Trusted by 10,000+ Businesses

Fraud Detection Audit and Section 143(12) Reporting for 2026

Reviewed by CA and CS Team, Patron Accounting LLP ICAI & ICSI Registered| 15+ Years Experience| Last Updated: Verify Credentials →

Operational Authority Playbook: Patron's playbook for companies concerned about internal fraud OR facing Section 143(12) reporting - SA 240 responsibility, Rule 13 procedure, Form ADT-4, CARO 3(xi), whistleblower handling, statutory vs forensic audit.

Rs 1 Crore Threshold Matrix: Decision matrix - Central Government via Form ADT-4 (Rs 1 crore +) vs Audit Committee/Board (below). 60-day filing clock from auditor knowledge; 45-day Audit Committee response window.

Substantive CARO 3(xi) Reporting: Three-part substantive reporting - fraud nature and amounts (BY and ON the company), ADT-4 filing status, whistleblower complaint consideration. No boilerplate.

Confidential, Partner-Led: Forensic team available for separate multi-year investigations. NFRA-standard ADT-4 drafting. All communication subject to strict professional confidentiality.

Trust: 10,000+ Businesses Served | 4.9 Google Rating | 50,000+ Documents Filed | 15+ Years

Call +91 945 945 6700 Email Us WhatsApp Us

15+ YearsIndustry Experience

CA & CSCertified Experts

4.9

Based on 500+ reviews

Get Free Consultation

Talk to a CA/CS expert today

Full Name

Phone Number

City

Service Needed

Our team will get back to you shortly. No spam.

Real Stories from Real People

Hear how teams across industries use Patron to save time, cut costs, & stay in control.

“

The statutory audit was clean and completed well before deadline. No last-minute rush.

Trading Firm, Mumbai

★★★★★

2 months ago

“

Patron handled our Pvt Ltd registration end-to-end. Zero paperwork hassle for our founding team.

Startup Founder

Pune

★★★★★

3 months ago

“

The SA 240 working file and substantive ADT-4 drafting cleared NFRA review without a single follow-up. Confidential and professional throughout.

Audit Committee Chair

Listed Entity

★★★★★

1 month ago

“

Patron's conservative 'reason to believe' application and structured remediation protected us during a whistleblower-triggered investigation.

Group CFO

Family-Business Group

★★★★★

4 months ago

Join 10,000+ Satisfied Businesses

Listed-entity CFOs, Audit Committee Chairs, and family-business groups trust Patron's substantive SA 240 working files, NFRA-standard ADT-4 drafting, and bundled forensic capability - all under strict professional confidentiality.

Talk to an Expert

10,000+Businesses ServedGST compliance and litigation support across India.

15+Years ExperienceDeep expertise in IP registration, GST & business compliance.

50,000+Documents FiledReturns, appeals, and filings handled accurately.

4.9★Client RatingTrusted by entrepreneurs, startups, and growing businesses.

ISO CertifiedProfessional standards and documented processes.

SSL SecureYour financial and business data is fully protected.

Overview What Is It When It Applies Patron Services 7-Step Process Documents Challenges Fees 143(12) Timeline Why Patron Statutory vs Forensic FAQs

Fraud Detection Audit Section 143(12) - Overview

📌 TL;DR - Fraud Detection Audit Services at a Glance

Fraud detection audit under Section 143(12) of the Companies Act, 2013 is the statutory auditor's mandatory responsibility to report fraud against the company by officers or employees to the Central Government - when the 'reason to believe' threshold is met during audit. Rule 13 provides the procedure - fraud of Rs 1 crore or more is reported to the Central Government via Form ADT-4 within 60 days; fraud below Rs 1 crore is reported to the Audit Committee or Board (45-day response window). SA 240 is the foundational standard - professional skepticism and specific fraud-risk procedures. CARO 2020 Clause 3(xi) requires three-part reporting. Section 447 punishment is imprisonment 6 months to 10 years plus fine 1 to 3 times the amount, non-bailable above Rs 10 lakh, and a scheduled offence under PMLA 2002.

Fraud reporting under Section 143(12) is one of the most consequential auditor responsibilities introduced by the Companies Act, 2013 - a significant departure from the 1956 Act where fraud reporting to government was not a statutory auditor obligation. The 2013 framework places positive onus on the auditor to identify and report fraud, with material consequences for both the company (Section 447 punishment) and the auditor (Section 143(15) penalty for failure to report - Rs 1 lakh to Rs 25 lakh for listed companies; Rs 1 lakh to Rs 5 lakh for unlisted companies).

NFRA's Circular dated 26 June 2023 further intensified the reporting obligation - the auditor must file Form ADT-4 even where not the first to identify the fraud, and resignation does not absolve the auditor of reporting responsibility. The Rs 1 crore threshold split (Central Government via ADT-4 vs Audit Committee/Board) is the most operationally significant decision in the framework. Statutory references are verified against the MCA21 V3 portal, ICAI, and NFRA.

