HomeServicesRisk AdvisoryForensic Reviews & Debt Monitoring

Risk Advisory · Risk Advisory Services

Forensic Reviews & Debt Monitoring

When a lender or an investor group needs to know what is actually happening inside a borrower company — not what the last set of audited financials suggested six months ago — a forensic review and debt monitoring mandate is the instrument that answers that question with evidence.

Chartered Accountants · Chennai · Hyderabad · Bangalore · Dubai · Since 1986

2,000+Clients since 1986
42 yrsCA practice
4Offices · India & UAE
24 hrsResponse time

When a lender or an investor group needs to know what is actually happening inside a borrower company — not what the last set of audited financials suggested six months ago — a forensic review and debt monitoring mandate is the instrument that answers that question with evidence. At PNPC Global, we have supported banks, NBFCs, and investor consortia across India and the UAE since 1986 with independent forensic reviews, stock and receivables audits, end-use verification, and structured debt-monitoring assignments. We do not produce a generic compliance certificate. We trace the money, test the documents against the ground reality, and give lenders and investors a defensible, evidence-backed basis for their next decision.

What it costs

Govt. feesGovernment & statutory fees as applicable to your case
Professional feeFixed professional fee — confirmed in writing before we start

No hidden charges. The exact figure is set in your engagement letter.

What Forensic Reviews & Debt Monitoring is

A Forensic Review is an independent, evidence-based investigation into a company's financial records, transactions, and underlying business conduct — undertaken to establish facts, quantify irregularities, and trace the flow of funds where fraud, diversion, or misrepresentation is suspected or must be ruled out. Debt Monitoring is a related but distinct discipline: an ongoing or periodic independent assessment, commissioned by a lender or a consortium of lenders, of a borrower's financial health, utilisation of sanctioned facilities, compliance with loan covenants, and the adequacy of security cover over the life of a credit facility. Both engagements sit at the intersection of forensic accounting, credit risk, and regulatory compliance, and both are typically commissioned by a party other than the company under review — a bank, an NBFC, a consortium of lenders, a private equity investor, or a board acting on a whistleblower complaint or an audit committee referral.

In the Indian banking and NBFC context, these engagements are shaped by a specific regulatory architecture. The RBI's Master Directions on Fraud Risk Management require banks and NBFCs to classify accounts showing early warning signals (EWS) and to commission a Forensic Audit before an account can be formally classified as fraud under the RBI framework, particularly for exposures above the thresholds prescribed in the RBI's Frameworks for dealing with loan frauds. Where multiple banks have exposure to the same borrower, the consortium — coordinating today through an Inter-Creditor Agreement (ICA) framework under RBI's Prudential Framework for Resolution of Stressed Assets, which replaced the earlier Joint Lenders' Forum (JLF) mechanism — or the individual lender's Fraud Monitoring Committee typically appoints a forensic auditor from an empanelled panel to conduct the review and submit a Forensic Audit Report (FAR) that becomes the basis for a fraud classification decision, a Wilful Defaulter evaluation under RBI's Master Direction on Treatment of Wilful Defaulters and Large Defaulters, and any subsequent reporting to the Central Repository of Information on Large Credits (CRILC) or referral to investigative agencies. Stock and Receivables Audits — a recurring, lower-intensity form of monitoring — verify that the inventory and book debts pledged as security for working capital facilities actually exist, are correctly valued, and are not double-financed across multiple lenders, a check that is now standard practice following well-publicised cases of inflated or fictitious stock statements.

For private equity funds, venture debt providers, and investor groups, forensic reviews and debt monitoring serve a parallel but commercially-driven purpose. A forensic review ahead of a follow-on investment round, a debt restructuring, or a proposed exit tests whether the financial statements and MIS the company has been presenting are an accurate reflection of the underlying business — related-party leakage, revenue recognition manipulation, inventory or receivables inflation, and undisclosed liabilities are among the most common findings. Debt monitoring on behalf of an investor group with structured debt or convertible instrument exposure typically involves periodic covenant testing, cash-flow verification against projections shared at the time of investment, and end-use verification of the funds drawn down against the stated business purpose.

At PNPC, a forensic review is never a desk exercise built solely on management-supplied data. Our approach combines document forensics (tracing transactions through bank statements, GST returns, e-way bills, and underlying contracts), physical verification (stock counts, site visits, vendor and customer confirmations), digital forensics where electronic evidence is relevant, and structured interviews with process owners — all documented to a standard that can withstand scrutiny in a lender's Fraud Monitoring Committee, an Audit Committee meeting, arbitration, or, where matters escalate, before an investigating authority or the NCLT. Debt monitoring mandates are built around the specific covenant package and security structure of each facility, not a generic template — because the risk that matters is always specific to how that particular loan or investment was structured.

When a forensic review or debt monitoring mandate is the right instrument

A bank or NBFC has flagged early warning signals (EWS) on a borrower account and needs an independent Forensic Audit Report before a fraud classification, Wilful Defaulter evaluation, or RBI/CRILC reporting decision can be made

A consortium of lenders coordinating under an Inter-Creditor Agreement (the framework that today governs joint action on a stressed account) requires a panel-empanelled forensic auditor to investigate suspected diversion of funds, round-tripping, or misrepresentation of financial statements by a stressed borrower

A private equity fund, venture debt provider, or structured-debt investor needs an independent forensic review of a portfolio company ahead of a follow-on round, a restructuring, or before exercising rights under an investor agreement

Working capital facilities are secured against stock and book debts, and the lender requires periodic, independent stock and receivables audits to confirm the security actually exists and is not double-pledged across lenders

An investor group or lender needs end-use verification — confirming that funds drawn down under a sanctioned facility or investment tranche were actually applied to the stated business purpose and not diverted to unrelated group entities

A whistleblower complaint, an anomaly flagged by the statutory auditor, or an Audit Committee referral has raised a specific, credible concern that needs independent investigation before the Board can respond

A lender or investor needs ongoing, periodic debt monitoring — covenant compliance testing, financial ratio tracking, and cash-flow verification — over the life of a credit facility or a structured investment, rather than a one-time review

When a different engagement is more appropriate

The concern is a routine control weakness or process gap without any indication of fraud or misrepresentation — an Internal Control Review (IFC evaluation) is the more appropriate, less adversarial engagement

