MCA has mandated audit trail for all accounting software
Notification from the Ministry of Corporate Affairs
“Provided that for the financial year commencing on or after the 1st day of April, 2021, every company which uses accounting software for maintaining its books of account, shall use only such accounting software which has a feature of recording audit trail of each and every transaction, creating an edit log of each change made in books of account along with the date when such changes were made and ensuring that the audit trail cannot be disabled.”
It appears to be a very good move to ensure that compliances are followed. It also provides owners/business managers with greater control over their accounting practises and assurance that their books are up to date and unaltered.
However, it appears to be lacking in implementation.
1st of April, 2021
It is impossible for businesses to switch to new software overnight. Those who have gone through the agony of changing software will understand that it can take months to adjust to a new system.
Even modifying existing software to meet audit trail requirements can take months to develop, test, and deploy.
The Ministry has jurisdiction of over 20,00,000 entities.
When there are thresholds in place for GST and tax audits, it makes sense to have an entry level criteria for the audit trail requirement.
Audit Trail’s Characteristics
The notification does not specify how the audit trail’s integrity will be preserved. Audit trail in locally run software can be easily tampered using a simple feature of changing your PC system date and time. Local PC software users would have access to the log files and can edit with readily available tools, defeating the purpose.
Implementing a tamper-proof locally maintained audit trail would be a challenge.
Cloud based software provide a more reliable audit trail because users do not have access to raw backend data and cannot tamper with any software-related data.
Some of these concerns, hopefully, will be addressed in the near future.
The views expressed are the author’s personal views and do not represent the views of the organisation for which the author represents or is affiliated.