For SEBI registered Portfolio Managers, the annual internal audit is a non-negotiable regulatory requirement under the SEBI (Portfolio Managers) Regulations, 2020, read with the SEBI Master Circular for Portfolio Managers dated July 16, 2025. Year after year, audit observations arise not from complex regulatory breaches, but from documentation gaps, missed deadlines, and procedural oversights that could have been avoided with consistent internal discipline.
If your firm has not yet initiated its audit readiness review, this is the right time to act.
Who Conducts the Internal Audit - and What Happens to the Report?
The internal audit must be conducted by a practising Chartered Accountant or a Company Secretary. It is not an in-house exercise - the independence of the auditor is a core requirement. The purpose of the audit is to assess the quality of internal procedures and compliance practices being followed by the firm.
• The internal audit report must be placed before the Board of the Portfolio Manager for review
• The Board is expected to consider the findings and ensure that appropriate corrective action is taken
• Any deficiency letters or warning letters issued by SEBI must also be placed before the Board
• The designated Compliance Officer is responsible for ensuring that deficiencies pointed out by SEBI do not recur
Key Deadlines - The Two Annual Submissions to SEBI
Two separate submissions are required after the close of each financial year, and both carry distinct deadlines that are regularly missed.
The Corporate Governance Report, based on the internal audit findings, must be submitted to SEBI by the Principal Officer within 30 days from the end of the financial year - that is, by 30th April each year.
The Compliance Certificate, separately signed by the Principal Officer, must be submitted to SEBI within 60 days from the end of the financial year. This certificate must explicitly detail any instances of non-compliance during the year and the corrective actions taken, duly approved by the Board.
Both deadlines are firm. Delays are treated as regulatory non-compliance.
Monthly and Quarterly Reporting - Where Most Firms Get Flagged
Reporting obligations run continuously throughout the year. Portfolio Managers are required to submit a monthly report to SEBI on the SEBI Intermediaries Portal, within 7 working days from the end of each month, in the prescribed format.
• Delays and errors in monthly and offsite filings are among the most frequently flagged audit observations
• Quarterly reports must be sent to clients covering portfolio performance, transaction details, and fee information in the format prescribed by SEBI
• All material changes - including changes to the Principal Officer, fee structure, or investment approaches offered - must be intimated to SEBI promptly and within the timelines prescribed, along with an updated Disclosure Document
Net Worth Maintenance - Even Temporary Dips Are Flagged
Portfolio Managers are required to maintain a minimum net worth of ₹5 crore at all times, as prescribed under the SEBI (Portfolio Managers) Regulations, 2020. A net worth certificate from a Chartered Accountant, certifying the firm's net worth as on March 31, must be submitted to SEBI annually.
• Even temporary dips below ₹5 crore - arising from accounting movements or operational factors - are picked up through periodic filings and SEBI's offsite inspection mechanism
• Firms should maintain a comfortable buffer above the minimum threshold at all times
• A net worth shortfall, even a brief one, can invite regulatory scrutiny and is flagged as a compliance gap
Investment Rationale Documentation - A Core Requirement, Commonly Missed
Every investment decision made or recommended during the year must be supported by a documented rationale that clearly explains the analytical basis of that decision. This is a well-established regulatory expectation and one of the most common gaps observed during PMS audits.
• Each rationale must be linked to the specific client's mandate and the firm's documented investment strategy
• Rationales must be prepared at the time of the investment decision - not reconstructed after the fact
• Inadequate or missing investment rationales are consistently flagged as audit observations, regardless of the firm's size or AUM
NISM Certification - An Easily Overlooked Renewal Requirement
The Principal Officer and all employees with decision-making authority in fund management are required to hold a valid NISM-Series-XXI-B: Portfolio Managers Certification at all times. Distributors engaged by the firm must hold the NISM-Series-XXI-A certification.
