AUDIT PRACTICE CPA A1.2 & ASSURANCE SERVICES Study Manual
User Manual:
Open the PDF directly: View PDF 
.
Page Count: 236
| Download | |
| Open PDF In Browser | View PDF |
Page 0 CPA Certified Public Accountant Examination Stage: Advanced Level 1 A1.2 Subject Title: Audit Practice and Assurance Services Study Manual Twinning Arrangement to develop Capacity Building for ICPAR INSIDE COVER - BLANK INTRODUCTION INSTITUTE OF CERTIFIED PUBLIC ACCOUNTANTS OF RWANDA ADVANCED Level 1 A1.2 AUDIT PRACTICE & ASSURANCE SERVICES First Edition 2012 This study manual has been fully revised and updated in accordance with the current syllabus. It has been developed in consultation with experienced lecturers. © CPA Ireland All rights reserved. The text of this publication, or any part thereof, may not be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, storage in an information retrieval system, or otherwise, without prior permission of the publisher. Whilst every effort has been made to ensure that the contents of this book are accurate, no responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication can be accepted by the publisher or authors. In addition to this, the authors and publishers accept no legal responsibility or liability for any errors or omissions in relation to the contents of this book. Page 1 s CONTENTS BLANK Page 2 CONTENTS CONTENTS Study Unit 1 2 3 4 5 Title Introduction to the Course 7 Assurance and the Audit Function Introduction Assurance Need for Regulation The Audit Function Small Entities Methodology of an Audit Sample Questions Professional Conduct Fundamental principles and guidance Independence Confidentiality Areas of Controversy Sample Questions Professional Appointments Advertising Tendering Acceptance Agreeing the Terms Books and Documents Change in Auditors Sample Questions Professional Responsibility and Liability Fraud Professional Liability Misconduct Professional Indemnity Insurance Sample Questions Practice Management & Regulatory Environment Risks to which firms are exposed Quality Control What are the Current Trends? Corporate Governance Law and Regulation Sample Questions 13 14 14 16 16 18 19 20 21 22 23 25 26 27 29 30 30 32 34 35 36 37 39 40 45 48 48 49 51 52 53 59 60 65 70 Page 3 s Page CONTENTS Study Unit 6 7 8 9 Title Audit Planning and Strategy Audit Planning Materiality Risk The Risk Approach Systems and Controls Cycles and Transactions Balance Sheet Approach Directional Testing Analytical Procedures Sample Questions Audit Evidence Audit Evidence Introduction Related Parties Management Representations Using the Work of Others Documentation Sample Questions Audit Evaluation and Review Review Procedures Opening Balances Comparatives Other Information Subsequent Events Going Concern Compliance with International Financial Reporting Standards Sample Questions Audit Reports Forming and Audit Opinion The Problem of Communication Electronic Reporting Special Purpose Reports Reporting to Management Sample Questions Page 4 s Page 73 74 82 83 85 87 87 87 88 88 90 93 94 99 103 105 109 109 111 112 113 115 118 121 123 127 128 131 132 133 134 135 136 137 CONTENTS Study Unit 10 11 12 13 14 Title Audit of Financial Statements Introduction Construction Contracts Liabilities Income Expenses Disclosures Sample Questions Audit Related and Assurance Services Audit Related Services Assurance Engagements Risk Assessments Performance Management Systems Reliability Electronic Commerce Forensic Audits Whistleblowing Sample Questions Internal Audit and Outsourcing Internal Audit Outsourcing Impact of Outsourcing on an Audit Sample Questions Prospective Financial Information Reporting on Prospective Financial Information Accepting an Engagement Procedures Expressing an Opinion Sample Question Social and Environmental Audits Implications for the Company Implications for the Management Measuring Social and Environmental Performance Implications for the Statutory Audit Implications of Assurance Services Sample Question Page 5 s Page 139 140 140 147 151 153 154 156 159 160 162 163 164 165 168 169 170 170 171 172 174 176 177 179 180 180 180 181 182 183 184 184 185 186 187 188 CONTENTS Study Unit 15 16 Title Group Audits Group Accounting and the Holding Company Auditors Principal Auditors and Other Auditors The Consolidation Process Joint Audits Auditing Foreign Subsidiaries Recent Developments Sample Question Solutions Solution 1.1 Solution 1.2 Solution 2.1 Solution 2.2 Solution 2.3 Solution 3.1 Solution 3.2 Solution 3.3 Solution 4.1 Solution 4.2 Solution 4.3 Solution 5.1 Solution 5.2 Solution 5.3 Solution 5.4 Solution 6.1 Solution 6.2 Solution 7.1 Solution 7.2 Solution 8.1 Solution 8.2 Solution 8.3 Solution 9.1 Solution 9.2 Solution 9.3 Solution 9.4 Solution 10.1 Solution 10.2 Solution 11.1 Solution 11.2 Solution 12.1 Solution 13.1 Solution 14.1 Solution 15.1 Page 6 s Page 189 190 190 194 195 196 196 197 199 199 199 200 201 202 203 204 204 204 206 206 207 207 207 208 209 212 214 217 218 220 220 220 221 221 222 223 224 227 227 228 229 231 232 INTRODUCTION TO THE COURSE Stage: Advanced Level 1 Subject Title: A1.2 Audit Practice & Assurance Services Aim The aim of this subject is to ensure that students can demonstrate the knowledge, skills and competencies necessary to carry out the audit of an entity and undertake assurance engagements, having due regard to the Institute’s and profession’s ethical standards in a changing and complex business environment. Audit Practice and Assurance Services as an Integral Part of the Syllabus In carrying out the audit of an entity’s financial statements it is essential to fully understand the application of the relevant International Standards in Auditing (ISAs), International Accounting Standards (IASs) and International Financial Reporting Standards (IFRSs). Many issues that face auditors frequently arise from the accounting treatment of certain financial transactions in the financial statements of the entity. The study of the subject Auditing at Advanced 1 Stage is an essential foundation for the study of Audit Practice and Assurance Services at Advanced 2 Stage. Financial Accounting and Information Systems (at Foundation 2 Stage) and Financial reporting and Company Law (at Advanced 1 Stage) are also essential prerequisites for the study of Audit Practice and Assurance Services. Learning Outcomes Upon successful completion of this subject students should be able to: • • • • • Explain, interpret and apply the legal, regulatory and ethical framework to the role of the auditor. Identify audit risks, and describe the procedures undertaken at the planning stage to meet the objectives of the audit. Design, evaluate and report on internal control and financial reporting systems and identify and communicate control risks, applying these skills to practical situations in both manual and computerised environments. Describe the application of Computer Assisted Auditing Techniques. Design, plan and apply audit testing techniques