Prakhar Softech Services Ltd.

CENTRAL BOARD OF INDIRECT TAXES AND CUSTOMS

GOODS AND SERVICES TAX AUDIT MANUAL 2019


GSTAM-2019


Directorate General of Audit

TABLE OF CONTENTS

S. No.

Chapter No.

Item

Pages

from

to

1

 

FOREWORD

3

5

2

1

Introduction and Legal Authority

6

10

3

2

Objectives and Principles of audit

11

15

4

3

Management of GST audit

16

26

5

4

Selection of registered persons for audit

27

31

6

5

Audit - Preparation and Verification

32

47

7

6

Preparation of audit report & follow up

48

52

8

GSTAM - Annexure I

Registered Person’s Master File

53

58

9

GSTAM - Annexure II

GST AD01 - letter of intimation for conduct of audit

59

59

10

GSTAM - Annexure III

Documents required for Desk Review

60

68

11

GSTAM - Annexure IV

Ratio Analysis of Database

69

73

12

GSTAM - Annexure V

Comparative Chart of items from Financial Statement/Returns

74

77

13

GSTAM - Annexure VI

Questionnaire for review of internal control and walkthrough

78

94

14

GSTAM - Annexure VII

Audit Plan

95

97

15

GSTAM - Annexure VIII

Working Papers

98

114

16

GSTAM - Annexure IX

Verification of Records/Registers during conduct o audit

115

127

17

GSTAM - Annexure X

Format of letter to be written by the Registered Person u/s 73 (6) of CGST Act, 2017

128

128

18

GSTAM Annexure XI

GST ADT 02- communicating the audit report to the registered person

129

129

19

GSTAM - Annexure XII

List of Local Risk Parameters

130

131

20

GSTAM - Annexure XIII

Check List for audit of Traders

132

135

21

GSTAM - Annexure XIV

Check List for audit of Composite Dealers

136

137


Government of India
Department of Revenue
Central Board of Indirect Taxes & Customs
Directorate General of Audit

Foreword

It is indeed a great pleasure to provide the GST Audit Manual 2019, after approval by the Board. As you are aware, GST regime commenced w.e.f 1st July 2017. However, the audits under GST had been put on hold primarily for the reason so that the database of returns including Annual Return is available for one full accounting period.

2. The Board vide its letter F. No. 221/03/2013 - CX 6 dated 30th August 2018 requested this Directorate General to prepare a manual on Audit in GST for the consideration of the Board. Accordingly, a committee consisting of officers from the zonal units of this Directorate General and other officers from the Headquarters was constituted to get feedback on the proposed audit manual from the Audit Commissionerates in their jurisdiction. Inputs were also informally obtained from GSTIN for the manual.

3. I would like to emphasize that the manual does not deal with legal interpretations and rulings on GST matters. Future changes in the CGST ACT 2017 and the Rules made thereunder, administrative policies and procedures may require changes to this manual. Experience gained during the conduct of audit would also necessitate periodic updating of the manual to maintain its utility.

Some of the highlights of GSTAM, 2019 are as under:-

i. Formation of Audit Commissionerates and Cadre Restructuring has brought new designations and roles of officers. Hence necessary changes have been carried out with regard to the designations like Principal Chief Commissioner and Principal Commissioner and the new roles and responsibilities of the officers of Executive Commissionerate and Audit Commissionerate. These have been suitably incorporated.

ii. The norms for selection of units for conducting audit were revised effecting a paradigm shift in the existing criterion for selection of units based on amount of duty paid to total turnover. The new norms include, selection of units based on risk parameters, days for audits and formation of audit parties. These have been incorporated in this manual. Role of DGARM in running the Risk Analysis Programme has been emphasised

iii. The audit process beginning from the Assessee Master File, desk review, revenue risk analysis, trend analysis, gathering of information, evaluation of internal controls, scrutiny of annual financial statement, audit plan, audit verification, working papers, apprising the Taxpayer about irregularities noticed and ending with suggestions for future compliance have been streamlined and brought under one chapter. The repetitions in the earlier audit manuals have been removed.

iv. Separate Annexures have been prepared containing detailed verification checks pertaining to GST. The annexures have been developed in consultation with field formations which also include capturing the results of Desk Review. The annexures containing lengthy information to be filled in by taxpayers have been discontinued.

4. Due care has been taken in drafting the GSTAM, 2019 and suggestions and feedbacks received from field formations and Zonal Units of this Directorate General were extensively deliberated and suitably incorporated.

However, the possibility of minor inaccuracies and errors creeping in the Manual cannot be ruled out, especially in view of the fact that a small team of officers in the Headquarters under the able guidance of Shri Chetan Kumar Jain, Additional Director General and Shri R. K. Kapur, Assistant Director were entrusted with this onerous task.

Feedback, inputs and suggestions pertaining to this manual may be provided to the zonal units of this Directorate General.

(ARCHANA PANDEY TIWARI)
Principal Director General

New Delhi
July 2019

CHAPTER 1
INTRODUCTION & LEGAL AUTHORITY

1. Purpose:

1.1 The purpose of this manual is to outline the principles and policies of audits conducted under the CGST ACT, 2017 and the Rules made there under. Guidelines provided herein are intended to ensure that the audit of taxpayers is carried out in a uniform, efficient and comprehensive manner, adhering to the stipulated principles and policies and as per best international practises.

1.2 Provisions of CGST Act, 2017 for Audit:-

Section 2(13) of the CGST Act, 2017, defines ‘Audit’ as “the examination of records, returns and other documents maintained or furnished by the registered person under this Act or Rules made thereunder or under any other law for the time being in force to verify, inter alia, the correctness of turnover declared, taxes paid, refund claimed and input tax credit availed, and to assess his compliance with the provisions of this Act or rules made thereunder”.

Accordingly, ‘Audit’ implies –

(a) Detailed examination of

i. records,

ii. returns and

iii. other documents -

maintained / furnished by a registered person, under GST law/any other law or rules;

(b) For verification of correctness of -

(i) turnover declared;

(ii) taxes paid;

(iii) refund claimed;

(iv) input tax credit availed; and

(v) assessment of compliances with provisions of GST law and rules.

Thus, GST audit is not only for reconciliation of tax liability and payment thereof but, it also encompasses the verification of compliance of the provisions of the GST Acts, laws etc. by a registered person.

Relevant Statutory Provisions:

A) General Audit: Audit by tax authorities

Sec. 65 of CGST Act, 2017:

(1) The Commissioner or any officer authorized by him, by way of a general or a specific order, may undertake audit of any registered person for such period, at such frequency and in such manner as may be prescribed.

(2) The officers referred to in sub-section (1) may conduct audit at the place of business of the registered person or in their office.

(3) The registered person shall be informed by way of a notice not less than fifteen working days prior to the conduct of audit in such manner as may be prescribed.

(4) The audit under sub-section (1) shall be completed within a period of three months from the date of commencement of the audit:

Provided that where the Commissioner is satisfied that audit in respect of such registered person cannot be completed within three months, he may, for the reasons to be recorded in writing, extend the period by a further period not exceeding six months.

Explanation.––For the purposes of this sub-section, the expression “commencement of audit” shall mean the date on which the records and other documents, called for by the tax authorities, are made available by the registered person or the actual institution of audit at the place of business, whichever is later.

(5) During the course of audit, the authorised officer may require the registered person,—

(i) to afford him the necessary facility to verify the books of account or other documents as he may require;

(ii) to furnish such information as he may require and render assistance for timely completion of the audit.

(6) On conclusion of audit, the proper officer shall, within thirty days, inform the registered person, whose records are audited, about the findings, his rights and obligations and the reasons for such findings.

