Mutual Funds SEBI compliance audit SEBI inspection mutual fund audit Regulation 43 Regulation 44 thematic inspection compliance test report CTR

SEBI compliance audit for mutual funds

From WebNotes, a public knowledge base. Last updated . Reading time ~16 min.

A SEBI compliance audit for a mutual fund asset management company (AMC) is a formal regulatory examination conducted by the Securities and Exchange Board of India or by a SEBI-empanelled independent auditor, assessing whether the AMC, its schemes, and the Board of Trustees are adhering to the SEBI Mutual Funds Regulations 1996 , SEBI circulars, and AMFI guidelines. The audit framework is structurally important to the operational integrity of the Indian mutual-fund industry, serving as the principal regulatory verification mechanism for AMC-level compliance with the substantive operational, investment-restriction, disclosure, and investor-protection requirements established under the SEBI Act 1992 and the broader SEBI regulatory framework.

The SEBI compliance audit operates through several distinct mechanisms:

  • Routine SEBI inspection: Periodic regulatory inspection conducted by SEBI’s Investment Management Department covering all major AMCs on a cycle (typically every 2 to 3 years for major AMCs).
  • Thematic inspection: SEBI-conducted inspection focused on specific risk areas across multiple AMCs simultaneously, driven by emerging market events or specific concerns.
  • Forensic or complaint-triggered inspection: Targeted inspection triggered by investor complaints, whistleblower disclosures, or anomaly detection.
  • Internal compliance audit: AMC-conducted self-audit and SEBI-empanelled-auditor-conducted compliance test report (CTR) at prescribed periodicities.
  • Periodic external audit: Annual independent audit of operational systems, controls, and risk-management framework.

The compliance audit framework was substantively strengthened following several major industry events:

  • 2018 IL&FS crisis and the subsequent 2019-2020 NBFC-debt crisis, which exposed valuation and credit-risk-management weaknesses across the debt-fund category.
  • April 2020 Franklin Templeton winding-up of six debt schemes (see Franklin Templeton 2020 winding-up reference), which triggered substantial thematic-inspection focus on debt-fund liquidity and valuation practices.
  • 2022 to 2024 SEBI Mutual Fund regulatory updates, which enhanced the operational and disclosure requirements consistently across the industry.

The compliance audit findings typically lead to one of several outcomes: (a) clean inspection result with no material findings; (b) advisory observations requiring corrective action without formal enforcement; (c) show-cause notices initiating formal enforcement proceedings; (d) consent settlement with monetary settlement; or (e) full enforcement proceedings resulting in penalty orders, scheme-suspension directions, or other regulatory action. SEBI publishes enforcement orders and settlement orders on its website, providing the public record of compliance-audit-related actions.

SEBI Act 1992

SEBI’s power to inspect and audit mutual fund AMCs is principally derived from the SEBI Act 1992 :

  • Section 11: Establishes SEBI’s broad powers to investigate, inquire, and conduct examinations in the interest of investors and securities-market integrity.
  • Section 11A: SEBI’s powers in respect of mutual funds specifically, including registration, regulation, and inspection.
  • Section 11B: SEBI’s powers to issue directions in the interest of investors, including suspension, prohibition, and corrective directions.
  • Section 11C: SEBI’s powers to conduct investigations under specific statutory authority.

The Section 11 and 11B powers provide the broad regulatory umbrella; the Mutual Funds Regulations 1996 provide the specific operational provisions.

SEBI Mutual Funds Regulations 1996

The SEBI Mutual Funds Regulations 1996 contain the operational compliance-audit framework:

  • Regulation 43: SEBI’s right to inspect the books, records, and documents of every mutual fund, AMC, and trustees at any time. Inspection can be conducted by SEBI directly or by SEBI-empanelled auditors.
  • Regulation 44: Requirement that trustees, AMC officials, and AMC personnel extend full cooperation during inspections, including providing access to records, systems, and personnel.
  • Regulation 45: SEBI’s power to issue directions following inspection findings.
  • Regulation 46: SEBI’s power to impose penalties for non-compliance.

The Regulation 43 and 44 framework is the principal operational basis for SEBI’s compliance-audit activities.

