Skip to main content

Audit · concurrent audit

Concurrent audit: meaning, scope and RBI guidelines.

A near-real-time review of a bank's transactions, distinct from the annual statutory audit — what it covers, who does it, and how RBI's framework shapes coverage. Written for practicing CAs and CA-Final students.

  • Reviewed July 2026
  • 6 min read
  • CA Anil Agarwal & the TatvaBooks team

What is concurrent audit — meaning

Concurrent audit is an examination of a bank's transactions carried out close to the time they occur — daily, weekly, or otherwise near-continuously — rather than after the financial year closes. The idea is simple: catch a control lapse, a documentation gap, or an irregular transaction within days, while it can still be corrected, instead of finding it eleven months later during the statutory audit.

It is primarily used in banks (RBI mandates a framework for it), though the same concept — continuous, transaction-level review reporting to management rather than an annual opinion — is sometimes adopted by other regulated or large entities as an internal control measure. Concurrent audit is not a statutory audit: it doesn't result in a certified opinion on the financial statements, and it isn't a substitute for the bank's annual branch or head-office statutory audit.

RBI's framework — who appoints, and how much gets covered

RBI requires every bank to have a board-approved concurrent audit policy that brings a defined proportion of the bank's business under concurrent audit, prioritising branches and business areas with higher risk — large advances, treasury, forex, and high-value or high-volume transaction points. Within that framework, each bank decides:

  • Which branches and departments are covered (often based on business size or risk category, not every branch).
  • Whether the auditor is an external CA firm, a retired bank official empanelled for the purpose, or the bank's own dedicated concurrent audit staff.
  • Reporting frequency and escalation process for serious findings.

The specific coverage percentage of business RBI expects under concurrent audit, and the categories of branches/activities that must be covered, are revised from time to time. Verify the current requirement on the RBI website and against the specific bank's latest concurrent audit circular before scoping or accepting an engagement — don't rely on a figure from a previous cycle.

Typical scope of a concurrent audit

Coverage areas vary by bank, but most concurrent audit mandates centre on the transaction points where money moves fastest and controls matter most:

Area What's typically reviewed
Advances Sanction and disbursement terms followed before money goes out; documentation completeness; end-use of funds; drawing power computed off the latest stock/book-debt statement; renewal and review dates not overdue.
Deposits Interest rates applied match the sanctioned/card rate; premature closures and renewals processed correctly; KYC on new accounts; dormant/inoperative account controls followed.
Foreign exchange (forex) Export/import bill documentation, LC and bank guarantee terms honoured, FEMA-linked reporting triggers not missed, forex deal rates within the bank's authorised limits for that dealer/branch.
Cash Cash retention limits observed, physical cash agrees to the till/vault balance at the time of review, cash transactions above reporting thresholds flagged per the bank's AML process.
Clearing & remittances Inward/outward clearing entries settled and reconciled without unexplained old outstanding items; RTGS/NEFT transactions processed within authorised limits.
Revenue leakage Service charges, processing fees, locker rent, and penal/overdue interest correctly levied — this is usually where concurrent audit recovers real money for the bank quickly.

The exact checklist, sampling depth and thresholds are set by each bank's concurrent audit manual — a manual for a public sector bank's large branch will look different from one for a small finance bank's retail branch. Always work off the specific bank's current concurrent audit format rather than a generic checklist.

Concurrent audit vs statutory audit vs internal audit

These three are commonly confused because they can review overlapping subject matter at the same branch. The distinction that matters is timing, appointment and what the output actually is.

Concurrent audit Statutory audit
Who appoints The bank itself (or its internal audit function) — not shareholders, not RBI directly. Shareholders (company) or the bank's board on RBI's empanelment process, for the branch/entity as a whole.
Timing Continuous or near-continuous — reviewing transactions as they happen or within days, not after year-end. Periodic — typically annual, covering a full financial year retrospectively.
Objective Early detection of control lapses and irregularities so they can be corrected immediately, not found months later. Forming an opinion on whether the financial statements give a true and fair view.
Output Periodic (often monthly) reports to the bank's management/audit committee — not a public audit opinion. A formal, signed audit report and opinion, often with an LFAR for bank branches.
Scope driver RBI's concurrent audit guidelines plus the bank's own internal circular — coverage areas and thresholds vary by bank and change from time to time. Standards on Auditing, the Companies Act (for corporates) or RBI's branch audit framework (for banks).

