Audit & Assurance

Audit Committee Best Practices in India: What Boards Need to Know in 2026

10 min read Expert verified
TL;DR Summary
The audit committee oversees financial reporting, internal controls, and audits.
The Companies Act, 2013 mandates audit committees for listed public companies. SEBI LODR, 2015 adds stricter rules.
It must have at least 3 directors. Independent directors must be the majority under the Act and two-thirds under LODR.
The chairperson must be an independent director. All members must be financially literate.
The committee reviews financial statements, auditors, related party transactions, and internal controls.
It must meet at least four times a year, with no gap of over 120 days.
Common issues include over-reliance on management, poor financial literacy, and a compliance-only approach.
CA firms assist through statutory audits, internal audits, GRC, and IFC services.

An audit committee is a board sub-committee that oversees financial reporting, internal controls, and auditors – mandatory in India under the Companies Act, 2013, for listed and large public companies, with stricter composition rules under SEBI LODR. It must have at least three directors, an independent majority (two-thirds for listed entities), an independent chairperson, and must meet at least four times a year, with no more than 120 days between meetings.

Strong audit committee best practices in India are essential for protecting your company from financial misstatements, fraud, and regulatory penalties. Your audit committee is the primary mechanism that ensures the integrity of financial reporting and strengthens investor trust.

Here’s a PKC guide that covers the audit committee in depth. We take you through the composition requirements under the Companies Act and SEBI LODR, key responsibilities, how to run effective meetings, common failures and how to avoid them.

What Is an Audit Committee and Why It Matters

An audit committee is a sub-committee of the board of directors. Its main job is oversight of financial reporting, internal controls, external and internal auditors, and regulatory compliance.

The committee acts as a bridge between the board, the management, and the auditors. It reviews financial statements before they go to the board. It monitors auditor independence. It evaluates internal financial controls and risk management systems.

In India, the Companies Act, 2013 requires listed companies and public companies crossing prescribed thresholds to constitute an Audit Committee under Section 177 read with the relevant rules.

An audit committee is important because of the areas it is involved in, including: 

  • Appointment and remuneration of statutory auditors
  • Review of quarterly and annual financial statements before they reach the board
  • Scrutiny of related party transactions (RPTs)
  • Evaluation of internal financial controls
  • Oversight of the whistleblower mechanism
  • Review of inter-corporate loans and investments

That is a wide and consequential scope. A poorly functioning audit committee is a risk to the accuracy of every financial disclosure your company makes. When boards treat the audit committee as a formality, the consequences regularly show up in regulatory action, qualified audit reports, or worse.

The audit committee is considered one of the main pillars of corporate governance in public companies. It enhances confidence in the integrity of financial reports, internal control processes, and risk management systems. 

When your audit committee works well, it protects your company from financial and reputational damage.

Audit Committee Composition: Companies Act and SEBI Requirements

The composition rules for audit committees in India come from two primary sources: Section 177 of the Companies Act, 2013 and Regulation 18 of the SEBI (LODR) Regulations, 2015.

They overlap in some areas and differ in others. You need to comply with both if your company is listed.

Key differences between Companies Act and SEBI LODR:

AspectCompanies Act, 2013SEBI LODR, 2015
Minimum directors33
Independent directorsMajorityAt least two-thirds
ChairpersonMust be able to read financial statementsMust be an independent director
Financial literacyMajority must read financial statementsAll members must be financially literate; at least one with accounting/finance expertise
MeetingsNot specifiedMinimum 4 times a year; max 120 days between meetings
QuorumNot specified2 members or 1/3rd, whichever is greater, with at least 2 independent directors
SecretaryNot specifiedCompany Secretary

Under Section 177 of the Companies Act, 2013:

The audit committee must consist of a minimum of three directors. Independent directors must form a majority. The majority of members, including the Chairperson, must have the ability to read and understand financial statements.

The Act applies to:

  • Every listed public company
  • Public companies with paid-up share capital of ₹10 crore or more
  • Public companies with turnover of ₹100 crore or more
  • Public companies with outstanding loans, borrowings, debentures, or deposits exceeding ₹50 crore

Under Regulation 18 of SEBI LODR, 2015 (for listed entities):

For listed entities, the SEBI requirement is stricter. The audit committee must have a minimum of three directors. 