You need the company's own statutory financial statements audited for a true-and-fair opinion — that is a Statutory Audit under the Companies Act, not a forensic engagement, and the two should not be conflated

You are the company itself seeking a routine credit rating or a bankable set of projections for a fresh loan application — that calls for project appraisal and credit-facilitation advisory, not a forensic review

There is no specific trigger, red flag, or lender/investor mandate — commissioning a forensic review without cause is disproportionate, costly, and can itself create governance and privilege complications if not properly scoped

The matter is already the subject of active litigation or a criminal investigation led by an enforcement agency — in that scenario, forensic support should be coordinated closely with legal counsel from the outset, and the engagement scope and privilege protections need to be structured accordingly before any fieldwork begins

Structure Comparison

Forensic Review & Debt Monitoring vs related assurance and advisory engagements

FeatureForensic ReviewStock & Receivables AuditDebt Monitoring (Ongoing)Statutory AuditInternal Control Review
Primary objectiveInvestigate suspected fraud, diversion, or misrepresentation and quantify the impactVerify existence, valuation, and lien status of stock/book debts pledged as securityTrack covenant compliance, fund utilisation, and financial health over the facility's lifeExpress an opinion on true and fair view of financial statementsEvaluate design and operating effectiveness of internal financial controls
Who commissions itLender's Fraud Monitoring Committee, lending consortium (under an Inter-Creditor Agreement), investor, or Board/Audit CommitteeIndividual lender or consortium, as part of working capital facility termsLender, NBFC, or investor with structured debt/convertible exposureShareholders, statutory requirement under Companies ActBoard, Audit Committee, or statutory auditor requirement
Governing/regulatory referenceRBI Master Directions on Fraud Risk Management; RBI Framework for Loan Frauds; RBI Master Direction on Treatment of Wilful Defaulters and Large DefaultersLender's sanction terms and RBI guidance on stock audit for working capital exposuresLoan agreement covenants, investment/shareholders' agreement termsCompanies Act 2013, Standards on AuditingSection 143(3)(i) Companies Act 2013, ICAI Guidance Note (COSO-based)
TriggerEWS flag, whistleblower complaint, suspected diversion, restructuring, or investor red flagPeriodic (often annual or half-yearly) as a condition of the working capital sanctionPeriodic, per the monitoring frequency agreed in the facility/investment termsAnnual, mandatory for every companyTypically annual, aligned to audit cycle, or ahead of a transaction
Nature of engagementInvestigative, adversarial-ready, evidence-standard documentationPhysical verification plus documentary reconciliationRecurring financial and covenant analysis, less investigative unless a flag emergesAssurance — sampling and evidence-based opinionProcess evaluation — design and operating effectiveness testing
Typical outputForensic Audit Report (FAR) with findings, fund-trail evidence, and quantification of loss/diversionStock and receivables audit report with variance analysis and lien confirmationPeriodic monitoring report — covenant compliance status, red flags, trend analysisAudit opinion, financial statements, CARO report where applicableRisk & Control Matrix, deficiency log, remediation roadmap
Who relies on itFraud Monitoring Committee, Board, RBI/CRILC reporting, sometimes investigating agencies or NCLTLender's credit and risk teams for security cover assessmentLender's credit monitoring team, investor's portfolio teamShareholders, regulators, lenders, public (for listed companies)Statutory auditor, Board, Audit Committee, investors/lenders in diligence
Typical PNPC engagement basisTime-and-scope fee, engagement letter defines boundaries and evidentiary standardFixed-fee per audit cycle, often on a retainer for recurring cyclesRetainer, aligned to the agreed monitoring frequency (monthly/quarterly)Statutory engagement, fee per Companies Act / ICAI normsFixed-fee project

These engagements are frequently combined — a lender may commission an initial forensic review on a stressed account and then move to periodic debt monitoring once the account is under a resolution plan. PNPC scopes each engagement independently based on the mandating party's requirement, the regulatory trigger (if any), and the specific facility or investment structure involved.

How it works
#Stage & What PNPC DoesWhat Generic Reviews MissTimeline
1Mandate Scoping & Engagement LetterWe agree the scope, the mandating party (lender, lending consortium, investor, Board/Audit Committee), the specific trigger or red flag, the period under review, and the evidentiary standard required — including whether the output needs to withstand scrutiny before RBI/CRILC, an Audit Committee, or in arbitration. A vague scope produces a report that satisfies no one; we fix this at the outset.Week 1
2Conflict Check & Independence ConfirmationBefore any fieldwork begins, PNPC confirms there is no conflict of interest with the entity under review or any related party — a step that generic panels sometimes skip and that later undermines the credibility of the findings if challenged.Week 1
3Preliminary Document Request & Data CollectionWe request the full document set upfront — audited and management financials, bank statements for all operating accounts (not just the ones management volunteers), GST returns, loan/sanction documents, related-party transaction records, and board/committee minutes for the period. Missing accounts and undisclosed related parties are flagged as a finding in themselves.Week 1–2
4Early Warning Signal / Red Flag MappingWhere the mandate originates from a lender's EWS framework, we map each flagged signal (e.g. frequent overdrawing, deviation from sanction terms, disproportionate related-party transactions, delay in stock statement submission) against the underlying transaction data before drawing conclusions — rather than treating each flag in isolation.Week 2
5Fund Flow & Bank Statement AnalysisWe reconstruct the actual flow of funds across all bank accounts — including accounts with other lenders and group entities where access can be obtained — tracing drawdowns against stated end-use, and identifying round-tripping, layering, or diversion patterns that do not show up in a simple ratio analysis.Week 2–4
6Stock, Receivables & Physical VerificationWhere security cover is in question, we conduct physical stock counts, reconcile stock statements submitted to the lender against actual inventory records and physical counts, and independently confirm book debts with a sample of customers — the step most commonly skipped in a desk-only review, and the step that most often reveals inflated security cover.Week 3–5
7Related-Party & Group Entity Transaction ReviewWe map the group structure, identify related and connected parties (including those not disclosed as such in the financial statements), and test whether transactions with those parties were on arm's-length terms or represent a mechanism for value or fund leakage out of the borrower entity.Week 4–6
8Document & Digital ForensicsWhere documentary authenticity is in question — invoices, e-way bills, purchase orders, board resolutions — we test them against independent third-party sources (GST portal data, transporter records, vendor confirmations) and, where the mandate requires it, coordinate digital forensic imaging of relevant electronic records with appropriate chain-of-custody protocols.Week 4–6, as scoped
9Management Interviews & ExplanationsFindings that appear anomalous are put to relevant process owners and management for explanation before being finalised — every finding in our report reflects both the evidence and management's response to it, which strengthens the report's standing if challenged later.Week 5–7
10Quantification of ImpactWhere diversion, misrepresentation, or loss is established, we quantify the financial impact with a clear basis for the calculation — an unquantified allegation carries far less weight before a Fraud Monitoring Committee, an investor, or in any subsequent proceeding than a properly evidenced figure.Week 6–8
11Draft Forensic Audit Report & Management ResponseA draft report is shared through the appropriate channel (directly with the mandating lender/investor, or via legal counsel where litigation risk exists) and, where the mandate provides for it, management's response is sought and incorporated before finalisation.Week 8–9
12Final Report & Committee PresentationThe final Forensic Audit Report (or Stock/Receivables Audit Report, or Debt Monitoring Report) is issued to the mandating party. Where required, PNPC presents findings directly to the Fraud Monitoring Committee, the lending consortium, the Board, or the investor's portfolio team, and responds to questions.Week 9–10
13Ongoing Monitoring / Follow-Up Cycle (Where Mandated)For debt monitoring engagements, this is where the recurring cycle begins — periodic covenant testing, updated fund-flow analysis, and a standing monitoring report at the agreed frequency, rather than a one-time deliverable.Ongoing, per agreed monitoring frequency