Parameter	Detail
Statutory Anchor	Section 143(12) Companies Act 2013 - auditor's mandatory reporting to Central Government on fraud against company by officers/employees
Reporting Threshold (Sec 143(12) + Rule 13)	Rs 1 crore - above goes to Central Government via Form ADT-4; below goes to Audit Committee/Board
Filing Timeline	60 days from auditor's knowledge (Rs 1 crore +); 45 days for Audit Committee/Board response on below-threshold
Auditor Standard	ICAI SA 240 - professional skepticism throughout audit; specific fraud-risk procedures
CARO 2020 Clause 3(xi)	Three-part reporting - nature and amounts of fraud / ADT-4 filing status / whistleblower complaints considered
Vigil Mechanism	Section 177(9) - mandatory for listed and prescribed companies; direct access to Audit Committee Chair
Section 447 Punishment	Imprisonment 6 months to 10 years + fine 1x to 3x amount; non-bailable for amounts >= Rs 10 lakh; scheduled offence under PMLA 2002

Content is reviewed quarterly for accuracy.

What Is Fraud Detection Audit Under Section 143(12)

Fraud detection audit under Section 143(12) of the Companies Act, 2013 refers to the statutory auditor's mandatory responsibility - during the performance of audit duties - to report to the Central Government any fraud or suspected fraud against the company by officers or employees. The provision uses the 'reason to believe' threshold - the auditor need not have proven the fraud, but must have reason to believe an offence involving fraud is being or has been committed. Reporting is mandatory regardless of the general audit materiality threshold, with the Rs 1 crore threshold under Rule 13 only determining the recipient (Central Government via Form ADT-4 above Rs 1 crore; Audit Committee/Board below).

Under ICAI Standard on Auditing SA 240, fraud is an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage. SA 240 distinguishes two categories - (a) fraudulent financial reporting; (b) misappropriation of assets. Section 143(12) targets the second category primarily, though the language is sometimes interpreted to also cover fraudulent financial reporting where it injures the company itself.

The auditor's responsibility under SA 240 begins with risk assessment under SA 315 - the auditor identifies and assesses risks of material misstatement due to fraud at financial-statement level and assertion level, and maintains professional skepticism throughout the audit. Specific procedures include inquiries of management, engagement-team discussion, consideration of fraud risk factors (the 'fraud triangle' - incentive or pressure, opportunity, rationalisation), analytical procedures, journal entry testing, and assessment of management override of controls.

Key Terms for Fraud Detection Audit:

Section 143(12) - Auditor's mandatory reporting to Central Government on fraud against company by officers/employees, where the auditor has 'reason to believe' an offence involving fraud is being or has been committed during the course of audit.

'Reason to Believe' Threshold - Lower than 'knowledge'; the auditor need not have proven fraud; sufficient if facts and circumstances would lead a reasonable auditor to believe an offence involving fraud is being or has been committed.

Rule 13 of Companies (Audit and Auditors) Rules 2014 - Procedure for reporting fraud under Section 143(12); prescribes the Rs 1 crore threshold and Form ADT-4 format.

Form ADT-4 - Format prescribed under Rule 13 for reporting fraud to Central Government; filed by the auditor within 60 days of knowledge.

SA 240 - ICAI Standard on Auditing - The Auditor's Responsibilities Relating to Fraud; professional skepticism + risk assessment + specific fraud procedures.

Fraud Triangle - Three risk factors that together indicate higher fraud risk - (1) Incentive or Pressure; (2) Opportunity; (3) Rationalisation.

CARO 2020 Clause 3(xi) - Three-part fraud reporting - (a) nature and amounts of any fraud by/on the company; (b) whether ADT-4 has been filed under Section 143(12); (c) whether whistleblower complaints received by the company have been considered.

Section 177(9) Vigil Mechanism - Mandatory for listed and prescribed companies - vigil mechanism for directors and employees; direct access to Chair of Audit Committee; protection against victimisation.

Section 447 Punishment for Fraud - Imprisonment 6 months to 10 years (minimum 3 years where public interest involved) + fine 1x to 3x amount; non-bailable for amounts >= Rs 10 lakh or 1% of turnover; scheduled offence under PMLA 2002.

Forensic Audit - Specific investigative engagement distinct from statutory audit - broader scope (multi-year, transaction-level, evidence-preservation), used when fraud is suspected or confirmed; follows specific forensic engagement standards.

Section 143(12) Form ADT-4

When Does Section 143(12) Reporting Apply

Section 143(12) reporting applies in two distinct scenarios.

Scenario A: Fraud Identified During Statutory Audit

The statutory auditor, during the course of performing audit duties under Section 143, comes across facts and circumstances that lead to 'reason to believe' that an offence involving fraud is being or has been committed against the company by officers or employees. Common triggers - unexplained ledger entries; missing supporting documentation; vendor/customer confirmations that don't reconcile; ageing anomalies; bank reconciliation discrepancies; payroll ghost employees; expense reimbursement irregularities; cash transactions exceeding thresholds; non-arm's-length related-party transactions.

Scenario B: Whistleblower Complaint or Management Disclosure

The company has received a whistleblower complaint through the Section 177(9) Vigil Mechanism, or management has disclosed fraud to the auditor. Per NFRA Circular 26 June 2023, the reporting obligation applies EVEN WHERE the auditor is not the first to identify the fraud - if reasonable auditor judgment supports 'reason to believe' that fraud occurred, ADT-4 filing is required.