(7) Where the audit conducted under sub-section (1) results in detection of tax not paid or short paid or erroneously refunded, or input tax credit wrongly availed or utilised, the proper officer may initiate action under section 73 or section 74.

C) Provision for access to business premises and records of taxpayer for Audit:

Sec. 71 of CGST Act, 2017

(1) Any officer under this Act, authorized by the proper officer not below the rank of Joint Commissioner, shall have access to any place of business of a registered person to inspect books of account, documents, computers, computer programs, computer software whether reinstalled in a computer or otherwise and such other things as he may require and which may be available at such place, for the purposes of carrying out any audit, scrutiny, verification and checks as may be necessary to safeguard the interest of revenue.

(2) Every person in charge of place referred to in sub-section(1) shall, on demand, make available to the officer authorized under sub-section(1) or the audit party deputed by the proper officer or a cost accountant or chartered accountant nominated under section 66

i. such records as prepared or maintained by the registered person and declared to the proper officer in such manner as may be prescribed;

ii. trial balance or its equivalent;

iii. statements of annual financial accounts, duly audited, wherever required;

iv. cost audit report, if any, under section 148 of the Companies Act, 2013;

v. the income-tax audit report, if any, under section 44AB of the Income-tax Act,1961;and

vi. any other relevant record.

for the scrutiny by the officer or audit party or the chartered accountant or cost accountant within a period not exceeding fifteen working days from the day when such demand is made, or such further period as may be allowed by the said officer or the audit party or the chartered accountant or cost accountant.

D) Prescribed Rules for Audit:

Rule 101 of The Central Goods And Service Tax Rules, 2017:

(1): The period of audit to be conducted under sub-section (1) of section 65 shall be a financial year or part thereof or multiples thereof.

(2): Where it is decided to undertake the audit of a registered person in accordance with the provisions of section 65, the proper officer shall issue a notice in FORM GST ADT-01 in accordance with the provisions of sub-section (3) of the said section.

(3): The proper officer authorised to conduct audit of the records and the books of account of the registered person shall, with the assistance of the team of officers and officials accompanying him, verify the documents on the basis of which the books of account are maintained and the returns and statements furnished under the provisions of the Act and the rules made thereunder, the correctness of the turnover, exemptions and deductions claimed, the rate of tax applied in respect of the supply of goods or services or both, the input tax credit availed and utilised, refund claimed, and other relevant issues and record the observations in his audit notes.

(4): The proper officer may inform the registered person of the discrepancies noticed, if any, as observed in the audit and the said person may file his reply and the proper officer shall finalise the findings of the audit after due consideration of the reply furnished.

(5): On conclusion of the audit, the proper officer shall inform the findings of audit to the registered person in accordance with the provisions of sub-section (6) of section 65 in FORM GST ADT-02.

E) Maintenance of Accounts and Records: Section 35 of CGST Act, 2017 read with Rule 56 of CGST Rules 2017 provides for maintenance of accounts and records by registered person. Further Section 36 of CGST Act and Rules 57 and 58 of CGST Rules may also be referred in this regard.

1.3 Calling for documents from the Registered Taxpayer: The auditor shall intimate the date of conduct of audit by writing a letter in form GST ADT-01 (Annexure II) atleast fifteen days prior to the conduct of audit and also request for providing records / documents which are necessary for conducting audit. In case the Registered Person does not respond to the letter, a reminder should be issued within reasonable time. In case the registered person is not volunteering to submit the same on the basis of letters issued by the auditor, another letter should be issued giving details of penal provisions contained in Section 122, 123 and 125 of the CGST Act, of not complying with the request of the department to facilitate conduct of Audit. However, in case the Registered Person fails to comply then action under above sections of CGST Act may be taken and a self-contained note may be sent to the Executive Commissionerate for taking appropriate/necessary action against the Registered Person. Further the details of such registered persons should be forwarded to the respective zonal units of Directorate General of Audit for inclusion in the Risk Parameters, so that in future the said person may be identified for audit on priority. Details of said person may also be provided to the concerned authorities to downgrade his GST compliance ratings.

*****************

CHAPTER 2
OBJECTIVES & PRINCIPLES OF AUDIT

2.1 The objective of audit of taxpayers is to measure the level of compliance of the taxpayer in the light of the provisions of the CGST Act 2017 and the rules made there under.

2.1.1 Audit examines the declarations of taxpayers to not only test the accuracy of the declaration and the accounting systems that produce the declared liability, but also evaluate the credibility of the declared or assessed tax liability. The taxpayer’s anticipation of such actions has preventive and deterrent effects. The deterrent effect is the extent to which audit actions discover and stop taxpayers from continuing to under-declare or manipulate their tax liability. The preventive effect is the extent to which registered persons decide not to evade tax, because they are aware of audit activity and fear of detection by the tax auditors.

2.1.2 An effective audit program generally results in the discovery of under-declared liabilities either by omission, error or deliberate deception. The amount of additional revenue raised depends not only on the level of compliance by the taxpayers, but also on the effectiveness of the auditors and the audit planning and implementation. An efficient and effective audit system will assist the government in its pursuit of increasing taxpayer’s voluntary compliance and facilitate the tax administration’s aim of getting "the right tax at the right time."

2.2 Principles of audit:

The basic principles of audit are -

i. Conducting audit in a systematic and comprehensive manner.

ii. Emphasis on the identified risk areas and scrutinizing the records maintained in the normal course of business.

iii. Applying audit techniques on the basis of materiality i.e. degree of scrutiny and application of an audit tool depending upon the identified nature of risk factors.

iv. Proper recording of all checks and findings made during the entire audit.

v. Identifying the unexplored compliance verification parameters.

vi. Educating the taxpayer for voluntary compliance.

2.3 General Guidelines for Auditor:

While conducting audit, the auditors are required to keep in view, the prevalent trade practices, the economic realities as also the industry and business environment in which the Registered person operates. Therefore, the auditor should take a balanced and rational approach while conducting the audit. Besides, the auditor is expected to play a key role in promoting voluntary compliance by the Registered persons. During the course of the audit, if certain technical infractions, without any revenue implications, arising due to bona fide oversight or ignorance of the Registered person, are noticed, the Registered person should be guided for immediate correction. Such cases should also be mentioned in working papers. An auditor is responsible for conduct of audit and should endeavour to take a final view on all issues raised by him during the audit. The working papers for each of the step of audit should be filled in as soon as that step is completed. They should be ‘speaking documents’ that clearly explain why a particular area was included in the audit plan as well as the basis for arriving at every objection that goes into the draft audit report after audit verification. The documentary evidence which has been relied upon in arriving at certain conclusion should invariably be cited and included.

Verification of records mandated by the statute is necessary to check the correctness of assessment and payment of tax by the registered person in the present era of self-assessment. In keeping with the principles of audit outlined above, audit has to be conducted in a transparent and systematic manner with focus on business records of the registered person and according to the audit plan for each registered person.

2.4 Confidentiality should be maintained in respect of sensitive and confidential information furnished to an auditor during the course of audit.

All records submitted to the audit parties in an electronic or manual format, should be used only for verification of levy of GST or for verification of the tax compliance. These shall not be used for any other purposes without the written consent of the registered person. Maintaining the confidentiality is necessary to secure the trust and co-operation of the registered person.

2.5 Period to be covered during audit

The period to be covered under audit is prescribed in Rule 101 (1) of The Central Goods and Service Tax Rules, 2017 as financial year, or part thereof or multiples thereof to cover the retrospective period up to the previous audit or the limitation period specified in Section 73 or 74 of the CGST Act, 2017.

