Fraud in related party transactions: Can we spot the rot?

Related Party Transactions (RPTs) are a necessary and often legitimate part of doing business. RPTs refer to any transactions, contracts, or arrangements made between a company and individuals/ entities that have a close connection with the company. These transactions include the exchange of resources, services, materials or any sort of obligations between entities with existing relationships, such as family members, subsidiaries, affiliates, or entities under common control.

While RPTs are not inherently problematic, they do raise concerns about the potential for conflicts of interest, fraud, siphoning-off, money laundering and corruption. Related parties and transactions, when improperly disclosed, structured to obscure intent, or executed with inadequate governance, can be used as a conduit for fraud, misappropriation of assets, concealment, earnings manipulations, or other financial improprieties. Such misuse can lead to significant financial and reputational losses for a company, erosion of investor money/trust/confidence, and depletion of shareholder value. In extreme cases, it can destabilise markets and undermine the integrity of financial reporting. This underscores the critical need for regulators to enforce stringent compliance and transparency standards to safeguard investor interests and maintain trust in the financial system.

Key fraud risk considerations in RPTs

For the board, regulators, audit committee, auditors, and corporate governance professionals evaluating the integrity of RPTs requires a close look at several critical risk indicators. These fraud risk considerations help identify potential red flags and ensure that RPTs are not being exploited to circumvent financial controls or mislead the stakeholders. Below are some key risk areas to be considered:

Irregular RPTs

Are unidentified and undisclosed related parties a concern?
Business purpose

Is the RPT crucial for business operations?
Pricing transparency

How robust is the methodology used to establish ‘fair value’? Are these arm's length dealings?
Conflict of interest

Are approval processes sufficiently independent and rigorous or are they just omnibus approvals?
Compliant

Does the current RPT framework of your company, including approvals and disclosures comply with statutory and regulatory requirements?

There has been a significant evolution in how related party and corresponding transactions are viewed and scrutinised in the corporate landscape. What was once considered a routine governance matter has transformed into a critical focus area for shareholders, regulators, and stakeholders alike. The traditional approach of treating RPTs as standard board approval is no longer sufficient. Regulators and shareholders, particularly institutional investors, are deploying risk-based analytics and scrutiny to evaluate these relationships and transactions through multiple lenses to ensure that these are legitimate and have not been used for fraudulent purposes.

Regulations and enforcement relating to governing the RPTs

Regulations place responsibility at the highest levels in corporates, highlighting the importance of compliance and corporate governance. Regulatory landscape for RPTs is primarily shaped by the Companies Act, 2013, including Companies (Auditor's Report) Order (CARO) disclosures, Ind AS 24/ AS 18, the SEBI LODR Regulations, Income Tax Act, and RBI guidelines for NBFCs and Banks. However, the definition of related party is not fully harmonised across these frameworks, creating interpretational complexities.

To enhance transparency and consistency, SEBI issued mandatory RPT industry standards in February 2025 (effective from 1 July 2025) on ‘Minimum information to be provided for Review of the Audit Committee and Shareholders for Approval of Related Party Transaction’ (RPT Industry Standard). Subsequently, in March 2025, National Stock Exchange of India (NSE) issued FAQs to provide clarification on the applicability of the RPT Industry Standards.

Enforcement: In addition to SEBI and the Ministry of Corporate Affairs (MCA), regulatory action can come from the regulatory investigating bodies such as the Registrar of Companies (ROC), the Serious Fraud Investigation Office (SFIO), the Enforcement Directorate (ED), and the National Financial Reporting Authority (NFRA). These authorities intervene in cases involving non-disclosure or misrepresentation of RPTs, violations of statutory provisions, audit failures or negligence, etc. These authorities can impose fines and penalties, conduct investigations and prosecutions, enforce debarments, carry out inspections and reviews, and execute asset seisures to ensure compliance and address violations.

Some common issues often found include:

Undisclosed related parties

Related parties or probable related parties may be used to circumvent approval mechanisms and avoid disclosure obligations. Complex corporate structures, including the creation of trust structures, can help disguise related parties to evade classification. Collusive practices and misuse of related parties may be concealed, eluding scrutiny regarding the financial amount, nature, and scope of such transactions from stakeholders, regulators, investors, and the public

Preferential, Undervalued, Fraudulent, Extortionate (PUFE) transactions

Assets may be diverted and siphoned through disclosed, undisclosed, or probable related parties without proper business reasoning or justification for arm's length pricing, often with missing supporting documentation

Misclassification of RPTs

Transactions may be misclassified to escape disclosure obligations (e.g., structuring loan transactions as guarantees or investments) or to avoid other regulatory implications (e.g., back-to-back arrangements to evade default status through loan evergreening)

