+91 99614 11863 +91 94969 61863 info@spotonz.com
WhatsApp Free Consultation

Internal Financial Controls (IFC) Under Section 134 — Companies Act Compliance

By SPOTON Team · June 2026 · 5 min read

Company Law June 2026 5 min read SPOTON Team
Startup Investment and Business Finance

The Companies Act 2013 introduced a statutory requirement for listed companies and certain public companies to establish and maintain Internal Financial Controls (IFC). Directors are responsible for ensuring the company has adequate IFC, and the auditor must specifically opine on the adequacy and operating effectiveness of these controls. Here is the complete guide to IFC compliance in India.

What are Internal Financial Controls?

Under the Explanation to Section 134(5)(e), "Internal Financial Controls" means the policies and procedures adopted by a company for ensuring:

  • Orderly and efficient conduct of business including adherence to company's policies
  • Safeguarding of assets
  • Prevention and detection of frauds and errors
  • Accuracy and completeness of accounting records
  • Timely preparation of reliable financial information

Who Must Comply with IFC Requirements?

  • All listed companies (mandatory statutory audit of IFC by external auditor)
  • All public companies (directors' responsibility statement on IFC — Section 134(5)(e))
  • Private companies are not statutorily required to have IFC audited, but good governance practice encourages it

Directors' Responsibility Statement

Section 134(5)(e) requires the Board's Report to include a directors' responsibility statement affirming that "the directors had devised proper systems to ensure compliance with the provisions of all applicable laws and that such systems were adequate and operating effectively." This statement makes directors personally accountable for IFC adequacy.

IFC Framework — COSO Based

ICAI's guidance on IFC recommends using the COSO (Committee of Sponsoring Organizations of the Treadway Commission) framework — a globally recognized internal control framework. The COSO framework has five components:

  • Control Environment — tone at the top, ethical values, governance structure
  • Risk Assessment — identification and analysis of risks to financial reporting objectives
  • Control Activities — policies and procedures (authorization, reconciliation, verification, segregation of duties)
  • Information and Communication — reliable financial and operational data flows
  • Monitoring Activities — ongoing assessment of IFC effectiveness

Auditor's IFC Report

For listed companies, the statutory auditor issues a separate report (Annexure to the main audit report) opining on whether the company has adequate IFC and whether such controls are operating effectively. Deficiencies are classified as:

  • Deficiency: Control doesn't operate as designed
  • Significant Deficiency: Could lead to misstatement but not likely to be material
  • Material Weakness: Could lead to material misstatement — must be disclosed and remediated urgently
Material weakness in IFC report is a serious red flag for investors: Companies approaching an IPO must resolve all IFC material weaknesses before filing. SPOTON assists companies in designing, documenting and testing IFC frameworks. Call +91 99614 11863.

Conclusion

IFC compliance under the Companies Act is not just a formality — it is a board-level responsibility with legal consequences and auditor scrutiny. SPOTON provides IFC design, documentation and readiness advisory for companies in Kerala and across India. Contact us for expert governance and compliance services.

Share this article:

Need Expert Help?

Our CAs & CSs are ready — free consultation.

We'll contact you shortly!

More Articles

View All Posts

Contact Us

+91 99614 11863 WhatsApp Us info@spotonz.com

Need Professional Assistance?

Our team of CAs, CSs and CMAs is ready to help — free consultation.

Book Free Consultation WhatsApp Now
Chat with us