Edition 06  ·  07 Jul 2026  ·  The File

IL&FS: The Evergreen Loans and the Clean Opinion

Back to the file. A AAA-rated lender owing ₹91,000 crore defaulted almost overnight. This edition opens the IFIN book — the loans that round-tripped so bad debt never surfaced, and the audit signature that sat on top of it.

Mahesh Ramanujam, FCA, DISA(ICAI) · R. Mahesh & Associates, Chennai · The signature on the report
This Edition — Back to the File
The caseInfrastructure Leasing & Financial Services (IL&FS) — the 2018 collapse that opened India's modern audit-accountability era
The lenderIL&FS Financial Services (IFIN), the group's non-banking finance arm
The auditorsDeloitte Haskins & Sells LLP and BSR & Associates LLP (a KPMG network firm); SRBC & Co LLP (an EY network firm) named at group level
The mechanismEvergreening — fresh loans routed back through third parties to clear old ones, so bad debt never surfaced as an NPA
The India hookThe first real test of Section 140(5) of the Companies Act — and of the NFRA, the regulator created the same year IL&FS fell
ScopeCommentary on matters in the public domain — regulator findings and court records, not the author's assertions. The firms deny wrongdoing; key matters remain under adjudication.

The fortnight that broke a ₹91,000 crore group

In September 2018, a group most retail investors had never heard of started missing payments, and the Indian money markets noticed within days. IL&FS was a sprawling infrastructure financier — by the time the new board finished counting, a web of close to 348 entities — sitting on an aggregate debt burden of more than ₹91,000 crore. When IFIN, its finance arm, defaulted on short-term obligations, debt mutual funds that held its paper had to mark it down, and the contagion fear was immediate enough that the government stepped in, superseded the board, and installed its own (chaired by Uday Kotak) to stop the unwind.

Here is the part that matters for this newsletter. Until weeks before the defaults, much of the group's debt carried the top AAA rating from credit-rating agencies — the agencies were later penalised separately — and the statutory audit opinions on IFIN had been unqualified. The safest-looking credit on the shelf stopped paying almost overnight. That gap, between what the paper said and what the position was, is the file we are opening.

₹91,000 cr Aggregate group debt at the point of collapse, Sept 2018
~348 Entities in the IL&FS group the new board had to map

What "evergreening" actually means

Strip away the jargon and it is simple. For a lender, a loan going bad is not just a loss of money — it is a hit you are forced to take on paper. Under the RBI's rules for a non-banking finance company, a performing loan needs only a token provision; once a loan turns sub-standard, doubtful, or loss-making, the provision climbs steeply, reaching the full value of the exposure when there is no security behind it. A bad loan recognised is profit destroyed, and enough of them is a capital problem.

Evergreening is the move that avoids the recognition. Instead of admitting the borrower cannot repay, the lender advances fresh money — directly, or more usefully through a third party — and that money comes back to clear the original loan. On the books, the old loan is "repaid." It never becomes an NPA. No provision is taken. Profit is undisturbed. The forensic special audit Grant Thornton conducted for the new board — the IFIN report later reported as "Project Icarus" — traced exactly this pattern through the loan ledger.

How a Bad Loan Stays a Good Loan
Step 1
Borrower cannot repay an existing IFIN loan
Step 2
IFIN lends fresh money — often to a third party
Step 3
Those funds are routed back to clear the original loan
Step 4
Old loan shows "repaid" — no NPA, no provision, profit intact

The numbers the forensic audit put on it

The special audit did not deal in abstractions; it counted. As reported from the forensic findings, it flagged scores of evergreening instances at IFIN — one widely cited figure is 107 — alongside short-term borrowings deployed for long-term lending, and funds advanced to outside parties that were then channelled into IL&FS group companies. The IFIN report is reported to have flagged roughly ₹13,299 crore across about ten categories of suspected irregularity.

One thread is worth pulling out, because it is pure audit territory. An NBFC's net owned funds — the capital floor the RBI watches — must be computed after stripping out exposure to group companies. The forensic auditor found IFIN deducting only its direct-subsidiary exposure rather than the wider group, which overstated the cushion and obscured how close the company was running to its regulatory floor. That is not a hidden offshore account. It is a definition, applied in the wrong direction, in plain sight on the balance sheet.

107 Evergreening instances flagged in the IFIN special audit · loans whose repayment was funded, directly or through third parties, by IFIN itself (as reported)

Where the signature comes in

Edition 05 stated the auditor's real defence plainly: an audit verifies what management represents, it is not a forensic fraud hunt, and a determined conspiracy can defeat competent procedures. That holds. But the items above are not exotic forensics. Tracing the use of loan proceeds, classifying an asset as standard or non-performing, and computing net owned funds against a regulatory definition are core audit-judgment areas — the ordinary furniture of an NBFC engagement.

That is why the regulator's finding lands where it does. The NFRA's Audit Quality Review of the FY2017-18 IFIN statutory audit concluded that the departures from the Standards on Auditing were significant enough that the firm lacked adequate justification for issuing its opinion, and described the firm's quality-control processes as severely inadequate. In 2020 the NFRA penalised the engagement partner and barred him for seven years. The government's case alleged twenty-two audit violations; the SFIO's chargesheet, naming around thirty parties across FY14 to FY18, alleged the auditors colluded to conceal and to falsify.