Applicability by Company Type

Company Type	Section 143(12)	Section 138 Internal Auditor	Whistleblower (Sec 177(9))
Listed company	YES - mandatory regardless of size	YES - mandatory	MANDATORY - direct Audit Committee Chair access
Unlisted public co (Rs 50 cr+ paid-up OR Rs 200 cr+ turnover)	YES	YES - Section 138 applicable	MANDATORY
Pvt Ltd (Rs 200 cr+ borrowings OR Rs 50 cr+ deposits)	YES	Depends on Section 138 thresholds	MANDATORY - deposit-accepting and Rs 50 cr+ borrowings
Other Private limited	YES - applies regardless of size	Not applicable below Sec 138 thresholds	Not mandatory; voluntary common
OPC / Small Company	YES - no exemption	Not applicable	Not applicable
NBFC / Bank / Insurance	YES + sector regulator (RBI/IRDAI)	Mandatory	MANDATORY

Fraud Type Categorisation

Fraud Type	Examples	Detection Likelihood
Cash Misappropriation	Petty cash theft; unreconciled bank deposits	Medium - cash audit procedures
Inventory Theft	Count-to-book difference; FIFO/FEFO violations	Medium - inventory audit
Vendor / Procurement Fraud	Ghost vendors; over-invoicing; kickbacks; bid-rigging	Low to Medium - depends on confirmations
Payroll Fraud	Ghost employees; over-time padding; expense reimbursement	Medium - payroll testing
Sales / Receivables Fraud	Fictitious sales for bonus; receivables manipulation	Medium - confirmations + analytics
Bribery / Corruption	Tender bribes; regulatory bribes; kickbacks	Low - typically off-books
Fraudulent Financial Reporting	Revenue manipulation; expense deferral; reserve manipulation	Medium - higher in listed and pre-IPO

Patron's Fraud Detection Audit Services

Service	What We Do
SA 240 Risk Assessment Integration	Integrate SA 240 fraud risk assessment into SA 315 - fraud triangle factors, specific procedures targeting fraud risks, journal entry testing on year-end/unusual entries, management override assessment.
Whistleblower Complaint Consideration (CARO 3(xi)(c))	Obtain complete complaint list from Audit Committee or HR/Compliance; review investigation reports and resolution; assess audit response adequacy; prepare CARO 3(xi)(c) reporting.
Section 143(12) Threshold Determination	Apply Rs 1 crore decision matrix - aggregate connected transactions; route to Central Government via ADT-4 (Rs 1 crore +) or Audit Committee/Board; coordinate 45-day response window timing.
Form ADT-4 Filing With Central Government	Prepare Form ADT-4 within 60-day window - fraud description, amount, parties, nature, period, supporting evidence, management response, auditor recommendations. Filed via MCA portal.
Audit Committee / Board Reporting (Sub-Threshold)	Below Rs 1 crore reported with nature, amount, parties, remedial action; 45-day action window; escalation to Central Government via ADT-4 if action inadequate.
CARO 2020 Clause 3(xi) Three-Part Reporting	(a) nature and amounts of fraud BY and ON the company (separate); (b) ADT-4 filing status; (c) whistleblower complaints considered. Substantive, not boilerplate.
Statutory vs Forensic Audit Scoping Advisory	Advise when statutory procedures are adequate vs separate forensic engagement - depth of investigation, multi-year scope, evidence preservation for litigation, regulator involvement, damages quantification.
Forensic Audit Engagement + Vigil Mechanism Setup	Multi-year forensic investigation (3-7 years), chain of custody per Indian Evidence Act, expert witness for NCLT/criminal court, damages quantification. Section 177(9) Vigil Mechanism setup and operation for listed/prescribed companies.

Our Process

Patron's 7-Step Fraud Detection Audit Process

From SA 240 risk assessment integrated with audit planning through Section 143(12) threshold determination to ADT-4 filing or Audit Committee reporting and CARO 3(xi) sign-off.

Step 1

SA 240 Risk Assessment Integration

Audit planning under SA 300 integrates SA 240 fraud risk assessment from engagement start - fraud triangle factors, industry-specific risk areas, procedures targeting identified risks, documented in the audit working file.

Fraud triangle SA 300 + SA 240

Assessed01

Step 2

Engagement Team Discussion

SA 240 mandatory discussion on susceptibility to material misstatement due to fraud - professional skepticism, specific likely areas, prior-year findings, whistleblower complaints received during the year.

SA 240 discussion Skepticism

Discussed02

Step 3

Whistleblower Complaint Consideration

Obtain the complete complaint list from Audit Committee/HR/Compliance. Each reviewed for subject matter, investigation status, resolution, relevance. Audit procedures designed to address fraud-related complaints; CARO 3(xi)(c) prepared.

Complaint register CARO 3(xi)(c)

Considered03

Step 4

Specific Fraud Detection Procedures

Journal entry testing (year-end/unusual/high-value); analytical procedures; confirmations; cash testing above Rs 2 lakh under Sec 269ST; related party testing (Sec 188 + Ind AS 24); payroll ghost-employee testing; inventory observation.

