UDIN TIME - IS IT TOO LONG TO DEFEAT PURPOSE?
Narayanan Krishnaswamy
Chartered Accountant and Cyber Security Consulting, Operations, Solutions and Services
UNIQUE DOCUMENT IDENTIFICATION NUMBER (UDIN)- Do we need a 60 day time window ?
My Infosec folks - This article is a bit of digression from infosec but implementation of the concept of Third Party Verification is being discussed from a different perspective beyond CIA. This is mainly for my finance professionals.
Prima facie, UDIN introduced by the Institute of Chartered Accountants of India (ICAI) is ?a great process, focussed at ensuring authenticity of the valuable attestations/certifications, non repudiation and Integrity of the various documents ,reports ,statements that are signed manually or digitally by Chartered Accountants in full time practice.
While the objective to prevent forgeries and misrepresentations are substantially curbed with a split seconds process of generation of UDIN ,what is intriguing is the 60 or 30 day window given to obtain UDIN, post the signing of the document for which the UDIN has to be obtained. At most times it just takes less than a mere 60 (sixty) to 90 (ninety) ?seconds to do it.
Unless UDIN is obtained, circulation of the document could be, rather, is a question. Many times the 60 day window opens up a gateway for predating the date of signing the document probably because the document was not exactly ready on the date on which it is being said to be signed- may be to meet a regulation or time lime laid down under law or any other reason.
Sometimes it is seen in a number of cases that UDIN is printed/typed on a document which is dated much earlier to the date of obtainment of UDIN. Wondering how is it possible? At best, I thought it can be handwritten since on the date of signing of the document the signatory was not aware of the UDIN having used the 60 day window.
领英推荐
Also data analysis of UDIN systems may throw some light of the truth in what is stated in the above paragraphs – Like UDIN server down/slow due to heavy traffic closer to the last date of a regulatory compliance; the number of UDINs generated for a particular date of document say a Balance Sheet and so on. ?
The justification of blanket 60 days ?to obtain UDIN under SA 230 and SQC 1 does not probably fit in the realm of audit file preparation time primarily because UDIN is not great documentation effort and if the document is ready it just takes about 60 seconds. Also UDIN is more for the purpose of ensuring that the external world is not made to rely on fake/forged documents rather than anything related to the conduct of an audit/certification/attestation. Also the broad objective of both SA 230 and SQC is to ensure better quality/level of audit and use of the time window purported to be permitted under them only defeats it .
What can be done is, that the time window should be restricted to a day or two and to cater to exceptional circumstances , a delayed UDIN can be allowed for specified reasons. The reasons can be listed in a drop box along with a wild card entry “ Others” which if chosen would require a narrative field to text a reason for delay in obtainment of UDIN
All said and done it is a great concept and process and should be introduced for many industries wherever reports of professionals are relied upon by third parties/general public and need not be restricted to financial reports involving full time practising Chartered Accountants. For example Security Audit reports and attestations done under various International Information Security standards.?
Also now that UDIN has been there for a while ,it is time to rethink on the three or four parameter values that are required to be keyed in at the time of obtainment of UDIN. It can be made a bit more dynamic moving away from the parameters of capital ,WDV and turnover. Dynamic meaning it could be any parameter normally found in annual accounts/certificates/reports like salaries, conveyance, travelling, provision for tax etc This coupled with the reduction of window available could achieve a large number of objectives of quality, ,credibility ,authentication ,protection against frauds/misrepresentation and so on.
Wish to live long but with a shorter window to sign !
Group CFO
2 年Well thought out Narayanan