Statutory audit focus is to verify the financial transactions in books of accounts. The respective laws and regulations govern performing these audits.
For instance, the SEC calls for a Mandatory audit requirement for all public companies. An Independent Certified Public Accountants perform audits.

Table of contents
Statutory Audit vs Internal Audit
In other words, Performing audits at the request of internal management rather than as per the statutory regulation. Internal Audits are one such Audit.
Based on the nature of services, Business Management calls such audits as non-mandated audits. Some examples are physical verification of Stocks or Fixed Assets, Tax Compliance audits, and Operational audits.
Primary distinguishing factor between Statutory Audits and Management Audits is the Scope of Audit. There is no scope limitation for Statutory Audit.
Management-driven audits focus on an objective.
For example, Auditors are employed to check if the
- Salaries and Wages processed within the payroll department are unbiased
- Consider all the applicable deductions, such as loss of pay, salary advance deductions, etc.
So, the payroll auditor (Internal audit) does not have the right to check if the bank reconciliation statement is appropriately prepared.
In either case, Auditors shall be independent from the entity subject to Audit. The respective laws and regulations shall govern them. They should act with Integrity, Objectivity, and Diligence.
We will focus on unpeeling each layer in the statutory audit concept.
Why to perform an Audit as per statute?
Statutory Audits require the auditor to express whether the financial statements represent a true and fair view.
It assures various stakeholders that all the balances within the following statements are appropriate.
- Balance sheet,
- Income statement,
- Cash flow statements
- Foot notes
These audited financials enable the stakeholders to make decisions such as buying, selling or holding the stocks of the business entities.
How is Statutory Audit performed?
Well, there is no step-by-step checklist.
There is a well-established outline which has become the industry standard.
The audit team shall obtain enough audit evidence that gives assurance that the financial transactions recorded are appropriate and don’t pose a risk of material misstatement. In other words, audits ensure that books are free from fraud or errors.
The process involves the following broad steps:
- Understanding the entity
- Ascertaining the Inherent risks
- Performing testing of Internal Controls
- Planning the substantive procedures
- Evaluate the results of the testing performed
- Provide an opinion on the financials
Statutory Audit Process
Understanding the entity and its business is the primary step for any audit team.
It provides an overview of
- How each process functions at the entity
- Risks in each of process steps
- Controls operating at each risk area
- Applicable Statutory requirements
- Tax compliances
These insights will allow the auditor to evaluate the level of risks at the entity level and each financial statement line-item level.
It’s not a possible goal to eliminate the risk of the current year’s financial transaction needing to be corrected with internal controls. We can reduce it to an acceptable level.
Let’s talk in simpler terms.
Example to understand reducing the risk to an acceptable level
We all use the credit cards for online or offline shopping. Authentication through a PIN or One-time message is a control to ensure that the card owner uses it.
What if there is no such control?
There is a higher chance of misappropriation.
However, there is a good chance of misusing the control by stealing those PIN numbers. The chances of misappropriation will reduce with the introduction of PIN or one-time messages rather than not enabling them at all.
So, we can reduce the risk to an acceptable level instead of eliminating it.
Focus on Testing of Internal Controls
Coming back to our audit steps, the audit team tests the design, implementation, and operating effectiveness of the controls. This test reveals whether the controls are designed and operating effectively. If any failure of such design or operation of controls occurs, it increases the audit risk.
Note: Testing of internal controls is one of the key steps of statutory audit. Internal audit will also performs the testing if the scope defines it.
Failure of controls calls for more attention from auditors.
The audit team needs to increase the extent of testing for areas where there is a control failure. The auditor should also analyse whether a control failure in one account balance affects any other account balance.
For instance, the controls relating to fixed asset accounting is not operating effectively. Then, there is also a high chance of increase in risk for depreciation testing.
Statutory Audit has no limitations on the extent of performing audit procedures. The focus is more than obtaining the audit evidence that books are appropriately recorded.
Focus on Contradictory Evidence
The auditor shall not disregard any contradictory evidence for an account balance obtained to test a different account balance.
Let’s understand this with a practical example.
Example of Contradictory Evidence
Performing testing of the payroll transactions uncovered that the ERP application has a technical glitch, which results in disregarding the last working day of the month transactions for posting in sub-ledgers.
The audit team shall not consider this as an isolating event.
The effect of such technical error might be pervasive as the same application is employed to process accounts receivable, bank, and accounts payable transactions.
In such cases, the management must correct such errors and ensure that the financial statements reflect the true balances.
Statutory Audit Key Takeaways
A statutory audit is performed according to the requirements of the respective Legislature. Independent certified accountant performs such audits.
For instance, Certified Public Accountants in the USA and Chartered Accountants in Australia and India are qualified professionals to carry out independent audits
Runners Insight: Are you excited to explore a captivating concept? Here is the path – SALY..
Respective audit boards govern these auditors.
The broad-level process of performing audit procedures remains the same for all of these qualified professionals.
The statutory auditor has to understand the entity’s business, internal and external factors affecting it, and internal controls to evaluate the inherent risk. The level of risk helps the auditor devise a plan for performing the testing procedures. These procedures vary based on the business, account balances, and industry in which the entity operates.
These audits assure various stakeholders such as its employees, government, suppliers, debtors and shareholders.
Thus, businesses need to maintain proper accounting and establish sound internal controls and processes to avoid errors or misstatements, which in turn enables the auditor to express a positive opinion on the financial statements.