SEBI Master Circular for Mutual Funds

The SEBI Master Circular for Mutual Funds (updated periodically, most recently for 2024) consolidates the operational compliance requirements that AMCs must satisfy. The Master Circular covers:

  • Operational risk management.
  • Cyber-security and business-continuity planning.
  • Investor grievance redressal standards.
  • Disclosure timelines and content requirements.
  • Investment-restriction operational compliance.
  • KYC, AML, and PMLA compliance.

The Master Circular is the principal operational reference for both AMC compliance teams and SEBI inspectors.

Internal compliance audit requirement

SEBI has progressively enhanced the internal-compliance-audit requirements for AMCs:

  • Compliance Test Report (CTR): Periodic self-assessment of compliance with SEBI regulations and circulars.
  • Annual independent audit: Conducted by an external auditor empanelled by SEBI, covering operational systems, controls, and risk-management framework.
  • Semi-annual reviews: For specific risk areas (e.g., valuation, liquidity management).

The internal-compliance-audit framework operates alongside the SEBI-conducted inspection framework, providing layered assurance of AMC operational integrity.

Types of compliance audits

Routine SEBI inspection

SEBI conducts routine inspections of AMCs on a cycle, typically every 2 to 3 years for major AMCs and on a longer cycle for smaller AMCs. The routine inspection scope:

  • Investment restriction compliance: Concentration limits, sector caps, derivatives-exposure caps, and other investment-restriction provisions.
  • Expense-ratio compliance: Under Regulation 52 of the Mutual Funds Regulations (and updated under the SEBI scheme rationalisation circular 2017 framework).
  • KYC and AML compliance: PMLA obligations, KYC documentation, transaction-monitoring.
  • Fund-manager-conflict-of-interest disclosures: Identification and management of potential conflicts.
  • Front-running and insider-trading controls: Internal controls preventing improper trading.
  • Investor grievance redressal: System effectiveness, timeline adherence.
  • Disclosure compliance: Portfolio disclosures, factsheet, CAS dispatch timelines, mandatory regulatory filings.
  • NAV computation accuracy and timeliness: Compliance with the NAV computation and applicable NAV frameworks, including post-2021 SEBI NAV applicability rule 2021 requirements.

The routine inspection typically spans 2 to 6 weeks at the AMC’s premises (or remote depending on the inspection methodology), with inspection teams of 5 to 15 personnel depending on the AMC size and complexity.

Thematic inspection

SEBI conducts thematic inspections focused on a specific risk area across multiple AMCs simultaneously. Notable thematic-inspection topics:

  • Valuation practices for AT1 bonds and stressed debt securities (post-2020 Franklin Templeton thematic focus).
  • Side-pocketing compliance: Adherence to the SEBI side-pocketing framework for downgraded debt securities.
  • Segregated portfolio creation: Operational compliance with segregated-portfolio rules following credit-event downgrades.
  • Cybersecurity and business-continuity planning: Post-2020 thematic focus on operational resilience.
  • Related-party lending by AMC group entities: Examination of potential conflicts in cross-entity lending.
  • Stress-testing methodology: Post-2024 stress testing framework operational verification.
  • Swing-pricing implementation: Adherence to the SEBI MF swing-pricing framework.
  • Distribution-commission disclosure: Trail commission and other distribution-cost transparency.
  • NRI/FPI tax-withholding compliance: Compliance with cross-border tax-withholding requirements.

Thematic inspections are typically shorter than routine inspections (2 to 4 weeks per AMC) but apply more focused expertise on the specific theme.

Forensic or complaint-triggered inspection

SEBI may conduct targeted forensic inspections triggered by:

  • Investor complaints: Particularly where a pattern of complaints suggests systemic issues.
  • Whistleblower disclosures: From AMC employees or insiders.
  • Anomaly detection: Through SEBI’s surveillance systems identifying unusual patterns in disclosures, transactions, or operational data.
  • Media reports: Where credible media reporting suggests potential violations.
  • Market events: Where specific market events affect a particular AMC.

Forensic inspections are typically intensive, involving substantial document examination, employee interviews, and data analysis. They are confidential during the conduct phase and may result in enforcement proceedings if violations are confirmed.

