I get inquiries for my compliance audit services from SEBI registered Investment Advisers (RIAs) and Research Analysts (RA).
I am happy that RIAs and RAs are keen to build a professional and compliant practice.
Unfortunately, several of these inquiries die down – no response, off the grid. When I did a follow-up with a few, I came across the strangest reasons.
“We have postponed the audit.”
“We found someone who will charge much less.”
I failed to understand the first one about ‘postponing audit’ but the second one had me flummoxed.
I failed to understand, until…
I was doing the audit for one of my RIA clients. It is a partnership firm and had got past audit done with someone else.
I was surprised to see that that ‘auditor’ did not even guide them on the basic SEBI requirements. Simple things like whether advice is given before or after the risk profile is done were missed out.
I had to guide them to streamline their complete process.
And then I realised the secret behind the ‘less fee’ option. The tick audit.
Yes, you read it right – it’s the “tick audit”. It is the audit done by a professional just by ticking the boxes in a checklist.
The question that you need to ask is has the professional you hired was just to issue a compliance report, without even checking anything? Or, you really wanted to comply with the SEBI regulations applicable to you?
I hope that helps you realise if you are a victim of “tick audit”.
What’s the purpose of a compliance audit?
Conducting an audit is not only about ticking the boxes. It’s a comprehensive process from understanding your business to ensuring that you have the right guidance in ensuring compliance with SEBI requirements.
The adverse findings also have to be reported to SEBI along with the action taken report.
If you have a tick audit based compliance report, what are you going to report to SEBI?
If SEBI comes down for an inspection, do you think the officers are going to rely on your ‘tick audit’ report claiming ‘fully compliant with the regulations’?
I doubt it. Don’t believe me!
In its order against a company CapitalVia Global Research Limited, an RIA, SEBI mentioned:
The Audit reports basically certify that certain compliance are in order. The Audit reports are at best cursory and do not provide details of the steps taken by CapitalVia to ensure compliance with IA Regulations. Hence, I am unable to consider these reports as valid proof of due compliance of the IA Regulations.
Why do you think SEBI issued an order against CapitalVia. Again the reason is the same – it could be a victim of tick audit. Although CapitaVia had internal audits done by a chartered accountant firm, it had violated various regulations of SEBI (Investment Advisers) Regulations, 2013.
I believe you do not want to be one of them. So, choose your auditor wisely.
Here’s how I approach the compliance audit process.
My audits are consultative in nature. I will first thoroughly understand your business. I want to know, in detail, what is the process you follow to service the clients. I believe this is the basis on which the auditor will know what is applicable / not applicable to you and your clients.
I provide a detailed checklist and then I go on to check the documents maintained by you.
If I find any gap, I will suggest ways to fill those gaps so that after the audit you can do business in a compliant way.
I will then, issue the audit report with my suggestions and observations. This will be a detailed report based on my findings and the areas of audit checked by me.
So, essentially the audit service is a combination of consultation and audit services along with the issue of a compliance certificate.
How much time does it take?
It all depends on your business and processes. It may take anything between one week to one month. And yes, it will not just be on email. We will have discussions on the phone or a video call.
What are the fees?
Again it all depends on the scope of work, my efforts and time which will go in conducting the audit.
But yes, it will definitely be higher than the tick-audit fees. 😊
I am sure you know that quality comes at a price. The same applied to audit services too. Quality, in depth, compliance audit comes at a price too.
Now your next question is – What do I do ? Am I late already for my audit?
First, it is never too late.
An investment adviser should complete the compliance audit within six months from end of each financial year and post completion of said audit must report the adverse findings, if any along with action taken thereof duly approved by the competent authority as specified, to SEBI within a period of one month from the date of the compliance audit report i.e. not later than October 31st of each year for the previous financial year.
I am not saying you get the audit done only from me. There are several genuine professionals who conduct the audits the right way. You can get in touch with them but please don’t be a victim of tick audit.
If you are interested in knowing more about compliance audit services, you can write to me at kruti@cskruti.com
Hi Kruti,
Really a well knowledge sharing Article; very easy to understand.
Thank you Diksha
A very genuine article indeed, Kruti. Could agree with a lot of what you have said.
Thank you Premal. 🙂
Hi Kruti,
Here you go with a perfect article to make people understand the consequences of going with the tick audits to avoid fees part and taking risk of paying huge penalties to SEBI for non-compliance.
Well done!!
Thank you Swati. Yes, you are right. I have been saying / writing this always, “The cost of non-compliance is higher than the cost of compliance”