2.6 Duration of audit

2.6.1 Efforts should be made to complete each audit within the following general time limits:-

The indicative duration for conduct of Audit that is inclusive of desk review, preparation and approval of audit plan, actual audit and preparation of audit report wherever necessary, for each category would be as under:

i. Large taxpayers – 6 to 8 working days

ii. Medium taxpayers – 4 to 6 working days.

iii. Small taxpayers – 2 to 4 working days (including audit of the Deductor, who fall under the provisions of Section 51 of CGST Act, 2017 {who pay TDS} and operators who collect tax at source as per provisions of Section 52 of CGST Act, 2017)

The above mentioned working days are indicative and applicable for conduct of GST audit covering one year period. In case the audit coverage is for five years, the number of days may be increased to maximum of 16/12/8 days for Large, Medium and Small taxpayers respectively. In other words the number of days for conduct of audit may be increased proportionately, with an increase of 25% of working days for every additional year of coverage.

The duration, as above, covers the effective number of working days spent by the audit group for the audit of a particular registered person from desk review to preparation of audit report (i.e. days spent in office as well as at the premises of the registered person). In exceptional cases, the aforesaid period may be extended with the approval of Deputy/Assistant Commissioner of the Circle. Further, in accordance with the requirements of the audit of a particular registered person such duration can suitably be reduced with the express, prior concurrence of the Additional/Joint Commissioner, provided the verification as per the audit plan has been completed in the prescribed manner.

2.7 Stage wise action for audit

The processes involved in conducting GST audit are enumerated below for the ease of the officers involved in the auditing.

i. Creation of Audit teams.

ii. Preparation of schedule on the basis of the risk assessment list provided by DG (Audit). The same is divided into annual and quarterly audit schedules.

iii. Allotment of taxpayers to the audit groups.

iv. Intimation to the Registered Person (GST ADT-01).

v. Reviewing the taxpayer data - Tax Payer at a Glance (TAG), Registration, Returns, Payments, Dispute Resolution, Audit Report Utility, E-way bills & Third Party data if available.

vi. Conducting desk review in offline / online mode (wherever available) and uploading the result of desk review.

vii. Preparing the audit plan in offline / online mode (wherever available) and uploading the audit plan.

viii. Carrying out verification and uploading the verification report, within twenty four hours of completion of audit.

ix. Uploading the draft audit report (DAR) for the MCM, within 10 -15 days

x. Examining the audit paras in MCM.

xi. Uploading the minutes of the monthly monitoring committee meetings (MCM), within twenty four hours of the meeting.

xii. Uploading final audit report, within thirty days of the Meeting.

xiii. Communicating the audit report to taxpayer (ADT-02).

xiv. Communicating to the Registered Person the future course of action in case of contested paras.

A Process Flow Diagram for the above mentioned processes is as under:

Process Flow -

AMF - Assessee Master File

CHAPTER 3
MANAGEMENT OF GST AUDIT

Audit management requires planning and effective execution of the audit process. Structurally and functionally, this is to be undertaken at two levels – Apex level and Local level. In order to monitor, co-ordinate and guide the effective implementation of the audit system, the Board has set up the Directorate General of Audit as the nodal agency. At the local level, management of audit is entrusted to GST Audit Commissionerates, which are supervised by Principal Chief Commissioners/Chief Commissioners.

3.1 Management at Apex level

The Directorate General of Audit, Indirect Taxes and Customs, New Delhi (headed by Principal Director General/ Director General) with its Seven Zonal Units at Ahmedabad, Bangalore, Chennai, Delhi, Hyderabad, Kolkata and Mumbai (each headed by an Additional Director General) is required to ensure the efficient and effective implementation of the audit system (based on EA 2000 methodology) and also to evolve and improve audit techniques and procedures through a periodic review. With the help of its Zonal units, the Directorate General of Audit regularly monitors GST audits conducted by the GST Audit Commissionerates to ensure that the coverage of the registered persons is adequate in number and is reflective of their risk profile and to ensure that these audits are conducted in accordance with provisions of law by following the procedure enunciated in this manual. To achieve this, the Directorate needs to interact closely with Principal Chief Commissionerates/ Chief Commissionerates to eliminate the deficiencies and to improve the performance of the GST Audit Commissionerates.

3.1.1 As an advisor to the Board, the Directorate General of Audit is required to suggest measures for enhanced tax compliance, to gauge the level of audit standards and to ascertain the views of the Registered persons on the existing audit system. It should also interact with selected Registered persons to take a holistic view of the internal audit and to formulate proposals to remove bottlenecks and obviate the scope of irregularities.

3.1.2 The selection of Registered persons would be done based on the risk evaluation method prescribed by the Directorate General of Audit. The risk evaluation method would be separately communicated to the GST Audit Commissionerates during the month of February/ March of every year. The risk assessment function will be jointly handled by the Directorate General of Audit in consultation with the Directorate General of Analytics and Risk Management and the Risk Management section of Audit Commissionerates. It helps the GST Audit Commissionerates in selection of units for audit during the audit year.

3.2 Role of Zonal Principal Chief Commissioner/Chief Commissioner, Central GST:

3.2.1 The office of the Principal Chief Commissioner/Chief Commissioner is not an operational formation for the conduct of audit, but it provides an important link between the Directorate General of Audit and the GST Audit Commissionerates of the zone. The role of this office in the overall management of audit is as follows:

i. Collection, compilation and analysis of the data received from GST Audit Commissionerates and communication of the same to the respective Zonal Additional Director General (Audit) and to the Director General (Audit) wherever specifically asked for.

ii. Review of performance of the GST Audit Commissionerates.

iii. Dissemination of information pertaining to audit to the GST Audit Commissionerates.

iv. Resolving problems in implementation of audit system at local level and providing feedback to the Directorate General of Audit.

v. Ensuring implementation of guidelines, issued by the Directorate General of Audit, as pertaining to the GST Audit Commissionerates.

vi. Monitoring the training for auditors and the officers of the Zone, in techniques of GST audit and accountancy.

vii. Assisting and providing information to the officers of the Directorate General (Audit) in regularly examining the conduct of audits and results thereof.

viii. Posting/allocating the officers with requisite experience and expertise in conducting audits/analysing financial statements, to the GST Audit Commissionerates, ensuring equitable distribution of officers for improving coverage.

ix. To take a final decision in cases, other than finalisation of audit objection, where there is difference of opinion between GST Audit Commissioner and Executive Commissioner.

x. To resolve issues that may arise between Executive and GST Audit Commissionerates.

xi. Selection of theme, planning and execution of Theme based Audit.

xii. Approving the 20% of the taxpayers to be audited as selected by the Audit Commissionerates based on local risk factors.

3.3 Functions of a GST Audit Commissionerate:

The GST Audit Commissionerate comprises of the following sections:

i. Planning and coordination section:

To maintain and to keep a copy of Registered person’s master file (TAG) and update it in coordination with the audit groups of circles; to maintain database of officers’ profile, to look after formation/constitution of audit groups; deployment of officers, matching skills with audit requirement;, to plan the audit schedule in such a way as to make optimum use of available resources and ensuring proper desk review before commencement of audit etc., to communicate to the Executive Commissioners seven days in advance of MCM the details of audit paras, to schedule and to provide support in conduct of Monitoring Committee Meetings (MCM); to maintain records/registers and to submit reports.

ii. Administration, Personnel & Vigilance section:

To look after administrative matters, transfer, leave, allowances, budgetary grants, vigilance matters etc.

iii. Technical section & Legal Section:

To attend to draft show cause notices, audit follow up, court cases, and maintain Board’s circulars, instructions etc. To provide legal interpretation of issues raised in MCM and requiring interpretation.

iv. Risk Management and Quality Assurance section:

To attend to risk-based selection of units, use of third-party source of information, to maintain Audit database of units to be audited, to identify themes/issues for audit, to evaluate and scrutinize working papers and to look after the work related to performance appraisal and quality assurance etc., and to implement the risk-based selection advisory received from DGARM / DG (Audit) and to carry out selection of units after applying local risk parameters. Obtaining the approval of the Chief Commissioner in respect of such selection by applying local risk parameters.

v. Circles: Actual conduct of audit and subsequent follow up till the logical conclusions of the audit objections approved in MCM by way of recovery or issuance of Show Cause Notice up to DC/AC level, forwarding of draft SCN of the competency level of above DC/AC along with relied upon documents.

