SEBI’s Digital Assurance Mandate: New Standards for Top 100 Listed Firms

The Securities Exchange Board of India (SEBI) had released a draft circular on digital assurance of financial statements for the top 100 listed companies in India. The circular states that the financial results of the companies match the data available on regulatory websites, for instance, GST, Income Tax, or Employee Provident Fund. The process aims to improve the quality of the financial results these companies publish, helping investors make informed decisions.

Key Takeaways

• The draft circular on SEBi’s digital assurance of financial statements is yet to be notified.
• Digital assurance on financials is applicable to the top 100 listed entities slated to start from FY 2024–25.
• First Digital Assurance Reports were to be submitted by 31st July of the following year, following the financial year.
• Financial data must be cross-verified with government websites or portals, for instance, GST, Income Tax, EPFO, and trade portals.
• Reports must be certified by ICAI peer-reviewed statutory auditors.

What Is SEBI Digital Assurance?

SEBI Digital Assurance is a structured framework that requires listed companies to submit a separate digital assurance report. Traditionally, statutory audits mostly rely on company-maintained records and sampling techniques, while digital assurance is a direct validation of the company’s data with information available on various government websites and portals.

The framework requires the Management to confirm that:

• Financial information maintained is accurate and complete
• Access to various government portals and websites was granted to the auditor
• Data reconciles with the books of accounts and government websites

In case of any difference, the management is required to provide reasons to the auditor.

The framework also covers the auditor’s responsibility to examine financial information from books of accounts and external government websites and is validated from their respective sources.

Auditor shall comply with the technical guide on digital assurance issued by the Institute of Chartered Accountants of India. 

Why Does SEBI Digital Assurance Matter?

Your financial statements must now be provably consistent with what the Government already knows about you. The digital assurance report serves as an additional relief to the investor community. 

Companies release their annual performance basis books of accounts maintained by themselves. Also, the financial data on various government portal are uploaded by the Company itself.

If any Company or any key managerial personnel intends to tamper with any financial result, this report will highlight the differences, cautioning the investors about the mischief.

Digital assurance aims to minimise the risk of misstatement, which strengthens corporate governance and provides investors with confidence that published financial information reflects true company performance.

Until now, audits relied mainly on ERP and internal controls, with external data (GST, TDS, PF) being used only when problems arose. However, going forward, external portals become primary audit evidence. Differences must be explained and owned by management. It turns GST, TDS, Imports/exports, Payroll compliances, etc, into financial reporting risks and not just tax risks.

Timelines of SEBI Digital Assurance

Entities Covered Under SEBI Digital Assurance

Currently, the Digital Assurance requirement applies to the top 100 listed entities by market capitalisation.

Key Components of SEBI Digital Assurance Report

Digital assurance report covers the following items:

• External regulatory information source, for instance, GST or Income Tax Portal, EPFO, TRACES, EDPMS/IDPM
• Description, i.e., nature of transaction, e.g. revenue or sales
• Amount as per the books of accounts maintained by the management
• Amount as per external regulatory information source or government website
• Date on which the auditor noted data from government websites
• Reconciliation, i.e., the difference in the amount as per the books of accounts and the amount as per the government websites
• Management explanation: This is specifically required in case any differences are found.

This report is signed by the management of the company and the auditors and then submitted to the stock exchange.

Data Source of SEBI Digital Assurance

Multiple data sources significantly strengthen the SEBI Digital Assurance Report.

Benefits of SEBI Digital Assurance

Challenges and Implementation Issues

Digital Assurance Report heavily relies on accurate and reconciled data. While most of the companies use advance software to maintain their books of accounts, still finance teams require time to consolidate data for reporting as they need to refer and validate such data from various sources. 

For instance, a Company operating under various jurisdictions may need to maintain reconciliation for each entity due to variations in accounting policies and transaction value.

The core reliance of the digital assurance report is data available on various government portal which may be questioned. During the course of business, a company may need to revise their returns either due to missed entries or a delay in receiving invoices from vendors. Because of this, strong internal controls and continuous monitoring will be required.

The Company must also ensure that data security and privacy protocols are maintained when auditors are provided access to various government portals. 

Penalties and Consequences of Non-Compliance

Non-compliance with SEBI’s Digital Assurance requirements will attract monetary penalties, and SEBI may also freeze the entire shareholding of the promoter as well as all other securities held in their demat account, as specified under Section VII-A of the Master circular dated 11th July 2023.