Image Alt Text

ICAI Allows Use of Electronic Signatures for Signing Audit Reports and Certificates

The outbreak of COVID-19 compelled the government to impose lockdowns, self-quarantine, travel bans, and social distancing measures to contain its further spread.

This changed the way of working for both businesses and accounting professionals. Although such measures were necessary, it posed challenges for the auditors to access the client locations in order to obtain appropriate audit evidence which is the backbone of the audit process.

To help chartered accountants carry out a quality audit, with proper compliance to the auditing standards, the Institute of Chartered Accountants of India (ICAI) took a number of initiatives for its members enabling them to carry out their duties and responsibility seamlessly.

The very purpose of the audit is to formulate an independent opinion on the financial statements of the entity audited. Giving a true and fair view about the audited financial statements makes them credible to be used for information by various stakeholders.

Thus, to help auditors undertake quality audits and issue audit reports and certificates, ICAI made an announcement calling the attention of its members for using an electronic signature for signing audit reports and certificates.

This is in addition to the guidelines issued by ICAI on on ‘Impact of Coronavirus on Financial Reporting and Auditing of Financial Statements’ earlier.

Signature of the Auditor as per SA 700

SA 700 – Provisions Regarding Physical Signature

According to SA 700 (Revised) – ‘Forming an Opinion and Reporting on Financial Statements’, the auditor’s report must be signed.

Furthermore, such a report is signed by the auditor, also known as an engagement partner, in his personal name. In cases where the firm is appointed as the auditor, the audit report is signed both in the personal name of the auditor as well as in the name of the auditing firm.

In addition to putting the signatures, the partner/proprietor signing the audit report also needs to specify the membership number so provided by ICAI.

Finally, wherever applicable, the auditors also provide the registration number of the firm in the audit reports signed by them.

SA 700 (Revised) – Provisions Regarding Electronic Signature

Prior to the pandemic, audit reports as mentioned in SA 700 were signed physically by the auditors. With the travel bans making it challenging for the auditors to access client locations post-pandemic, signing of the audit reports physically became a challenge.

Therefore, ICAI made an announcement specifying one of the provisions of SA 700 (Revised) allowing auditors to use electronic signatures in the audit reports in certain cases.

In addition to this, the announcement included provisions as specified in the IT Act, 2000, and Indian Evidence Act, 1872, concluding that auditors can use electronic signatures for authentication of various documents.

Let’s have a look at the provisions regarding the use of electronic signatures as included in the above-mentioned Acts.

Provisions Regarding Use of Electronic Signature for Authentication of Electronic Documents as per IT Act, 2000

Electronic Signature Definition

As per section 2(ta), electronic signature refers to the authentication of electronic records by the subscriber via an electronic technique as specified in Second Schedule including a digital signature.

Section 3(A): Electronic Signature

  • The subscriber can authenticate electronic documents via electronic signature or electronic authentication technique only if:
  • It is reliable and
  • Specified in the Second Schedule
  • The Electronic Signature or Electronic Authentication Techniques shall be treated reliably only if:
  • The signature creation data or authentication data are linked to the signatory or authenticator and not to any other person
  • Signature creation data or authentication data are under the control of the signatory or the authenticator at the time of signing and not any other person.
  • Any changes to the electronic signature after putting such signatures on the electronic records are detectable.
  • Any changes in the information made after its authentication by electronic signature are detectable.
  • Such a signature must satisfy conditions as prescribed by the law.
  • The central government may layout the process for determining that electronic signature affixed on the document is of the person who should be authenticating or signing such a document.
  • The Central Government holds the right to add or omit any electronic signature or electronic authentication technique as well as the process for putting such signatures on the document from the Second Schedule via a notification in the official gazette. Provided no electronic signature or the authentication technique shall be specified in the Second Schedule unless it is reliable.
  • All the notices issued under the point above shall be laid before each house of parliament.

Section 4: Legal recognition of Electronic Documents

There can be circumstances where a law provides that information or any other matter must be in writing, typewritten, or printed form. Such a law would be considered to be satisfied if such information or matter is:

  • Made available in electronic format
  • Is accessible so that it can be used for later reference

Section 5: Legal recognition of Electronic Signatures

There can be circumstances where, as per law, information or any other matter must be authenticated via putting the signature or bearing the signature of any person.

Such a law would be deemed to have been satisfied if such information or matter is authenticated via affixing the electronic signature as specified by the Central Government.

Provisions Regarding Use of Electronic Signature for Authentication of Electronic Documents as per the Indian Evidence Act, 1872

Section 3: Interpretation Clause

As per this section, Evidence means and includes:

  • All statements that the court allows or requires the witnesses to make before it in reference to matters under inquiry. These statements are called oral evidence.
  • All documents together with electronic records presented for inspection of the court. These documents are called documentary evidence.

Section 47(A): Opinion With Regards to Digital Signature Where Relevant

There are situations where the court has to give an opinion in respect of the electronic signature of a particular person.

In such cases, the opinion of the Certified Authority which has issued the electronic signature certificate is deemed as the relevant fact.

Section 57(A): Proof As To Electronic Signature

Where the electronic signature of the subscriber is put on the electronic records, the fact that the electronic signature is one of the subscriber needs to be proved. This does not apply to the cases where the electronic signature so affixed is a secure electronic signature.

Thus, given the provisions of both the Acts mentioned above, it is concluded that auditors are now allowed to use electronic signatures for authenticating various documents.

Therefore, members of ICAI can use an electronic signature for signing:

  • Audit reports
  • Reports issued pursuant to any attestation engagement
  • Certificates

This comes with a caveat that the auditors must comply with the provisions in respect of the electronic signature as specified in the law, standards on auditing, and relevant announcements made by ICAI on this matter including the need to mention the UDIN.

It must be noted that specifying UDIN applies both to the manual and digitally signed reports. This also includes the Certificates uploaded online.