A focused stock/receivables audit is typically completed in 2–3 weeks. A full forensic review of a mid-sized stressed account, covering fund-flow tracing and related-party analysis, typically runs 8–10 weeks depending on the number of bank accounts, group entities, and the volume of transactions under review. Debt monitoring engagements are structured as an ongoing retainer with periodic (typically monthly or quarterly) reporting cycles rather than a single timeline.

Document Checklist
Entity, Governance & Facility Documents

Sanction letter and loan agreement for each facility, including all covenant schedules and security documentation

Latest Memorandum and Articles of Association (or LLP Agreement/Partnership Deed as applicable), and current group/shareholding structure chart

Board and Audit Committee minutes for the period under review, and any prior correspondence on the specific trigger (EWS flag, complaint, or investor concern)

Details of all related parties and group entities, including common directorships and shareholding overlaps not necessarily disclosed in the standard related-party note

Financial & Accounting Records

Audited financial statements and management (unaudited) financials for the period under review, and for the two preceding years for trend comparison

Trial balance, general ledger, and chart of accounts at a level of detail sufficient to trace individual transactions

Statutory audit report, CARO report, and any qualification, emphasis of matter, or auditor's observation from the preceding audit cycles

Banking & Fund Flow Records

Bank statements for all operating, current, and cash credit/overdraft accounts for the period under review — including accounts with lenders outside the mandating consortium, where access can be secured

Sanction terms, drawing power calculations, and stock/book-debt statements submitted to the lender for each relevant period

Details of inter-company loans, advances, and fund transfers to and from group or related entities

Stock, Receivables & Security Documentation

Latest stock register, inventory valuation records, and warehouse/godown location details

Sales register, debtors ageing report, and a sample of customer invoices and delivery documentation for confirmation testing

Hypothecation/pledge agreements and confirmation of whether the same stock or receivables have been offered as security to more than one lender

GST returns (GSTR-1, GSTR-3B, e-way bills) for cross-verification of reported sales and dispatches against the stock and debtor records

Tax, Statutory & Compliance Records

Income-tax returns and assessment orders for the period under review, and any pending tax litigation or notices

GST registration certificates, GST returns, and any GST department notices, audits, or demand orders

TDS returns and Form 26AS, to cross-check reported payments against actual deductions and third-party confirmations

For Investor-Commissioned Reviews (Additional)

Cap table, shareholders' agreement, and any investor rights, information rights, or covenant clauses relevant to the review scope

Board-approved business plan and financial projections shared with the investor at the time of investment, for comparison against actual performance

Utilisation certificate or fund-use documentation for the specific tranche or facility under review, if previously furnished

Ongoing obligations
PhaseTriggered ByPNPC CA GuidanceRisk If Ignored
Early Warning Signal StageLender's EWS system flags an account (overdrawing, sanction deviation, delayed stock statements)Rapid preliminary assessment to determine whether the flag warrants a full Forensic Audit or can be resolved through management clarification and enhanced monitoring — avoiding an unnecessary escalation while not under-reacting to a genuine risk signal.A genuine red flag left unassessed can mature into a full NPA and eventual fraud classification, closing off restructuring options that were available at the EWS stage.
Forensic Audit MandateFraud Monitoring Committee or lending consortium formally commissions a Forensic Audit under RBI's fraud frameworkIndependent, evidence-standard investigation covering fund-flow tracing, related-party analysis, and physical verification, structured to meet the standard required for a fraud classification or Wilful Defaulter evaluation under RBI norms.A forensic review that does not meet the evidentiary standard required by RBI's framework can be challenged, delaying classification decisions and CRILC reporting, and weakening the lender's position in any recovery action.
Stock & Receivables Audit CyclePeriodic condition of a working capital sanction, or triggered by a drawing power anomalyPhysical verification and independent reconciliation of stock and book-debt statements against actual records, with lien and double-financing checks across the consortium.Inflated or fictitious stock statements accepted at face value overstate the drawing power and the effective security cover, exposing the lender to unsecured loss if the account turns stressed.
Debt Monitoring — OngoingFacility disbursed; lender or investor requires periodic covenant and fund-utilisation trackingStructured periodic monitoring — covenant compliance testing, cash-flow verification against projections, and end-use confirmation for each drawdown — at the frequency agreed in the facility or investment terms.Covenant breaches or fund diversion that go undetected between monitoring cycles compound over time and are materially harder (and costlier) to unwind the longer they continue.
Investor Diligence / Portfolio ReviewPE/VC follow-on round, restructuring, or exit event triggers an independent forensic review of a portfolio companyIndependent verification of the financials and MIS the company has presented, testing revenue recognition, related-party leakage, and undisclosed liabilities before the investor commits further capital or prices an exit.Proceeding on unverified management representations exposes the investor to a valuation built on inflated or misstated financials, discovered only after capital is committed.
Findings, Escalation & ReportingForensic Audit Report or monitoring report identifies a significant deficiency or confirmed diversionQuantified findings presented to the Fraud Monitoring Committee, Board, or Audit Committee, with a clear evidentiary trail; PNPC coordinates with legal counsel where the matter may proceed to RBI/CRILC reporting, arbitration, or NCLT action.Findings presented without proper quantification or documentation carry limited weight in a Fraud Monitoring Committee decision, in arbitration, or before an investigating authority, and can be challenged by the party under review.
Resolution, Recovery & Follow-UpRestructuring plan approved, recovery action initiated, or remediation agreed with the borrower/investeeFollow-up monitoring to confirm remediation commitments are actually implemented, and periodic reporting to the lender or investor group until the facility or investment position is resolved.Remediation agreed on paper but never verified in practice frequently recurs — a pattern PNPC's follow-up monitoring is specifically designed to catch before it becomes a repeat event.
Frequently asked
What is a forensic review, in plain terms?

