- Management Responsibility: The management of a company is primarily responsible for ensuring that an appropriate accounting software is selected and used for compliance with applicable laws and regulations. This includes ensuring that the software has an audit trail feature that records each and every transaction and change made to the books of account, and that the audit trail is not disabled. The management is also responsible for identifying the records and transactions that constitute books of account, and for ensuring that the audit trail is appropriately protected from any modification and retained as per statutory requirements.
- Starting from April 1, 2023, any company that uses accounting software to maintain their books of account must ensure that the software they use has certain features.
- Specifically, the software should record an audit trail for every transaction and create an edit log for each change made in the books of account, including the date of the change. It’s also important that the audit trail feature is not disabled.
- It is the responsibility of the management of the company to ensure compliance with these requirements. This includes identifying the records and transactions that constitute the books of account, identifying the accounting software used for creating and maintaining the books of account, ensuring that the software has the audit trail feature and that it captures changes for every transaction, ensuring that the audit trail feature is always enabled, and ensuring that it is protected and retained as per statutory requirements.
- Furthermore, the company must have adequate and effective controls in place to maintain and monitor the audit trail throughout the reporting period.
- The management must evaluate and assess the effectiveness of the company’s procedures for complying with the requirements prescribed for audit trails, and any control deficiencies must be communicated to the audit committee.
- During the audit, the auditors will review and test the samples related to the disablement of the audit trail facility of the accounting software.
- They will also identify any instances of fraud resulting in a material misstatement to the company’s financial statements that may be associated with the disablement of the audit trail feature.
- It’s worth noting that these requirements apply to all companies, regardless of their type, including private, public, one person company (OPC), section 8 or foreign companies.
- In order to demonstrate compliance, companies must design and implement specific internal controls, predominantly IT controls, which will be evaluated by the auditors as appropriate.
2. Location of Software: The accounting software used for maintaining books of account may be hosted and maintained in India or outside India, on-premise or on cloud, or subscribed to as Software as a Service (SaaS) software. Any software used to maintain books of account anywhere is covered within the ambit of the Rule.
3. Preservation of Audit Trails: The management is responsible for the safe custody and preservation of books of account and audit trails for a minimum period of 8 years, effective from April 1, 2023. In case of an investigation ordered under Chapter XIV, the Central Government may direct that the books of account be kept for a longer period as deemed fit.
4. Penalties for Non-Compliance: If the managing director, whole-time director in charge of finance, Chief Financial Officer, or any other person charged by the Board with the duty of complying with the provisions of this section, contravenes such provisions, they shall be punishable with a fine of not less than Rs. 50,000 but which may extend to Rs. 5,00,000.
In summary, the management of a company is responsible for the effective implementation of the requirements prescribed by account rules, including the maintenance of audit trails. They must ensure that the accounting software used has an audit trail feature that is not disabled, and that the audit trail is appropriately protected, retained, and monitored throughout the reporting period. Non-compliance with these provisions may result in penalties.