Skip to content
KYC Onboarding Spec by Rakesh Waghela

Persona: Statutory Auditor (CA firm)

You’re the independent CA firm signing the broker’s audited financial statements. The annual audit cycle pulls together every half-yearly compliance certificate, every quarterly running-account settlement artefact, every monthly MIS, and every daily ledger entry. You need to understand the broker’s framework deeply enough to know what to ask for and what to test against.

This page is your shortcut.

What you’ll find useful here

Section titled “What you’ll find useful here”

Three layers matter most:

  • Audit deep-dives — what the broker is doing (or should be) in their internal audit cycles.
  • Member compliance deep-dives — the continuing-compliance posture you’re attesting to.
  • Settlement and Margin deep-dives — the cash-flows and capital obligations underlying the financial statements.

Suggested reading path (in this order)

Section titled “Suggested reading path (in this order)”

  1. Compliance Blueprint — the master inventory. Familiarize yourself with the obligation categories; you’ll know what’s in scope and what’s adjacent.

  2. BMC / ABC deep-dive — the broker’s capital model. Test the networth + BMC + ABC numbers against the audited balance sheet.

  3. Fit-and-Proper deep-dive + KMP Changes deep-dive + Membership Renewal deep-dive — the continuing-compliance posture you’re attesting to.

  4. Concurrent Audit deep-dive + System Audit deep-dive + CSCRF deep-dive — the broker’s existing audit cycles, which your statutory work reads as part of the evidence base.

  5. ECN & Investor Servicing deep-dive — the contract-note format, statement-of-account format, retention period (8 years for most artefacts, 10 for PMLA-relevant). Useful for evidence requests.

  6. Client Funds Upstreaming deep-dive + Direct Payout to Demat deep-dive — the cash-flow side of operations. Material for the balance sheet’s client-funds line items.

  7. Payin Default + Core SGF deep-dive + Member Default Recovery deep-dive — risk-side material for your audit opinion on going-concern.

  8. Regulatory Circulars master — your citation source for any non-standard accounting treatment driven by a SEBI / exchange circular.

That’s the foundation.

Common questions in your role

Section titled “Common questions in your role”
  • The broker’s networth fell below threshold mid-year — how is it disclosed?BMC / ABC deep-dive — replenishment timeline and reporting.
  • Client funds reconciliation broke for 3 days in Q2 — material?Client Funds Upstreaming deep-dive — bank cutoff tolerance; document the broker’s response.
  • CSCRF cyber audit had an open observation at year-end — how to handle?CSCRF deep-dive — remediation timeline and exposure disclosure.
  • The broker contributed to Core SGF mid-year — how is it accounted for?SGF / Core SGF deep-dive — contribution mechanism and replenishment.
  • MTF book at year-end — what’s the audit treatment?MTF Operational deep-dive — interest accrual, pledge balances, unpaid MTF file.
  • AP-broker arrangement — substance over form check?AP Framework deep-dive — supervisory framework + commission structure.
  • GST / TDS / STT positions — where are the controls documented?Compliance Blueprint Reporting domain.
  • Contract note format change mid-year — how is the prior-period comparable handled?ECN deep-diveNSE/INSP/61999 references the canonical format.

What to skip (and why)

Section titled “What to skip (and why)”
  • Onboarding journey and lifecycle walkthroughs — operational context; not directly auditable beyond compliance posture.
  • Field Atlas destination pages — engineer territory.
  • OMS / RMS deep-dives — useful as background for understanding the broker’s control environment; not directly attested.
  • appendix/* — out of scope unless a specific transaction comes up in audit.

When you’d hand off

Section titled “When you’d hand off”
  • “This is a tax / GST methodology question”Finance / CFO + external tax counsel.
  • “This is the broker’s interpretation of a SEBI rule — is the interpretation defensible?”Compliance Officer + senior compliance counsel.
  • “This is a system control failure”Backend Engineer (in liaison with the broker) for technical depth + Internal Auditor for audit observation framing.

Verified through

Section titled “Verified through”

2026-05-14

AI-generated and not legal, financial, or compliance advice. See the project README for full disclaimer.

Built by Rakesh Waghela — Technology & Product Consultant

LinkedIn @webiyo Topmate

Available for consulting and collaboration on technology, product strategy, and system architecture. Connect on LinkedIn.

· We respect your privacy and comply with GDPR

Disclaimer: This documentation was generated using Claude Code, an AI-powered LLM by Anthropic, as a research and capability estimation exercise. AI models can hallucinate — information here may be inaccurate, incomplete, or outdated. Any resemblance to the products or documentation of any specific vendor or organization is purely coincidental and unintended. This project is not directly inspired by any particular product, vendor, or proprietary system, and no plagiarism is intended. All content is based on publicly available information. This is not legal, financial, or compliance advice.