Journal entry testing Sec 269ST cash

Tested04

Step 5

'Reason to Believe' Threshold Assessment

Where procedures identify potential fraud, apply the Section 143(12) threshold - is evidence sufficient for a reasonable auditor to believe fraud occurred? Documented in working file; engagement partner consultation; quality control review.

Threshold memo Partner consult

Evaluated05

Step 6

Rs 1 Crore Threshold and Routing

Apply Rule 13 - is fraud Rs 1 crore+ (aggregated for connected transactions)? Yes = Form ADT-4 to Central Government within 60 days; no = Audit Committee/Board report with 45-day window. Substantive documentation, chain of custody.

Rule 13 matrix ADT-4 vs AC/Board

Routed06

Step 7

CARO 3(xi) Reporting and Sign-Off

Prepare three-part CARO 3(xi) - (a) fraud nature/amounts BY and ON; (b) ADT-4 status; (c) whistleblower consideration. Reviewed by engagement partner, signed under Section 145 with UDIN; ADT-4 filed separately.

Three-part report Sec 145 + UDIN

Signed Off07

Fraud Detection Audit Documents Checklist

Section A - Risk Assessment Documents

SA 240 risk assessment memo - fraud triangle, industry-specific risks, financial-statement and assertion-level risks
Engagement team discussion minutes (SA 240 mandatory)
Whistleblower complaint register - complete list, subject matter, investigation status, resolution

Section B - Audit Procedure Documents

Journal entry testing working paper - year-end, high-value, unusual accounts, round-number, weekend/holiday entries
Analytical procedures memo - revenue/margin variance, expense category variance, industry benchmarking
Vendor confirmation file with non-response follow-up; cash receipt testing per Sec 269ST
Payroll testing working paper (ghost employee risk); related party transaction schedule (Sec 188 + Ind AS 24)

Section C - Section 143(12) Reporting (Where Applicable)

'Reason to believe' assessment memo - facts, procedures performed, engagement partner consultation, conclusion
Form ADT-4 draft - fraud description, amount, parties, nature, period, evidence, management response, recommendations
Audit Committee/Board report (sub-threshold) - nature, amount, parties, remedial action, 45-day tracking
Section 143(13) good faith documentation - procedures performed, reasoning, protection record

Section D - CARO 3(xi) Reporting Components

Fraud BY/ON company disclosure - nature and amounts noticed or reported during the year
ADT-4 filing status reference - whether filed, status, date
Whistleblower consideration statement - whether complaints have been considered by the auditor

Section E - Forensic Audit Documents (Where Engaged)

Forensic audit engagement letter - scope, multi-year period, specific allegations, evidence preservation
Forensic investigation working files - chain of custody, transaction-level tracing, perpetrator identification
Forensic report - findings, damages quantification, accountability matrix, recovery recommendations, expert witness statement

Key Fraud Detection Challenges and Patron's Approach

Challenge	Impact	How Patron Accounting Solves It
Distinguishing Fraud from Error (SA 240 Threshold)	The distinguishing factor is INTENT - direct evidence of intent is rarely available, making this one of the most challenging aspects.	Look for indicators of intent (concealment, falsified documentation, control override, coordination, pattern); apply professional skepticism; consult engagement partner; document the reasoning chain.
'Reason to Believe' vs 'Knowledge' Threshold	Many auditors require near-certainty before reporting, fearing defamation. NFRA Circular 26 June 2023 emphasises the threshold is LOWER and reporting mandatory where reasonable judgment supports it.	Apply the threshold conservatively toward REPORTING; consult engagement partner and TCWG; rely on Section 143(13) good faith protection where reporting on reasonable evidence.
Confidentiality vs Reporting Obligation	Auditors are bound by confidentiality under SA 200 and the ICAI Code; the Section 143(12) obligation overrides confidentiality.	Document the conflict; rely on Section 143(13) statutory authorisation; ensure ADT-4 filed within 60-day window; communicate timeline to Audit Committee.
Aggregation for Rs 1 Crore Threshold	Should connected transactions (e.g. 100 invoices of Rs 1.5 lakh forming one scheme) be aggregated? Should multiple frauds by the same perpetrator be aggregated?	Aggregate connected transactions forming a single scheme (same perpetrator, method, period); treat independent frauds separately; when in doubt, aggregate conservatively toward Central Government reporting.
Statutory Audit Adequacy vs Forensic Scoping	Statutory audit under SA 240 is reasonable assurance with sample-based testing - not designed for deep fraud investigation.	Statutory adequate when fraud contained, perpetrator identified, recovery clear; forensic needed for multi-year scope, litigation evidence preservation, complex structure tracing, regulator involvement, expert-witness damages.
NFRA Scrutiny on Reporting Quality	Common NFRA findings - perfunctory ADT-4 filings without substantive evidence; failure to file even where fraud disclosed by management; inadequate SA 240 documentation.	Substantive ADT-4 drafting standard; comprehensive SA 240 working files; mandatory journal entry testing program; engagement quality control review for any fraud-related working paper.

