Do I need to be a registered company auditor to audit a small company?

If the audit is required under the Corporations Act, it must be conducted by a registered company auditor (or an authorised audit company using RCAs). Some small proprietary companies are not required to be audited at all, but where a statutory audit is required, only an RCA can sign it.

How many hours of practical experience does ASIC require?

Under the practical-experience pathway, ASIC generally requires at least 3,000 hours of work in auditing, including a substantial component performed under the direction of a registered company auditor. Alternatively, applicants can satisfy the skills test via the ASIC-approved Auditing Competency Standard. Confirm the current requirement in RG 180.

Is membership of CPA Australia or CA ANZ enough to register as a company auditor?

No. Professional membership may be a prerequisite for certain pathways and is needed to access the competency-standard route, but it does not, on its own, make you a registered company auditor. You must apply to ASIC and satisfy the qualifications, skills and fit-and-proper tests.

What ongoing obligations apply once registered?

Registered company auditors must maintain continuing professional development, lodge an annual statement with ASIC (generally within one month of the registration anniversary), comply with auditing and independence standards, meet statutory reporting duties, and keep ASIC informed of relevant changes.

Where is the legal authority for registered company auditors?

The Corporations Act 2001 sets the registration regime, which ASIC administers and explains in Regulatory Guide 180 (RG 180). The skills test is assessed against the ASIC-approved Auditing Competency Standard issued by CPA Australia, CA ANZ and the IPA.

Becoming a Registered Company Auditor: ASIC registration and CPD

How to become a registered company auditor in Australia: ASIC registration pathways under RG 180, qualifications, the 3,000-hour experience route, fit and proper test, and CPD.

A registered company auditor (RCA) is an individual registered by the Australian Securities and Investments Commission (ASIC) to conduct audits required under the *Corporations Act 2001* — principally the audits of financial reports lodged by companies, registered schemes and other entities. Only an RCA (or an authorised audit company whose audits are conducted by RCAs) can sign off on these statutory audits. To register, an applicant must satisfy ASIC that they hold the required qualifications, have appropriate auditing skills or practical experience, and are a fit and proper person.

This article explains who must register, the legal basis, the eligibility tests, the registration pathways set out in ASIC's Regulatory Guide 180, how to apply, and the continuing obligations — including continuing professional development — that apply once you are registered.

What is a registered company auditor?

An RCA is a person whom ASIC has assessed as competent and fit to perform audits mandated by the Corporations Act. The title is a statutory status, not a professional-body membership: being a member of CPA Australia, Chartered Accountants Australia and New Zealand (CA ANZ) or the Institute of Public Accountants (IPA) does not, by itself, make you an RCA. Registration is the legal gateway to signing statutory audit reports.

ASIC maintains the public register of company auditors and authorised audit companies. The register lets clients, directors and the public confirm that a person purporting to act as a company auditor actually holds current registration.

Who needs to register

You need to be a registered company auditor if you intend to:

conduct an audit of a company's financial report under Chapter 2M of the Corporations Act;
act as auditor of a registered managed investment scheme; or
sign or co-sign statutory audit reports that the Act reserves for an RCA.

You generally do not need RCA registration to perform non-statutory work — for example, internal audits, assurance engagements that are not required by the Corporations Act, or audits required only under other legislation (which may have their own auditor requirements). If your work is limited to bookkeeping, tax or advisory services, RCA registration is not required, though other regimes such as tax practitioner registration may apply.

The legal framework and primary source

The primary source is the Corporations Act 2001 (Cth), which sets the eligibility criteria and the registration mechanism for company auditors. ASIC administers that regime and explains its approach in Regulatory Guide 180 Auditor registration (RG 180).

The skills component is assessed against the Auditing Competency Standard for Registered Company Auditors, an ASIC-approved standard issued jointly by CPA Australia, CA ANZ and the IPA. ASIC's hub for applicants is its Company auditors page. Where a figure or detail is critical to your application, confirm the current position against RG 180 and the Act directly, as ASIC updates its guidance from time to time.