Internal compliance audit (AMC self-audit)

SEBI requires AMCs to conduct periodic internal compliance audits:

  • Compliance Test Report (CTR): Periodic self-assessment, typically semi-annual, covering the AMC’s compliance posture against SEBI regulations and circulars.
  • Annual independent audit: Conducted by an external auditor empanelled by SEBI, providing independent verification of operational systems and controls.
  • Risk-based internal audit: Continuous internal-audit function covering high-risk operational areas.

The internal-compliance-audit framework operates as a first-line-of-defence supplementing SEBI’s external inspection framework. The CTR findings are reported to the AMC’s Board of Trustees and provide the input for trustees’ half-yearly trustee report to SEBI.

Scope of audit

Investment-restriction compliance

The investment-restriction-compliance audit examines:

  • Concentration limits: Single-issuer exposure limits, single-group exposure limits, single-sector caps.
  • Asset-class restrictions: Equity-debt split for hybrid schemes, derivative-exposure caps, foreign-investment caps under SEBI MF overseas investment cap .
  • Quality restrictions: Credit-rating restrictions for debt schemes, scheme-category-specific quality requirements.
  • Scheme-mandate adherence: Compliance with the specific scheme’s stated investment mandate as documented in the Scheme Information Document (SID).
  • Transition-cycle compliance: Adherence to the timelines for restoring compliance when limits are breached.

Investment-restriction compliance is operationally complex due to the daily monitoring requirements, market-driven drift in exposures, and the interaction between multiple overlapping limits.

Expense-ratio compliance

The expense-ratio audit examines:

  • TER compliance under Regulation 52: Adherence to the slab-based TER caps applicable to different scheme categories and AUM levels.
  • Permitted expense categories: Verification that charges to the scheme fall within the SEBI-permitted categories.
  • Cross-subsidisation prevention: Verification that expenses are appropriately allocated across schemes within the AMC.
  • Brokerage and transaction-cost monitoring: Including statutory transaction costs and broker-commission caps.
  • Direct-plan-vs-regular-plan TER differential: Verification that direct plans correctly reflect the absence of distribution commission.

The TER compliance is a periodic focus of SEBI inspection given the direct investor-cost implications.

The NAV-related audit examines:

  • NAV computation accuracy: Mathematical accuracy of the NAV computation framework.
  • Valuation methodology compliance: Adherence to the SEBI-prescribed valuation methodology for different security types.
  • Timeliness of NAV publication: Within the regulatory timelines.
  • Applicable NAV framework compliance: Adherence to the applicable NAV framework as modified by the SEBI NAV applicability rule 2021 (the realized-NAV rule for purchases above Rs 2 lakh).

NAV-related compliance is operationally critical because NAV errors have direct investor-impact and can trigger substantial investor redressal proceedings.

Disclosure compliance

The disclosure-compliance audit examines:

  • Scheme Information Document (SID) accuracy and updating.
  • Statement of Additional Information (SAI) updating.
  • Key Information Memorandum (KIM) consistency with SID.
  • Factsheet content and dispatch timelines (AMFI scheme factsheet framework).
  • Portfolio disclosure compliance: Monthly portfolio disclosures and the post-2024 enhanced disclosure formats.
  • CAS dispatch compliance: Consolidated Account Statement dispatch within prescribed timelines.
  • Half-yearly trustee report submission: Compliance with the SEBI MF half-yearly trustee report framework.

KYC and AML compliance

The KYC and AML compliance audit examines:

  • PAN-based KYC: Compliance with the mandatory PAN-KYC linkage.
  • PMLA compliance: Anti-money-laundering systems, transaction monitoring, suspicious-transaction reporting.
  • FATCA/CRS compliance: Cross-border tax-information exchange.
  • NRI-specific compliance: Compliance with the NRI investment framework.
  • High-risk-customer monitoring: Enhanced due diligence for high-risk customer categories.

Operational and IT compliance

The operational and IT compliance audit examines:

  • Cybersecurity framework: Post-2024 enhanced SEBI cyber-security requirements for AMCs.
  • Business continuity planning: Operational resilience to disruption events.
  • Data integrity: Accuracy and integrity of the AMC’s operational data systems.
  • System-access controls: Authentication, authorization, audit trails.
  • Disaster recovery: Capability to recover from major operational disruption.

The operational and IT compliance area has been a focus of enhanced SEBI attention following the post-2020 cyber-security and operational-resilience focus.