It is an independent investigation into a company's financial records and transactions, commissioned by a party other than the company — typically a lender, a consortium of lenders, or an investor — to establish facts and quantify irregularities where fraud, fund diversion, or misrepresentation is suspected. Unlike a statutory audit, which expresses an opinion on whether financial statements are true and fair based on sampling, a forensic review sets out to trace what actually happened to specific funds, transactions, or representations, with a level of evidentiary detail that can withstand scrutiny before a lender's committee, an investigating authority, or in arbitration.

Practitioner noteThe single biggest misunderstanding we encounter is treating a forensic review as 'a more thorough audit.' It is a different discipline entirely — investigative, not opinion-based — and the two should not be conflated when scoping an engagement.
What is debt monitoring, and how is it different from a forensic review?

Debt monitoring is an ongoing, periodic independent assessment of a borrower's financial health, fund utilisation, and covenant compliance over the life of a credit facility or structured investment — it is recurring and generally not adversarial in nature. A forensic review is typically one-time and investigative, triggered by a specific red flag, complaint, or suspected irregularity. In practice, a debt monitoring mandate can escalate into a forensic review if the periodic monitoring itself surfaces a red flag that warrants deeper investigation.

Practitioner noteWe structure debt monitoring retainers with an explicit escalation clause — if our periodic review identifies something that looks like more than a routine covenant slippage, we flag it immediately for a scope discussion rather than waiting for the next scheduled report.
Who typically commissions a forensic review — the company itself or the lender?

Most commonly, the lender's Fraud Monitoring Committee, a lending consortium acting under an Inter-Creditor Agreement (where multiple banks have exposure), a private equity or venture debt investor, or the Board/Audit Committee of the company itself (often following a whistleblower complaint or an auditor's observation). It is rare for a company's operating management to voluntarily commission a forensic review of its own conduct — the review is, by design, independent of the party whose conduct is under scrutiny.

Practitioner noteWhen a company's own promoter or management team engages us directly for what they describe as a forensic review, we probe carefully into who the intended audience is and whether independence and privilege considerations are properly structured — a review commissioned by the very party under scrutiny needs careful framing to retain credibility.
What triggers a bank to commission a forensic audit under RBI's fraud framework?

Typically, an account showing Early Warning Signals (EWS) under the bank's internal EWS framework — patterns such as frequent overdrawing beyond sanctioned limits, deviation from the stated end-use of funds, non-submission or delayed submission of stock statements, disproportionate related-party transactions, or significant deterioration in financial ratios without adequate explanation. Once EWS criteria are met, RBI's Master Directions on Fraud Risk Management generally require the account to be examined, and for exposures above the thresholds prescribed in RBI's framework, an independent Forensic Audit is commissioned before a fraud classification decision is made.

Practitioner noteWe advise borrower companies too, not just lenders — if you see EWS-type patterns emerging in your own account (irregular drawing, covenant slippage), proactively engaging an independent review and being transparent with the lender is almost always a better position than waiting for the lender to commission one unilaterally.
What is the Reserve Bank of India's role in forensic audits and fraud classification?

RBI's Master Directions on Fraud Risk Management require banks and NBFCs to have a Board-approved fraud risk management policy, to classify EWS-flagged accounts, and to follow a defined process — including, above prescribed exposure thresholds, an independent forensic audit — before an account can be classified as fraud. Fraud-classified accounts must be reported to RBI's Central Repository of Information on Large Credits (CRILC) and, depending on the amount involved, may require reporting to investigative agencies. The precise thresholds and procedural steps are set out in RBI's current framework and are periodically updated — PNPC works from the version in force at the time of each engagement rather than a fixed historical figure.

Practitioner noteRBI's fraud classification framework has been revised more than once in the past decade, most notably following judicial scrutiny of the borrower's right to be heard before classification. We keep our engagement process aligned to the current procedural requirements, including natural-justice steps, rather than an older version of the framework.
What is an Inter-Creditor Agreement, and how does it relate to a forensic review mandate (and whatever happened to the Joint Lenders' Forum)?

Where a borrower has credit exposure across multiple banks or NBFCs, the lenders today coordinate through an Inter-Creditor Agreement (ICA) under RBI's Prudential Framework for Resolution of Stressed Assets, to take collective decisions on a stressed account — including whether to commission a forensic audit, how to structure a resolution plan, or whether to pursue recovery action. This ICA-based framework replaced the older Joint Lenders' Forum (JLF) mechanism, which RBI discontinued as part of its June 2019 revised framework for resolving stressed assets; borrowers and lenders who dealt with an older-generation restructuring will still recognise the JLF terminology, but current mandates are structured under the ICA. A forensic auditor appointed for a consortium-mandated review reports findings to the lenders as a whole, and the scope typically covers exposure and security across all participating lenders, not just the mandating bank's own facility.

Practitioner noteConsortium-mandated reviews require careful coordination — each lender may have slightly different information needs and reporting formats. We agree a single consolidated report structure with the lead bank at the outset to avoid producing multiple inconsistent versions of the same findings.
What is a stock and receivables audit, and how often is it required?