Patron Fraud Detection Audit Engagement Fees

Fee Component	Amount
Statutory audit with SA 240 procedures bundled (mid-size Pvt Ltd)	Rs 1,75,000 to Rs 4,00,000 (Exl GST) - 5 to 6 weeks
Statutory audit with SA 240 + active fraud investigation (mid-size Pvt Ltd)	Rs 3,00,000 to Rs 6,00,000 (Exl GST) - 7 to 9 weeks
Section 143(12) ADT-4 reporting drafting and filing	Rs 1,50,000 to Rs 4,00,000 standalone (Exl GST) - 2 to 4 weeks
Audit Committee / Board reporting for sub-threshold frauds	Rs 75,000 to Rs 2,00,000 standalone (Exl GST) - 1 to 2 weeks
CARO 3(xi) three-part substantive reporting (complex cases)	Bundled with audit; complex cases Rs 50,000 to Rs 1,50,000 additional (Exl GST)
Forensic audit (3-year scope, mid-complexity)	From Rs 8,00,000 (Exl GST) - 6 to 10 weeks
Forensic audit (5-7 year scope, multi-entity, expert witness)	From Rs 18,00,000 (Exl GST) - 10 to 18 weeks
Vigil Mechanism setup under Section 177(9) (listed/prescribed company)	Rs 1,50,000 to Rs 4,00,000 (Exl GST) - 3 to 5 weeks
Patron Accounting Professional Fees	Starting from Rs 1,75,000 (Exl GST and Govt. Charges)

All fees and charges listed are indicative only and do not constitute a binding offer. Final amounts may vary depending on the volume of work and the complexity involved.

Professional service charges for drafting, filing, and representation are separate from the statutory fees. The exact fee depends on the complexity of the case, disputed amount, and number of hearings required. Contact us for a detailed quote.

Get a free Fraud Detection Audit consultation - Call +91 945 945 6700 or WhatsApp us. No-obligation assessment.

Timeline - Section 143(12) Reporting Cycle

Stage	Estimated Timeline
Knowledge of fraud (Day 0)	During audit fieldwork - facts/circumstances identified; 'reason to believe' assessed; engagement partner consultation
Day 0 to Day 2	Engagement partner consultation; quality control review; preliminary documentation of reasoning
Day 2 to Day 7	Section 143(12) routing - Rs 1 crore threshold under Rule 13; aggregation analysis; ADT-4 vs Audit Committee/Board decision
Day 7 to Day 14	Audit Committee briefing under SA 260; management response opportunity (45-day window starts for below-threshold)
Day 14 to Day 60 (above threshold)	Form ADT-4 substantive drafting; engagement partner final review; CARO 3(xi) reporting drafting
Day 60 (above threshold - hard deadline)	Form ADT-4 filed with Central Government via MCA portal; auditor copy retained
Day 59 (below threshold)	Auditor evaluates Audit Committee/Board action adequacy; if inadequate, escalate to Central Government via ADT-4 regardless of amount
Pre-sign-off (Week 7-8)	Engagement quality control review of fraud working papers; SA 260 TCWG communication
Sign-off (Week 8-9)	Audit report signed under Section 145 with UDIN; CARO Annexure A Clause 3(xi); ADT-4 already filed if applicable

Hard deadline: The 60-day ADT-4 filing window from the auditor's knowledge of fraud is a HARD deadline with no extension mechanism - the clock starts the moment the 'reason to believe' threshold is met. NFRA Circular 26 June 2023 requires ADT-4 filing even where the auditor is not the first to identify the fraud, and resignation does not absolve the obligation.

Key Benefits

Why Patron's Fraud Detection Approach Differs

Substantive SA 240 Working File

Risk assessment, journal entry testing, analytical procedures, and engagement team discussion documented to NFRA inspection standard from the outset - rare in market practice where SA 240 documentation is often perfunctory.

Conservative 'Reason to Believe' Application

When in doubt, Patron errs toward reporting based on Section 143(13) good faith protection - many auditors err in the opposite direction and face NFRA disciplinary action. Patron's approach is documented and defensible.

Substantive CARO 3(xi) Reporting

All three components - fraud disclosure, ADT-4 status, whistleblower consideration - substantively reported even where no fraud detected. Boilerplate 'no fraud; no complaints' is unacceptable.

Bundled Forensic Capability

Patron has a forensic team for separate multi-year investigations - chain of custody per Indian Evidence Act, expert witness for NCLT/criminal court - available when statutory procedures are inadequate.

4-Office Confidential Network

Pune, Mumbai, Delhi, and Gurugram - fraud detection and Section 143(12) engagements across India, all subject to strict professional confidentiality.

One-Third Big-Four Fee

Senior partner-led structured SA 240 standard and substantive Section 143(12) capability at roughly one-third the Big-Four fee, with bundled forensic when needed.

Practitioner Authority Signal

10,000+ Businesses | 4.9 Google Rating | 50,000+ Documents Filed | 15+ Years

"The statutory audit was clean and completed well before deadline. No last-minute rush."
- MD, Trading Firm, Mumbai

"Patron handled our Pvt Ltd registration end-to-end. Zero paperwork hassle for our founding team."
- Startup Founder, Pune

Trusted by Hyundai, Asian Paints, Bridgestone and a growing roster of listed entities, family-business groups, and Pvt Ltd companies that have engaged Patron for fraud detection audit, Section 143(12) ADT-4 reporting, or forensic audit engagements.