Investor grievance redressal

The investor-grievance-redressal audit examines:

  • SCORES integration: Compliance with SEBI’s SCORES complaint-redressal platform.
  • Internal grievance redressal: AMC-level processes and timelines.
  • Statistics on grievances: Trends, resolution rates, customer satisfaction.
  • Escalation mechanisms: Standardised escalation to senior management and the Board.

Audit report contents

A typical SEBI compliance audit report contains:

Scope of audit

  • Period covered (typically 1 to 3 years for routine inspection).
  • Areas examined (investment restrictions, NAV computation, disclosure, KYC, etc.).
  • Schemes covered (all schemes or a sample).
  • Methodology (document review, system testing, employee interviews).

Findings

Findings are typically classified by severity:

  • Critical findings: Material violations potentially attracting enforcement action.
  • Major findings: Significant deficiencies requiring prompt corrective action.
  • Minor findings: Observational deficiencies for improvement.

Each finding includes:

  • Description of the deficiency.
  • Citation of the relevant regulatory provision.
  • Quantification of the impact (where relevant).
  • Recommended corrective action.

Management response

The AMC’s response to each finding, which may:

  • Accept the finding and commit to corrective action.
  • Provide explanations or rebuttals.
  • Identify factors mitigating the severity.

Recommendations and corrective-action timeline

  • Specific corrective actions required.
  • Timeline for resolution (typically 30 to 180 days depending on the finding’s severity).
  • Verification methodology.
  • Reporting requirements during the remediation period.

Public disclosure framework

Inspection reports are confidential

The full inspection reports are confidential regulatory documents, not routinely published. AMCs receive their inspection reports and are required to respond. The confidentiality protects:

  • Commercially-sensitive operational information.
  • Ongoing investigation integrity.
  • AMC reputational interests during the response/remediation period.

Enforcement orders are public

While the inspection reports are confidential, SEBI publishes the following related documents:

  • SEBI enforcement orders: Orders imposing penalties or issuing directions after enforcement proceedings arising from inspection findings.
  • SEBI settlement orders: Settlement details where the AMC has agreed to pay a settlement amount under the SEBI settlement framework.
  • SEBI Annual Report: Statistics on inspections conducted, AMCs inspected, and broad enforcement outcomes.
  • SCORES platform: Aggregate grievance statistics for each AMC.

The enforcement orders provide the public record of compliance-audit-related actions and are available through the SEBI website’s enforcement-orders database.

Impact on AMC market position

Enforcement orders affecting an AMC have several material consequences:

  • Reputational impact: Investor and distributor perception of the AMC.
  • Cost impact: Monetary penalties and additional compliance costs.
  • Operational impact: Required corrective actions affecting operations.
  • Sponsor and trustee implications: For sponsor and trustees, with potential individual liability.
  • Future business: Limitations on certain activities or product launches for a defined period.

Notable compliance-audit-driven enforcement

Post-Franklin Templeton 2020 thematic inspections

Following the April 2020 Franklin Templeton winding-up , SEBI conducted substantial thematic inspections across the debt-fund category, examining:

  • Liquidity-risk management practices.
  • Valuation practices for stressed debt securities.
  • Concentration risk in lower-quality debt holdings.
  • Communication and disclosure during liquidity events.

The post-Franklin thematic inspections drove substantial industry-wide reform in debt-fund liquidity management and triggered the launch of new regulatory frameworks (the SEBI MF stress testing 2024 framework being one outcome).

2018 to 2020 IL&FS and NBFC crisis inspections

The 2018 IL&FS default and subsequent NBFC-debt-crisis triggered substantial thematic inspections of AMC exposure to:

  • IL&FS-related debt instruments.
  • Broader NBFC debt holdings.
  • Side-pocketing practices.
  • Valuation methodology for downgraded securities.

The inspections resulted in multiple enforcement orders and substantive reform of the side-pocketing and segregated-portfolio framework.

Mutual fund operational technology audits

Through 2022 to 2025, SEBI has conducted multiple thematic audits of AMC operational-technology resilience, particularly cyber-security, business continuity, and data integrity. The audits have driven enhanced operational-resilience requirements across the industry.