3.4 Role of senior officers of GST Audit Commissionerate:

3.4.1 Principal Commissioner / Commissioner

i. To ensure selection of assessees/taxpayers, to be audited during the year, on the basis of risk assessment in consultation with the Directorate of Audit. To also ensure that 20% of the taxpayers to be audited are selected based on local risk factors and obtain the approval of the Chief Commissioner.

ii. To approve the Desk Review and Audit Plan, in respect of top 5 assessees/taxpayers of each audit circle mentioned in the Annual Plan for audit coverage, after ensuring that all the steps have been completed and review few draft plans approved by the ADC/JC to ensure quality of audit.

iii. To hold either circle-wise (or any number of circles together as deemed necessary), Monitoring Committee Meeting (MCM), once a month to take decision about the acceptability of all audit objections and to determine as to whether larger period is invokable in respect of the accepted objections.

iv. To ensure that MCM is held by using the offline Audit Report Utility and no paper based audit report is prepared. Also to ensure that after the MCM, each Audit Report Utility is uploaded in the Systems.

v. To liase with DG (Systems) to ensure that EDW/ADVAIT data and GST data is available to the auditors

vi. To ensure that requisite follow-up action i.e. recovery, issue of show cause notice is taken.

vii. To review audit performance and to take steps for improvement.

viii. To take remedial measures based on the report of audit group on performance appraisal and quality assurance.

ix. To review the performance and participation of the Additional/ Joint Commissioner and Deputy/ Assistant Commissioner of audit circles.

x. To interact with the major assessees/trade associations, to obtain feedback on the audit system.

xi. To assess the training needs of the auditors and organize training programmes.

xii. To submit periodical reports to various formations including Zonal ADG (Audit) or Director General (Audit) as prescribed from time to time.

xiii. To send a list containing details of show cause notices issued by the Audit Commissionerate (including Circles), during the month, to each of the Executive Commissionerates, on monthly basis.

xiv. In cases where further investigation is required, the matter may be forwarded to the Executive Commissionerates with a self-contained note for further investigation and necessary action like recording statements under summons etc.,

3.4.2 Additional / Joint Commissioner

i. Co-ordination, planning and overall management of the audit sections and circles including supervision of work relating to theme based audit, etc.

ii. To approve the desk review and audit plan, in respect of all the large and medium units, other than the top 5 units that are to be approved by the Commissioner, after ensuring that all the steps have been completed.

iii. To review audit plans of small units approved by the Deputy/Assistant Commissioners of circles and to communicate results of such review if any to the Circle DC/AC before taking up audit verification.

iv. To interact with the management of the large units at the time of audit in order to share major audit findings and compliance issues.

v. To approve and issue SCNs which are to be adjudicated by ADC/JC as per the Monetary limits prescribed by CBIC from time to time, on receipt of DSCN and other documents from Circles,

vi. To organize training programmes for auditors.

vii. To review the follow-up action.

viii. To ensure selection of units for audit as per the risk-based list received from DGARM / DG (Audit) and to provide justification for tweaking the lists.

ix. To ensure that the Audit Report Utility is used in MCM and the reports are uploaded in system and no paper based audit reports are prepared.

x. To ensure scrutiny of NIL DARs files received from audit circles.

3.4.3 Deputy/Assistant Commissioners in-charge of Sections of Audit Commissionerate Headquarters

To supervise the work relating to the respective sections of Headquarters viz., Planning and Co-ordination Section, Administration, Personnel and Vigilance Section, Technical Section and Risk Management and Quality Assurance Section and theme based audit. To ensure that the Audit Report Utility is used for uploading of Audit reports finalised in MCM and no paper based audit reports are prepared.

3.4.4 Deputy/Assistant Commissioners in-charge of Circles:

i. Co-ordination, planning and overall management of the audit circle.

ii. To monitor maintenance of Registered person’s master files and registers.

iii. To approve the desk review and audit plan, in respect of all the small units, after ensuring that all the steps have been completed and forward a copy to JC/ ADC for review.

iv. To interact with registered persons at the time of audit in order to share major audit findings and compliance issues.

v. To approve and issue draft audit reports before placing the same in MCM meeting.

vi. As in-charge of Circle, to attend MCM and to represent the Circle in case of all DARs taken up for discussion during MCM.

vii. To issue final audit reports after approval in the MCM meeting.

viii. To issue show cause notices falling under his purview as per monetary limits fixed by CBIC from time to time both under Section 73 and 74 of CGST Act.

ix. To ensure timely preparation and forwarding of DSCNs along-with relevant documents to the Audit Commissionerate, which are falling within the monetary limits for SCN and adjudication by ADC/JC.

3.5 Role of GST Executive Commissionerate:

i. To represent in MCM;

ii. To respond to the draft audit objections, within 7 days of receipt from Audit Commissionerates;

iii. To provide detailed comments with a justification on the disputed audit paras including the details of Board’s Circulars, case laws (if any) or any point of law;

iv. To attend to the litigation after adjudication proceedings and to defend the order before the appellate fora – viz., Commissioner (Appeals)/ Tribunals/ Courts, with the help of inputs from Audit Commissionerates, wherever required;

v. To attend to the work related to pre-audit, post audit of refunds, rebates;

vi. To attend to the work related to CERA;

vii. To pursue recovery of amounts in respect of pending paras admitted by the party (in writing), based on the reference received from the Audit Commissionerate.

viii. To ensure immediate intimation to the jurisdictional Audit Commissionerates regarding any cases booked/investigation carried out by Anti-Evasion wing of the Executive Commissionerate or by DGGI and any audit conducted by CERA. A copy of the CERA objection shall also be sent.

ix. To ensure timely adjudication of show-cause notices issued by the Audit Commissionerates.

x. To carry out investigation and necessary action like recording statements under summons etc. in respect of cases forwarded by Audit Commissionerates.

3.6 Staffing norms for GST Audit Commissionerate:

i. Headquarters shall be headed by one Principal Commissioner / Commissioner with the assistance of two Additional or Joint Commissioners and three or four Assistant Commissioners/ Deputy Commissioners.

ii. Normally, officers selected and posted to the Audit Commissionerate should be allowed to continue to function in the Commissionerate for a minimum period of two years and maximum of four years.

iii. The supervising officer of the rank of Additional / Joint / Deputy / Assistant Commissioner must frequently (especially in important and sensitive units) associate with the actual audit and attend to the areas of risks identified during desk-review.

iv. Each audit circle shall be headed by a Deputy or an Assistant Commissioner.

v. Deputy/Asst. Commissioner of the circles should be associated with all major audits. Senior Officers of the cadre of Additional / Joint Commissioners should interact with the senior management of large units after conducting audit.

vi. Audit circle comprises of one stationary audit group (MIS) to look after the work relating to planning and co-ordination section of Hqrs. Office, such as MCM, maintenance of Registered person’s Master Files, attending to follow up work etc. and deployment of audit groups for conduct of audit.

vii. The Audit Groups deployed for audit of large units may comprise of 2-3 Superintendents and 3-5 Inspectors. For medium units, the audit group may include 1 - 2 Superintendents and 2 - 3 Inspectors. For small units, the Audit Group may include 1 Superintendent and 1 - 2 Inspectors.

viii. Groups for large units, medium units and small units should be in such numbers that the following distribution of manpower deployment in audit groups is achieved.

a. 40% of manpower for large units including audits of Multi Locational Supplier (MLS), and theme-based audits

b. 30% of manpower for medium units

c. 20% of manpower for small units

d. 10% of manpower for planning, coordination and follow up.