and procedures in the practical application of International Standards on Auditing (ISAs), International Standards on Quality Control (ISQCs) and other technical pronouncements to auditing and assurance situations. Page 7 CONTENTS • • • • • • • Evaluate the role of internal audit, including a comparison with the role of the external auditor. Draw conclusions, having applied appropriate professional skill, scepticism and judgement. Report to shareholders, management and other relevant parties in the course of providing audit and assurance services. Plan and perform the necessary work and report on other assurance engagements in the context of agreed terms of reference and the legal, regulatory and ethical framework. Undertake audit and assurance engagements with reference to the best practices and developments in Corporate Governance and their application to clients’ processes. Evaluate, explain and discuss issues and developments relating to auditing, including audit expectations and developments in the regulation of audits. Demonstrate an ability to work within a professional and ethical framework. Page 8 s CONTENTS Syllabus: 1. Legal and Regulatory Environment • • • • • 2. Ethics • • • • • • • • • 3. An in-depth knowledge of the Companies Acts / Orders and other company law legislation affecting the auditor. Responsibilities imposed on auditors of Rwandan Stock Exchange listed companies and legal responsibilities to shareholders. An in-depth knowledge of standards and other technical pronouncements issued by the IASB and IAASB. A detailed appreciation of case law decisions and their implications for the auditing process. An in-depth knowledge of other legal liabilities affecting auditors and accountants in providing audit and assurance services. Application of the ICPAR Code of Ethics. The fundamental principles of professional ethics. Threats and safeguards. Responsibilities to clients and colleagues. Other responsibilities and practices including: – Changes in professional appointments. – Use of lien in fee disputes. – Advertising and publicity. – Use of professional designations. Conflicts of interests. Code of confidentiality. Professional liability and indemnity. Misconduct and negligence. Internal Controls and Financial Systems • • • • • • • • The definition of the control environment and control procedures. Effective internal controls. The limitations on the effectiveness of internal controls. Ascertaining and understanding internal control systems: narrative notes, flowcharts, checklists, internal control questionnaires, walk through tests. Evaluations and assessment of accounting systems and internal control systems and its subsequent impact on audit work. Reliance on internal controls and internal audit. The principles and control procedures in a computer environment including system analysis and design considerations. The use of Computer Assisted Audit Techniques. Page 9 s CONTENTS 4. Risk Assessment & Audit Process • • • • • • • • • 5. Reporting • • • • • • • 6. New engagements. The strategic design and planning of an audit and knowledge of the client’s business. The review of financial statements to include analysis and critical assessment. Quality control and recording of the audit. The evaluation and testing of control procedures and audit evidence. The design and carrying out of tests of substance on specific audit areas. Consideration of materiality, audit risk, reliance on other specialists, events after the reporting period, contingencies, related parties. Use of experts. Characteristics of fraud and the responsibility of auditors for detecting material misstatement due to fraud. Reporting on Audited Financial Statements. Key concepts: opinion, true and fair view, materiality, statutory requirements. Basic elements of the Auditor’s Report. Modified Reports, differentiating between – Matters that do not affect the auditor’s opinion, and – Matters that do affect the auditor’s opinion. Circumstances giving rise to Modified Reports. – Limitations on Scope. – Disagreements with management. Auditor’s responsibility before and after the date of the Auditor’s Report. Auditor’s responsibility for other information in documents (e.g. Annual Report) containing audited financial statements. Special Audits and Other Assurance Engagements • • • • • • Relevant audit planning, execution (including internal control implications), reporting and professional practice considerations concerning: Group audits, small business audits (including small business exemption), not-forprofit audits, first time audits. Prospectuses and other offering documents (investment circulars): historical yearend financial statements, interim financial statements, and future oriented information. Other types of historical financial assurance engagements: financial statements review engagement (Accountant’s Report), financial statements compilation engagements (Compilation Report), audit or review of specific financial information (e.g. sales figures for retail park leases), compliance with agreements (e.g. loan covenants), agreed upon procedures. Assurance on internal controls in service organisations. Other types of audits: value for money/operational, social and environmental, health and safety, whistleblowing, forensic (fraud identification, analysis and assessment). Page 10 s CONTENTS 7. Corporate Governance • • • • 8. Best Practice Audit Committees – structures, roles, benefits and drawbacks. Roles and effectiveness of Non-Executive Directors. Anti-Money Laundering Procedures. Current Issues • The current issues and developments relating to auditing, including audit expectations and developments in the regulation of audits. Page 11 s BLANK Page 12 Study Unit 1 Assurance and the Audit Function Contents A. Introduction B. C. Assurance Need for Regulation D. The Audit Function E. Small Entities F. G. Methodology of an Audit Sample Questions Page 13 s ASSURANCE AND THE AUDIT FUNCTION A. INTRODUCTION There has been a huge growth in information that is available today in all aspects of business. The use of the internet has made access easy and more and more information is been required in all areas, not just financial. This growth in information has led to a need for assurance as to the quality and reliability of that information so that users can make informed decisions based on the information that is available to them. Audit and assurance services play a vital role in maintaining confidence and therefore stability in the world economy. The markets need confidence and in order to get this confidence they seek to reduce their exposure to risk. To reduce risk they need assurance in the market. B. ASSURANCE The International Standards on Auditing (ISA) glossary of terms gives a definition of an assurance engagement as “one in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria.” In practice, this could be an auditor expressing an opinion to the shareholders of a company on a