Compliance, Audit & Due Diligence – Vocabulary Flashcards

100 vocabulary flashcards summarising essential terms and definitions from the lecture notes on compliance, governance, audits, documentation, ethics, penalties, peer & quality reviews, and due diligence.

Compliance Framework

A structured system a company establishes to identify, monitor and ensure adherence to all applicable laws, regulations and internal policies.

Governance, Risk Management & Compliance (GRC)

An integrated approach that combines corporate governance, enterprise-wide risk management and compliance activities.

Corporate Governance

The rules, practices and values through which a business is directed and controlled to achieve its objectives.

Enterprise Risk Management (ERM)

Processes used to identify potential threats and mitigate them across the organisation.

Corporate Compliance

A set of procedures ensuring that a company follows external legal requirements and internal policies.

Compliance Advisory

A formal advice document analysing applicable laws, risks and mitigation steps for an organisation.

Compliance Chart

A tabular document listing every compliance obligation, its risk level, ownership and reporting route.

Compliance Scorecard

A tool that measures and displays an organisation’s compliance status against predefined metrics.

Compliance Management System (CMS)

The overall framework of policies, procedures, tools and people that drive regulatory compliance.

Compliance Identification

The process of determining which laws, rules, licences and policies apply to a specific business.

Compliance Monitoring

Ongoing oversight to verify that compliance obligations are met and controls are effective.

Compliance Reporting

The communication of compliance status, breaches or risks to management and regulators.

Compliance Ownership

Assignment of responsibility for each compliance task to a specific individual or function.

Compliance Audit

An independent assessment of whether an organisation obeys the laws and regulations that govern it.

Board of Directors (BOD) duty in compliance

The obligation to recognise applicable laws, create a compliance culture and oversee its effectiveness.

Company Secretary (CS)

Key managerial professional who designs, implements and reviews the corporate compliance framework.

Compliance Risk Assessment

Identifying areas of potential non-compliance and rating risks as low, medium, high or critical.

Inherent Risk

The level of compliance risk that exists before any controls or mitigation are applied.

Legal Effect (risk)

Potential statutory or regulatory consequences arising from non-compliance.

Financial Effect

Monetary losses or penalties that can result from a compliance failure.

Reputational Effect

Damage to stakeholder trust and public image due to compliance breaches.

Compliance Reposting Process

Workflow in which functional heads collect information, create reports and route them through CS to the board.

Cyclical Reporting

Scheduled compliance reporting (e.g., monthly, quarterly, annual) regardless of incidents.

Incidental Reporting

Ad-hoc compliance reports triggered by specific events or breaches.

Compliance Risk Monitoring Plan

Document that lists critical risks, mitigation activities and ongoing self-assessment methods.

Compliance Training

Structured programmes educating employees on obligations, procedures and consequences of non-compliance.

Compliance Task Management

Systematic assignment and tracking of individual compliance activities and deadlines.

Compliance Dashboard

Real-time, visual display of compliance status, tasks and outstanding issues.

Compliance Policies and Procedures

Written rules and step-by-step methods that guide employees in meeting legal obligations.

Compliance Management Tools (CMT)

Software platforms that automate, track and report regulatory compliance tasks.

All-Purpose Compliance Platform

Generic software that helps manage risk, monitor obligations and handle governance tasks across industries.

Industry-Specific GRC Software

Compliance tools tailored to legal requirements unique to a particular sector.

Virtual Data Room (VDR)

Secure online repository for storing and sharing electronic documents during due diligence.

Document Management System (DMS)

Software that stores, organises, tracks and secures electronic documents.

Electronic Record

Information created, stored or transmitted in digital form that can serve as evidence.

Admissibility of Electronic Record

Legal acceptance of digital documents as evidence in court, subject to authenticity criteria.

Preservation of Record

Policies ensuring records are retained, protected and accessible for a required period.

Archival Policy

Company guidelines for storing, classifying and retrieving old records and data.

Descriptive File Naming

File-naming method that clearly describes content for easy identification and retrieval.

Non-Descriptive File Naming

System-generated or coded file names that do not indicate the document’s content.

Director Responsibility Statement (DRS)

Section 134(5) declaration in which directors attest to compliance with accounting and legal requirements.

Pre-Certification

Professional validation of an e-form’s accuracy before its filing with the Registrar of Companies.

Authentication of e-Forms

Digital signing of electronic forms to confirm their legitimacy and integrity.

PCS (Practising Company Secretary)

A company secretary who holds a certificate of practise and provides professional services independently.

Secretarial Audit

Audit under Section 204 examining non-financial compliance and governance aspects of a company.

MGT-7

Annual Return form that records a company’s statutory particulars for a financial year.

MGT-8

Certificate in which a PCS confirms that the MGT-7 is accurate and compliant.

MR-3

Prescribed format for the Secretarial Audit Report issued by a PCS.

