kasri.app

Blog

What audit-ready records look like for housing associations

The seven record bundles every Tanzanian body corporate must maintain for audit — and how to structure them so an external auditor can reach a conclusion in under two hours.

By Kasri Team · 1 Mar 2026 · 10 min read · Updated 10 Jun 2026

AuditComplianceGovernanceRecords

A condominium building in Upanga went through a committee handover in 2024. The incoming chairman asked the outgoing treasurer for the financial records. The treasurer handed over a WhatsApp chat export, three M-Pesa statements from his personal number, and a spiral notebook with handwritten entries for “lift repair — TZS 2.4M” and “security — TZS 1.1M.” No dates. No receipts. No reconciliation. The new committee had no way to tell whether the sinking fund balance was TZS 8 million or TZS 80,000.

This is not a rare story. It is the default operating state for most Dar es Salaam body corporates. And it is the single biggest liability they carry into the RERA era.

Audit readiness is not about the final month before an inspection. It is about daily discipline — the structured maintenance of seven specific record bundles that, together, tell the complete operational story of a building. When those bundles are maintained year-round, an external auditor with read-only access can reach a fully supported conclusion in under two hours. When they are not, the audit becomes a months-long forensic exercise that ends in a qualified opinion — and a potential RERA enforcement action.

Here are the seven bundles, what each must contain, and what “audit-ready” looks like for each one.


1. The ownership register — your single most important record

The Unit Titles Act (s.51) requires every body corporate to maintain a current ownership register recording every title number, every unit owner, every change of ownership, and every encumbrance. This is not optional. It is the foundation on which every other record depends.

What the auditor checks:

  • Every unit in the building is listed with its title deed reference and fractional share.
  • The current owner for each unit is recorded, with the date they acquired the unit.
  • Every change of ownership in the last seven years is traceable — who bought, who sold, when, and whether a clearance certificate was issued at transfer.
  • Encumbrances (mortgages, court orders, charging orders for arrears) are noted.

The committee mistake: The ownership register lives as a Word document on the secretary’s laptop, last edited two chairmen ago. When a unit sells, nobody updates it. By the time the auditor arrives, a third of the entries are wrong.

What audit-ready looks like: One authoritative register, digitally maintained, updated within 48 hours of any ownership change. Every entry links to the supporting document — the sale agreement, the transfer form, the clearance certificate issued. The register is readable by every owner (s.51(2)(g) requires this) but writable only by the committee.

Without an accurate ownership register, the auditor cannot verify who should be paying service charges, who is entitled to vote, or whether arrears positions are correctly attributed. Everything downstream breaks.


2. AGM and committee meeting records — the governance spine

Section 48 of the Act sets the rhythm: one AGM per year, within 15 months of the last one; the first within three months of committee election. Minutes must be taken, resolutions must be recorded, and votes must be tallied.

What the auditor checks:

  • Every AGM since the body corporate’s formation has an agenda, an attendance sheet, a quorum count, full resolution text, vote tallies per resolution, and signed minutes.
  • Committee meetings have the same structure for any decision involving expenditure, by-law changes, or formal motions.
  • Minutes are signed by both the chairman and secretary under the Electronic Transactions Act (Cap. 442 R.E. 2022).
  • There are no gaps in the AGM sequence. A missing year is a governance failure the auditor must flag.

What audit-ready looks like: Each AGM exists as a single signed artefact — not a series of scattered WhatsApp messages. The resolution that authorised the 2023 lift contract is one click away. The vote tally that increased service charges from TZS 120,000 to TZS 150,000 is timestamped and attributable. No auditor needs to reconstruct committee intent from oral history.

Ina maana gani? Mkutano mkuu — the annual general meeting — is the single governance event that determines whether a body corporate’s records are legally defensible. Every AGM you skip leaves a hole an auditor must flag.


3. Financial statements — admin and sinking fund, separate and reconciled

Sections 58 through 61 of the Act require the body corporate to maintain two separate funds: the administrative fund for day-to-day operating costs, and the sinking fund for major capital works. The sinking fund must receive at least 5% of the annual general fund budget (s.61(1)). The two funds must be accounted for separately — funds cannot be moved between them without a special resolution.

What the auditor checks:

  • Annual income and expenditure statements for both funds, with line items traceable to bank statements.
  • Service charge receipts matched to individual units — not “TZS 7.5M received” as a lump sum.
  • Sinking fund balances and draw-downs matched to specific resolutions authorising the expenditure.
  • Any “borrowing” from the sinking fund to cover operating shortfalls is disclosed and supported by a committee resolution.
  • The 5% sinking fund allocation is met each year. If not, a written explanation from the committee.

What audit-ready looks like: At the end of every month, a reconciled statement shows every unit’s service charge status, every outgoing payment (with dual-signature approval records attached), and the sinking fund balance. An owner logging in sees their own arrears position. The auditor sees the whole picture, line by line.


4. Bank statements and payment approvals — the money trail

Every shilling that moves through the body corporate’s accounts must be traceable end-to-end: who initiated the payment, who approved it, what resolution authorised it, where the money went, and when it reconciled.

What the auditor checks:

  • The body corporate has its own bank account in its own name — not an officer’s personal account.
  • Bank statements for the audit period are complete and match the financial statements.
  • Every outgoing payment above the by-law threshold has a dual-signatory approval record with two distinct officer timestamps.
  • Incoming service charge payments are matched to individual units and dates.