At least two-thirds of the members must be independent directors. In case of a listed entity with outstanding SR (superior rights) equity shares, the audit committee shall only comprise independent directors.

Additional requirements under LODR:

  • All members must be financially literate
  • At least one member must have accounting or related financial management expertise
  • The Chairperson must be an independent director and shall be present at the Annual General Meeting to answer shareholder queries
  • The Company Secretary must act as the secretary to the committee
  • The committee must meet at least four times in a financial year
  • Not more than 120 days shall elapse between two consecutive meetings
  • Quorum: two members or one-third of the members, whichever is greater, with at least two independent directors

One practical point boards often miss: financial literacy is mandatory for all members under SEBI LODR , not just the chairperson or a nominated expert. 

Every person on the audit committee of a listed company must be able to read and interpret financial statements. Appointing a nominee director who has no finance background is non-compliant.

Non-compliance with Regulation 18 attracts a fine of ₹2,000 per day. That accumulates quickly and draws regulatory attention.

Applicability to unlisted public companies:

Unlisted public companies meeting the capital, turnover, or borrowing thresholds must constitute an audit committee under the Companies Act. 

However, the SEBI LODR requirements do not apply to them. The meeting frequency and quorum requirements may be decided by the board

Key Responsibilities of the Audit Committee

An audit committee in India has extensive responsibilities. They are defined under Section 177 of the Companies Act, 2013, and further detailed in Part C of Schedule II of the SEBI (LODR) Regulations, 2015. 

Oversight of Financial Reporting

The committee reviews quarterly and annual financial statements before they go to the board. This includes reviewing auditor observations, accounting policies applied, and any departures from Indian Accounting Standards (Ind AS) or AS. 

The committee is not simply approving numbers, it is examining them for accuracy, compliance with accounting standards, and adequacy of disclosures. 

Auditor Oversight

The committee recommends the appointment, reappointment, and removal of the statutory auditor and fixes their remuneration. 

It also reviews the independence and performance of the auditor and ensures that the auditor is not providing prohibited non-audit services that could compromise objectivity.

Internal Audit

The committee reviews the scope, functioning, and findings of the internal audit department. 

It also reviews the adequacy of the internal audit function itself, including whether the team is adequately staffed and independent of operational management.

Internal Financial Controls and Risk Management

They  evaluate the internal financial controls and risk management systems of the company.

This involves assessing whether these controls are adequately designed and operating effectively. Strong controls protect against financial misstatements and fraud

Related Party Transactions (RPTs)

The audit committee must approve or subsequently modify any related party transactions. This is a critical area. 

RPTs can be a source of conflict of interest and potential abuse. Your committee must scrutinise these transactions to ensure they are at arm’s length and in the best interest of the company.

Whistleblower Mechanism

The committee oversees the vigil mechanism or whistleblower policy, ensures it is operational, and reviews complaints escalated through the mechanism.

Other Areas

  • Review of inter-corporate loans and investments
  • Scrutiny of uses of funds raised through public offers
  • Review of significant findings from any internal investigations

How to Run an Effective Audit Committee Meeting

Running an effective audit committee meeting requires preparation, discipline, and focus. It must be focussed on meaningful discussions that lead to better oversight

Meeting Frequency & Quorum

Under SEBI LODR, the audit committee must meet at least four times a year. Not more than 120 days should pass between two meetings. 

The quorum for a meeting is two members or one-third of the members, whichever is greater. At least two of these members must be independent directors. 

The Company Secretary must act as the secretary to the committee.

Pre-Meeting Preparation

Effective meetings begin with a strong agenda. A clear agenda sets the tone and supports effective committee oversight. It should cover recurring items such as financial statements, audit plans, and compliance updates, while allowing flexibility to address key risks and priorities.

Also, pre-meeting materials should be sent to members well in advance, ideally 7-10 days before the meeting. This gives them time to review and prepare questions. 

The CFO, head of internal audit, and the statutory auditor should attend meetings by standing invitation. At the committee’s discretion, it can also invite other executives or outside professionals with relevant expertise. 

Occasionally, the committee may meet without any management executives present. Private sessions with the statutory auditor or internal auditor,  without management in the room, are good practice. They create space for candid reporting.

