Most company directors know their auditor signs the financial statements. Fewer know much about what qualifies the auditor to sign them.

There is a particular piece of documentation that every audit committee of a listed company should be checking annually — and in practice many do not: the Peer Review Certificate issued by ICAI. It is not a trophy or a marketing credential. It is the result of another qualified CA examining your audit firm's internal quality control systems and confirming they meet professional standards. SEBI requires it. And if your auditor does not have a current one, that is a compliance problem your audit committee owns.

What Peer Review Actually Checks

The name can be misleading. "Peer review" sounds like a colleague reading over someone's shoulder. What it actually involves is a formal, structured examination of a CA firm's quality control policies by an independent reviewer appointed by ICAI's Peer Review Board.

The reviewer is not looking at whether your audit opinion was correct. What the reviewer checks is whether the firm operates with processes that make correct, professional audit work consistently achievable. Six areas are covered:

1

Leadership commitment to quality — Does firm leadership actually prioritise audit quality, or is everything driven by billing targets?

2

Independence & ethics — Are there annual independence declarations? Is there a process to catch conflicts of interest before engagements start?

3

Client acceptance — Is there documented evaluation of the client's reputation, management integrity, and the firm's ability to handle the engagement competently?

4

Human resources & competence — Are audit teams assigned based on relevant skills, or just whoever is available?

5

Engagement performance — Are audit files properly documented? Is there evidence of planning, risk assessment, review, and consultation on difficult issues?

6

Monitoring — Does the firm review its own past work to identify where things went wrong or could be better?

A firm with a polished Quality Control Manual that no one follows scores worse than a firm with imperfect procedures that are applied consistently. A Peer Review Certificate does not guarantee your audit was well done — it confirms that the firm has the systems and culture to do audit work professionally. That is a meaningful distinction.

What the Certificate Confirms

When ICAI's Peer Review Board issues a Peer Review Certificate to a CA firm, it is confirming that the reviewer found the firm's quality control systems to be adequate at the time of review. The certificate carries three pieces of information your audit committee needs:

🏢

Firm Identity

Firm name and ICAI registration number

Cross-verify with ICAI
📅

Date of Issue

When the peer review was completed and certificate granted

Note annually

Expiry Date

Three years from the date of issue — track renewal proactively

3-year validity
⚠️ Critical Point

A certificate issued in 2023 and never renewed is not a current certificate. An audit committee that checks once and assumes it remains valid is checking the wrong thing. The status needs to be verified every year, not just at initial appointment.

The SEBI Requirement: Why This Is Not Optional for Listed Companies

SEBI's Listing Obligations and Disclosure Requirements (LODR) Regulations require that the statutory auditor of a listed entity hold a valid Peer Review Certificate from ICAI. The requirement applies to the firm, not just the individual engagement partner. Both need to be in order.

The audit committee bears responsibility for recommending the auditor appointment. Part of that recommendation should rest on confirmed, current certification. If an audit committee approves an auditor without verifying peer review status and the certificate is absent or expired, that is an oversight failure in the committee's own compliance record.

This is not a technicality at the periphery of audit governance. SEBI has been consistent about it. Stock exchanges require disclosure of auditor credentials. Institutional investors increasingly examine them. And the mechanism for enforcement is the audit committee itself.

How to Actually Verify Your Auditor's Certificate

Three practical steps your audit committee should follow:

1

Ask the auditor directly

Request a copy of their current Peer Review Certificate. Any firm with a valid certificate will provide it immediately. Hesitation here is a signal in itself.

2

Cross-verify with ICAI's records

The Peer Review Board maintains a published list of firms with current certificates on ICAI's website. The certificate number and firm details can be cross-checked against this list. It takes five minutes.

3

Note the expiry date — and set a reminder

If your auditor's certificate expires in eighteen months, your audit committee should be tracking renewal. If it expires in two months and the auditor has not mentioned renewal, raise it now. Ask for the certificate annually as part of the standard auditor assessment agenda.

What to Do If Your Auditor Does Not Have One

This question comes up more often than it should for listed companies. If the audit firm does not have a current Peer Review Certificate, the audit committee needs to understand why not and what the timeline is for obtaining one.