3.7 Auditors’ Profile:

Profile of each of the auditor posted in the groups should be available in the Audit Planning and Coordination Cell of Circle, in the following proforma.

i. Name of the officer.

ii. Designation.

iii. Experience in the department.

iv. Professional qualification, if any.

v. Experience in Central Excise Range/ Service Tax formation or Divisional office (in years).

vi. Whether undergone training in audit.

vii. Experience in audit wing.

viii. Number of major audit points raised by him on his own (to be taken from working papers) in his career. Amounts involved in such cases.

ix. Any commendation/awards, rewards, etc. received.

3.7.1 Each auditor should furnish a self-appraising resume containing the above information immediately upon joining the audit section, which should be updated on yearly basis so long as the officer continues to be posted in the Audit Groups. Auditor’s profile facilitates effective deployment of auditors to units by considering appropriate skill levels, training, educational background of the auditor etc.

3.7.2 The formation of audit groups is a critical component of audit management. The cadre controlling authority in-charge of the Audit Commissionerate shall ensure that the officers with the requisite skill and experience are posted to Audit Commissionerates depending on the availability and other administrative constraints. Audit Commissioners should ensure that the skill and experience available is evenly distributed across the audit groups. As far as possible there should be at least one officer with commerce or accounts background in each party. It is also useful to assign officers with computer skills to each party to deal with units that keep computerized accounts. For efficient functioning of the MIS section of Audit Commissionerate/Circle, officers with computer skills and some prior audit experience are required. Similarly, the skill sets and experience available with an audit group should govern the size and complexity of audits that it handles. For optimal results, there should be matching of these two factors.

3.7.3 Officers, when posted to the GST Audit Commissionerate for the first time, should invariably be sent for training in GST Audit process and financial accounting so that they have the basic skills to handle audit work. Compulsory in-house training programmes should also be organized in the Audit Commissionerates for the benefit of new entrants soon after the annual transfers. The GST Audit Commissioner should also ensure to organise special training programmes for major industrial sectors in the jurisdiction of an Audit Commissionerate so that auditors have the necessary specialization and sufficient number of auditors specializing in major industries are available. Officers, who have worked in audit sections earlier, should also be imparted with refresher course on the latest techniques of audit and changes in the statutory provisions, if any.

CHAPTER 4
SELECTION OF REGISTERED PERSONS FOR AUDIT

4.1 Objective:

Selection of registered persons for audit means selection of registered persons to be audited during a specified period, taking the available resources into account. Given the large number of registered persons under GST, it is impossible to subject every registered person to audit each year with the available resources. Further, emphasis placed merely on coverage of more number of registered persons would dilute the quality of Audit.Selection of units for audit in a scientific manner is extremely important as it permits the efficient use of audit resources viz. manpower and skills for achieving effective audit results. Selection of units for audit based on revenue risk leads to deployment of audit resources where they are most needed, i.e., in the audit of less compliant units. Such selection is finally subject to the availability of administrative resources. These registered persons should be selected on the basis of assessment of the risk to revenue. This process, which is an essential feature of audit selection, is known as ‘Risk Assessment’. It involves the ranking of registered persons according to a quantitative indicator of risk known as a ‘risk parameter’.

4.2 Method of selection based on risk assessment:

The selection of registered persons would be done based on the risk evaluation method prescribed by the Directorate General of Audit in consultation with the Directorate General of Analytics and Risk Management. The risk evaluation method would be separately communicated to the Audit Commissionerates during the month of January/February of every year. The risk assessment function will be jointly handled by the Directorate General of Audit and the Risk Management section of GST Audit Commissionerates. The Risk Management section of GST Audit Commissionerate would ensure availability of registered person-wise data, which would facilitate risk assessment and preparation of the list of registered persons to be audited in the current year.

4.2.1 Based on the risk methodology, a list of units will be communicated to the Audit Commissionerates by DGARM / DG (Audit), for the purpose of conducting audit for the audit year. The list will contain the name of the registered person and the risk indicator alongwith with the action points for decision support so that the auditor is aware of the area to focus while conducting audit. The Audit Commissionerates may select the units to be audited in a particular year after reviewing the list received by, in the context of local risk perceptions and parameters. The Audit Commissionerate may also select a registered person with low risk score compared to another registered person with relatively high-risk score, based on Local Risk Factors (Illustrative list of Local Risk Factors is given in GSTAM Annexure XII). It should be ensured that 20% of the taxpayers to be audited are selected based on local risk factors after obtaining the approval of the Chief Commissioner.

4.2.2 However, the reasons for such selection should be indicated which would be used as a feedback by the Directorate of Audit for further improvisation of risk factors in future.

4.2.3 The Audit Commissionerates may also select a few units at random or based on local risk perception in each category of large, medium and small units. Feedback on such random selection and results of audit thereof would help in evaluation of parameters used for the process of selection. The Audit Commissionerates may also select some registered persons registered in terms of Section 51 and Section 52 of the CGST Act, 2017 for checking the correctness of TDS and TCS. Feedback on such selected persons and results achieved may be provided to the Directorate General of Audit.

4.3 Preparation of audit schedule:

4.3.1 Annual plan for Audit Coverage (Audit year being – 1st April to 31st March):

i. The Audit Commissionerate would release an Annual plan by 15th March, indicating the names of registered persons proposed to be audited during the course of the year (period from 1st April to 31st March of the next year) and the probable month in which the Audit officers would visit the units for verification of records. The Audit coverage (i.e. number of units selected for Audit in a year) may be calibrated with the manpower availability in a Commissionerate. The working strength of officers in Audit Commissionerate would be taken as the basis for calibration. After release of Annual plan by the Audit Commissionerate, concerned DC/AC In-charge of Circles may issue quarterly schedules and to constantly monitor conduct of audits to ensure that at the end of the year audit of all the units allocated is completed. Circle DC/AC can permit changes with reference to conduct of audit of any unit by allowing preponing / postponing from one month to another month/ from one quarter to another quarter. However, it shall be ensured that audit of all the units allocated by the Audit Commissionerate are completed by 31st March so that no single unit is left uncovered.

ii. In order to ensure adequate coverage, the registered persons shall be categorized into three categories namely large, medium and small units. Given the past experience in detection of non-compliance and recovery of Tax through audits, it is suggested that Audit Groups may be deployed to cover large, medium and small units as discussed in Staffing Norms in para 3.6 above.

While deploying officers due care should be taken, so that the staff is proportionately allocated to attend the audit work related to registered persons dealing with supply of goods and those dealing with supply of services based on revenue profile of the Commissionerate.

iii. The criteria for categorizing a registered person as large, medium or small would be the total annual value of outward supplies (including export and exempt supplies). The threshold limits of value of outward supplies for categorizing the units into large, medium and small would be dependent upon (i) the available manpower in the Audit Commissionerate and (ii) the total no. of registered persons and turnover of each registered person in the jurisdiction of the Audit Commissionerate. It may be noted that threshold limits may vary from one Audit Commissionerate to another Audit Commissionerate in view of varying number of registered persons and quantum of value of outward supply by each registered person. The categorization of Registered Taxpayers would be done by the Directorate General of Audit. The methodology for categorization alongwith threshold limits would be communicated to the Audit Commissionerates by Directorate General of Audit during the month of January/February.

iv. The scheduling can be reviewed half yearly for necessary adjustments, if any. The Directorate General of Audit will also periodically review and revise, wherever necessary, the criteria for categorizing the units into large, medium and small within each Zone / Commissionerate, manpower deployment in each category, composition of Audit Group and number of days required for audit in each category. The review/revision would be done in consultation with the Audit Commissionerates so as to ensure that Audit coverage by officers is made optimal.

v. Principal Chief Commissioner / Chief Commissioner may allow temporary reallocation / diversion of officers amongst the Audit Commissionerates to ensure adequate Audit coverage of all categories of registered persons falling under the jurisdiction of the zone.

