Audit Trail Requirements – A Quick Overview


With effect from 1 April 2023, the Ministry of Corporate Affairs (MCA) has made it mandatory for all companies to maintain an audit trail throughout the year for transactions impacting the books of account of the Company.

This requirement is applicable to:

  • all Companies maintaining its books in electronic form.
  • all classes of Companies including foreign, small, OPC and Section 8 companies.

The initial circular in this regard laying down the requirement to enable the “audit trail feature” was issued on 24 March 2021 and was deferred twice before finally becoming applicable for periods beginning 1 April 2023.

Requirements for the Company

Rule 3(1) of the Companies (Accounts) Rules, 2014 mandates every company which uses an accounting software i.e. maintaining its books in electronic form to use such an accounting software which has atleast the following features:

  • Records audit trail of each and every transaction throughout the year
  • Creates an edit log of every change along with other relevant details such as date of each such change
  • Ensures that audit trail is not disabled.

Requirements for the auditors

Rule 11(g) of the Companies (Audit and Auditors) Rules, 2014 states that an auditor is required to report that the Company has maintained such an accounting software for maintaining its books of accounts which has:

  • An edit log feature- which records audit trail
  • The Audit trail feature:
    1. has been operating throughout the year for each and every transaction
    2. has not been tampered with
  • Audit trail has been preserved as per the regulatory/ statutory requirement

Additional considerations for the Company and the Auditors

  • The Company has to identify the ‘books of accounts’ as per the Companies Act, 2013 including identification of accounting software including peripheral software that should have an audit trail feature.
  • Third party software or outsourced software supported by third party is also covered in the scope.
  • The auditors would now need to obtain a specific management representation that the Audit trail requirements have been implemented and operating effectively.
  • The auditors would also need to assess impact on their reporting on Internal Financial Control (IFC) under Rule 11(g).
  • The management would also need to ensure additional storage requirements including infrastructure related requirements.
  • Laying down the mechanism of maintaining logs, without editing or disabling it and analysing / maintaining regularly based on such logs.


Author : Puneet Sharma

Leave a Reply