A stock and receivables audit is a physical and documentary verification of the inventory and book debts a borrower has pledged as security for a working capital facility (cash credit, overdraft, or similar). It confirms that the stock and receivables actually exist, are correctly valued, are not obsolete or slow-moving beyond what has been disclosed, and — critically — have not been pledged as security to more than one lender simultaneously. Most banks and NBFCs require this on a periodic basis (commonly annual or half-yearly) as a standing condition of the working capital sanction, with additional ad-hoc audits triggered if the drawing power calculation looks anomalous.

Practitioner noteThe most common finding in our stock audits is not outright fraud — it is stock statements that have not been updated to reflect actual obsolescence or slow-moving inventory, which inflates the drawing power the borrower is entitled to draw against. This is worth catching early, before it compounds into a larger security-cover gap.
What does 'double financing' of stock or receivables mean, and how is it detected?

Double financing occurs when the same stock or the same book debts are offered as security to more than one lender simultaneously — each lender believes it holds a first or exclusive charge over the same asset, when in fact the borrower has pledged it more than once. It is typically detected by cross-referencing hypothecation agreements and charge registrations across all lenders the borrower has facilities with (including charges registered with the Registrar of Companies and, where applicable, with CERSAI — the Central Registry of Securitisation Asset Reconstruction and Security Interest), combined with physical stock verification and a reconciliation of quantities claimed to each lender against actual on-ground inventory.

Practitioner noteA CERSAI search and an ROC charge search are two of the simplest, cheapest checks a lender can run before disbursing against security — and they are still, in our experience, skipped more often than they should be.
How does PNPC establish fund diversion or round-tripping in a forensic review?

We reconstruct the actual flow of funds by tracing bank statements across all accounts the borrower operates — not just the account with the mandating lender — following specific drawdowns and receipts to their ultimate destination. Round-tripping typically shows up as funds moving to a related or connected entity and returning to the borrower (or a group company) through a different transaction shortly afterward, often disguised as a trade transaction, loan, or advance. This requires access to bank statements of the counterparties involved wherever legally obtainable, and a careful mapping of the group and related-party structure before the fund-flow analysis can be meaningfully interpreted.

Practitioner noteThe hardest part of this work is rarely the arithmetic — it is obtaining full access to all relevant bank accounts, including those the borrower would prefer not to disclose. We scope the engagement letter to specify what access is expected from management and escalate promptly if access is restricted.
What happens after a Forensic Audit Report concludes fraud or diversion occurred?

The Forensic Audit Report is submitted to the mandating Fraud Monitoring Committee or lending consortium, which then decides — based on the report and any response from the borrower — whether to formally classify the account as fraud under RBI's framework, and separately, whether the promoters/directors meet the criteria for classification as Wilful Defaulters under RBI's Master Direction on Treatment of Wilful Defaulters and Large Defaulters. A fraud classification triggers reporting to RBI's CRILC database and can trigger a report to investigative agencies for amounts above the prescribed threshold. Recovery action, whether through the NCLT under the Insolvency and Bankruptcy Code or through the DRT/SARFAESI route, typically proceeds in parallel with, but independently of, the fraud classification process.

Practitioner noteThe report itself does not classify the account or the borrower — that decision rests with the lender's committee and is governed by RBI's procedural framework, including the borrower's right to be heard before classification, following the Supreme Court's ruling in this area. We are careful in our reports to present evidence and findings, not to pre-empt a classification decision that is not ours to make.
Can a company being investigated dispute or respond to a forensic audit's findings?

Yes, and it should be built into the process from the outset rather than treated as an afterthought. RBI's fraud classification framework, following judicial guidance, requires the borrower to be given an opportunity to respond to the forensic auditor's findings before the lender takes a final fraud classification decision. PNPC structures its forensic engagements to put material findings to management or promoters for explanation before the report is finalised — this is both procedurally sound and produces a more defensible final report, since unexplained anomalies are distinguished from ones with a legitimate business explanation.

Practitioner noteWe have seen forensic reports that skip this step get successfully challenged purely on procedural grounds, regardless of how strong the underlying evidence was. Building in a fair response opportunity is not a courtesy — it materially strengthens the eventual outcome for the mandating party.
How long does a full forensic review typically take?

It depends heavily on scope — the number of bank accounts and group entities involved, the volume of transactions under review, and whether physical verification (stock counts, site visits) and digital forensics are part of the mandate. A focused review on a single-entity account with a defined trigger typically takes 6–8 weeks. A full consortium-mandated review spanning multiple group entities, related-party transactions, and physical verification across locations commonly runs 8–12 weeks or longer.

Practitioner noteWe give a realistic timeline at the scoping stage rather than an optimistic one — a forensic review compressed against an artificial deadline tends to produce weaker evidence and a report more easily challenged later.
What does a stock and receivables audit cost, and how is it priced?

Pricing depends on the number of locations to be physically verified, the volume and complexity of the inventory (raw material versus finished goods versus work-in-progress), and the size of the debtor base being sample-tested. It is typically quoted as a fixed fee per audit cycle, agreed upfront in the engagement letter, rather than a percentage of the facility amount. PNPC provides a written fee quote before any fieldwork begins, based on a short scoping call to understand the specific facility and locations involved.

Practitioner noteWe avoid open-ended time-and-materials pricing for recurring stock audits — lenders and borrowers both prefer the budget certainty of a fixed per-cycle fee, and we structure our engagement letters accordingly wherever the scope allows it.
What does an end-use verification cover, and when is it required?

End-use verification confirms that funds drawn down under a sanctioned loan facility, or a specific investment tranche, were actually applied to the purpose stated in the sanction letter or investment agreement — for example, capital expenditure, working capital, or a specific project — rather than diverted to an unrelated purpose, a related party, or a different group entity. It is commonly required at each drawdown milestone for project finance and structured debt facilities, and can also be commissioned by an investor after a funding round to confirm that capital was deployed as represented in the business plan.

Practitioner noteFor project finance and milestone-based drawdowns, we recommend the lender or investor build end-use verification into the facility terms from Day 1 rather than commissioning it only after a concern arises — verification is far more straightforward when it runs alongside each drawdown rather than reconstructing fund use retrospectively months later.
How is a forensic review different from a normal statutory audit that already covers fraud risk?