4-Office Signal: With offices in Pune, Mumbai, Delhi and Gurugram, Patron services fraud detection audit and Section 143(12) reporting engagements across India - all engagements subject to strict professional confidentiality.

Statutory Audit vs Forensic Audit and Provider Comparison

Dimension	Statutory Audit (SA 240)	Forensic Audit
Purpose	Express opinion; identify and report fraud under Section 143(12)	Investigate specific allegations; quantify damages; preserve evidence for litigation
Scope	Current audit period (typically one financial year)	Multi-year (typical 3 to 7 years; can extend further)
Approach	Sample-based testing with reasonable assurance	Transaction-level deep-dive with high evidence threshold
Evidence Standard	Sufficient appropriate audit evidence under SA 500	Evidence Act standard with chain of custody documentation
Output	Audit opinion + CARO Annexure A Clause 3(xi); ADT-4 if applicable	Forensic report - findings, damages, perpetrator identification, expert witness statement
Auditor Qualification	Chartered Accountant under Section 141	CA + forensic specialisation; ICAI FAIS compliance
Court Acceptance	Audit report is evidence but not an investigation report	Admissible as expert evidence in NCLT, criminal court, arbitration
Cost Range	Rs 1.75 lakh to Rs 6 lakh for Pvt Ltd mid-size	Rs 8 lakh to Rs 50+ lakh depending on scope
Timeline	5 to 9 weeks (audit cycle)	6 to 18+ weeks (investigation cycle)
Provider comparison (statutory audit + fraud detection, mid-size Pvt Ltd): DIY/In-House - Section 141 disqualification, unsignable. Big-Four - standard SA 240 capability, Rs 15 to 25 lakh. Specialist forensic firm - Rs 8 to 18 lakh forensic only, not statutory audit. Patron-Led - substantive SA 240 + NFRA-standard ADT-4 + bundled Section 138 internal audit, Rs 1.75 to 6 lakh statutory + Rs 8 lakh+ forensic if needed.

Related Services - Audit Cluster

This operational authority page completes the 19-page comprehensive audit hub - the sister pages cover the statutory audit framework, CARO, IFC, qualifications, going concern, and rotation:

Statutory Audit in India - the parent India service page.
Internal Audit (Section 138) - identifies control weaknesses with fraud risk; cross-reference with SA 240.
Internal Financial Controls Audit - Section 143(3)(i); IFC Material Weakness frequently indicates fraud risk.
CARO 2020 Reporting - Clause 3(xi) is part of the broader 21-clause CARO framework.
Audit Report Types in India - fraud frequently does not modify opinion but triggers parallel reporting.
Qualified vs Unqualified Opinion - fraud may trigger qualification if material AND pervasive.
Qualified Audit Opinion Handling Guide - CFO handling guide if fraud-driven qualification received.
Going Concern Audit Considerations - fraud-driven losses may trigger going concern uncertainty.
Due Diligence - investor/lender forensic diligence overlap.
Private Limited Company Compliance - Section 134(3) Board Report disclosure on auditor-reported frauds.

Legal and Compliance Framework

Section 143(12) Companies Act 2013 (PRIMARY ANCHOR) - If an auditor, in the course of performance of duties, has reason to believe an offence involving fraud is being or has been committed against the company by officers or employees, the auditor shall immediately report the matter to the Central Government within prescribed time and manner. Section 143(13) - good faith protection (no duty regarded as contravened by reason of good-faith reporting). Section 143(14) - applies to cost auditors and Section 138 internal auditors. Section 143(15) - penalty for failure to report (Rs 1 lakh to Rs 25 lakh listed; Rs 1 lakh to Rs 5 lakh unlisted). MCA21: mca.gov.in.

Rule 13 Companies (Audit and Auditors) Rules 2014 - Procedure for reporting fraud under Section 143(12) - Rs 1 crore threshold; Form ADT-4 format; 60-day filing window; Audit Committee/Board for below Rs 1 crore with 45-day response.

Section 134(5)(c) - Director Responsibility Statement on fraud prevention. Section 138 - internal audit applicability (listed; unlisted public Rs 50 cr+ paid-up or Rs 200 cr+ turnover; private Rs 200 cr+ turnover or Rs 100 cr+ loans). Section 177 / 177(9) / 177(10) - Audit Committee; Vigil Mechanism mandatory for listed and prescribed classes; disclosure in Board Report. Rule 7 Companies (Meetings of Board) Rules 2014 - prescribed classes for mandatory vigil mechanism.

Section 447 - Punishment for fraud - imprisonment minimum 6 months extending to 10 years (minimum 3 years where public interest); fine 1 to 3 times the amount; non-bailable for amounts >= Rs 10 lakh or 1% of turnover (whichever lower). Sections 448/449 - false statement/false evidence. Sections 211/212 - SFIO establishment and investigation.

