IndiaFilings » Learn » Compliance » Internal Audit Applicability Under Companies Act, 2013

Internal Audit Applicability Under Companies Act, 2013

Internal audit applicability

Internal Audit Applicability Under Companies Act, 2013

Internal audit applicability is a critical concept for companies in India, impacting various aspects of their operations. The Companies Act 2013 outlines the rules and regulations determining which companies must have an internal audit function. This ensures strong internal controls, promotes company compliance with regulations, and protects stakeholders’ interests. Appointing an internal auditor involves selecting a qualified professional, typically a Chartered Accountant (CA) or someone with a Certified Internal Auditor (CIA) certification who meets the company’s specific needs and process outlined by the Companies Act, 2013. This article elaborates on the internal audit applicability and the role, qualification, and procedure of an internal auditor appointment. 

IndiaFilings provides compliance services for all types of companies with expert assistance!!

Get Started!

What is an Internal Audit?

The Companies Act 2013 mandates (or recommends) internal audits for certain companies in India. These are independent assessments by qualified professionals who evaluate a company’s internal controls, risk management, and overall governance. They involve reviewing financial processes, identifying weaknesses, and suggesting improvements. Internal audits ensure compliance, prevent fraud, and promote transparency. They strengthen a company’s financial health, build trust with stakeholders, and avoid potential penalties for non-compliance.

Scope of an Internal Audit

While Section 138(2) of the Companies Act empowers the central government to dictate internal audit frequency and reporting procedures, the specific scope isn’t explicitly defined in Rule 13. Rule 13 mandates that the company’s audit committee work with the internal auditor to determine the scope, functioning, periodicity, and methodology for conducting internal audits. This ensures the internal audit addresses the organization’s most critical areas while aligning with the internal auditor’s expertise and experience.

Internal Audit Applicability – Who should appoint an Internal Auditor?

As per the provisions of Section 138 of the Companies Act, 2013, with rule 13 of the Companies (Accounts) Rules, 2014, specific organizations or companies have an internal audit applicability under the Companies Act 2013. Below, we have given those companies that must appoint an internal auditor, 

  • All Listed Companies: Every company listed on a stock exchange in India is required to have an internal audit function.
  • Unlisted Public Companies: Unlisted public companies meeting any of these criteria during the previous financial year also need an internal audit:
    • Turnover of ₹200 Crore or more.
    • Paid-up share capital of ₹50 Crore or more.
    • Outstanding loans/borrowings exceeding ₹100 Crore from banks/financial institutions at any point.
    • Outstanding deposits exceeding ₹25 Crore at any point.
  • Internal audit applicability for Private Companies: Private companies meeting any of the following criteria in the preceding financial year can do the internal audits:
    • Turnover of ₹200 Crore or more.
    • Outstanding loans/borrowings exceeding ₹100 Crore from banks/financial institutions at any point.

Note: Even if your company doesn’t fall under the mandatory criteria, an internal audit function can offer significant benefits, such as improved risk management, better compliance, and enhanced stakeholder trust.

The table below concisely captures the companies and their criteria for internal audit applicability, 

Company Type Criteria for Internal Audit Applicability
Listed Companies Every company listed on a stock exchange in India
Unlisted Public Companies
  • Turnover of ₹200 Crore or more during the previous financial year 
  • Paid-up share capital of ₹50 Crore or more during the previous financial year
  • Outstanding loans/borrowings exceeding ₹100 Crore from banks/financial institutions at any point 
  • Outstanding deposits exceeding ₹25 Crore at any point
Private Companies
  • Turnover of ₹200 Crore or more during the previous financial year
  • Outstanding loans/borrowings exceeding ₹100 Crore from banks/financial institutions at any point

What is the Role of an Internal Auditor?