Agenda Structure

A well-structured audit committee agenda usually covers:

  • Minutes of the previous meeting
  • Action taken report
  • Financial results review (quarterly/annual as applicable)
  • Internal audit findings and management response
  • Statutory auditor update
  • RPT review and approvals
  • Compliance and regulatory update
  • Whistleblower report (if any)
  • Any other items referred by the board

Minutes and Follow-Through

Minutes should be prepared for each meeting. Each finding or concern raised should have a clear owner and timeline. 

Too many audit committees produce detailed minutes but no follow-up mechanism. If the same finding reappears across three quarterly meetings without resolution, the committee has a process problem.

Independent Access

The committee should exercise its right to seek information from any employee and obtain external professional advice when needed. 

This is enshrined in SEBI LODR Regulation 18(1)(c) and is not merely a theoretical power.

Common Failures and How to Avoid Them

Most audit committee failures in India are quiet, gradual erosion of independence, tendency to defer to management, or a structural problem that never gets fixed. 

Here are the most common issues:

Nominal Independence

Independent directors with close promoter relationships cannot provide objective oversight.

Boards should appoint genuinely independent members based on integrity, expertise, and the ability to challenge management.

Financial Illiteracy

A member who cannot read a balance sheet cannot effectively question the CFO. The SEBI requirement that all members be financially literate exists for this reason. 

Boards should assess members’ actual capabilities during nomination, not after the fact.

Overloaded Agendas

Too many agenda items reduce meaningful discussion. 

Prioritise high-risk issues and delegate operational matters to management or other board committees to allow sufficient time for financial oversight.

Rubber-Stamping Related Party Transactions

Approving related party transactions without scrutiny weakens governance. 

Every material transaction should be evaluated for commercial purpose, arm’s-length pricing, and potential conflicts of interest.

Weak Internal Audit Function

If the internal audit function lacks resources, expertise, or access, the audit committee’s oversight of internal controls is hollow. 

The committee should evaluate not just internal audit findings, but the quality of the function itself. This includes whether the internal auditor has direct reporting access to the committee, not just to management.

Ineffective Meetings

Short, poorly attended meetings often become compliance exercises.

 Hold regular meetings with active participation, sufficient discussion time, and detailed documentation of key deliberations.

No Succession Planning

When a capable audit committee chair retires without a planned succession, institutional knowledge is lost. 

Boards need to maintain a pipeline of directors with relevant financial expertise.

Over-Reliance on Management

Accepting management explanations without verification increases governance risk.

 Meet auditors privately, request supporting evidence, and independently validate significant financial matters before making decisions.

Compliance-Only Mindset

Meeting legal requirements alone is insufficient.

 Effective audit committees focus on accurate financial reporting, strong internal controls, risk management, and long-term shareholder value rather than simply ticking compliance boxes.

How CA Firms Support Audit Committees

Audit committees, even those that are well-composed, often need external support to discharge their responsibilities effectively. 

Experienced CA firms like PKC Management Consulting play a critical support role here by acting like your partners in governance: 

Internal Audit Outsourcing or Co-Sourcing

Many Indian companies,  particularly mid-sized businesses,  do not have a sufficiently resourced in-house internal audit function. 

CA firms provide outsourced or co-sourced internal audit services, conducting risk-based audits across finance, operations, compliance, and IT. The committee receives independent, structured findings rather than management-filtered reports.

Governance Framework Design

CA firms help companies build and embed string governance frameworks that drive transparency and trust. 

GRC services ensure compliance while empowering organizations to proactively manage risks, foster a culture of accountability, and align with evolving regulations.

For audit committees, GRC services assess governance effectiveness, ethical practices, audit committee performance, and decision-making transparency.

RPT Advisory

Given the expanded scope of related party transaction (RPT) oversight, firms support audit committees in reviewing RPT structures, assessing arm’s-length pricing, and documenting approval rationale. 

They also provide support for complex inter-company transactions across subsidiaries.

Internal Financial Controls (IFC) Assessment

Under Section 143(3)(i) of the Companies Act, statutory auditors must report on the adequacy of IFCs. 

CA firms assist management and the audit committee in building, testing, and documenting IFC frameworks before the statutory audit cycle. 

They ensure that risk management processes are aligned with both statutory requirements and industry best practices. Strong controls protect against financial misstatements and fraud. 