4.4 Theme based coordinated audits

4.4.1 Theme based co-ordinated audits at all India level would be conducted by the concerned Audit Commissionerates in a coordinated manner. The theme would be selected by the Directorate General of Audit, based on a systematic and methodical risk analysis of internal data of registered person (from DG (Systems), economic indicators, third party information from tax and other regulatory authorities and other relevant sources of data. The D.G. Audit would also consult trade, industry and suppliers from time to time, wherever necessary. The theme would be intimated well in advance, say four to six months, to the field formations. The number of such audits will be one or at best two in a year. The selection of theme/issue, coordination and dissemination would be done by the D.G. Audit in consultation with the field formations.

4.4.2 The theme based coordinated Audits would also be carried out at the Zonal level. The theme for the audit, which could be a sensitive commodity, would be selected at the zonal level and simultaneous and coordinated audit would be carried out within the zone. The number of such audits will again be one or two in a year. The theme for the Audit would be selected based on analysis of data provided by DG (Systems) and relevant third-party information identified from time to time. The Principal Chief Commissioner/Chief Commissioner may involve the zonal units of Directorate General of Audit in selection of theme, planning and execution of theme-based Audit.

4.5 Accredited status for deferring frequency of audit

4.6 A segment of registered person, could be given an “accredited” status, similar to the one given in Customs, based on their proven track record of compliance with tax laws and procedures. Such identified registered person need not be subjected to Audit in every cycle. It has been decided that such units should normally be audited only after 3 years from the date of last audit. The procedure and criteria for accreditation would be communicated separately.

CHAPTER 5
AUDIT - PREPARATION AND VERIFICATION

5.1 Profiling of registered person:

5.1.1 Audit requires a strong database for profiling each registered person so that risk-factors relevant to a registered person may be identified in a scientific manner and audit is planned and executed accordingly. Some of the relevant data has to be collected from the registered person during the course of audit, while the rest is to be extracted from the, application for registration, registration documents and returns filed by the registered person as well as from his annual return, E-way Bills, reports/returns submitted to regulatory authorities or other agencies, Income Tax returns, contracts with his clients, audit reports of earlier periods as well as audits conducted by other agencies, like office of C&AG, etc. most of which will be available in GSTN.

5.1.2 A comprehensive data base about a registered person to be audited is an essential pre-requisite for selection of units as well as for undertaking preliminary desk review and effective conduct of audit. A substantial amount of data is already available in GSTN. Some of the data like those contained in annual financial statements keeps changing every year. Utility named Taxpayer at a Glance (TAG) containing all the available information of the registered person will be accessible to the auditor.

5.2 Reviewing the taxpayer data: The first step towards an effective audit is to review all relevant information about the registered person. Annexure GSTAM – I contains details of all the relevant data required for review.

5.2.1 Whenever GST audit of a registered person is taken up, the audit team conducting the audit should review the data already available and the data that is not available and collect the information not available and update the data of the registered person.

5.2.2 The Planning and coordination section of the Audit Commissionerate shall make available all the information of the registered person selected for audit to the respective audit group as per the said Annexure GSTAM I

5.2.3 The information of each registered person should be updated periodically after completion of each audit. The audit working papers, audit report, duly approved during the audit monitoring meeting, along with the latest documents should be filed properly in a file of the registered person.

5.3 Allocation of audits amongst the audit parties:

The audit schedule should also mention the Group No. of the audit groups to conduct audit of a particular unit. It must be ensured that the group members of the audit party are fully trained for conducting audit in accordance with the guidelines in this manual.

5.4 Action to be taken by the Audit Group:

Once the audit schedule, with Group allocation, is finalised, the action shifts to audit groups. The group should have adequate time to complete the preparation for audits to be conducted as per the audit schedule. All units listed to be audited should be intimated at least 15 days before the commencement of audit verification in their premises. A format of the letter (ADT – 01) intimating the registered person about the audit and the records/documents to be provided to the auditors has been notified under CGST Rules, 2017 provided in Annexure - GSTAM-II of this manual.

5.5 Desk Review

5.5.1 Objective:

The desk review lays emphasis on gathering data about the registered person, his operations, business practices and an understanding of the potential audit issues, understanding his financial and accounting system, studying the flow of materials, cash and documentation and run tests to evaluate the vulnerable areas. The preliminary review assists in development of a logical audit plan and focus on potential issues.

5.5.2 This is the first phase of the audit programme done in the office. The idea is to gather as much relevant information about the registered person and its operations, as is possible, before visiting the unit. A good desk review under the supervision of senior officers is critical to the drawing up of good audit plan. The services of Deputy/ Assistant Director (Costs) allocated to CC Zone may be utilised effectively wherever required.

5.5.3 The auditor should refer to the information of the Registered Taxpayer (Annexure-GSTAM-I). Study of the information could throw up important points, which may merit inclusion in the audit plan. In addition, the auditor should also obtain the latest Trial Balance Sheet, Tax Audit Report, Annual Financial Statement, Cost Audit Report or any such document prepared or published after the last updating of information. From the scrutiny of these documents, certain points may further emerge for inclusion in the audit plan. The auditor should also incorporate the result of any parameters brought to light by risk analysis into the desk review for pin pointing specific issues for scrutiny during audit. An illustrative list of scrutiny of important documents from the audit angle is given at Annexure –GSTAM-III).

5.5.4 All receipts of the taxpayer need to be tested for GST liability. Analysis of exports turnover, turnover of non-taxable and exempted goods and services gives a clear picture of the amounts which were not considered for Tax payment. It also helps to conclude whether such exemptions claimed are proper or not. (Part III (I) of Working papers in Part B {for services} of GSTAM-VIII refers). The auditor should reconcile the ITC credit availed as shown in GSTR 1 with that shown in GSTR 2A and identify any gaps in the ITC availment. This gap should be mentioned in the Audit Plan for verification at the time of audit.

5.5.5 Cost Accounting Records/Cost Audit:

(i) In respect of Regulated sectors like Telecommunication, Electricity, petroleum and Gas, Drugs and Pharma, fertilizers and Sugar, Cost audit requirement has been made subject to a turnover based threshold of Rs 50 crores for all products and services and Rs 25 crores for individual product and services.

(ii) In respect of Non-Regulated sectors - The threshold is Rs 100 crores and Rs. 35 crores respectively.

For latest amendments and existing norms the Companies (Cost Records and Audit) Rules 2014 may be referred to.

5.5.6 From the RPMF, Trial Balance and Annual Financial Statements (Profit & Loss Account and Balance Sheet) it is possible to work out important financial ratios. The said ratios should be compared with the ratios of earlier year and wherever significant variation is noticed, these areas may be selected for audit verification. It may be kept in mind that any adverse ratio is only an indicator for verification of such an area and there may be valid reasons for the same. Therefore, only on the basis of such an adverse ratio, a point for verification can be selected. An illustrative list of important ratios is given at Annexure-GSTAM-IV.