A statutory audit under the Companies Act is designed to express an opinion on whether the financial statements, taken as a whole, are true and fair — it uses sampling and materiality thresholds, and Standards on Auditing (SA 240) require the auditor to consider fraud risk, but the audit is not designed or scoped to investigate a specific suspected fraud in depth. A forensic review is scoped specifically to investigate a defined concern, uses a much lower materiality threshold (often testing 100% of transactions in a specific area rather than a sample), and is documented to an evidentiary standard suitable for a committee decision, arbitration, or regulatory reporting — which a statutory audit file is not designed to be.

Practitioner noteWe are sometimes asked, after a clean statutory audit opinion, 'how could this have been missed?' The honest answer: a statutory audit was never designed to catch a specifically concealed fraud with the depth a forensic review applies — the two serve genuinely different purposes, and neither is a substitute for the other.
What is CRILC and what is its relevance to forensic reviews?

CRILC — the Central Repository of Information on Large Credits — is RBI's database to which banks and NBFCs report information on borrowers with aggregate credit exposure above the prescribed threshold, including classification of accounts as Special Mention Accounts (SMA) or as fraud. A fraud classification arising from a forensic audit typically results in the account being flagged in CRILC, which is visible to other lenders with exposure to the same borrower or group — meaning the consequences of a forensic finding are not confined to the mandating lender alone.

Practitioner noteBecause a CRILC fraud flag affects the borrower's standing with every lender in the system, not just the one that commissioned the review, we treat the evidentiary rigour of every forensic report as though it will be scrutinised by parties well beyond the immediate mandating bank.
Can PNPC act as a forensic auditor if we are already the company's statutory auditor?

No. Independence is fundamental to a credible forensic review — a forensic auditor investigating a company's conduct cannot simultaneously be that company's statutory auditor, as this creates a direct conflict of interest and would undermine the credibility of the findings before any mandating lender, investor, or committee. PNPC conducts an independence and conflict check before accepting any forensic mandate, and we decline (or refer to an unconflicted colleague firm) any engagement where we hold an existing statutory audit, tax advisory, or other relationship with the entity under review that would compromise independence.

Practitioner noteWe are occasionally approached by a lender to review an account where we already act as the company's tax advisor or accountant. We disclose this immediately and step back from the forensic mandate — protecting the integrity of the process matters more than the fee.
What is a Wilful Defaulter, and how does that classification relate to a forensic audit?

A Wilful Defaulter, under RBI's Master Direction on Treatment of Wilful Defaulters and Large Defaulters, is a borrower (or a promoter/director in a position of control) who has defaulted on repayment despite having the capacity to pay, has diverted or siphoned off funds for purposes other than those for which the finance was availed, has disposed of assets financed by the lender without the lender's knowledge, or has misrepresented facts to avail the credit facility. A forensic audit that establishes diversion of funds or misrepresentation is often the evidentiary basis on which a lender's internal committee evaluates whether the Wilful Defaulter criteria are met — but the classification itself follows a separate procedural process, including a show-cause opportunity for the borrower, distinct from the forensic report itself.

Practitioner noteA Wilful Defaulter classification carries severe long-term consequences for promoters — including being barred from raising further institutional finance and, in some cases, from floating a new company for a period. Given the stakes, we are especially careful that our forensic findings on fund diversion are backed by a clear, traceable evidentiary chain rather than inference.
How does PNPC structure a debt monitoring retainer for an ongoing facility?

We agree the monitoring frequency (typically monthly or quarterly, aligned to the facility's reporting cycle), the specific covenants and financial ratios to be tracked against the sanction/investment terms, the fund-flow and end-use checks to be performed at each cycle, and an explicit escalation protocol — what threshold or anomaly triggers an immediate flag to the lender or investor rather than waiting for the next scheduled report. This is documented in the engagement letter so both the mandating party and the borrower/investee understand the monitoring scope from Day 1.

Practitioner noteThe value of ongoing debt monitoring compounds over time — a lender or investor with 18 months of consistent monitoring data can spot a deteriorating trend far earlier than one relying only on the borrower's own periodic MIS submissions.
What is the difference between a Forensic Audit Report and a management letter from a statutory audit?

A management letter arising from a statutory audit typically flags control weaknesses or minor irregularities observed incidentally during the audit, addressed to management for correction — it is not designed to establish culpability or quantify loss. A Forensic Audit Report is a standalone, purpose-built document that sets out the specific allegation or trigger investigated, the evidence gathered, the methodology applied, the findings (including quantification where diversion or loss is established), and — where the mandate requires it — management's response to those findings. It is written to be relied upon directly by a Fraud Monitoring Committee, a lending consortium, an Audit Committee, or in subsequent legal or regulatory proceedings.

Practitioner noteWe format our Forensic Audit Reports with clear cross-references between each finding and its supporting evidence exhibit — this single practice does more than anything else to make the report defensible when it is later scrutinised by the party under review or by legal counsel.
Does a forensic review always result in a finding of fraud?

No — and this is an important point often misunderstood by companies anxious about being reviewed. A significant proportion of forensic reviews conclude that the red flags which triggered the mandate had a legitimate business explanation — a genuine cash-flow crunch caused by a customer default, a documentation lapse rather than actual diversion, or a covenant breach caused by a one-off event rather than a pattern of misconduct. The purpose of the review is to establish facts objectively; an outcome that clears the company (or specific individuals) is as valid and useful a finding as one that confirms wrongdoing.

Practitioner noteWe have delivered forensic reports that fully exonerated a borrower's management team where the lender's EWS trigger turned out to be a data-entry error in the borrower's own MIS. An objective, evidence-led process protects honest borrowers just as much as it exposes dishonest ones.
What role does GST data play in a forensic review of a manufacturing or trading company?

GST returns (GSTR-1 for outward supplies, GSTR-3B for summary returns) and e-way bill data provide an independent, government-held record of a company's reported sales and goods movement — one that is much harder to manipulate after the fact than internally maintained sales registers, because it has already been filed with the tax authority. We routinely cross-verify a company's internal sales, stock, and dispatch records against its own GST filings; a material and unexplained mismatch between the two is one of the clearest indicators of either understated sales for tax purposes or overstated sales/stock in lender-facing documents — either of which is a significant finding.