set of financial statements prepared by management as to whether they have been prepared in a true and fair manner in accordance with accounting standards and relevant company law. Any assurance engagement must have the following five elements: • A three party relationship such as the Auditor reporting to a shareholder about the actions of management. • Some subject matter such as a set of financial statements. • Suitable criteria such as the accounting standards and/or law. • Sufficient appropriate evidence, in a form that is sufficient, reliable and relevant. • A written report in an appropriate form. Levels of Assurance Various levels of assurance may be given but this depends very much on (1) the individual engagement, (2) the criteria applied and (3) the subject matter. The glossary of terms refers to two types: • Reasonable level of assurance – subject matter materially conforms to criteria i.e. accounts give a true and fair view having regard to the accounting standards and law. • Limited level of assurance – no reason to believe that subject matter does not conform to criteria. Essentially, a negative form of expression. Page 14 s Absolute assurance can never be given. There are inherent limitations of an audit that affect the auditor’s ability to detect material misstatements in a set of financial statements. The Limitations of an audit • • • • • • Every item is not checked. In fact, only test checks are carried out by auditors. It would be impractical to examine all items within a class of transactions or account balance. Hence, it is not really possible to give absolute assurance. Auditors depend on representations from management and staff. Collusion can mitigate some good controls such as division of duties. There is always the possibility of collusion or misrepresentation for fraudulent purposes. Evidence gathered is persuasive rather than conclusive. It often indicates what is probable rather than what is certain. Auditing is not purely an objective exercise. Judgements have to be made in a number of areas. The view in financial statements is itself based on a combination of fact and judgement. The timing of an audit. An unqualified audit opinion is not a guarantee of a company’s future viability, the effectiveness and efficiency of management, nor that fraud has not occurred in the company. So are there any benefits of an audit? Yes, there are. • • • • The shareholders of a company are given an independent opinion as to the true and fair view of the accounts that have been prepared by management. The use made by third parties such as suppliers and banks of the accounts adds confidence in the performance of a company. Auditors themselves can use the knowledge accumulated during the course of the audit to provide additional services to the company such as the provision of consultancy services or a management letter showing weaknesses in the business and recommendations to alleviate such weaknesses in the future. While not responsible for detecting fraud, the very fact that an audit is carried out and may uncover evidence of fraud, can help to mitigate against such risks. Types of engagements The type of assurance engagement will depend very much on the subject matter, whether it be a set of accounts or an internal control system. In order that an assurance engagement can be carried out, the subject matter must be: • Identifiable • Capable of consistent evaluation and measurement and • Capable of being subject to procedures and evidence gathering. Page 15 s Types of assurance engagements include • Audits and reviews (different levels of assurance) • Reports on systems and controls as part of corporate governance framework • Reports for lenders and other investors • Reports on prospective financial information • Risk assessments • Business performance measurement • Social and environmental issues and • Value for money studies Implications of assurance services • • • C. Members of professions will need to have a good broad skills base to deal with the various types of engagements and not just the standard audit. More types of engagements increase the potential liability of accountants. Clear identification of what is extended liability is vital. There is the potential for increasing the expectations gap. Auditors’ view versus the public’s view. The auditor is not responsible for preparation of accounts or the detection of fraud. THE NEED FOR REGULATION Where there is reduced confidence in the markets and this leads to business failure, this in turn leads to instability. As a result there is increased demand for regulation. There has been regulation in the markets since the introduction of the concept of limited liability. The requirement for audited financial statements is a way to protect the owners of a business from unscrupulous management and also prevent the abuse of the limited liability status. D. THE AUDIT FUNCTION What is an audit? An audit is an exercise, of which the objective is, to enable an independent auditor to express an opinion on whether a set of financial statements is prepared in a true and fair manner in accordance with an identified financial reporting framework. The same objective applies to the audit of financial or other information prepared in accordance with appropriate criteria. Page 16 s Overview of Syllabus and audit Legal & Regulatory environment Ethics Internal controls & financial statements AUDIT Risk Assessment & Audit process Reporting Corporate Governance & current issues ISA (International standards on auditing) 200: Objective and general principles governing an audit of financial statements sets out what audits are all about. • The auditor should comply with the code of ethics for professional accountants issued by the International Federation of Accountants (IFAC), ethical standards and the ethical pronouncements issued by the auditor’s relevant professional body. • The auditor should conduct an audit in accordance with International Standards of Auditing and should plan and perform an audit with an attitude of professional scepticism. • ISA 200 also makes a very important point in that while the auditor is responsible for forming and expressing an opinion on the financial statements, the responsibility for preparing and presenting those financial statements lies with the management. • Furthermore, the auditor does not have any responsibility with regard to the prevention and detection of fraud. Again, that lies with the management. These points often form the basis for the expectation gap mentioned above. Types of audits • • • Statutory audits as required by companies’ legislation. Non-statutory audits preferred by interested parties rather than been required by law. For example, charities, societies, public interest companies etc. Small entity audits. Page 17 s E. SMALL ENTITIES Elements of a small entity would include: • Small number of individuals re ownership and management. • Basic record keeping. • Limited