Implementing the Right Controls for MCA Rule 11(g) in SAP
What was once a routine statutory obligation has now become a strategic imperative. With the enforcement of Section 128(1), Rule 3(5), and MCA Rule 11(g), the Ministry of Corporate Affairs has made it clear â financial data must be traceable, audit trails must be immutable, and governance must be built into the system, not layered on top.
These arenât just regulatory updates â theyâre a wake-up call. From April 2023/2024, Indian enterprises are expected to maintain tamper-proof logs of every transaction, configuration change, and master data update, especially in ERP systems like SAP. No more excuses. No more afterthoughts.
This shift is forcing CFOs, CIOs, and compliance leaders to rethink how data is recorded, who has access, and how every action can be traced back for accountability. Itâs not just about avoiding fines â itâs about proving integrity, ensuring audit readiness, and safeguarding stakeholder trust in a digital-first economy.
Here is the detailed requirement of each section/rule:
Section 128(1)
Requires every company to keep its books of accounts and other relevant books, papers, and financial statements (âBooks of Accountsâ) at its registered office.
Such Books of Accounts are required to be maintained for a period not less than 8 financial years immediately preceding a financial year.
Section 128(1) of the Companies Act also permits companies to maintain Books of Accounts in electronic mode (âElectronic Recordsâ). As per the Companies (Accounts) Rules, 2014 (âCompanies Accounts Rulesâ)
The Electronic Records must:
remain accessible in India, at all times,
2. be retained in the format in which they were originally generated, sent or received, or in a
3.format which accurately presents the information generated, sent or received, be complete and remain unaltered.
Rule 3(5)
The provison to Rule 3(5) of the Companies Accounts Rules specifies that if companies maintain a back-up of Electronic Records, such back-ups (irrespective of whether they are maintained within or outside India) ought to be kept in servers physically located in India on a daily basis
MCA Rule 11(g)
This rule mandates that companies maintain an un-editable audit trail (or edit log) for every transaction in their accounting software â and retain it for at least 8 years. Letâs discuss more about the MCA Rule 11(g) in this blog.
What Rule 11(g) Really Means:
This isnât just a checkbox compliance requirement â itâs a foundational shift toward accountability, traceability, and data integrity. Specifically, Rule 11(g) mandates: Immutable audit trails for all transactions. No deletion or alteration of logs. Daily operational status tracking of the audit trail feature. Confirmation that the feature was enabled throughout the year and was not tampered with.
For more visit:Â https://togglenow.com/blog/sap-compliance-mca-rule-11g/
















