Harun Raaj & AssociatesHarun Raaj & Associates
audit

Section 143 & CARO 2020: What Every Statutory Auditor Must Verify and Report

Section 143 of the Companies Act 2013 mandates statutory audit for all companies above threshold limits. CARO 2020 (Companies Auditor's Report Order) prescribes 49 specific matters auditors must examine and report on. This post breaks down the core verification requirements every CA must follow.

CH

CA Harun Raaj

Chartered Accountant · Harun Raaj & Associates

Section 143: The Statutory Audit Mandate

Section 143 of the Companies Act 2013 requires companies to appoint a statutory auditor to examine financial statements and report on their truth and fairness. But the law does not stop at the balance sheet. The Auditor's Report Order, 2020 (CARO 2020) expands the auditor's responsibility into 49 specific areas that must be verified and disclosed.

Understanding these requirements is not optional--it is the backbone of compliant audit practice.

What Section 143(3) Requires in the Auditor's Report

Section 143(3) states the auditor must report on whether the financial statements give a true and fair view. But CARO 2020 extends this. The auditor must now:

  • Verify whether the company maintains adequate internal financial controls over financial reporting
  • Examine if those controls are effective
  • Report on the efficacy of internal controls

This is not an opinion--it is a mandatory finding under paragraph 3(xi) of CARO 2020.

The 49 CARO 2020 Verification Points: Core Areas

CARO 2020 requires auditors to examine and report on matters grouped under several heads:

Fixed Assets and Property

Paragraph 3(i): The auditor must verify that the company has maintained proper records for fixed assets. You must physically inspect a sample, check existence, and ensure the books match the ground reality. Many auditors skip this; CARO 2020 makes it mandatory.

Inventory

Paragraph 3(ii): Verify that inventories have been physically verified during the year. Check the frequency, the procedures, and whether discrepancies were properly investigated. For companies dealing in perishable goods, the auditor must assess whether the verification method is reasonable.

Loans and Advances

Paragraph 3(iii): Examine all loans and advances granted by the company. This includes loans to employees, related parties, and third parties. You must verify:

  • Whether loans were granted in accordance with the company's bylaws
  • Whether proper documentation exists
  • Whether interest (if applicable) has been charged and recovered
  • Whether any loan to a director was sanctioned by the Board and disclosed in the financial statements

Deposits from Public

Paragraph 3(iv): If the company has accepted public deposits, verify that they comply with Section 73 of the Companies Act 2013. Check whether proper registers are maintained, interest is paid on time, and the company is not in default.

Related Party Transactions

Paragraph 3(v): This is one of the most critical areas. Verify that all related party transactions were:

  • Identified correctly
  • Authorized by the Audit Committee (in listed companies and those with certain turnover thresholds)
  • Disclosed in the Financial Statements (in Schedule 17)
  • Priced at arm's length (if transfer pricing is required under the Income Tax Act)

Directors' Remuneration and Loans

Paragraph 3(vii): Examine whether remuneration to directors complies with Section 197 of the Companies Act 2013. Verify that:

  • No director was paid remuneration exceeding limits set by the Articles
  • No loans were given to directors except as permitted
  • All required Board approvals were obtained

Deposits and Investment of Funds

Paragraph 3(viii): If the company has accepted deposits from directors or members, verify compliance with Section 73. If money was invested, check whether it was done as per Board resolutions and whether it generated adequate returns.

Internal Financial Controls

Paragraph 3(xi): This is mandatory for all companies. The auditor must evaluate whether the company has:

  • Identified financial reporting risks
  • Designed and implemented controls to mitigate those risks
  • Monitored and tested those controls during the financial year
  • Documented the internal control framework

You cannot simply audit transactions; you must audit the system that generates those transactions.

Fraud and Irregularities

Paragraph 3(xxiii): The auditor must inquire and report on whether:

  • Any director, manager, or key managerial personnel was involved in any act of fraud or breach of duty
  • Any fraud was detected that caused loss to the company

This does not make the auditor a detective, but it requires appropriate inquiry procedures.

GST Compliance

Paragraph 3(xxiv): Verify that the company has:

  • Paid GST on time
  • Filed returns correctly
  • Claimed ITC properly
  • Not been found liable for unauthorized ITC claims

Banking and Statutory Compliance

Paragraphs 3(xii) to 3(xxii): The auditor must verify compliance with:

  • Borrowing limits (Section 180(1)(d))
  • Investments in other companies (Section 186)
  • Acquisition of shares (Section 68)
  • Maintenance of statutory registers
  • Dividend distribution
  • Cost audit and secretarial audit (where applicable)

The Reporting Format: Form CRA

All CARO 2020 findings must be reported in the prescribed format. For most companies, this is done through a separate Annexure to the Auditor's Report. Some findings require qualification in the main audit opinion; others are disclosed as informatory.

Critical violations (such as failure to maintain adequate books of account or evidence of fraud) can result in an adverse or qualified opinion.

Common Pitfalls Auditors Make

Checkbox Compliance: Many auditors treat CARO 2020 as a checklist to be ticked off. This exposes both the auditor and the company to regulatory action.

Sample Size Without Logic: Verifying 5 invoices out of 1,000 is not sufficient. Use a risk-based sampling approach.

Ignoring Related Party Transactions: Never assume management disclosures are complete. Trace transactions to board minutes and financial statements.

Weak Internal Control Evaluation: Do not rely on management representations. Test the controls yourself.

The Auditor's Liability

Section 143 audit is not a courtesy service. The auditor's report is relied upon by shareholders, lenders, regulators, and the public. A failure to perform adequate verification under Section 143 and CARO 2020 can expose the auditor to:

  • Disciplinary action by the Institute of Chartered Accountants of India (ICAI)
  • Civil liability to the company and shareholders
  • Criminal prosecution under the Companies Act 2013

Bottom Line

Section 143 and CARO 2020 are not theoretical frameworks--they are enforceable requirements. Every finding, every verification, every report must be rooted in evidence and professional skepticism.

The auditor who takes shortcuts pays the price when regulators come calling.

I'm CA Harun Raaj, Visakhapatnam. Reach out to discuss audit compliance or Section 143 verification challenges.

Topics:Section 143CARO 2020statutory auditCompanies Act 2013auditor dutiescompliance

Need help with this?

Our team handles the paperwork. You focus on your business.