internal controls with huge potential for management override of such controls. There are arguments for and against small company audits. Each of the stakeholders, shareholders, management, employees, banks, suppliers and revenue commissioners has their pros and cons. • • • • • • • • • • • • Reassurance given by audited accounts for shareholders not involved in management. On the contrary, where shareholders are part of management, the whole audit exercise may not appear to be value for money. Audited accounts provide a good indication of a fair valuation for shares particularly unquoted shares. An audit provides management with an independent check on the accuracy of their financial statements. Also, some auditors do provide decent management letters. In reality, a more focused systems review or similar consultancy report would be of more benefit to management. Employees can gain comfort from audited accounts as to their job security and for wage negotiations. In reality, I don’t think this actually happens. Bank managers often rely on audited accounts when reviewing security in the event of granting a loan. More importantly though, a bank manager may want to see a good credit history in a company’s transactions with the bank. Suppliers can gain assurance from audited accounts when giving credit to customers. On the contrary, the accounts might be out of date and the customer could be experiencing difficulties. Might be more appropriate to get relevant credit references. Rwandan Revenue Authority can rely on audited accounts to back up tax returns. In reality, revenue authorities generally accept sets of accounts prepared by independent accountants. Small company audits and potential problems • Small companies create difficulties for auditors in that the auditor has to direct more of his work in the verification of items by physical inspection and the vouching of third party evidence, as he would otherwise probably do with larger company audits. The general principles applied in an audit are the same for large and small companies. But the specific testing may vary considerably. • Due to the nature of small companies as noted above, problems can arise with the reliability of internal control systems. In fact Control Risk is considered high. (ISA 200 defines control risk) Page 18 s • Lack of controls coupled with the risk of management override may lead to difficulties such as the incompleteness of income or the recording of inappropriate expenditure. In a larger company the system of internal control and a suitable staff structure would provide a check against a persons work. In smaller companies, some internal controls will be useful as a management check on staff, but will provide no checking mechanism on management itself. Where there are limitations in the effectiveness of internal controls, it has little value to the auditor in helping him form an opinion on a set of financial statements. As a result he will need to increase his substantive testing. Examples would be physically verifying additional assets purchased throughout the year and obtaining third party confirmation from a bank as to the small companies’ bank balances at the year-end. • Another problem associated with small company audits is that the lack of an appropriate internal control system coupled with the auditor’s inability to design or carry out procedures to obtain sufficient, reliable and relevant evidence as to the completeness and accuracy of the accounting records can create a limitation on the scope of the auditor’s work. This can affect the type of audit report that is issued. For example, you can have a qualified audit report where the scope limitation does not prevent the auditor from expressing an opinion, or you can have a report where the scope limitation is so significant that the auditor is unable to express an opinion. F. METHODOLOGY OF AN AUDIT • Determine the scope and the audit approach. Legislation and the auditing standards lay down the scope for statutory audits. An auditor should prepare a plan for his audit. • Ascertain the system and controls. Discuss the accounting system and the flow of documents with all the relevant personnel in the company. Document all your notes. Some auditors do flow charts, narrative notes and/or internal control questionnaires. Get to know the client’s business. Confirm that you have recorded the system accurately by carrying out walkthrough tests. • Assess the system and internal controls. Evaluate the system as it is to weigh up its reliability and draw up a plan to test its effectiveness. At this stage you could draw up a letter to management recommending any improvements you consider from your findings. In addition, what you have learned here may influence the type of further audit testing you may carry out later on. • Test the system and internal controls. Above, you evaluated the controls that are in place. You need also to test if they were effective. Compliance tests will cover many more transactions than the walkthrough tests. You need to carry out a representative sample through the accounting period. If you can establish that the controls are indeed effective, you can reduce the amount of detailed testing later on. However, if the controls turn out to be ineffective, then more substantive tests will need to be carried out. Page 19 s • Test the financial statements. This section covers the substantive testing which has been described earlier. You are effectively trying to stand over the figures in the financial statements. Substantive tests are audit procedures performed to detect material misstatements. Remember, if you think that any error you might find in a class of transactions will not be significant, then there is no point carrying out the substantive test. • Review the financial statements. After all the testing has been done and the evidence gathered, you should review the accounts as to their overall reliability making a critical analysis of the content and presentation. • Express an opinion. You need to evaluate all the evidence you have gathered and express an opinion on a set of accounts by way of a written audit report. You may in addition, write a management letter which can set out improvements you recommend or to place on record specific points in connection with the audit. Question 1.1 What are the limitations of an audit? Question 1.2 You have been preparing accounts for Mr J. Butera for the last number of years which he submits to the Revenue Authorities. His current turnover is RWF1million. Mr. Butera is considering forming a company and has asked for your advice on a number of issues. 1. Are there any advantages to having a company audit. 2. Would the audit carried out on his company be similar to that of say Bank of Kigali (BOK). 