Eligibility: qualifications, skills and the fit and proper test

ASIC assesses three broad elements before registering an individual auditor.

Qualifications. You must hold prescribed academic qualifications — typically a relevant accounting and auditing study profile recognised by the professional accounting bodies. ASIC's guidance and RG 180 set out the qualifying coursework, including study in auditing and related subjects.

Skills. You must demonstrate audit competence in one of two ways:

Practical experience route: undertake appropriate practical experience involving at least 3,000 hours of work in auditing, including a substantial component under the direction of a registered company auditor; or
Auditing Competency Standard route: demonstrate, with supporting evidence and sign-off, that you have met all components of the ASIC-approved Auditing Competency Standard across a range of audit engagements over several years.

Fit and proper. ASIC must be satisfied that you are a fit and proper person to be registered. This considers matters such as honesty, integrity, any disciplinary history, bankruptcy, and any prior regulatory action. ASIC can refuse registration on fit-and-proper grounds even where the qualification and skills tests are met.

Registration pathways and how to apply

RG 180 sets out alternative pathways so that applicants with different backgrounds can demonstrate competence. In broad terms:

Pathway	Best suited to
Practical experience (≈3,000 hours)	Applicants who have logged extensive supervised audit hours
Auditing Competency Standard	Applicants building a competency portfolio through their professional body
Overseas / alternative experience	Applicants with comparable qualifications or experience gained outside the standard routes

Each pathway still requires the qualifications and fit-and-proper elements to be satisfied. The competency-standard route generally relies on a logbook or portfolio of engagements, signed off by a supervising RCA, demonstrating each required competency in practice rather than counting raw hours.

The application is lodged with ASIC and assessed against RG 180. In practice you should:

Confirm your pathway — decide whether you will rely on practical-experience hours or the Auditing Competency Standard, and check you can evidence every element.
Assemble evidence — academic transcripts, a detailed record of audit experience or a completed competency portfolio, and references from a supervising RCA.
Address fit and proper — disclose any matters proactively; non-disclosure is itself a fit-and-proper concern.
Lodge the application and pay the prescribed fee — using ASIC's auditor registration forms.
Respond to ASIC queries — ASIC commonly requests further information; incomplete applications are the leading cause of delay.

Authorised audit companies register separately and must meet their own requirements covering ownership and control, professional indemnity insurance, and fit-and-proper directors. ASIC's tips for applying for auditor registration is a useful checklist before lodging.

Ongoing obligations after registration

Registration is not a one-off event. Once registered you must:

Maintain continuing professional development. RCAs are expected to keep their competence current through ongoing CPD; the substance of this requirement is set out in the related obligation, registered company auditor CPD.
Lodge an annual statement. RCAs and audit companies must lodge an annual statement with ASIC and pay any associated fee — generally within one month of the anniversary of registration. (Verify the current timing and fee with ASIC.)
Comply with auditing and independence standards. This includes the auditing standards and the auditor independence requirements of the Corporations Act.
Meet reporting obligations. Auditors have specific statutory reporting duties, including reporting certain suspected contraventions to ASIC.
Keep ASIC informed. Notify ASIC of relevant changes to your details and circumstances.

Failure to meet these obligations can lead to ASIC action, including suspension or cancellation of registration.

Common pitfalls

Treating professional membership as registration. Membership of an accounting body is a prerequisite for some pathways but is not RCA registration.
Under-evidencing experience. Vague descriptions of audit work, or hours that are not genuinely under the direction of an RCA, frequently fail. Keep a contemporaneous, engagement-by-engagement record.
Missing the annual statement. Late or missed annual statements are an avoidable compliance breach; diarise the registration anniversary.
Letting CPD lapse. CPD is an ongoing condition of competence, not optional — see registered company auditor CPD.
Assuming figures are static. Hours thresholds, fees and timing can change. Always reconcile the detail against current RG 180 and the Corporations Act before relying on it.