The following roles and responsibilities are required to be done by the appointed internal auditor in an organization,

  • Independent Assessments: Internal auditors thoroughly review a company’s financial and operational processes, risk management practices, and adherence to regulations. This independent perspective helps identify potential weaknesses or areas for improvement.
  • Reporting and Recommendations: Their findings are documented in audit reports presented to the Board of Directors or the Audit Committee. These reports gives valuable insights and suggestions for corrective actions, ensuring appropriate follow-through on identified issues.
  • Fraud Detection and Prevention: They play a crucial role in safeguarding the company’s assets by detecting and preventing fraudulent activities. They investigate suspicious activity and assess internal controls, recommending measures to strengthen anti-fraud mechanisms.
  • Financial Accuracy and Compliance: Internal auditors meticulously examine financial transactions and records. They verify accuracy, completeness, and adherence to accounting standards and regulatory requirements, helping ensure the company’s financial statements are reliable and compliant.

Also read: Types of Internal Audit

What are the Qualifications for Internal Auditor?

The Companies Act 2013 doesn’t prescribe a specific educational background for internal auditors in India. However, Section 138 emphasises the importance of internal audits for specific company categories. 

  • Chartered Accountant (CA): This qualification is widely recognised and emphasises skills valuable for internal auditing, such as accounting and financial expertise.
  • Cost Accountant (CMA): Cost accountants possess expertise in cost management, which can benefit internal audits.
  • Certified Internal Auditor (CIA): Offered by the Institute of Internal Auditors (IIA), the CIA certification demonstrates specialised knowledge and skills in internal auditing practices.
  • Internal Employees: As per Rule 13, Companies (Accounts) Rules, 2014, Companies can appoint a qualified employee with relevant experience to serve as the internal auditor.
  • Statutory Auditor: A statutory auditor cannot be an internal auditor as per Section 144(b) of the Corporations Act 2013.

How to appoint an Internal Auditor?

Appointing a qualified internal auditor is crucial for any company subject to the requirements of the Companies Act 2013. Here are brief step-by-step instructions for an appointment of an internal auditor, 

1. Selecting a Qualified Candidate:

  • Ensure the chosen candidate meets the eligibility criteria outlined in the Companies Act, which we have already discussed in the qualification section. 
  • Obtain written consent from the chosen individual confirming their willingness to be appointed as the internal auditor.

2. Board Meeting:

  • Schedule a meeting with the board of directors to discuss and formally approve the internal auditor’s appointment.

3. Documentation and Filing:

  • Within 15 days of the board meeting, prepare a draft of the comments made during the meeting regarding the appointment.
  • Once finalised, create a certified copy of the order issued by the board officially appointing the chosen individual as the internal auditor.

4. Form MGT-14 Filing:

  • File Form MGT-14 with the Registrar of Companies (ROC) within 30 days of the board meeting. This form, mandated under Section 117 of the Companies Act, formally notifies the ROC of the internal auditor appointment. Remember to include the prescribed fee with the submission.

5. Appointment Letter:

  • Issue a formal appointment letter to the newly appointed internal auditor outlining their responsibilities, terms of engagement, and any other relevant details.

Learn more: Appointment of an Internal auditor

Penalties for Non-compliance with Internal audits

The Companies Act 2013 has no specific penalty section for non-compliance with internal audits mandated under Section 138. However, Section 450 applies in such cases.

  • The company and any officer deemed responsible for non-compliance can be penalized.
  • The initial penalty can be up to ₹10,000.
  • If the non-compliance continues, an additional fine of ₹1,000 can be levied for each additional day.
  •  Offences under Section 450 are compoundable. This means the company can approach the relevant authority and settle the penalty without going to court.


Understanding internal audit applicability under the Companies Act 2013 is crucial for Indian companies. It ensures internal controls, promotes regulatory compliance and protects stakeholder interests. While some companies are mandated to have internal audits, even those not explicitly required can benefit significantly. A qualified internal auditor provides independent assessments, identifies risks, recommends improvements, strengthens financial health, builds trust, and safeguards against potential issues.

Comply with regulations laid down by the Companies Act 2013 with IndiaFilings experts!!

Get Started!