Practitioner noteThis single cross-check — internal books versus filed GST returns — has, in our experience, surfaced more material discrepancies than almost any other single procedure in a forensic engagement. It is inexpensive to perform and should never be skipped.
Can a forensic review be commissioned confidentially, without the company under review being immediately informed?

In the early, preliminary phase — particularly document collection from third parties such as banks, GST records where legally accessible, and public registries — a degree of confidentiality is often maintained. However, a full forensic review invariably requires access to the company's own internal records and, in most cases, requires putting specific findings to management for their response (a step that is both procedurally required under RBI's framework in fraud-classification cases and good investigative practice generally). Complete confidentiality throughout the entire engagement is rarely achievable or even advisable — an investigation the subject is entirely unaware of also cannot benefit from the subject's explanation of anomalies that may have a legitimate cause.

Practitioner noteWe advise mandating parties early on how much confidentiality is realistically achievable given the scope requested — setting that expectation correctly at the outset avoids friction later in the engagement.
What is PNPC's role if a forensic review's findings lead to NCLT or arbitration proceedings?

PNPC's core deliverable is the Forensic Audit Report and the underlying evidence file — we are not a law firm and do not represent parties in NCLT, arbitration, or criminal proceedings. Where our findings feed into such proceedings, we typically work alongside the mandating party's legal counsel, providing clarification on our methodology and findings, and — where engaged separately for this purpose — can provide expert testimony or a supporting affidavit on the forensic evidence, coordinated closely with counsel throughout.

Practitioner noteWe recommend involving legal counsel early in any forensic mandate where litigation is a realistic outcome — not after the report is finalised — so that privilege, evidentiary admissibility, and chain-of-custody requirements are properly addressed from the start rather than retrofitted.
How does a private equity investor use a forensic review differently from how a bank uses one?

A bank's forensic mandate is typically reactive — triggered by an EWS flag or a stressed account — and is oriented toward the RBI fraud-classification and recovery framework. A private equity or venture investor more often commissions a forensic review proactively — as part of deeper diligence ahead of a follow-on round, before exercising a contractual right (such as a put option or an information right), or when quarterly MIS numbers diverge unexpectedly from what was represented at the time of investment. The investigative techniques are similar, but the investor's review is typically more focused on verifying financial statement integrity, related-party leakage, and whether the business plan projections shared at investment were reasonable and made in good faith.

Practitioner noteWe encourage investor clients to build a forensic review option explicitly into their information and audit rights at the time of investment, rather than negotiating access for the first time after a concern has already arisen — the contractual right materially speeds up and de-risks the process later.
What is related-party transaction leakage, and how common is it in forensic findings?

Related-party transaction leakage refers to value moving out of a company to its promoters, their family members, or affiliated entities through transactions that are not on arm's-length terms — inflated purchase prices from a related-party vendor, understated sale prices to a related-party customer, unsecured or interest-free loans to group entities that are never realistically expected to be repaid, or management fees and consultancy charges that do not correspond to genuine services rendered. It is one of the most frequently identified issues in our forensic reviews of both stressed lending accounts and PE portfolio companies, precisely because it can persist for years without being caught by a standard statutory audit sampling approach.

Practitioner noteWe map the full related-party universe — including entities connected through common directorship or address, not just those formally disclosed as 'related parties' in the financial statements — before beginning transaction testing. Undisclosed related parties are, in our experience, where the most material leakage tends to be found.
What happens if a forensic review finds nothing irregular but the mandating lender still has concerns?

A forensic review that finds no irregularity is a valid and complete outcome, and it should be documented and delivered with the same rigour as one that finds a problem. If the mandating lender has residual concerns beyond what the review's scope covered, the appropriate next step is to revisit and potentially widen the scope — additional accounts, a longer period, or a different transaction class — rather than treating the clean finding as inadequate. PNPC discusses scope adequacy openly with the mandating party at the conclusion of every engagement.

Practitioner noteWe have occasionally been asked, informally, to 'find something' to justify a decision the lender had already effectively made. We decline this framing explicitly — our value to a mandating party rests entirely on the objectivity of our findings, and that is not negotiable.
Does PNPC serve on empanelled forensic auditor panels for banks and NBFCs?

PNPC undertakes forensic review, stock audit, and debt monitoring mandates directly for banks, NBFCs, and investor groups that engage us, and works within each institution's own empanelment and engagement processes where such panels exist. Specific empanelment status varies by institution and is confirmed directly with the lender or investor at the time of engagement — prospective clients should discuss their institution's specific panel requirements with our engagement team.

Practitioner noteIf your institution requires empanelment through a specific process before a forensic mandate can be awarded, raise this at the first scoping conversation — we can usually confirm our standing or initiate the relevant empanelment process well ahead of when the mandate would actually begin.
How does PNPC handle a forensic review that spans both Indian and UAE entities in the same group?

Where a stressed or investigated group has both Indian and UAE operating entities — a common structure for trading and manufacturing groups with Gulf operations — PNPC coordinates the review across both jurisdictions from our Chennai/Bangalore/Hyderabad and Dubai offices under a single engagement, rather than requiring the mandating lender or investor to separately brief two unconnected firms. This matters because fund flows, related-party transactions, and even stock movement frequently cross the India-UAE boundary in exactly these cases, and a review confined to only the Indian entity will miss exactly the transactions most likely to reveal diversion.

Practitioner noteIn our experience, groups attempting to conceal fund diversion disproportionately route it through a cross-border leg specifically because they expect the reviewing firm's visibility to stop at the border. Our combined India-UAE presence removes that blind spot.
What qualifies PNPC to conduct forensic reviews and debt monitoring for lenders and investors?

PNPC is a practising Chartered Accountancy firm operating since 1986, with senior CAs experienced in forensic accounting, fund-flow analysis, stock and receivables verification, and structured debt monitoring across manufacturing, trading, services, and financial-sector clients. Our forensic engagements are led by senior practitioners — not delegated wholesale to junior staff — and every material finding is reviewed and signed off by a senior CA before it goes into a report relied upon by a Fraud Monitoring Committee, an investor, or, potentially, a regulator.

Practitioner noteWe are candid with prospective clients about the specific team composition and senior-partner involvement on any forensic mandate before the engagement letter is signed — this is not a service where junior staff should be operating without direct senior oversight, and we structure every engagement accordingly.
How is PNPC's fee structured for a forensic review or debt monitoring engagement?

