Related party transactions are a bit like family-run businesses in India. When everything is transparent, things work smoothly. But when deals start favouring our own people, things can get complicated quickly.

Let’s break down how to investigate related party transactions effectively and identify when something raises commercial concerns.

What are related party transactions?

A related party transaction is any deal between a company and entities that have a pre-existing relationship. Think parent companies and subsidiaries, key management personnel and their family members, or entities under common control. Globally, standards like ASC 850 define related parties. In India, similar guidance comes from Ind AS 24 and the Companies Act, 2013.

Here’s the thing: RPTs aren’t inherently bad. They can serve legitimate business purposes like efficient resource allocation within corporate groups or reducing transaction costs. But they also create opportunities for conflicts of interest, fraud, and financial misreporting.

Research shows why this matters now more than ever. According to a 2025 systematic review, over 90% of scholarly literature on RPTs has been published since 2008, largely driven by high-profile accounting scandals and increased regulatory scrutiny post-financial crisis.

Understanding the arm’s length standard

The concept of “arm’s length” sounds straightforward but gets murky in practice. Legally, it’s defined as “a transaction between two related parties that is conducted as if they were unrelated, so that there is no conflict of interest.”

According to Cornell Law School’s Legal Information Institute, an arm’s length transaction has three essential elements:

• It’s voluntary, without compulsion or duress

• It generally takes place in an open market

• The parties act in their own self-interest

Here’s the short version: both parties should be negotiating as if they don’t know each other, with no special favors or hidden agendas.

The critical point auditors must remember: transactions with related parties cannot be presumed to be at arm’s length. As Deloitte’s guidance notes, “the requisite conditions of competitive, free-market dealings may not exist.” Management must substantiate any claim that a transaction was at arm’s length, and auditors must obtain sufficient evidence to support or contradict that assertion.

When testing arm’s length compliance, auditors often use transfer pricing methods borrowed from tax regulations. These include the Comparable Uncontrolled Price Method, Resale Price Method, Cost Plus Method, Profit Split Method, and Transaction Net Margin Method. In India, for instance, the Income Tax Act allows a variance of up to 3% from the calculated arm’s length price.

If an auditor cannot obtain sufficient appropriate audit evidence to substantiate management’s arm’s length assertion, and management refuses to modify the disclosure, PCAOB AS 2410.18 requires the auditor to express a qualified or adverse opinion.

Red flags that indicate potential violations

Spotting arm’s length violations requires looking at pricing, documentation, and behavior patterns. Here’s what to watch for.

In Indian audits, these issues are often seen in promoter-driven groups where multiple entities operate under common control.

Pricing and terms anomalies

When prices deviate significantly from market rates, that’s your first warning sign. Watch for:

• • Goods or services priced well above or below comparable market transactions

• • Interest-free loans or borrowing with no fixed repayment terms

• • Extended payment terms that wouldn’t be offered to unrelated parties

• • Unusual rights of return or warranty terms

• • Transactions that lack any commercial substance

The PCAOB lists specific examples in Appendix A, including sales at below-market rates to intermediaries who then resell at higher prices, and non-monetary exchanges that serve no apparent business purpose.

Structural and documentation red flags

Sometimes the problem isn’t the price, it’s the structure. Be alert for:

• • Complex ownership arrangements designed to obscure relationships

• • Entities created in jurisdictions with limited transparency

• • Missing or incomplete documentation for significant transactions

• • Round-trip transactions where parties exchange similar amounts

• • “Bill and hold” arrangements that don’t reflect genuine sales

KPMG’s forensic analysis identifies what they call “PUFE transactions” (Preferential, Undervalued, Fraudulent, Extortionate) where assets are diverted through disclosed, undisclosed, or probable related parties without proper business justification.

Create an ATS-friendly resume with our Resume Builder.

Behavioral and approval indicators

How a transaction gets approved can be as telling as the transaction itself. Red flags include:

• • Omnibus approvals that bundle multiple transactions without specific review

• • Exceptions granted to established policies without adequate explanation

• • Transactions that lack a clear business purpose or strategic rationale

• • Pressure to complete deals immediately before period-end

• • Resistance from management when you request supporting documentation

Academic research supports the importance of these indicators. A 2018 study in the AUDITING Journal found that auditors are more likely to issue modified opinions specifically discussing RPTs when they observe non-market-based pricing or related sales above industry averages.

Step-by-step investigation framework

Now let’s walk through a practical framework for investigating related party transactions.

Step 1: Planning and risk assessment

Start by understanding the company’s processes for identifying, authorizing, and recording RPTs. PCAOB AS 2410.04 requires auditors to obtain an understanding of:

• • How the company identifies related parties

• • Authorization and approval procedures

• • Accounting and disclosure processes

Inquire of management about related parties, including changes from the prior period, the nature of relationships, and the terms and business purposes of transactions. Don’t stop at management, either. Speak with the audit committee, legal counsel, and others who might have relevant knowledge.

Document what the ICAEW calls the “related party universe” – a comprehensive list of all known related parties that you update throughout the engagement.

