For decades, being a “Principal Auditor” of a large group in India felt a bit like being a relay race coordinator. You waited for the branch or subsidiary auditors to finish their lap, took their signed reports , and sprinted to the finish line to sign the Consolidated Financial Statements (CFS)
If something went wrong at a subsidiary level? “Not my problem,” was the standard defense. “I relied on the work of the other auditor as per SA 600
As of January 2026, that defense is officially dead
NFRA isn’t just changing a rule; they are changing the definition of responsibility. They’ve seen too many ₹1,000-crore frauds hide in “immaterial” subsidiaries while the main auditor claimed they didn’t have the right to check the books of the branch
What No more Hiding actually means
1)You can no longer just collect “Clean Reports” like trading cards. If a subsidiary in a remote corner shows a 40% profit margin while the rest of the industry is tanking, you can’t say, “The branch auditor signed it, so it’s fine.” NFRA now expects you to challenge that auditor. If you aren’t satisfied, you go there yourself.
2) The new stance requires the Principal Auditor to evaluate the competence of the component (subsidiary) auditor.
The 2026 Way: You must document why you trust them. Do they have the resources? Do they understand the industry? NFRA is holding you liable for their lack of expertise.The Old Way: “They are a CA firm, so they must be good.”
The 2026 Way: You must document why you trust them. Do they have the resources? Do they understand the industry? NFRA is holding you liable for their lack of expertise
3)Branch auditors used to guard their working papers like state secrets. NFRA’s 2026 position is clear: The Principal Auditor must have access to the component auditor’s work. If they don’t show you how they verified the revenue, you can’t rely on their report
How to Protect your license
If you are signing group accounts this year, stop acting like a consolidator and start acting like an investigator.
- Update your Engagement Letters: Explicitly state that the subsidiary auditors must provide access to their working papers. Do not wait until the March deadline to find out they are uncooperative.
- The “Joint Risk” Workshop: Before the audit starts, hold a mandatory meeting with all component auditors. Don’t just send an email. Discuss the “Group Materiality” and tell them exactly which “Red Flags” you are looking for
- Document the “Doubt”: If you questioned a branch auditor about a suspicious transaction, put that conversation in your file. NFRA doesn’t just want to see that you got an answer; they want to see that you asked a tough question
- Pick your top 2-3 most significant subsidiaries and perform a “deep dive” review of their audit files. If NFRA knocks on your door, “I trusted them” is a 5-year debarment sentence. “I reviewed their work and found it sufficient” is a valid defense
Conclusion
A 5-year debarment isn’t worth a ‘polite’ relationship with a branch auditor. It’s time to demand the working papers. How are your subsidiary partners reacting to the new transparency?”