5.5.7 Reconciliation of data with third party information: GST payment shown in the GSTR-9 returns can be reconciled with that shown in the financial accounts. Further, from the reconciled figure of GST payment, value of the sales can be worked out. This can then be compared with the sales figure shown in financial records. The difference, if any, must be analysed. The unit assessable value of the registered person can be compared with that of another registered person supplying the same supply. This method would give an idea whether the valuation and duty calculation system of the registered person is a high/low risk area. A comparative chart of items from financial statement to be drawn for reconciling the data is annexed as Annexure-GSTAM-V. The auditor should check the data available in GSTR-9 returns with other documents such as gross trial balance, Income Tax Returns, Annual Audited accounts, Income Tax Audit report etc. and to carry out a preliminary reconciliation for the purpose of identifying any amount that might have escaped GST.

5.5.8 Revenue Risk Analysis:

Risk Analysis is a method of identifying potential revenue risk areas by employing modern techniques. It can be carried out by (i) reconciling various specific financial data, comparing it with different business accounts/documents, (ii) deriving certain data and comparing with the actual figures of the financial documents & (iii) comparing the key data figures of the unit with the average of all industry figure of similar kind (if available) or past figures of the same registered person. The result of Revenue Risk Analysis should be filled in the relevant column of working papers.

5.5.9 Trend Analysis:

Trend analysis is a type of computational support needed for the analysis preparatory to planning, by analysing historical data and working out future projections. Historical data is analysed to discover patterns or relations that would be useful in projecting the future production, clearances and values etc.

5.5.10 For audit purposes, either absolute values or certain ratios are studied over a period of time to see the trend and the extent of deviation from the average values during any particular period. The analysis of trends as mentioned in the relevant table of working papers may be carried out. (refer III (9) of Annexure –GSTAM-VIII Part A & III C of Part B of GSTAM-VIII).

5.5.11 For audit of Traders, a check list is provided in Annexure XIII.

For audit of Composite Dealers, a check list is provided in Annexure XIV.

5.6 Audit Plan

5.6.1 The objective of preparing an audit plan is to outline a logical series of review and examination steps that would meet the goals and standards of an audit in an efficient and effective manner.

5.6.2 Audit Plan is the most important stage before conduct of audit. All the previous steps are actually aimed at preparation of a purposeful Audit Plan. Therefore, it is important that all previous steps are completed and the relevant Working Paper of each of the steps is filled up before commencing preparation of an audit plan. By now, the auditor is in a position to take a reasonable view regarding the vulnerable areas, the weak points in the systems, abnormal trends and unusual occurrences that warrant detailed verification. Certain unanswered or inadequately answered queries about the affairs of the registered person may also be added to this list.

5.6.3 Audit plan should be a detailed plan of action, preferably in a standard format. The audit plan should be consistent with the complexity of the audits (Annexure –GSTAM-VII).

5.6.4 The summary results of desk review, along with the completed Working Papers, should be submitted to the Deputy/Assistant Commissioner for approval and guidance, if any.

5.6.5 The audit plan must be discussed with the Deputy Commissioner / Assistant Commissioner of the Circle and should be finalised after approval by the Commissioner/ Additional/ Joint Commissioner/ Deputy/ Assistant Commissioner as the case may be.

5.6.6 The audit group should put up documents received, along with filled in Questionnaire and working papers in the prescribed proforma, related to top five units of each audit circle mentioned in the Annual Plan for audit coverage to the Commissioner and the rest to the Additional / Joint Commissioner through Deputy / Assistant Commissioner in-charge of Circle, for approval of the audit plan, after carrying out preliminary reconciliation, identifying discrepancies, if any, and carrying out detailed examination of the records and information (including that already captured in the Master File of registered person).

5.6.7 In the case of circles where ADC/JC is not stationed at the place of Circle:

i. In respect of large and medium units, the audit parties should forward the draft audit plans to the Additional/Joint Commissioner, through the DC/AC of the circle, by e-mail, for approval. The audit of the respective units should not be conducted till receipt of the approval of the ADC/JC, through e-mail. While sending the desk review and the draft audit plan, the information in GSTAM Annexure - I should also be sent.

ii. In respect of small units, the Deputy/Assistant Commissioner of the Circle is competent to approve the audit plan. However, the approved audit plan should be forwarded to the Additional/Joint Commissioner, through e-mail, at least 10 days before the conduct of actual audit so as to enable the ADC/JC to communicate additions, if any, before the actual audit takes place.

5.7 Audit Verification

5.7.1 The objective of audit verification is to perform verification activities and document them in order to obtain and record audit evidence. The verification techniques must be appropriate for audit objectives identified in the audit plan. It is important that in an audit, the objections that are raised are technically correct and stand up against scrutiny or challenge. Law being open to interpretation, it may be difficult to test the technical correctness of all objections. However, it should be correct to the extent that any professional auditor, working with and having access to the same research material would likely to come to the same conclusion. It also means that the auditor must demonstrate, in writing, the research and reasoning used to base his/her application of legislation, policies and jurisprudence.

5.7.2 Audit verification involves verification of data and actual verification of documents submitted at the time of desk review, verification of points mentioned in the audit plan.

5.7.3 Gathering of information of the registered person - This may be carried out as per the activity of the taxpayer as found out during the Desk Review. The task mentioned herein below may not be relevant in case of all taxpayers. The auditor should evaluate the necessity of carrying out these tasks and mention the relevance in the Working Paper for carrying out or not carrying out the same.

5.7.4 Evaluation of the Internal Controls.

The objective of review of internal controls is to assess whether the registered person has reliable systems and controls in place that would produce reliable accounting/business records. Most medium to large companies have ERP systems in place, which account for all transactions from entry of raw material to clearance of final products. Auditors must have a look at these systems and more relevantly determine whether software being used exclusively for the transactions related to Goods and Service Tax matters is integrated to the main ERP system or is running parallel to the main ERP. This assessment would be used by the auditor to decide on the extent of verification required and to focus on areas with unreliable or missing controls. It should be noted that this review must be commensurate with the size of operations. A small registered person might have little in terms of internal controls where as a large registered person would have sophisticated internal controls in place. If the internal controls are well designed and working properly, then it is possible to rely on the books maintained by the registered person. The scope and the extent of the audit can be reduced in such a case. The reverse would be true if the internal controls are not reliable. Audit should evaluate the soundness of internal control of sub-systems/areas like sales, purchase tax, accounting etc., and grade them as good, acceptable and poor (refer Part D of working papers).

5.7.4.1 In this regard, an auditor should normally examine the following:

i. Characteristics of the company’s business and its activities.

ii. System of maintenance of records and accounts.

iii. Identifying the persons handling records for accounting purposes.

iv. Allocation of responsibilities at different levels.

v. System of internal checks.

vi. System of movement of documents having relation to duty/tax assessment.

vii. Inter-departmental linkages of documents and information.

viii. System of own internal audit.

5.7.5 Techniques for evaluation of the Internal Controls.

(a) Walk-through: This is a process by which the auditor selects any transaction by sampling method and traces its movement from the beginning through various sub systems to the end. The auditor verifies this transaction in the same sequence as it had moved. By this method the auditor can get a feel of the various processes and their inter linkages. It is also a useful method to evaluate the internal control system of a registered person. The auditor can undertake walk through process of sales, purchase, GST, account adjustment systems etc., certain model ‘Walk-through’ routes are given in Annexure-GSTAM-VI. Similarly, key controls may be examined for recording of all cash transactions: these controls may include scrutiny of numbered cash transaction invoices, daily reconciliation of cash invoices, separation of taxes etc. Undertaking a ‘walk-through’ and conducting ABC analysis during this process would help the auditor in evaluating the system of internal controls in a scientific manner.

