capital to risk-weighted assets ratio (CRAR) or trigger CRAR under internal capital adequacy assessment process. The Bank’s capital planning was based on optimistic projections. 

 

Certain risk factors reckoned by the Bank for stress testing of various risks were found to be very mild. Though the Bank’s approach was seen to be somewhat subjective, RBI concluded that the stress testing scenario chosen by the Bank as 'not severely adverse'. 

 

The FY13-14 report observed that stress testing of market risk factors was not a comprehensive exercise and market driven credit risk stress scenarios were not considered for their impact on the derivatives portfolio. 

 

The FY14-15 report stated that the computation methodology for market risk tolerance limit was flawed as the Bank had not computed all three stress scenarios (mild, moderate, severe), and had used results of only severe stress scenarios.

 

Among other things, review of value-at-risk (VaR) breaches in the Bank was needed. There was no consistency in the risk parameters, or any reference to the previous year’s findings in any report. 

 

Incoherent Approach

 

All the risk factors showed deterioration during the three-year period. It is incongruous that despite highlighting major credit and risk management issues, the reports did not make any recommendation, much less specific recommendations for corrective action. 

 

Correspondingly, the subsequent year’s report neither reviewed any corrective action-taken report nor took off seamlessly from the previous year’s report.

 

Further, there was inconsistency between the risk score and comments. 

 

The empirical models are subject to modelling risk, and validation is considered necessary to test their efficacy before relying on them. 

 

In the reports, RBI accepted the Bank’s exposure to borrowers at the ratings assigned, presumably based on the risk assessment model developed by CRISIL being used by the Bank, and did not do any credit analysis of the top-20 borrowers whose share had grown to 20.30% and had exposed the Bank to increased risk. Had RBI undertaken such credit analysis, it could have identified more Videocons in the Bank’s cupboard!

 

In short, inconsistency between the risk score and comments, lack of any recommendation to rectify steady deterioration in risk profile, and lack of seamless approach reflected RBI’s hands off and perfunctory approach. 

 

Editor’s Note: RBI has strenuously fought against the attempts to make inspection reports public and has even claimed a fiduciary relationship with regulated entities. All three analyses of the inspection reports done by Moneylife so far indicate that the RBI had a lot to hide with regard to its own shortcomings on the quality of its annual inspections, its findings and its ability to ensure compliance. 

 

Here are the inspection reports of the ICICI Bank as provided by RBI to Girish Mittal under the RTI Act...

 

 

 

 

You may also want to read…
 
Finally, RBI Shares Inspection Reports of SBI, ICICI Bank, Axis Bank and HDFC Bank under RTI
 
Exclusive: RBI Inspection Reports on SBI Reveal Evergreening, Window-dressing, Cover-ups and Worse

Exclusive: RBI’s Risk Assessment Reports on Axis Bank: Missing the Forest for the Trees