3. Is there anything other than an audit that would give him a degree of assurance. Page 20 s Study Unit 2 Professional Conduct Contents A. B. C. D. E. Fundamental principles and guidance Independence Confidentiality Areas of Controversy Sample Questions Page 21 A. FUNDAMENTAL PRINCIPLES AND GUIDANCE ISA 200 sets out the general principles of an audit. The auditor should comply with the code of ethics for professional accountants issued by the International Federation of Accountants. Accountants require ethics because people rely on them for their expertise in specific areas. Both the International Federation of Accountants (IFAC) and the Institute of Certified Public Accountants of Rwanda (ICPAR) have issued a code of ethics of which the fundamental principles of both associations are very similar. The ICPAR ethical framework states principles and encourages the auditor to make their own judgements. On the other hand the ethics as laid down by the IFAC provides more guidance by way of examples of potential issues and safeguards to mitigate against those threats. The ICPAR code of ethics lays out the fundamental principles as follows: • • • • • Integrity. A member should be straightforward and honest in all professional and business relationships. Objectivity. A member should not allow bias, conflict of interest or undue influence of others to override professional or business judgements. Professional competence and due care. A member has a continuing duty to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional service. Confidentiality. A member should respect the confidentiality of information acquired as a result of professional and business relationships and should not disclose any such information to third parties without proper and specific authority unless there is a legal or professional right or duty to disclose. Any information acquired should not be used for the personal advantage of the member or third parties. Professional behaviour. A member should comply with relevant laws and regulations and should avoid any action that discredits the profession. The circumstances in which members operate may give rise to specific threats to compliance with the fundamental principles. However, it is impossible to define every situation that creates such threats and to specify the appropriate mitigating action. In addition, the nature of engagements and work assignments may differ. The ICPAR conceptual framework requires each member to identify, evaluate and address threats to compliance, rather than merely complying with a set of specific rules such as those laid down by the IFAC. If the threats are significant, then you need to identify and apply safeguards to eliminate the risk or to reduce it to an acceptable manner. If no appropriate safeguards are available, then you need to eliminate the activities causing the threat or decline the engagement or discontinue it as the case may be. Page 22 s Advantages of a framework over a system of rules • • • • B. A framework forces you to consider the threats for every given situation and to act accordingly. A framework prevents you from interpreting technical issues. Rules don’t always cover all situations. Rules need to be constantly amended to live in a rapidly changing environment. INDEPENDENCE An auditor needs to be and seen to be independent. He must have independence of mind and independence in appearance. Independence is a state of mind that permits the provision of an opinion without being affected by influences that compromise professional judgement, allows an individual to act with integrity and exercise objectivity and professional judgement. An auditor needs to avoid facts and circumstances that are so significant that a reasonable and informed third party would reasonably conclude an auditor’s integrity, objectivity or professional scepticism had been compromised. Public confidence in the operation of capital markets and in the conduct of public interest entities depends upon the credibility of the opinions and reports issued by auditors. What are the threats to independence? ES 1 Integrity, objectivity and independence sets out the principal types of threats. • • • • • • Self interest: A financial interest in a client, undue dependence on fees, close business relationship, concern over losing a client, potential employment with client or loans from client. Self review: Reporting on the operation of financial systems after you were involved in their design and preparing the accounts now under audit. Management threat: Making judgements and taking decisions which are the responsibility of management. Advocacy: Acting as a legal advocate for client in litigation or promoting shares in the company. Familiarity: Having close personal relationships developed with client personnel through long association or a family relationship. Auditor may not be sufficiently questioning the client’s point of view. Acceptance of gifts of significant value. Intimidation: Threat of replacement due to disagreement. Page 23 s Review the Institute of Certified Public Accountants of Rwanda code of ethics together with the IFAC code of ethics with regard to areas such as financial interests, loans and guarantees, close business relationships, family and personal relationships, employments connections with the client, long association with client personnel, provision of non-assurance services, fees, gifts and hospitality and actual or threatened litigation. Safeguards to independence Safeguards that may eliminate or reduce threats to an acceptable level fall into two general categories: • Safeguards created by the profession, legislation or regulation and • Safeguards in the work environment whether within the auditor’s own systems and procedures or within the client company. The first category includes: • Educational, training and experience requirements for entry into the profession. • Continuing professional development requirements. • Corporate governance regulations. • Professional standards. • Professional or regulatory monitoring and disciplinary procedures. • External review by a legally empowered third party of the reports, returns, communications or information produced by a member. The second category includes: Firm wide safeguards • Such as firms stressing the importance of compliance with the fundamental principles. • The expectation that members will act in the public interest. • Documented policies and procedures to implement and monitor quality control of engagements. • Documented policies regarding identification of threats, their evaluation and application of safeguards. • Documented independence policies. • Policies and procedures to enable identification of interests and relationships between auditor and client. • Monitoring the fee income received. • Timely communication of a firm’s policies and procedures to all staff and appropriate training thereof. • Implementing a quality control system and appointing a member of senior management. • Advising all staff of the clients from whom they must be independent. • A suitable disciplinary mechanism to promote compliance with policies. Page 