ICAI Standards - SA 240 (PRIMARY - auditor's fraud responsibility; two categories; fraud triangle); SA 250 (laws and regulations); SA 260 (Revised - TCWG communication); SA 315 (risk assessment); SA 330 (response to risks); SA 700 (opinion). ICAI Guidance Note on Reporting on Fraud (Revised 2016). ICAI: icai.org.

NFRA Circular 26 June 2023 - Auditor must file ADT-4 even where not first to identify fraud; resignation does not absolve responsibility; conservative threshold interpretation. NFRA: nfra.gov.in.

CARO 2020 Clause 3(xi) - Three-part reporting - (a) nature and amounts of any fraud BY and ON the company noticed or reported during the year; (b) whether ADT-4 has been filed under Section 143(12); (c) whether the auditor has considered whistleblower complaints received during the year. PMLA 2002 - Section 447 fraud is a scheduled offence. SEBI LODR Regulation 30 - listed entity material event disclosure (24-hour notification for material fraud).

What is Section 143(12) fraud reporting?

Section 143(12) of the Companies Act, 2013 requires the statutory auditor - during the course of performing audit duties - to report to the Central Government any fraud against the company by officers or employees where the auditor has 'reason to believe' the fraud is being or has been committed. The reporting threshold is 'reason to believe' - lower than 'knowledge' or 'certainty'. The auditor reports via Form ADT-4 for frauds of Rs 1 crore or more under Rule 13; smaller frauds are reported to the Audit Committee or Board. Section 143(13) provides good faith protection; Section 143(15) provides penalty for failure to report.

When is the auditor required to report fraud to Central Government?

The auditor is required to report fraud to Central Government via Form ADT-4 when (1) the auditor has 'reason to believe' fraud has been or is being committed against the company by officers or employees during audit performance; (2) the fraud amount is Rs 1 crore or more (aggregated for connected transactions per Rule 13); (3) the 60-day filing window from the auditor's knowledge has not yet expired. Below Rs 1 crore, the auditor reports to Audit Committee or Board with a 45-day response window; if action is inadequate, the auditor escalates to Central Government regardless of amount.

What is the Rs 1 crore threshold under Section 143(12)?

Rule 13(1) of the Companies (Audit and Auditors) Rules, 2014 prescribes the Rs 1 crore threshold - frauds of Rs 1 crore or more (aggregated for connected transactions forming a single scheme) are reported to the Central Government via Form ADT-4; frauds below Rs 1 crore are reported to the Audit Committee or Board with a 45-day response window. Aggregation applies to connected transactions (same perpetrator, same method, same period); independent frauds by different perpetrators are treated separately. Patron's approach is to aggregate conservatively toward Central Government reporting where the question is ambiguous.

What is Form ADT-4 and Rule 13 procedure?

Form ADT-4 is the format prescribed under Rule 13 for reporting fraud to the Central Government under Section 143(12). The form includes a detailed description of the fraud, amount involved, parties involved, nature of fraud, period of occurrence, supporting evidence, management's stated response, and the auditor's recommendations. Rule 13 procedure - the auditor must file ADT-4 within 60 days of knowledge of the fraud; pre-filing communication with the Audit Committee or Board is recommended under SA 260; filing is via the MCA portal; the auditor retains a copy; ADT-4 is confidential and not public record like AOC-4.

What does CARO 3(xi) require on fraud reporting?

CARO 2020 Clause 3(xi) requires three-part substantive reporting in the audit report Annexure A - (a) nature and amounts of any fraud BY the company AND ON the company noticed or reported during the year (separate disclosure, with specific amounts and nature of perpetrator); (b) whether a report under Section 143(12) has been filed by the auditors in Form ADT-4 (affirmative statement with status and date if filed); (c) whether the auditor has considered whistleblower complaints received by the company during the year. All three parts must be reported even if there is no fraud or no whistleblower complaints.

How should companies handle whistleblower complaints?

For listed and prescribed companies, Section 177(9) Vigil Mechanism is mandatory - direct access to the Audit Committee Chair, protection against victimisation, and an investigation protocol. Patron's protocol - (1) complaint receipt with a direct access channel; (2) initial assessment within 7 days for subject matter and credibility; (3) investigation initiation within 30 days with statutory auditor notification under SA 240 + Section 143(12); (4) investigation typically 30 to 90 days with documentation and chain of custody; (5) resolution with remedial/disciplinary/recovery action and regulator notification if criminal; (6) statutory auditor consideration under CARO 3(xi)(c). The protocol applies even to voluntary vigil mechanisms.

What is the difference between statutory audit and forensic audit?

Statutory audit is the annual audit appointment under Section 139 with the objective of expressing an opinion on financial statements; fraud detection is performed under SA 240 with reasonable assurance and sample-based testing; output is the audit opinion and CARO 3(xi) reporting plus ADT-4 filing where the Rs 1 crore threshold is met. Forensic audit is a SEPARATE engagement to investigate specific allegations - multi-year scope (typical 3 to 7 years), transaction-level deep-dive, chain of custody per the Indian Evidence Act; output is a forensic report with findings, damages quantification, perpetrator identification, and an expert witness statement. Statutory audit is mandatory annually; forensic audit is engaged when specific investigation is needed.