Two Scenarios to Handle Differently

Firm has not yet initiated peer review: A problem they can fix. The process typically takes a few months from application to certificate issuance. An audit committee that discovers this before the financial year end has time to work with.

Certificate has lapsed with no renewal underway: A more serious concern. This suggests quality control has not been a priority. Whether to continue the relationship should depend on how quickly renewal can be completed and whether there is a credible explanation for the lapse.

In either case, the audit committee should document what it found and what it did about it. The paper trail matters.

Why This Matters Beyond Regulatory Compliance

Peer review exists because audit quality is genuinely variable. Two CA firms can both be ICAI members, both have active CAs, and still operate very differently in terms of how carefully they plan audits, how thoroughly they document their work, and whether independence is taken seriously or treated as paperwork.

The peer review process does not eliminate that variability entirely. But it does create a minimum threshold and a regular check. A firm that has passed a recent peer review has had its systems examined by another professional who had no reason to be lenient.

For an audit committee, that is genuinely useful information. It is not a substitute for regular direct dialogue with the auditor, a robust terms of engagement, and honest assessment of audit quality. But it is a baseline that should always be in place.

PKJN & Associates LLP holds a current Peer Review Certificate. Our audit and assurance work is grounded in the same quality control practices that the Peer Review Board evaluated. When clients ask for our certificate, we share it without hesitation. If your current auditor cannot say the same, that is worth thinking about.

Quick Reference for Audit Committees

Question to Ask What You Are Looking For
Does the auditor hold a current Peer Review Certificate? Yes, with expiry date more than 12 months away ideally
When was the last peer review conducted? Within the last three years; no expired certificate
Is the firm currently under any observation or follow-up? No outstanding deficiency follow-up from prior review
When is the certificate due for renewal? Renewal process should begin 6 months before expiry
Can the firm provide a copy of the certificate? Immediate provision without hesitation

Frequently Asked Questions

What is peer review in auditing?

Peer review in auditing is an independent examination of a CA firm's quality control systems by a qualified peer reviewer appointed by ICAI's Peer Review Board. It covers six areas: leadership commitment to quality, independence and ethics, client acceptance procedures, staff competence and training, how audit files are documented and reviewed, and whether the firm monitors its own quality.

A firm that satisfies the review receives a Peer Review Certificate valid for three years.

Does SEBI require auditors of listed companies to have a peer review certificate?

Yes. SEBI requires statutory auditors of listed entities to hold a valid Peer Review Certificate from ICAI. Audit committees are responsible for verifying this before recommending auditor appointments.

A firm without a current certificate does not meet SEBI's requirements for listed company audit appointments.

How can I verify if my auditor has a valid peer review certificate?

Ask the auditor directly for a copy of their certificate. Then cross-check the certificate number and firm name against ICAI's published list of peer-reviewed firms on the ICAI website. Note the expiry date and verify it annually, not just at the point of appointment.

What happens if a listed company's auditor does not have a peer review certificate?

The appointment does not meet SEBI requirements. The audit committee should raise it with the auditor immediately, understand the timeline for obtaining the certificate, and document the steps taken.

If the firm cannot provide a credible path to certification, the committee should evaluate whether to continue the appointment.

Does a peer review certificate mean the auditor did a good job on our accounts?

Not exactly. The certificate confirms that the firm has adequate quality control systems — it does not validate the opinion given on specific financial statements. Firms with strong quality control systems are more likely to audit consistently well, but the certificate is a process indicator, not an outcome guarantee.

Think of it as a minimum standard, not a performance review.

How often does a CA firm need to renew its peer review certificate?

Every three years. Firms conducting listed company audits should initiate renewal well before expiry to avoid any gap in certification. An expired certificate disqualifies the firm from listed company audit appointments until renewal is complete.

Get Your Firm Peer Review Ready

PKJN & Associates LLP holds a current ICAI Peer Review Certificate. Talk to us about your audit, peer review, or compliance needs.

PKJN & Associates LLP

ICAI-Registered Peer Review Auditors · Chartered Accountants, Mumbai

PKJN & Associates LLP is a Mumbai-based CA firm with 15+ years of professional experience. We are ICAI-registered Peer Review Auditors, and our practice spans Peer Review, Statutory Audit, Concurrent Audit, Internal Audit, IND AS & IFRS Implementation, Risk Control Matrix, and Risk Advisory.