Corporate Governance Certificate

Professional confirmation that a listed entity complies with SEBI’s governance requirements (Reg. 24A, 40 (9)).

UDIN (Unique Document Identification Number)

17-digit number generated by a PCS to authenticate documents they certify.

ECSIN

18-character code identifying a company secretary employed in a specific organisation.

Disciplinary Directorate

ICSI body that forms prima-facie opinions on complaints against members.

Board of Discipline

ICSI panel that decides penalties for misconduct listed in the First Schedule.

Appellate Authority (ICSI)

Body that hears appeals against decisions of the Disciplinary Committee or Board of Discipline.

First Schedule Misconduct

Lesser professional offences by CS, such as sharing fees or failing to supply information.

Second Schedule Misconduct

Graver professional offences, including gross negligence and disclosure of confidential data.

Ethical Dilemma

A decision-making problem arising when two or more ethical standards conflict.

Beneficence Principle

Ethical directive to act for the greatest good.

Least Harm Principle

Choosing the option that causes the smallest negative impact when no choice is clearly beneficial.

Utilitarian Principle

Judging right or wrong solely by the outcome that maximises overall benefit.

Autonomy Principle

Respecting individuals’ right to make their own informed choices.

Justice Principle

Ensuring actions and decisions are fair and equitable to all parties.

Internal Audit

Independent, continuous appraisal of an organisation’s operations and controls for management review.

Performance Audit

Evaluation that measures efficiency, effectiveness and economy in achieving organisational objectives.

Audit Plan

Strategic outline describing scope, objectives, timing and resources for an audit.

Audit Program

Detailed, step-by-step checklist of procedures to execute an audit plan.

Working Papers

Documents that record audit evidence, procedures performed and conclusions reached.

Audit Sampling

Selecting a representative subset of transactions to draw conclusions about the whole population.

Substantive Testing

Procedures that verify account balances and transactions to detect material mis-statement.

Audit Evidence

Information used by the auditor to support findings and opinions.

Audit Trail

Chronological set of records tracing the creation, modification and deletion of transactions.

Materiality

The threshold above which an omission or mis-statement influences the decisions of users.

Emphasis of Matter (EOM)

Paragraph in an audit report drawing attention to significant issues without modifying the opinion.

Qualified Opinion

Audit conclusion that financial or compliance statements contain material exceptions but are not pervasively misstated.

Adverse Opinion

Audit conclusion that statements are materially and pervasively misstated.

Disclaimer of Opinion

Auditor’s statement of inability to form an opinion due to insufficient evidence.

Peer Review

Independent evaluation of a PCS practice unit’s systems and work by another qualified professional.

Quality Review Board (QRB)

Statutory body that sets benchmarks and reviews the quality of services rendered by company secretaries.

Due Diligence

Comprehensive investigation into a target entity’s legal, financial and operational position before a transaction.

SWOT Analysis

Assessment of Strengths, Weaknesses, Opportunities and Threats used during due diligence.

Legal Due Diligence

Review of constitutional documents, contracts, litigation and regulatory compliance of a target.

Financial Due Diligence

Evaluation of historical and projected financial statements, assets, liabilities and cash flows.

Environmental Due Diligence

Assessment of compliance with environmental laws and identification of potential liabilities.

Human Resource Due Diligence

Examination of employee contracts, benefits, wages, ESOPs and cultural issues.

Strategic Due Diligence

Analysis of whether a proposed deal aligns with long-term business goals and market position.

Ethical Due Diligence

Investigation into the target’s ethical culture and reputational risks.

Operational Due Diligence

Review of processes, facilities, supply chain and infrastructure efficiency.

Takeover Due Diligence

Compliance review under SEBI (SAST) Regulations before acquiring control of a listed company.

Intellectual Property Due Diligence

Verification of ownership, validity and scope of patents, trademarks and copyrights.

Competition Law Due Diligence

Assessment of agreements and market dominance risks under antitrust rules.

FCRA Due Diligence

Review to ensure non-profits comply with foreign contribution regulations and annual filings.

FEMA Due Diligence

Check of cross-border transactions, FDI limits and regulatory approvals under foreign-exchange law.

Compliance Risk

The possibility that legal or regulatory breaches will result in sanctions or losses.

Fraud (Section 447)

Any act, omission or concealment done with intent to gain undue advantage or injure stakeholders.

Secretarial Standards (SS-1 & SS-2)

ICSI-mandated practices for conducting board and general meetings.

Internal Financial Control (IFC)

Policies ensuring orderly business conduct, asset safeguarding and fraud prevention.

Compliance Identification Sources

Functional heads, licences, treaties, internal policies and sector-specific regulations used to map obligations.

Audit Engagement Letter

Written contract outlining the scope, responsibilities and fees for an audit assignment.

Exit Conference

Final meeting where auditors discuss findings and clarify issues with management before reporting.