(b) ABC Analysis: It is a known fact that in any field of activity an enormous data is generated and all data is not equally important. In order to filter out the irrelevant or relatively insignificant data, various techniques are applied. The ABC Analysis is one of such data management techniques. This technique is particularly useful when auditors are required to scrutinise and examine a large volume of data/documents within a limited time. In ABC analysis the whole data population is classified into three categories (i.e. A, B and C categories) based on the importance, as given below:

  • A-category is the class of data that is the most important from the point of view of managing and controlling the same.
  • B-category is the class of data, which should invariably be controlled, but the degree of control is not as intense as for A-category.
  • C-category is the class of data, which has far less revenue-implications and can be controlled by suitable test-checks.

The auditor can apply ABC Analysis especially where the quantum of data/ information to be analysed is voluminous. In such a case, the auditor can classify them according to their tendency towards potential risk into A, B and C categories. To give an example, transactions with top five customers/clients of a registered person may alone be taken up for detailed examination by auditors. Similarly, while verifying credit utilization by the registered person, documents relating to the receipt/procurement of major inputs may be examined. The technique of ABC analysis can also be suitably applied for evaluating the systems of internal controls while carrying out verification.

The above steps viz., tour/study or evaluation of internal controls/walk through etc., are required to be carried out during the stage of actual audit verification.

5.7.6 The auditor should invariably record the findings of the above steps, in the Working Paper (Annexure –GSTAM-VIII).

5.7.7 Verification of points mentioned in the audit plan:

In view of emphasis on trade facilitation, intelligent enforcement and providing non-intrusive environment to taxpayers, it has been decided to move from the present system of premises based audit to desk-based (office) audit in case of small category of taxpayers. Such desk based audit may be carried out on the basis of information / data made available to them. However in case of non-cooperation by the taxpayers, premises based audit may be carried out after approval by the Commissioner. Further in cases where it is felt at any stage of audit that there are inherent weaknesses in the internal control system of the taxpayers, the officers may switch to premises based audit with the approval of the Commissioner. However, in respect of Large and Medium Category of taxpayers, the premises based audit has to be conducted.

The auditor should conduct the verification in a systematic manner, following the sequence of steps envisaged in the working papers. While conducting audit verification, special care should be taken to examine all those issues pointed out in the audit plan. The auditor should try to determine whether the apparent weaknesses in the internal control system of the manufacturer/service provider have led to any loss of revenue. He should also identify the procedural infractions on part of the registered person, which are recurrent in nature and which may obscure a significant fact. During the process, he must cross check the entries made by the registered person in various records and note discrepancies, if any. In all cases involving discrepancies, the auditor should make detailed enquiries regarding the cause of the discrepancies and their revenue implication.

5.7.8 The auditor should also examine the documents submitted to various Government departments/ Regulatory Authorities such as Customs, Income Tax, Banks, etc. by the registered person. This should be used in cross verification of the information filed by the registered person for the assessment of GST. Annexure GSTAM-IX gives utility of some of the documents/ registers of the registered person that can be made use of by the auditor during the course of verification. Extensive use of information available with open sources such as electronic and print media, internet etc. should also be resorted to for verification of information filed by the registered person.

5.7.9 The audit verification gives maximum opportunity to the auditor to go through the registered person’s records in his unit. Therefore, auditor may come across a new set of information or documents, not earlier known, during any of the earlier stages. Further, while examining an issue, the auditor may come across a fresh issue also requiring detailed examination. In such a situation, the auditor should, after obtaining the approval of his Dy. Commissioner/Asst. Commissioner, go beyond the scrutiny envisaged under the Audit Plan and record the reasons for doing so. Despite audit verification being a structured process, it is flexible enough to accommodate needs on the spot. At the end of each entry in working papers, auditor must indicate the findings. If any of the planned verifications is not conducted, the reasons for the same must also be recorded. While the process of verification for each audit would be unique in terms of Audit Plan, it should involve some general steps as discussed below:

5.8 Physical Verification of Documents: A detailed scrutiny of the financial records of the registered person becomes imperative, if any issue is noticed at the time of Desk Review. The documents to be examined include Annual Financial Accounts containing Director’s Report, Statutory Auditor’s Report, Balance Sheet and Profit & Loss Account. If necessary, the auditor must go into details of the figures mentioned in the Annual Financial Statements and for that he must examine Trial Balance, Ledgers, Journal Vouchers, 26AS Statement, Invoices and E-way bills. He may also examine Cash Flow Statement, Groupings, Cost Audit Report and Tax Audit Report. He should also check whether the registered person is maintaining the statutory records as required under various statutes especially under the Companies Act, 2013.

5.8.1 Audit objections raised must be fully supported by documentary and legal evidences. This will greatly help in explaining and discussing the objections with the registered person and other follow up action. It needs to be ensured that all audit documentation is complete, accurate and of professional quality. Working Papers are a synopsis of audit operations conducted by the Audit Group. Entry of all items mentioned in the audit plan must be made in the working papers, during Audit Verification.

5.8.2 The provisions of Section 9(4) of the CGST Act, 2017 specify a class of registered person who shall, in respect of supply of specified categories of goods or services or both received from an unregistered supplier, pay the tax on reverse charge basis as the recipient of such supply of goods or services or both. As such during the course of Audit, the auditors may examine the details of procurements from such un-registered persons.

5.8.3 For verifying the gap in ITC availment as identified in para 5.5.4, the auditor should carry out a test check of the invoices of such suppliers whose details are not figuring in GSTR 2A and identify some of such suppliers with high tax value and get the particulars of tax payment verified at the supplier’s end.

5.8.4 In order to verify the correctness of TDS payments, the auditor should check the reconciliation statement showing purchases and prepare a list of all suppliers who have not paid GST. Some of these suppliers may either be unregistered or registered. In case of unregistered suppliers, details of payment of GST in terms of Section 51 of CGST Act, 2017 may be verified and in case of registered suppliers the reasons for non-payment of GST may be ascertained in test cases.

5.9 Working Papers (Annexure – GSTAM-VIII):

i. The working papers form the basis of audit objection. They also show the detailed steps undertaken by the auditor during the preparation and conduct of the audit. Therefore, they should be filled carefully, giving observations and conclusions of the auditor duly supported by evidences/documents, wherever required.

ii. Each part of the working papers should be filled up on completion of the relevant audit step. The date on which such part is completed and working paper filled in should be mentioned. The working papers should be filled in by the auditors themselves and in no case should be handed over to the registered person for filling them up.

iii. The completed working papers must be submitted by the Audit Group with the draft audit report.

iv. Copies of supporting documents/records/evidences referred to in the working papers must be annexed at the end. Each copy should have a cross-reference to the relevant entry in the working paper.

5.10 Working papers should support the audit effort and results. They should:

i. Be clear, concise, legible, organized, indexed, and cross-referenced;

ii. Disclose the audit trail and techniques used in the examination of each significant item;

iii. Support the conclusions reached and cover all queries raised;

iv. Include audit evidence (e g., copy of a financial statement, an invoice, a contract, a bank statement, etc.) to support the assessment;

v. Link results to supporting working papers e.g. the objections identified in the working papers must agree with the summary of audit results or statement of audit objections and the audit report;

vi. See that audit reports are clear and disclose all material and relevant information; and

vii. Take follow up action.

5.11 Apparently, the financial and other documents maintained by the registered person for his private use and in compliance of other statutes are of great importance which may reveal substantial short/non-payments of duty. Annexure-GSTAM-IX provides an illustrative list of such records/ documents, as also the relevant information that can be gathered from them. The auditor may take note of the same during ‘Gathering information about the registered person and the system followed by him’, and go through them during ‘Audit Verification’.

5.12 In case it is not possible to conduct Audit within three months period as prescribed under section 65 of CGST Act, Circle DC/AC is to submit proposals for extension of time limit for completion of audit well in advance preferably at-least one week in advance to the Commi