Step 2: Identifying undisclosed related parties

This is where detective work comes in. The goal is finding relationships management hasn’t disclosed. Key procedures include:

• • Analyzing bank statements for intercompany wires, ACH transfers, and check payments

• • Reviewing board minutes and shareholder registers

• • Examining organizational charts and entity structures across geographies

• • Cross-referencing vendor master files with employee records

• • Inspecting conflicts-of-interest statements

• • Reviewing legal and tax filings

PCAOB AS 2410 Appendix A provides a comprehensive list of information sources that might indicate undisclosed related parties, including confirmation responses, whistleblower records, expense reimbursements for executives, and contracts with management.

If you find evidence of previously undisclosed parties, you must extend your procedures beyond inquiry. Ask why the relationship wasn’t disclosed, assess whether controls failed, and evaluate whether other undisclosed relationships might exist.

Step 3: Testing transactions for arm’s length compliance

For each significant RPT, PCAOB AS 2410.12 requires specific procedures:

• • Read underlying documentation and evaluate whether terms are consistent with management’s explanations

• • Determine whether the transaction was authorized and approved according to company policy

• • Identify any exceptions to established policies

• • Evaluate the financial capability of related parties for significant uncollected balances, loan commitments, or guarantees

When testing arm’s length pricing, compare the transaction to comparable uncontrolled transactions in the market. Evaluate the business rationale: why did the company choose to transact with a related party rather than an unrelated one? If management claims the terms are equivalent to arm’s length, obtain independent evidence to support that assertion.

Step 4: Documentation and evidence gathering

Thorough documentation is your defense if questions arise later. Maintain detailed workpapers showing:

• • All procedures performed and evidence obtained

• • Management representations about related parties and transactions

• • Comparisons to market pricing or other arm’s length benchmarks

• • Communications with the audit committee about significant matters

PCAOB AS 2410.19 requires auditors to communicate to the audit committee: any previously undisclosed related parties, significant transactions that weren’t properly authorized, exceptions to company policies, arm’s length assertions and the evidence obtained, and any significant transactions that appear to lack business purpose.

Regulatory requirements & frameworks

Understanding the regulatory framework helps you navigate RPT investigations effectively.

PCAOB AS 2410 establishes the auditor’s responsibilities for related parties, including risk assessment, inquiry requirements, and specific procedures for significant unusual transactions.

Regulation S-X Rule 4-08(k) requires registrants to state related party transaction amounts on the face of financial statements, not just in footnotes.

ISA 550 provides international standards for auditing related parties, emphasizing the need to identify previously unidentified or undisclosed related parties, significant transactions outside the normal course of business, and assertions that transactions are at arm’s length.

Recent developments include India’s SEBI RPT Industry Standards, effective July 2025, which mandate minimum information requirements for audit committee and shareholder approval of RPTs.

Common investigation pitfalls

Even experienced auditors can stumble when investigating RPTs. Here are the most common mistakes:

Over-reliance on management representations. Inquiry alone never provides sufficient audit evidence. You need documentation, third-party confirmation, or other corroborating evidence.

Failing to extend procedures when red flags appear. When you spot indicators of undisclosed related parties or questionable transactions, don’t just ask management about them. You need to perform additional procedures to determine whether other issues exist.

Inadequate documentation of arm’s length testing. If you can’t demonstrate how you evaluated pricing or terms, your work won’t withstand scrutiny. Document your methodology, your sources for comparison, and your conclusions.

Not communicating with the audit committee. Significant related party matters must be communicated to those charged with governance. Don’t bury these issues in workpapers.

Missing transactions outside the normal course of business. These should always be treated as significant risks requiring enhanced scrutiny. Evaluate the business rationale, inspect underlying documentation, and verify proper authorization.

Create an ATS-friendly resume with our Resume Scorer.

Also read: Ind AS 116 Leases: 5 Interview Questions Every Statutory Auditor Will Ask You

Frequently Asked Questions

Q1 What documentation should I request when investigating related party transactions for arm’s length compliance?

A1: Request contracts or agreements, pricing methodology memos, comparable market data, board minutes approving the transaction, and management’s analysis of why the terms are equivalent to arm’s length. For significant transactions, you may also need third-party valuations or benchmarking studies.

Q2 How do I determine if a transaction involving related parties was truly conducted at arm’s length?

A2: Compare the terms to similar transactions between unrelated parties. Evaluate whether the pricing, payment terms, and other conditions are consistent with market norms. Consider the business rationale for choosing a related party over an unrelated one. Document your analysis and any independent evidence obtained.

Q3 What are the most common red flags that indicate potential arm’s length violations in related party transactions?

A3: Watch for prices significantly different from market rates, unusual payment terms like extended periods or interest-free arrangements, transactions lacking clear business purpose, complex structures designed to obscure relationships, and pressure to complete deals before period-end without adequate documentation.

Q4 What should an auditor do following identifying a related party transaction that may not be at arm’s length?

A4: Extend your procedures beyond inquiry. Request additional documentation supporting management’s arm’s length assertion. If sufficient evidence cannot be obtained and management won’t modify the disclosure, consider the impact on your audit opinion. Communicate the matter to the audit committee.

Q5 How can I spot undisclosed related parties when investigating related party transactions?

A5: Analyze bank statements for patterns suggesting related party activity. Review organizational charts and shareholder registers. Cross-reference vendors with employee records. Examine conflicts-of-interest statements and legal filings. Look for entities with similar addresses, phone numbers, or key personnel.