Forensic reviews are typically quoted on a time-and-scope basis, with the engagement letter defining the boundaries of the investigation, the deliverables, and a fee estimate based on the anticipated volume of accounts, entities, and transactions to be reviewed — with a mechanism for revising scope (and fee) if the investigation reveals a need to expand beyond the original boundaries. Stock and receivables audits, being more standardised and recurring, are typically quoted as a fixed fee per cycle. Debt monitoring is structured as a periodic retainer aligned to the agreed monitoring frequency. A written fee estimate is always provided before fieldwork begins.

Practitioner noteWe flag scope-creep risk honestly at the outset of every forensic mandate — investigations frequently uncover threads that were not anticipated in the original scope, and we would rather revise the engagement letter transparently than either under-deliver on a fixed fee or surprise the client with an unexplained overrun.
What is the difference between an internal audit function and a forensic review for fraud purposes?

An internal audit function (whether in-house or outsourced under Section 138 of the Companies Act) provides continuous, cyclical assurance over operations, compliance, and risk across the business as a whole — it is not typically designed to investigate a specific suspected fraud in depth, though it may be the source that first identifies an anomaly warranting a forensic review. A forensic review is narrower in scope but far deeper — it investigates one specific concern with an evidentiary rigour and an adversarial-ready documentation standard that routine internal audit cycles are not resourced or scoped to provide.

Practitioner noteWe frequently see internal audit reports that identify an anomaly, get a management explanation accepted at face value, and move on to the next cycle's checklist item. The anomaly that deserved a forensic-level follow-up is the one that is easiest to miss in that model — we specifically ask new clients whether any prior internal audit finding was ever escalated for deeper review.
Can PNPC's forensic findings be used to support an insurance claim for employee fraud or fidelity loss?

Yes, in principle. A well-documented Forensic Audit Report that quantifies the loss, traces the mechanism of the fraud, and identifies the responsible party can serve as supporting evidence for a fidelity guarantee or crime insurance claim, subject to the specific policy's own claim documentation requirements. We recommend involving the insurer (or the client's insurance broker/advisor) early if a claim is contemplated, so the forensic report's format and evidentiary detail align with what the specific policy requires.

Practitioner noteEvery insurer's claim documentation standard is slightly different — we ask clients contemplating an insurance claim to share the policy's claim-notification and evidence requirements with us at the scoping stage, not after the report is already finalised in a format the insurer may then ask to be reworked.
Why should a lender or investor engage PNPC rather than a large forensic-only firm?

Large forensic-only firms bring scale and brand recognition, but often deploy junior teams with limited direct senior-partner engagement, and can be significantly more expensive for a mid-sized mandate. PNPC brings senior-CA-led forensic work, deep familiarity with Indian regulatory frameworks (RBI fraud framework, Companies Act, GST, FEMA) and — for groups with Gulf exposure — genuine India-UAE cross-border capability from our own Dubai office, at a scope and fee structure suited to mid-market lenders, NBFCs, and investor groups rather than only the largest institutional mandates.

Practitioner noteWe are transparent that for the very largest, most complex multi-jurisdictional forensic mandates involving dozens of entities across several countries, a Big Four-scale forensic practice may be the right fit. For the substantial majority of Indian mid-market lending and investment relationships, we believe a senior-CA-led, directly accountable engagement serves the mandating party better.
Why PNPC Global

PNPC Global vs typical forensic/monitoring engagement providers

DimensionPNPC GlobalLarge Forensic-Only FirmGeneric Local Auditor/Panel Firm
Senior involvementSenior CA leads and signs off every material findingOften junior-staff-heavy with limited partner face-timeVariable — depends heavily on the individual firm
Regulatory framework depthDeep working familiarity with RBI fraud framework, Companies Act, GST, FEMAStrong on forensic methodology, sometimes less India-regulatory-specificVaries widely; often generalist practice with limited forensic specialisation
Cross-border (India-UAE) capabilityOwn Dubai office — single coordinated team across both jurisdictionsMay have a network affiliate, with handoff and context lossTypically India-only, no UAE presence
Fee structure for mid-market mandatesScoped, fixed-or-time-bound fee suited to mid-market lenders/investorsOften priced for large institutional mandates, less flexible for smaller scopeLower cost but often lower forensic depth and evidentiary rigour
Continuity from review to monitoringSame team can move from a one-time forensic review into an ongoing debt monitoring retainerTypically structured as separate, re-scoped engagements each timeRarely offers structured ongoing monitoring as a distinct service
Objectivity disciplineExplicit independence/conflict check before every mandate; declines conflicted workGenerally strong institutional independence policiesIndependence discipline varies; smaller firms may have undisclosed local relationships

What the PNPC package includes

  1. 01

    Independence and conflict check before any forensic or monitoring mandate is accepted

  2. 02

    Structured scoping conversation to define the trigger, evidentiary standard, and reporting audience before fieldwork begins

  3. 03

    Fund-flow and bank statement reconstruction across all relevant accounts, not just the mandating lender's own facility

  4. 04

    Physical stock verification and receivables confirmation, not a desk-only paper review

  5. 05

    Related-party and group entity mapping, including connections not formally disclosed in financial statements

  6. 06

    Cross-verification against independent third-party data — GST returns, e-way bills, CERSAI and ROC charge registers

  7. 07

    Quantified findings with a clear, traceable evidentiary chain suitable for committee, regulatory, or legal reliance

  8. 08

    Fair-response protocol — material findings put to management before the report is finalised, aligned to RBI's natural-justice requirements

  9. 09

    Direct presentation to Fraud Monitoring Committees, lending consortia under Inter-Creditor Agreements, Audit Committees, or investor portfolio teams where required

  10. 10

    Seamless transition from a one-time forensic review into an ongoing debt monitoring retainer where the mandating party needs continuity

  11. 11

    Combined India-UAE capability from our own Dubai office for groups with cross-border fund flows or entities

Speak directly with a senior PNPC Chartered Accountant before you commit to a forensic mandate. Not a call centre. Not a junior associate reading from a template. A practising CA who understands what a Fraud Monitoring Committee, a lending consortium, or an investor's portfolio team actually needs from the report — and who will stand behind every finding in it.

← Back to Risk Advisory
Talk to a CA