The firms reject that reading. Both Deloitte and BSR have maintained their audits were performed in line with the applicable professional standards, and the firm-level findings remain contested and, in part, before the courts. None of what follows assumes guilt the courts have not finally found — but the regulator's words about the opinion are themselves part of the public record.

Auditor in the Frame — IFIN
Statutory auditorDeloitte Haskins & Sells LLP (FY16–FY18); BSR & Associates LLP, a KPMG network firm (FY18 joint, FY19)
How it endedDeloitte rotated out in 2017–18; BSR resigned in June 2019, after the removal notice
Regulator findingNFRA: departures from auditing standards significant enough that the opinion lacked adequate justification; engagement partner barred seven years (2020)
Firms' positionMaintain the audits met applicable professional standards; firm-level matters remain under adjudication
Status (mid-2026)Section 140(5) ban proceedings and the SFIO criminal case continue; no final firm-level order

The part that should feel familiar — who is allowed to punish the auditor?

If you read Edition 05, the next stretch will give you a strange sense of repetition. Satyam, you may recall, spent years not on the fraud but on the question of who was even allowed to discipline the auditor. IL&FS ran the same loop, with a different section number.

The government moved against Deloitte and BSR under Section 140(5) of the Companies Act, the provision that lets a tribunal remove an auditor found to have acted fraudulently and bar the firm for five years. The firms argued they had already left — rotated out, or resigned — so the section could not reach them, and challenged its constitutional validity for good measure. The litigation that followed is the actual story of the last seven years.

2018 The collapse. IL&FS defaults; the government supersedes the board and orders a forensic special audit. The NFRA is established the same year.
2019 The petition. The MCA moves the NCLT under Section 140(5), seeking removal and a five-year ban on Deloitte and BSR. The SFIO files its chargesheet. BSR resigns.
2020 Bombay High Court. Upholds the section's validity but holds it cannot apply to auditors who have already gone — and quashes the SFIO prosecution. The NFRA separately penalises and bars the engagement partner.
2023 Supreme Court. In Union of India v. Deloitte Haskins and Sells LLP, sets that aside — Section 140(5) is valid, and resignation does not end proceedings. The SFIO case and the ban question go back to the tribunal.
2024 Review. Review petitions filed; the firms argue a whole-firm bar is disproportionate when a handful of partners ran the engagement, not a 4,500-person network.
2026 Back before the tribunal. The NCLT lets the proceedings against the firms run, holding that a watchdog cannot claim immunity — while stressing that liability is not automatic and turns on evidence of knowing involvement.

The group collapsed in a fortnight. Seven years on, whether — and how — to punish the auditor is still being argued.

The loop closes — sort of

Edition 05 ended on the creation of the NFRA in 2018, "roughly a decade after Satyam," and called the gap between naming a problem and building the machinery to act on it one of the quieter red flags in the whole story. IL&FS is the case that machinery was first turned on. The individual partner has been sanctioned. The firms have not — and may yet prevail. The five-year bar that Section 140(5) was written to be is, in 2026, still a question mark, for the oldest reason in this series: the argument over reach has outlived the fraud it was meant to answer.

An audit opinion is a useful signal, not a guarantee — and a top rating on a lender that defaults next month is the gap, not the comfort.

What to Watch For

Next: Edition 07 returns to the same shelf — another lender, another set of related-party names, and a forensic audit whose job was to count the shells. Same series. Same question. How did nobody see it?

Sources

Supreme Court of India, Union of India v. Deloitte Haskins and Sells LLP & Anr (3 May 2023) on Section 140(5) of the Companies Act, 2013  ·  High Court of Bombay, writ petitions on Section 140(5) (21 Apr 2020)  ·  National Company Law Tribunal orders, including the 2026 ruling permitting proceedings against the audit firms to continue  ·  National Financial Reporting Authority (NFRA) — Audit Quality Review of the IFIN statutory audit and the 2020 order against the engagement partner  ·  Serious Fraud Investigation Office (SFIO) chargesheet in the IL&FS / IFIN matter  ·  Grant Thornton special / forensic audit of IL&FS group companies (the IFIN report reported as "Project Icarus"), as reported in the press  ·  Reserve Bank of India Master Directions on NBFC asset classification, provisioning and net owned funds  ·  Institute of Chartered Accountants of India (ICAI) disciplinary proceedings; Ministry of Corporate Affairs filings  ·  Contemporaneous reporting (Business Standard, Business Today, Mint, Moneylife).

This newsletter is published for general information and educational purposes only. It is commentary on matters already in the public domain, drawn from official regulatory filings, court records, and press releases. Several matters referenced involve allegations or findings that have been settled without admission, are under appeal, or remain under investigation; references to any firm or individual reflect what regulators or courts have stated and are not assertions of guilt or wrongdoing by the author. Where firms settled, they did so without admitting or denying the findings. This content does not constitute professional, legal, tax, accounting, audit, or investment advice and creates no client or advisory relationship. Views expressed are the author's own.  ·  Red Flags & Footnotes is written by Mahesh Ramanujam, FCA, DISA(ICAI), ICAI Member No. 206817, proprietor of R. Mahesh & Associates, Chartered Accountants, Egmore, Chennai – 600 008. © 2026 R. Mahesh & Associates. All rights reserved.

Found this useful?

Subscribe on LinkedIn — new edition every Monday.

Subscribe on LinkedIn