Recent developments

2024 enhanced compliance-audit framework

SEBI in 2024 enhanced the AMC compliance-audit framework:

  • More frequent thematic inspections targeting specific risk areas.
  • Enhanced internal-compliance-audit requirements for AMCs.
  • Strengthened operational-resilience verification requirements.
  • Enhanced cyber-security audit scope.

Stress-testing inspection focus

The SEBI MF stress testing 2024 framework introduced periodic AMC-level stress testing, which is now a focus of compliance-audit verification. SEBI examines:

  • Adequacy of the stress-test scenarios.
  • Compliance with the stress-test reporting requirements.
  • Implementation of stress-test-driven operational changes.

Cyber-security thematic audits

Post-2023, SEBI has conducted multiple cyber-security thematic audits driven by:

  • Multiple cyber-incidents affecting financial-services firms globally.
  • SEBI’s enhanced cyber-security framework for market-infrastructure institutions and AMCs.
  • Increased operational dependency on digital systems.

Distribution-commission disclosure focus

The post-2023 thematic focus on trail commission disclosure has produced inspection-level verification of:

  • Accurate disclosure of distributor compensation arrangements.
  • Direct-plan vs regular-plan TER differential transparency.
  • Distributor-customer communication standards.

Settlement-mechanism utilisation

SEBI has progressively expanded the settlement-mechanism for compliance-audit-driven enforcement, allowing AMCs to settle proceedings through monetary settlement without admission of wrongdoing. The settlement framework provides operational efficiency for both SEBI and AMCs while maintaining the regulatory enforcement signal.

Criticism and debates

Inspection-frequency adequacy

The frequency of routine inspection (typically every 2 to 3 years for major AMCs) has been argued by some commentators to be inadequate given the rapid growth of the industry and emerging risk areas. Industry submissions have varied positions on inspection frequency optimisation.

Thematic-inspection focus rotation

The selection of thematic-inspection topics has been a focus of industry-regulatory dialogue, with concerns about both over-focus on recent crisis areas and under-focus on emerging risks. SEBI’s thematic-inspection methodology has progressively matured but continues to evolve.

Public-disclosure-of-findings transparency

The confidentiality of inspection reports has been a periodic critique, with some industry observers suggesting more public disclosure of inspection findings (particularly the systemic patterns observed across AMCs) would enhance market transparency. The counter-argument is that confidentiality protects ongoing remediation and the legitimate AMC interest in private resolution.

Penalty proportionality

The proportionality of penalties imposed after inspection-driven enforcement has been periodically debated. Some critics argue that penalties are too low to provide meaningful deterrence; others argue that excessive penalties produce risk-aversion that harms innovation. SEBI’s settlement framework has progressively become a principal resolution mechanism for non-criminal violations.

Internal-compliance-audit independence

The independence of AMC-conducted internal compliance audits has been a focus of regulatory attention, with concerns about potential management influence on findings. SEBI’s enhanced requirements for external auditor empanelment and reporting partially address these concerns.

See also

References

  1. SEBI Act, 1992, Sections 11, 11A, 11B, and 11C.
  2. SEBI (Mutual Funds) Regulations, 1996, Regulations 43, 44, 45, and 46.
  3. SEBI Master Circular for Mutual Funds, 2024, Securities and Exchange Board of India.
  4. SEBI Annual Report, various editions, sebi.gov.in.
  5. SEBI Enforcement Orders Database, sebi.gov.in/enforcement.
  6. SEBI Settlement Framework, Securities and Exchange Board of India.
  7. AMFI Code of Conduct and Best Practice Guidelines, Association of Mutual Funds in India.
  8. SEBI Circulars on compliance test reports, internal audit, and operational requirements for AMCs.
  9. ICAI Guidance Notes on AMC audit and compliance.

Related articles

Reviewed and published by

WebNotes Editorial Team

The WebNotes Editorial Team covers Indian capital markets, payments infrastructure and retail investor procedures. Every article is fact-checked against primary sources, principally SEBI circulars and master directions, NPCI specifications and the official support documentation published by the intermediary in question. Drafts go through a second-pair-of-eyes review and a separate compliance read before publication, and revisions are tracked against the SEBI and NPCI rule changes referenced in the methodology section.

Last reviewed
Conflicts of interest
WebNotes is independent. No relationship with any broker, registrar or bank named in this article.