24 s Engagement specific safeguards • Involving an additional professional accountant to review the work done. • Consulting independent third parties. • Disclosing the nature of services provided and extent of fees charged to those charged with client governance. • Rotating senior audit team personnel. Safeguards within client systems and procedures • Persons other than management ratify auditor appointment. • Client has competent employees with experience to make decisions. • The client has a corporate governance structure that provides appropriate oversight and communications regarding the firm’s service. Specific safeguards in relation to independence are mentioned in the ICPAR and IFAC guidance and cover such areas are financial interest, loans, close business relationships, fees and litigation. International standard on quality control sets out the standards and provides guidance regarding a firm’s responsibilities for its system of quality control for audits. • • C. The firm should establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with professional standards and regulatory and legal requirements. The firm’s system of quality control should include policies and procedures addressing elements such as leadership responsibilities, ethical requirements, acceptance of engagements, human resources, engagement performance and monitoring. The quality control policies and procedures should be documented and communicated to the firm’s personnel. CONFIDENTIALITY There is a duty of confidence to the client but there are several exceptions noted. The principle is twofold. One, you should refrain from disclosing any information acquired without proper authority to do so unless there exists a legal or professional right or duty to disclose. Secondly, you should refrain from using any information acquired for your own personal advantage or that of a third party. A member should maintain confidentiality even in a social environment and even needs to comply with the principle even after the end of the professional relationship. The member can only use prior experience. Page 25 s Exceptions when member may be required to disclose: • Disclosure permitted by law and authorised by client. • Disclosure by law e.g. production of documents during course of legal proceedings or disclosure to appropriate public authorities of infringements of law that have come to light. Money Laundering Theft and Fraud Offences Duty to report where books of account are not been kept. • Professional duty or right to disclose when not prohibited by law, such as to comply with quality assurance reviews, to respond to an inquiry by an institute, to protect the professional interests of a member in legal proceedings or to comply with technical standards and ethical requirements. Having decided that there should be some disclosure, the auditor must consider• Whether the interests of any parties could be harmed by such disclosure and whether the auditor will incur legal liability as a result of the disclosure. • Whether all relevant facts are known and substantiated. • The type of communication that is expected and to whom it should be addressed. Under ISA 250 consideration of laws and regulations in an audit of financial statements, if auditors become aware of a suspected or actual occurrence of non-compliance with law and regulation which give rise to a statutory right or duty to report, they should report it to the proper authority immediately. In all cases of disclosure where there is a duty of confidentiality, you should seek legal advice. D. AREAS OF CONTROVERSY Independence • Multiple services Many audit firms are moving away from their traditional roles and are offering a wider variety of work to their clients. Audit is sometimes even seen as a loss leader in gaining other lucrative work. Having more legislation in this area, could restrict clients in whom they could choose to give them business and any synergies found in the auditor also providing additional services would be lost. Note, in the USA, SEC guidance suggests that an auditor is not independent in relation to a listed company if they provide certain non-audit services, such as bookkeeping, internal audit, management or human resources functions. • Specialist services Services such as valuation of intangible assets, property or unquoted investments where carried by a firm who are also a company’s auditors can lead to a self review threat. A firm should not therefore audit a client’s accounts which include specialist work carried out by themselves. Page 26 s • Second opinions Second opinions are acceptable but not if the current auditors are pressurised to accept the second opinion. In order to avoid this, there should be constant communication between the two auditors. The second firm has a duty to seek permission from the client to approach the current auditors. Without such communication, the second opinion may be formed negligently, as the second opinion may not be based on the same set of facts or is based on inadequate evidence. Confidentiality • Conflicts of interest Conflicts of interest can arise when a firm has two or more audit clients, and the clients are in direct competition with each other e.g. major banks. An audit firm can argue that different audit teams are involved and this can maintain independence and confidentiality. However, clients may not perceive it this way and could well move the audit to another firm. Takeovers also need special consideration. You could be the auditor to both companies in a takeover. In these cases, the auditor should not be the principal advisors to either and should not issue any assessment reports on either party other than the actual audit reports. • Insider dealing Auditors can be seen as insiders as they often have access to very sensitive information. Auditors should see the duty not to deal as an insider as an extension of their duty of confidentiality to their clients. Again, it is not just in relation to third parties but also to their own personal gain. Question 2.1 You are a partner in an audit firm. A number of issues have emerged in relation to some of your clients. You are asked to document your considerations on each of the issues, noting the threat arising, the significance of that threat and any factors you have taken into account, and, if relevant, any safeguards you could apply to eliminate or mitigate against that threat. 1. JNS Ltd 2. John is the most junior member of your audit team of eight. He has just invested in a personal pension plan that invests in all listed companies. 