What are the consequences of fraud under Section 447?

Section 447 of the Companies Act, 2013 provides punishment for fraud - imprisonment for a minimum of 6 months (minimum 3 years where public interest is involved) and a maximum of 10 years; fine of 1 to 3 times the amount involved. The offence is non-bailable for amounts of Rs 10 lakh or more or 1 percent of the company's turnover (whichever is lower). Fraud under Section 447 is also a SCHEDULED OFFENCE under the Prevention of Money-Laundering Act, 2002 - creating additional money-laundering implications including attachment of properties and parallel ED investigation. Section 448 punishes false statements; Section 449 punishes false evidence.

Quick Answers

Section 143(12) - Auditor's mandatory reporting of fraud against company by officers/employees on 'reason to believe' threshold.
ADT-4 filing - Rs 1 crore+ fraud filed with Central Government within 60 days via MCA portal.
Below Rs 1 crore - Audit Committee or Board with 45-day response window; escalate if inadequate.
CARO 3(xi) - Three parts - fraud nature/amounts, ADT-4 status, whistleblower consideration. All mandatory.
SA 240 - Professional skepticism throughout; fraud triangle (incentive/opportunity/rationalisation).
Vigil Mechanism - Section 177(9) mandatory for listed and prescribed companies.
Section 447 - Imprisonment 6 months to 10 years + fine 1x-3x; scheduled offence under PMLA 2002.

Urgency Recap

Section 143(12) fraud reporting carries the highest non-compliance consequences in the entire audit framework. Auditor failure to report under Section 143(15) attracts a penalty of Rs 1 lakh to Rs 25 lakh for listed companies and Rs 1 lakh to Rs 5 lakh for unlisted companies, plus potential ICAI disciplinary action and NFRA intervention. Company-level consequences are more severe - Section 447 punishment is imprisonment of 6 months to 10 years with fine of 1 to 3 times the amount, non-bailable for Rs 10 lakh+ amounts, and a scheduled offence under PMLA 2002 creating money-laundering exposure with ED investigation and property attachment.

The 60-day ADT-4 filing window from the auditor's knowledge is a HARD deadline with no extension mechanism. NFRA Circular 26 June 2023 tightened the framework - auditors must file ADT-4 even where not first to identify fraud; resignation does not absolve the obligation. CARO 3(xi) three-part reporting is mandatory in every audit report regardless of fraud existence.

The single most important decision is to engage with the auditor PROACTIVELY rather than reactively - proactive engagement protects company interests through structured remediation and reduced regulator scrutiny. All Patron communication is subject to strict professional confidentiality.

Engage Patron for Confidential Fraud Detection Consultation

Fraud detection audit under Section 143(12) of the Companies Act, 2013 is the most consequential auditor responsibility introduced by the 2013 framework - placing positive onus on the statutory auditor to identify and report fraud against the company by officers or employees. The 'reason to believe' threshold is lower than 'knowledge' - reporting is mandatory where reasonable auditor judgment based on available evidence supports the belief.

The Rs 1 crore threshold under Rule 13 determines the recipient - Central Government via Form ADT-4 for above Rs 1 crore (60-day filing window); Audit Committee or Board for below Rs 1 crore (45-day response window). SA 240 is the foundational ICAI standard; CARO 2020 Clause 3(xi) requires three-part substantive reporting in every audit report; Section 177(9) Vigil Mechanism is mandatory for listed and prescribed companies; Section 447 punishment includes imprisonment and fine plus PMLA 2002 scheduled-offence implications.

Patron's seven-step playbook integrates SA 240 risk assessment with audit planning, whistleblower consideration under CARO 3(xi)(c), Section 143(12) threshold determination, Form ADT-4 substantive drafting and filing, CARO 3(xi) three-part reporting, and forensic audit scoping. Our 15+ years of practice, structured SA 240 working file standard, and four-office network across Pune, Mumbai, Delhi and Gurugram bring fraud detection depth to listed entities, family-business groups, Pvt Ltd companies, NBFCs, and pre-IBC distressed companies - all engagements subject to strict professional confidentiality.

📞 Call +91 945 945 6700 💬 WhatsApp Us ✉️ Email Us

Book a Free Consultation - No Obligation.

Patron Across India

Four offices servicing fraud detection and Section 143(12) engagements pan-India - all subject to strict professional confidentiality.

Patron Offices

Confidential fraud detection and forensic engagements across India.

Pune (HQ)

Maharashtra

Mumbai

Maharashtra

Delhi

NCR

Gurugram

Haryana

Audit Cluster and Related Services

Comprehensive audit hub - framework and operational authority pages

Content Created: 13 May 2026 | Last Updated: 14 May 2026 | Next Review: 13 August 2026 | Reviewed By: CA & CS Team, Patron Accounting LLP

This page is reviewed quarterly (Freshness Tier 1). Section 143(12) amendments, Rule 13 changes, NFRA circulars on fraud reporting, ICAI Guidance Note revisions, and CARO 2020 amendments are verified against MCA, ICAI, and NFRA sources at every review cycle.