Compliance Monitoring

Staying updated with regulatory changes such as SEBI circulars, MCA amendments, Income Tax Act provisions, is a significant burden for any audit committee. 

Firms provide structured compliance monitoring and alert committees to changes that affect their oversight responsibilities.

Whistleblower and Investigation Support

When a whistleblower complaint is escalated to the audit committee, the committee may need independent forensic support to investigate. 

CA firms with forensic capabilities provide structured investigation support and report directly to the committee.

Documentation and Reporting Assistance

CA firms help audit committees maintain proper documentation. This includes audit committee meeting minutes, review records, and compliance certificates. 

Proper documentation demonstrates due diligence and protects against regulatory penalties.

PKC Governance and Audit Advisory

PKC Management Consulting is a professional services firm established in 1988. 

With over three decades of cross-industry experience, PKC provides a wide range of audit and advisory services delivered under one roof.

Audit and Assurance Services

PKC’s audit and assurance services include internal audit, statutory audit, tax audit, and forensic investigations. Our internal auditors provide a comprehensive, risk-based evaluation of your organisation’s internal controls and operational efficiency. 

We work alongside your teams to identify emerging risks, uncover inefficiencies, and help optimise processes.

Governance, Risk, and Compliance (GRC)

PKC’s GRC services help you build and embed a robust governance framework that drives transparency and trust. 

These services ensure compliance while empowering you to proactively manage risks, foster a culture of accountability, and align with evolving regulations. For audit committees, this means having confidence that your governance framework is effective.

Internal Financial Controls (IFC) and Audits

PKC’s approach to designing IFC and Risk Control Matrices ensures that your risk management processes are aligned with both statutory requirements and industry best practices.

We leverage AI-powered audit techniques to uncover latent discrepancies and identify gaps to ensure regulatory adherence.

Actionable Insights

PKC provides customised reporting and actionable insights rather than box-ticking. 

Our experts blend industry knowledge with AI-driven audit methodologies to provide a 360-degree view of your company’s financial health and operational efficiency.

When you onboard PKC, you get a partner who understands governance, risk, and controls.You get actionable insights that help you fulfil your oversight responsibilities effectively. 

We help your audit committee move from passive oversight to active governance, providing the expertise, tools, and insights you need to identify problems early, ask the right questions, and ensure that management and auditors are doing their jobs properly.

CTA: PKC Governance and Audit Advisory

If your audit committee needs to be stronger, better structured, better supported, or better informed, PKC’s governance and audit advisory team can help. 

From internal audit co-sourcing to GRC framework design, PKC works with boards and audit committees across industries to close governance gaps and build lasting oversight capability.

Contact PKC today to schedule a consultation.

FAQs

Is an audit committee mandatory for Indian companies?

Yes, for certain companies. Under Section 177 of the Companies Act, 2013, all listed companies must constitute an audit committee, along with public companies with a paid-up share capital of ₹10 crore or more, turnover of ₹100 crore or more, or aggregate outstanding loans, borrowings, debentures, or deposits exceeding ₹50 crore. Private limited companies not meeting these thresholds are not required to constitute one.

Who can be a member of an audit committee in India?

Members must be directors of the company, with independent directors forming a majority under the Companies Act. Under SEBI LODR, at least two-thirds must be independent directors, all members must be financially literate, and at least one must have accounting or financial management expertise. The chairperson must be an independent director.

What are the responsibilities of an audit committee?

Responsibilities span examining financial statements and auditor reports, approving related party transactions, scrutinizing inter-corporate loans and investments, and evaluating internal financial controls and whistleblower complaints. The committee also recommends statutory auditor appointments and reviews the adequacy of the internal audit function.

How often should the audit committee meet?

Under SEBI LODR, the audit committee must meet at least four times a year, with no more than 120 days between two consecutive meetings. The Companies Act does not specify an explicit minimum frequency, but quarterly meetings aligned with financial reporting cycles are standard practice and effectively required by the scope of responsibilities.

How PKC can help you

Your dream business is just a click away. Book a FREE 30-minute consultation.

Call us: +91 91761 00095

Got a question after reading?

Drop your details and one of our consultants will call you back — usually within a business day.

Want to talk? Get a call back today
+91 91761 00095

Fill out your details

Once submitted, a calendar will open to book your 30-minute meeting slot.

or call us: +91 91761 00095

Table of Contents

Index