3. White LTD 4. You are the partner leading up a high powered team carrying out due diligence work on Black LTD, a company, your client, White LTD, is considering taking over. Paul, your deputy has mentioned that he met the daughter of the MD of Black LTD during the initial phases of the work and is going to ask her out. Page 27 s 5. Take it Easy LTD 6. You have been associated with this audit for ten years, four as audit engagement partner. You are just back from a six week cruise with the MD on his yacht. Question 2.2 Here is an example of a press report which appeared in recent years which dealt with issues of objectivity and independence within a firm of multinational firm of accountants. “..a partner in the firm was told by the regulatory body that he must resign because he was in breach of the body’s independence rules, as his brother in law was the financial controller of an audit client. He was told that the alternative was that he could move his home and place of work at least 400 miles from the offices of the client, even though he was not the reporting partner. This made his job untenable. The regulatory body was seen as taking its rules to absurd lengths by the accounting firm. Shortly after this comment, the multinational firm announced proposals to split the firm into three areas between audit, tax and business advisory services; management consultancy; and investment advisory.” Discuss the above events and the impact they may have on the public perception of integrity, objectivity and independence. Question 2.5 Where auditors are perceived not to be independent is a real cause for concern. Where auditors provide non audit services to their clients, their objectivity may well be impaired by undue dependence on those clients. In addition, further concerns may arise in the situation where audit clients hire staff who were previously employed by their auditors. In this case the objectivity of future audits may be at risk. 1. Describe the problems that may arise if an audit client hires, as finance director, a former audit partner. 2. Are there any advantages to a client of their auditor becoming an executive in their company? 3. How does current ethical guidance attempt to deal with these potential problems surrounding an auditor becoming an executive and what additional safeguards if any may help the situation? Page 28 s Study Unit 3 Professional Appointments Contents A. Advertising B. Tendering C. D. Acceptance Agreeing the Terms E. Books and Documents F. G. Change in Auditors Sample Questions Page 29 PROFESSIONAL APPOINTMENTS A. ADVERTISING ISA 200 sets out the ethical principles governing the auditor’s professional responsibilities. One of them is professional behaviour. A member is expected to comply with relevant laws and regulations and should avoid any action that discredits the profession. Now, auditors are like anyone else in business and in business it is necessary to advertise. But this advertising should be aimed at informing the public in an objective manner and should be in good taste. The Institute of Certified Public Accountants of Rwanda have stated they will use the IFAC code of ethics as their basis and thus imply that in promoting themselves and their work, members should be honest and truthful and should not make any exaggerated claims for the services they are able to offer, the qualifications they possess or the experience they have gained. In addition, they should not make any disparaging references or unsubstantiated comparisons to the work of others. Use of logos Persons can only use the designated letters of a profession after their name such as in advertisements when they are members of the said profession. A firm must have a practicing/auditing certificate to describe themselves as registered auditors. Fees If reference is made in promotional material to fees, the basis on which the fees are calculated should be stated. The greatest care should be taken to ensure that any reference does not mislead as to the precise range of services and time commitment that the reference is intended to cover. The danger of giving a misleading impression is great when there are constraints in respect of space limits for advertisements. It is for this reason that it is generally inappropriate to advertise fees. It is probably better to advertise free consultations to discuss fee issues. B. TENDERING Client companies can change auditors. In this regard a firm may be approached to submit a tender for an audit. When approached to tender, an audit firm must consider whether they want to do the work and they must have regard for the ethical considerations, such as independence and professional competence. In addition, they need to consider fees and some other practical issues. Fees A member may quote whatever fee is deemed to be appropriate. The fact that one may quote a lower fee than another auditor is not in itself unethical. However, it does raise the Page 30 s risk of a threat to the principles of professional competence and due care in that the fee quoted may be so low as to make it appear to be difficult to perform the audit to the expected standards. Therefore, it is wise to set out the basis of the calculation of the fee. The following factors should be considered when setting out a fee: • What does the job involve. Is it audit and/or tax or is there some other complicated work involved. • Which staff will need to be involved, numbers and quality. How long will they be required. Is the nature of the business complex. • What charge out rates are to be applied. The practice of undercutting fees has been called lowballing and can be seen in action generally where large audits are concerned. We have seen that having a lower fee may seem to have a negative impact on an auditor’s perceived independence but there are other factors to be considered: • Auditors operate in a market like any other business where supply and demand very often dictate the price. • Fees may be lower due to reasons such as better internal audit functions and simplified group structures within client companies. • Auditing firms have increased productivity, whether through the use of more sophisticated IT or experience gained through understanding the client’s business. Practical issues It is important that the auditor also considers a number of other issues: • Can the audit assignment be fitted in to the audit firms current work plan. • Is their suitable audit staff available. • Will any specialist skills be required. What are the future plans for the company. • Is there any training required for current staff and what will be the cost of that training. • What work does the client actually want. Audit and/or tax. • Is this the first time the company has been audited. • Whether the client is seeking to change its auditors and if so what is the reason behind it. Submitting an audit proposal There is no set format. In fact, the client may dictate the format whether it be a written submission or a presentation to the board of directors. Whatever the form of the tender submission, the following matters should be included in the proposal: • The audit fee and the basis for its calculation • An assessment of the needs of the client Page 31 s • • • • • How the firm means to meet the needs of the client Any assumptions made to support the proposal The