• Instances of NISM certification lapsing without timely renewal are a recurring audit observation
• New employees in fund management roles must obtain the required NISM certification within the prescribed period from the date of their appointment
• Set calendar reminders well before expiry - a lapsed certificate creates an immediate compliance gap that auditors will flag
Prohibition on Guaranteed Returns - Verbal Commitments Also Count
Portfolio Managers are prohibited from assuring or implying guaranteed returns or fixed payouts to clients, whether in writing, in marketing materials, or verbally. This is a well-established requirement under the SEBI regulatory framework for Portfolio Managers, and violations are treated seriously.
• Returns communicated to clients must be consistent with the figures officially reported to SEBI and APMI
• Even informal verbal assurances by relationship managers or sales staff can be treated as misrepresentation
• Review your marketing materials, pitch decks, and client communication practices regularly to ensure compliance
Client Onboarding and Minimum Investment
The minimum investment per client is ₹50 lakh as prescribed under the SEBI (Portfolio Managers) Regulations, 2020. All client onboarding records must include complete KYC documentation, a signed Portfolio Management Agreement, and confirmation that the Disclosure Document was provided to the client before the agreement was executed.
• The Disclosure Document must include audited financials for the past three years and Time Weighted Rate of Return for discretionary managers, in the format prescribed by SEBI
• Client funds must be maintained in separate bank accounts and client securities must be held in segregated demat accounts - pooling of client assets is not permitted
• Onboarding gaps, including incomplete KYC and missing certifications, are among the most common audit findings
Building Year-Round Audit Readiness
The firms that navigate audits most smoothly are those that treat compliance as a continuous function rather than a year-end exercise. A few practical steps make a significant difference.
• Conduct periodic internal reviews - at least quarterly - rather than waiting for the annual audit
• Maintain a compliance calendar that tracks all SEBI filing deadlines, NISM renewal dates, and Board reporting obligations
• Assign clear ownership within the team for each compliance activity
• Conduct a mock internal audit before the formal one to identify and close gaps proactively
• Ensure all policies and procedures are documented, current, and actually followed in practice
Conclusion
Annual PMS compliance under the SEBI regulatory framework is not a once-a-year scramble. Firms that maintain proper documentation, meet reporting deadlines, and conduct ongoing internal reviews consistently face fewer audit observations and build stronger credibility with regulators and clients alike.
If your firm has not yet begun its audit readiness review for this financial year, this is the right moment to start.
Frequently Asked Questions
Is the internal audit mandatory even for newly registered PMS firms?
Yes. The internal audit requirement applies to all registered Portfolio Managers, regardless of when the firm commenced operations or the size of its AUM.
Who can conduct a PMS internal audit?
The internal audit must be conducted by a practising Chartered Accountant or Company Secretary. It cannot be performed by the firm's own internal staff.
What are the key annual deadlines for a PMS firm?
The Corporate Governance Report must reach SEBI within 30 days of financial year end (by 30th April).
The Principal Officer's Compliance Certificate must be submitted within 60 days of financial year end.
The monthly report to SEBI is due within 7 working days of each month end throughout the year.
What happens if audit observations are not addressed?
Unaddressed observations can escalate into deficiency letters from SEBI, which must then be placed before the Board and resolved. Repeated non-compliance can attract further regulatory action.
Disclaimer: This article is for informational purposes only and does not constitute legal advice.
Regulatory requirements are subject to change. Readers should refer to the SEBI Master Circular for Portfolio Managers dated July 16, 2025 (No. SEBI/HO/IMD/IMD-POD-1/P/CIR/2025/104) and the SEBI (Portfolio Managers) Regulations, 2020, and consult a qualified compliance professional for advice specific to their firm.
Is your PMS firm audit-ready?
KP RegTech provides end-to-end support for PMS internal audits, compliance gap assessments, and SEBI regulatory filings - helping firms stay ahead of observations, not react to them.
Visit www.kpregtech.com to schedule a consultation.