Internal audit sits alongside both — usually broader and more risk/process-focused, on a periodic (not continuous) cycle, reporting to the bank's own audit committee. See our internal audit vs statutory audit page for that comparison in detail, and the bank branch audit guide for how the annual statutory branch audit itself works.

Practical notes for a practicing CA

  • Read the bank's concurrent audit manual first. Scope, thresholds and reporting format are set by the individual bank, not a single all-India standard — don't carry over a checklist from a different bank's engagement.
  • Escalate serious findings immediately, not in the next periodic report. The entire value of concurrent audit is speed; a fraud indicator sitting in a monthly report that's compiled two weeks late defeats the purpose.
  • Track rectification, not just detection. Most bank formats expect you to report whether earlier-flagged irregularities have actually been corrected — an open item repeated across three reports is itself a finding.
  • Independence matters even though this isn't a statutory opinion. Confirm you're not also engaged as the branch's statutory or internal auditor for the same period, and check the bank's rotation policy for concurrent auditors.
  • Keep working papers contemporaneous. Given the frequency of reporting, it's easy to let documentation lag behind fieldwork — build a simple daily/weekly log rather than reconstructing it before each periodic report is due.

Managing a concurrent audit practice

If your firm runs concurrent audit mandates across several branches or clients, the bottleneck is rarely the audit judgement — it's tracking findings, rectification status and recurring deadlines across each mandate without them falling through the cracks between periodic reports. TatvaBooks gives a CA firm one place to manage client-facing books and compliance workflow, so your team's time goes into the audit work that needs judgement rather than chasing status updates.

Frequently asked questions

What is concurrent audit — in simple terms?
Concurrent audit is an examination of a bank's (or, less commonly, another regulated entity's) transactions close to the time they happen, rather than months later. Its purpose is to catch control lapses, documentation gaps and irregularities early enough that the branch or department can fix them before they compound — it is a management tool for the bank, not a statutory opinion on the financial statements.
Is concurrent audit mandatory for all bank branches?
RBI requires banks to bring a minimum proportion of their business under concurrent audit, and banks' own boards set the detailed policy — which branches, what advances/deposits threshold, and which departments (forex, treasury, large advances) are covered — within that framework. The exact coverage percentage and qualifying criteria are revised by RBI from time to time, so always confirm the current requirement against the latest RBI guidelines and the specific bank's concurrent audit policy before scoping an engagement.
How is concurrent audit different from internal audit?
The two often overlap in subject matter but differ in cadence and independence. Concurrent audit is typically outsourced to an external CA firm (or done by a dedicated internal team functioning independently of branch operations) and reviews transactions in near-real time, focused on transaction-level compliance. Internal audit is usually broader and more risk-based, covering systems, processes and governance on a periodic cycle, and reports up through the bank's own audit committee structure.
Can the same CA firm do concurrent audit and statutory branch audit of the same branch?
Generally no — running both would compromise the independence concurrent audit is meant to provide, since the statutory auditor would effectively be reviewing work the same firm certified through the year. Banks' concurrent audit policies typically build in this separation, along with rotation requirements for the concurrent auditor itself. Confirm the specific bank's policy before accepting an engagement.
What reports does a concurrent auditor submit?
Concurrent auditors submit periodic reports — commonly monthly — flagging irregularities, documentation gaps, and control deviations found during the period, along with a compliance/rectification status on items raised earlier. Serious or fraud-indicative findings are typically expected to be escalated immediately, not held for the next periodic report. The exact reporting format and frequency are set by each bank's concurrent audit policy, so follow the bank's prescribed proforma rather than a generic one.

Built for practicing CAs

Run your practice's client books on one platform.

TatvaBooks gives your firm one place to manage client books, GST and compliance — while you focus on the audit work that actually needs your judgement.