Committee mistake: The treasurer runs building money through a personal M-Pesa number because “opening a body corporate account is complicated.” The auditor cannot distinguish between building funds and personal funds. The entire audit fails at step one.

Ina maana gani? Hundi mbili — dual signatures — is not a suggestion. It is the minimum control an auditor expects to see on every outgoing payment, and the absence of it is the first thing RERA will flag.


5. Insurance policies — current, complete, and documented

Section 54 of the Act requires the body corporate to insure the building and common property to full replacement value. The policy must be in the body corporate’s name — not the developer’s, not the managing agent’s.

What the auditor checks:

  • A current insurance policy in the body corporate’s name, covering the building to full replacement value.
  • The policy period is unbroken — no gaps in coverage.
  • Premium payments are traceable to bank statements.
  • Historical policies are retained so the auditor can verify continuous coverage.

What audit-ready looks like: The current policy is stored as a digital record with the start date, end date, insured value, premium paid, and the resolution that approved the policy. Past policies are archived in the same structure. If a claim was made, the claim file links to the resolution, the contractor repair records, and the insurance payout.


6. By-laws — version-controlled, with every amendment

Every body corporate operates under a set of by-laws, typically created by the developer and filed with the unit title registration. Committees can amend by-laws, but amendments take effect only after they are ratified by special resolution at an AGM and filed with the Land Registry (s.50).

What the auditor checks:

  • A complete copy of the by-laws currently in force.
  • Every amendment is recorded with the date it was ratified, the resolution that passed it, and the date it was filed with the Land Registry.
  • Disputes (fines, noise complaints, parking violations) reference the specific by-law clause being enforced, and the clause in force at the date of the incident — not the current version.

Committee mistake: A committee enforces a fine under a by-law clause that was verbally agreed at a committee meeting — never written down, never ratified at an AGM, never filed. The owner challenges it. The body corporate has no paper to defend itself.


7. Arrears records and clearance certificates — the enforcement backbone

Sections 30 and 62–63 of the Act create the enforcement architecture. Unit owners are liable for service charges and special levies. Unpaid amounts incur interest at the prevailing commercial lending rate. And — critically — a body corporate cannot block a unit transfer without a clearance certificate stating the arrears position. The purchaser is not liable for amounts beyond what the certificate states.

What the auditor checks:

  • A current arrears ageing report, by unit, with buckets (0–30 days, 31–60, 61–90, 90+).
  • Every clearance certificate issued is logged with the date, the unit, the recipient, the arrears position at issuance, and a copy of the signed PDF.
  • Arrears recovery actions (reminder letters, demand notices, interest applied) are documented per unit.
  • The arrears register is reconciled to the financial statements so the auditor can confirm that total outstanding arrears match the general ledger.

What audit-ready looks like: A dashboard showing every unit’s current balance, ageing, and payment history. Clearance certificates are auto-generated from live data — so the figure on the certificate always matches the system of record.


The red-flag checklist — 10 items that will fail an audit

When an auditor walks into a building that is not ready, here is what they find. Any three of these means a qualified opinion.

  1. Personal M-Pesa number used for body corporate collections instead of a body corporate account.
  2. Missing AGM — a gap in the annual meeting sequence with no explanation.
  3. Ownership register more than six months out of date.
  4. No sinking fund — or a sinking fund with no published spend policy.
  5. Single-signature payments for amounts above the by-law threshold.
  6. Minutes not signed by chairman and secretary.
  7. No clearance certificate log — certificates issued verbally or via WhatsApp.
  8. Insurance policy expired or in the developer’s name, not the body corporate’s.
  9. Vendor contracts with no insurance certificates or trade licences on file.
  10. Arrears register not reconciled to bank statements.

The month-by-month maintenance calendar

Audit readiness is the accumulation of small, regular actions — not a month-long scramble in December. Here is the rhythm:

MonthAction
JanuaryPublish annual budget. Collect first-quarter service charges.
FebruaryReconcile January statements. Review ownership register for changes.
MarchAGM: present audited accounts, elect committee, approve budget.
AprilFile committee changes with Land Registry (within 15 days).
MayRenew insurance policy. Update vendor due-diligence files.
JuneMid-year financial review. Reconcile arrears register.
JulySend arrears notices (six-month mark). Update by-law amendments if any.
AugustQuarter-three budget review. Verify sinking fund allocation.
SeptemberCommittee meeting: review all seven bundles for completeness.
OctoberPrepare year-end audit pack. Gather outstanding clearance certificates.
NovemberExternal audit engagement. Gather responses to auditor queries.
DecemberPresent draft audited accounts to committee. Distribute to owners.

This week action

Pull out whichever document you currently call the “ownership register.” Check it against the list of actual units in your building. If there is even one mismatch — one owner who sold, one unit with no recorded title number — fix it. The auditor starts with the register. If the register is wrong, nothing else stands.

For more on the legal framework that underpins these record-keeping requirements, see the Unit Titles Act explainer. For the full RERA compliance picture, see the RERA-readiness checklist. And for what happens when your records live in a car boot instead of a system, see the case for digital boardrooms.

Updated June 2026 for RERA draft status.

Want help applying this in your building?