Introduction
Internal audit is a vital part of corporate governance, risk management, and operational control within subsidiaries. Whether wholly or partially owned, Indian subsidiaries must implement robust internal audit mechanisms to ensure that their operations comply with legal standards, parent company policies, and financial discipline. The internal audit structure is governed by Section 138 of the Companies Act, 2013, along with internal policies of the holding company, especially when global standards or cross-border compliance requirements are involved.

Legal Mandate for Internal Audit
Section 138 of the Companies Act, 2013 makes internal audit mandatory for certain classes of companies, including subsidiaries with a prescribed threshold of turnover or paid-up capital. It mandates the appointment of a Chartered Accountant, Cost Accountant, or other qualified professional to conduct the internal audit.

Objective of Internal Audit
The purpose of internal audit in a subsidiary is to evaluate the effectiveness of internal controls, ensure regulatory compliance, detect risks or inefficiencies, and recommend improvements. It adds value by supporting strategic decisions, safeguarding assets, and promoting operational excellence.

Audit Planning and Scope Definition
An internal audit in a subsidiary begins with the preparation of an audit plan approved by the board or audit committee. This plan defines the audit scope, frequency, methodology, and focus areas such as finance, operations, HR, IT systems, and statutory compliance.

Appointment of Internal Auditor
The board of directors appoints the internal auditor based on the company’s size and nature of operations. The auditor can be an in-house employee or an external professional or firm. Independence, expertise, and sectoral knowledge are crucial selection criteria.

Audit Frequency and Reporting Cycle
Internal audits can be conducted quarterly, half-yearly, or annually, depending on the risk profile and statutory requirements. The internal auditor submits a report to the board or audit committee highlighting key findings, irregularities, control weaknesses, and suggested corrective actions.

Coordination with Parent Company Policies
For foreign-owned subsidiaries, internal audit structures are often aligned with the global audit framework of the parent company. This ensures consistency in risk assessment, control benchmarks, and reporting standards across all group companies.

Audit Trails and Documentation
A structured internal audit includes detailed working papers, test results, evidence documentation, and trail logs. These records support transparency, facilitate external audits, and serve as legal proof during inspections or investigations.

Follow-Up and Implementation of Findings
Post-audit, management is required to act on the audit observations. Implementation progress is reviewed in follow-up audits or through board/audit committee oversight. This continuous feedback loop enhances internal control maturity.

Integration with Risk Management
Internal audit is closely integrated with the subsidiary’s risk management framework. Audits help identify strategic, operational, and compliance risks, enabling the board to take proactive measures to mitigate vulnerabilities.

Reporting to the Audit Committee or Board
In larger subsidiaries or those with mandated audit committees, internal auditors present their reports directly to the committee. This reporting line ensures independent access to governance bodies and avoids management influence on audit integrity.

Conclusion
A well-structured internal audit framework is crucial for safeguarding the integrity, efficiency, and compliance of subsidiaries. It builds stakeholder confidence, minimizes risks, and aligns business activities with legal and corporate expectations. Subsidiaries must ensure that their internal audits are regular, independent, well-documented, and responsive to evolving business environments.

Hashtags

#internalaudit #subsidiaryaudit #companiesact2013 #auditstructure #auditcommittee #auditreporting #charteredaccountant #riskmanagement #auditfindings #subsidiarycompliance #governanceindia #boardoversight #internalauditplan #auditdocumentation #internalcontrols #auditcycle #auditscope #financialintegrity #corporateaudit #subsidiaryindia #audittrail #legalcompliance #businessgovernance #riskassessment #auditimplementation