Fraudulent financial misreporting

RPTs can be used to inflate earnings, hide liabilities, or manipulate cash flows, misleading investors about a company’s true financial health. This distorts valuation metrics, affects stock prices, and undermines market efficiency

Siphoning of capital and asset misappropriation

Funds raised from capital markets may be diverted through opaque RPT to shell companies or related entities. This results in capital erosion, asset stripping, and potential insolvency risks, especially in leveraged firms

Inadequate approval, disclosures and monitoring

Lack of specific disclosure to the Board and/or Audit Committee, where omnibus approval exists

Laundering or improper payments to public officials

Transactions that lack justification or proof of service need to be scrutinised in detail to prevent and detect such illicit activities

Siphoning funds to related parties

Companies may use vendors/suppliers to obscure the flow of funds to related parties. This involves complex ownership structures and multiple transactions to hide the true beneficiaries, which can lead to undisclosed related parties and fraudulent transactions. Advanced detection methods are essential to mitigate these risks

Market manipulation and price distortion

RPT may be structured to create artificial demand or supply, influencing stock liquidity and price movements. This undermines fair market practices and can attract surveillance actions from exchanges and regulators

Identifying related parties and related party transactions, especially those intentionally designed, poses significant challenges. For mitigation and early detection of RPTs risks, forward-thinking C-suite leaders should consider the following areas:

Integrate RPT compliances within overall risk management framework for regular reviews on the risk areas highlighted above

Include strategic assessment of related party dealings alternatives, exit plans, etc

Keep the board and Audit committee updated on regulatory and policy changes

Benchmark against RPT industry practices by comparing the terms and pricing of RPT with similar transactions in the industry. This helps assess whether the deal is fair and conducted at arm’s length, reducing the risk of manipulation

Enhance data analytics, linkages and use of technology for RPT monitoring. This would enable identification of related parties and transaction monitoring to ensure RPTs are genuine and have been conducted in accordance with appropriate disclosure and transparency requirements

Monitor unusual RPT by close examination of transactions that appear out of the ordinary, such as those with round figures, repetitive dealings with the same party, or those lacking clear business logic. These may indicate attempts to mask fraudulent activity

Conduct deep-dive reviews when suspicions or red flags for RPT frauds are identified. Incident-based forensic reviews are essential to uncover evidence and guide corrective actions. These reviews involve digital forensics, document analysis, stakeholder interviews, and field-level verification to trace irregularities and validate the legitimacy of transactions

Create and implement Standard Operating Procedures for identification and reporting of RPTs to strengthen the approvals, detection, disclosures and reporting of RPT along with compliance with regulatory and accounting frameworks. Implementation of clear policies for mandatory documentation, justification of terms, etc. is required

Drawing up the Related Party universe, it is essential to maintain an up-to-date list of all related parties, including directors, key management personnel, and their close relatives or affiliated entities. This involves mapping the group structure across geographies, including identifying the Ultimate Beneficial Owner (UBO) and the immediate, intermediate, and ultimate parent entities. This should be supplemented with cross-referencing against government and public domain databases to validate ownership and control

Advanced data analytics tools can help detect patterns and anomalies in financial transactions. By analysing large volumes of data, companies can identify unusual trends, such as frequent dealings with a specific related party or sudden changes in transaction values. Predictive models and automated alerts can also assist in flagging high-risk RPT for further review

Risk-based assessment and compliance reviews to ensure legitimacy and compliance in RPT by conducting thorough regulatory reviews and risk assessments covering approvals and disclosures. Implement periodic monitoring and transaction testing, supported by advanced detection techniques, such as undisclosed relationship mapping, PUFE transaction identification, and deep-dive data analytics. Develop early warning signals and transaction pattern analysis to proactively spot anomalies and prevent fraud

Mapping with regulatory requirements, a thorough assessment is required of definition of related parties under each relevant statute. Develop a comprehensive matrix to capture all applicable related parties across the group, ensuring no entity or relationship is overlooked. Ensure every RPT complies with applicable laws and regulations. Regular mapping of transactions against these norms helps maintain transparency, avoid legal or reputational risks and reduces the risk of penalties and fines

In conclusion, RPTs while often legitimate and necessary, can become fertile ground for fraud when transparency and oversight are compromised. The complexity and opacity surrounding RPTs demand a proactive and structured approach from leadership to ensure corporate governance. By recognising key fraud risks, understanding regulatory frameworks, and implementing robust internal controls and monitoring mechanisms, organisations can not only detect early signs of misconduct but also foster a culture of accountability. In an era where corporate integrity is under increasing scrutiny, spotting the rot in RPTs is not just a compliance exercise, it’s a strategic imperative.

A version of this article was published by Prime Database.com.