What Is Secretarial Audit?
Secretarial audit is a compliance audit conducted by a Practicing Company Secretary (PCS) to verify whether a company has complied with the provisions of various laws, rules, regulations, and guidelines applicable to it. It is the corporate governance equivalent of a statutory (financial) audit — while the statutory auditor checks whether the financial statements are true and fair, the secretarial auditor checks whether the company has complied with all applicable laws.
The concept was introduced for the first time by the Companies Act, 2013 under Section 204. The secretarial audit report (in Form MR-3) is annexed to the Board Report (Directors Report) and filed with the ROC as part of the annual filing package.
Which Companies Must Get Secretarial Audit?
Under Section 204(1) read with Rule 9 of the Companies (Appointment and Remuneration of Managerial Personnel) Rules, 2014:
(a) Every listed company (listed on any recognized stock exchange in India)
(b) Every public company with paid-up share capital ≥ Rs. 50 crore
(c) Every public company with turnover ≥ Rs. 250 crore
(d) Every company which has outstanding borrowings from banks/public financial institutions ≥ Rs. 100 crore
Private companies: Generally NOT required to undergo secretarial audit (unless they fall under category (d) — outstanding borrowings ≥ Rs. 100 crore). However, private companies that are subsidiaries of listed companies are often required to undergo secretarial audit under SEBI (LODR) Regulations for material subsidiaries.
Who Conducts Secretarial Audit?
Only a Practicing Company Secretary (PCS) — a member of the Institute of Company Secretaries of India (ICSI) holding a Certificate of Practice — can conduct secretarial audit. The PCS cannot be an employee of the company (must be an independent external PCS or PCS firm). The appointment is made by the Board of Directors.
The PCS should have adequate experience in corporate law compliance and should not have any conflict of interest with the company. ICSI recommends that the secretarial auditor should not provide consultancy services to the same company (to maintain independence — similar to the restriction on statutory auditors under Section 144).
Scope of Secretarial Audit — What Is Checked
The secretarial auditor verifies compliance with:
1. Companies Act, 2013 and Rules
All provisions: incorporation, share capital, deposits, charges, management and administration (meetings, minutes, registers), directors, financial statements, Board report, audit, winding up. Key compliance checks: were 4 board meetings held with proper notice and quorum? Was AGM held within time? Were AOC-4 and MGT-7 filed on time? Were all statutory registers maintained? Was auditor appointed properly? Were related party transactions approved correctly?
2. SEBI Regulations (For Listed Companies)
(a) SEBI (LODR) — Listing Obligations and Disclosure Requirements Regulations, 2015
(b) SEBI (SAST) — Substantial Acquisition of Shares and Takeovers Regulations, 2011
(c) SEBI (PIT) — Prohibition of Insider Trading Regulations, 2015
(d) SEBI (Issue and Listing) Regulations
(e) SEBI (Buyback of Securities) Regulations
(f) Any other applicable SEBI regulations
3. Depositories Act, 2018 and SEBI Regulations
Compliance with depository requirements — demat of shares, corporate actions, transfer restrictions.
4. FEMA (Foreign Exchange Management Act)
If the company has foreign investment, external commercial borrowings, or cross-border transactions: compliance with FEMA provisions, RBI regulations, and FDI policy.
5. Sector-Specific Laws
Laws specifically applicable to the company's industry: RBI regulations (for NBFC/banking), IRDA (insurance), TRAI (telecom), SEBI (market intermediaries), FSSAI (food), Drug and Cosmetics Act (pharma), etc.
6. Secretarial Standards
Compliance with SS-1 (Meetings of the Board of Directors) and SS-2 (General Meetings) issued by ICSI.
7. Other Laws as Applicable
Labour laws, environmental laws, competition law, intellectual property laws — the PCS checks whether the company has a system to ensure compliance with all applicable laws (even if not verifying each law in detail).
Secretarial Audit Report — Form MR-3
The report is issued in the prescribed Form MR-3 and covers:
(a) Management responsibility: Compliance is the responsibility of the management; the PCS provides reasonable assurance based on verification
(b) PCS responsibility: Examined processes, records, documents to provide an opinion on compliance
(c) Observations: Compliance observed / non-compliance identified / qualifications
(d) Conclusion: Whether the company has proper compliance systems and has generally complied with all applicable provisions
Types of Observations
Clean report: "The company has generally complied with the provisions of the Act, Rules, Regulations, Guidelines, and Standards as mentioned above." This is the ideal outcome.
Qualified report: "Except for the matters described below, the company has complied..." — followed by specific observations on non-compliance. Common qualifications: late filing of forms, non-appointment of woman director, non-constitution of required committee, inadequate board meeting frequency, related party transactions without proper approval.
Adverse report: "The company has NOT complied with..." — for serious and pervasive non-compliance. Rare but significant — triggers regulatory scrutiny.
Board's Response to Secretarial Audit Observations
Under Section 204(3), the Board must provide explanation or comment on EVERY qualification or observation in the secretarial audit report — in the Board Report. This is similar to the Board's response to statutory auditor qualifications under Section 134(3)(f). Simply stating 'noted' or 'self-explanatory' is NOT sufficient — specific responses with corrective action taken/proposed are required.
Penalty for Non-Compliance with Section 204
If a company required to get secretarial audit does NOT do so:
(a) Company: fine of Rs. 1 lakh to Rs. 5 lakh
(b) Every officer in default: fine of Rs. 50,000 to Rs. 5 lakh
Additionally, the absence of secretarial audit report from the Board Report makes the Board Report incomplete — potentially invalidating the AGM proceedings and annual filings.