audit approach to be adopted by the firm A brief outline of the firm Details and background of the key audit staff on the proposed engagement. Evaluating the tender Different clients will have different ways of evaluating a tender. Some of the more general points are listed below. It is important to bear these in mind when preparing a proposal: • Fee. This can be the most vital point. Some clients go straight to this figure and don’t even bother with the rest of the document. • Professionalism. Auditors are expected to be professional. Remember, the audit team and the tender documents are often the first factors on which a prospective client forms an impression. • Proposed audit approach. Clients are always looking for the least amount of disruption to their already busy schedules, so the shortest number of days on-site may be the key to winning a tender. • Personal service. Fostering relationships is vital. Client should always feel he is getting value for money. C. ACCEPTANCE You have submitted a tender. You have been successful and the client has offered you the audit. Before you accept and commence the audit you should carry out a number of procedures in order to comply with the provisions in ISQC1 quality control (section 26 to 28). Before accepting the assignment • Make sure there are no ethical issues which would prevent you from accepting this assignment. • Make sure that you are professionally qualified to carry out the work requested and that your firm has the resources available in terms of staff, expertise and time. • Check out references for the directors of the client firm especially if they are unknown to the audit firm. • Consult previous auditors as a matter of professional courtesy and establish from them whether there is anything that you ought to know about this vacancy. After accepting the assignment • Make sure the resignation of the previous auditors has been properly carried out and that the new appointment is valid. A resolution by shareholders of the company is required. • Submit a letter of engagement to the directors of the client company and ensure it is accepted and signed before any audit work is carried out. Page 32 s ISQC1 states that a firm should establish policies and procedures for the acceptance and continuance of client relationships and specific engagements, designed to provide it with reasonable assurance that it will only undertake or continue relationships and engagements where it: • Has considered the integrity of the client and does not have any information that would lead it to conclude that the client lacks integrity, • Is competent to perform the engagement and has the capabilities, time and resources to do so and • Can comply with the ethical requirements. The firm should obtain such information as it considers necessary in the circumstances before accepting an engagement with a new client, when deciding whether to continue an existing engagement and when considering acceptance of a new engagement with an existing client. Where issues have been identified and the firm decides to accept or continue the relationship or a specific engagement, it should document how the issues were resolved. In short, a firm must: • Obtain relevant information • Identify relevant issues • Resolve issues that are identified, and document that resolution. Integrity of client Matters to be considered: • Identity and business reputation of owners, key management and those charged with governance. • Nature of the client’s operations and its business practices. • Attitude of the owners, key management and those charged with governance towards matters such as aggressive interpretation of accounting standards and the internal control environment. • Client’s attitude to fees. • Indications of inappropriate limitation in the scope of work. • Indications that client may be involved in money laundering or other criminal activities. • Reasons given for non-reappointment of previous auditors. Information can be gathered through communications with previous auditors or other professionals who may have provided services and through other third parties such as bankers, legal counsel and industry peers. There are also a multitude of relevant databases where one can do some background research. Competence of the firm Matters to be considered: • Has the firm got sufficient knowledge of the relevant industry and the relevant regulatory environment. • Are there sufficient personnel within the firm having the necessary capabilities and competence and are experts/specialists available when needed. Page 33 s • Are competent individuals available to perform engagement quality control reviews. • Will the firm be able to complete the engagement within the reporting deadline. Other issues • Where a potential conflict of interest is identified, the firm should consider whether it is appropriate to accept the engagement. • Need to consider any significant matters that may have arisen during the current or previous engagements of whatever description. ISQC1 goes on to state that where the firm obtains information that would have caused it to decline an engagement if that information had been available earlier, policies and procedures (on the continuance of the engagement and the client relationship) should include consideration of: • The professional and legal responsibilities that apply to the circumstances, including whether there is a requirement for the firm to report to the person or persons who made the appointment or, in some cases, to regulatory authorities, and • The possibility of withdrawing from the engagement or from both the engagement and the client relationship. Some suggested procedures would include discussing with appropriate client management the appropriate action that the firm might make based on the relevant facts and circumstances. Also, the firm should document the significant issues, consultations, conclusions and the basis for those conclusions. D. AGREEING THE TERMS Once an engagement has been accepted it is important to agree the terms. It is essential that both parties fully understand what the agreed services are. Any misunderstanding could lead to a breakdown in the relationship and could result in legal action. ISA 210: terms of audit engagements establishes standards and provides guidance on: • Agreeing the terms of an engagement with the client and • The auditor’s response to a request by a client to change those terms to one that provides a lower level of assurance. It states that the auditor and the client should agree on the terms of the engagement. The agreed terms would need to be recorded in an audit engagement letter or other suitable form of contract. The terms should be recorded in writing. The objective and scope of an audit and the auditor’s obligations may be established by law, but the auditor may still find that an audit engagement letter will be informative for their clients. The main points to be clarified in the letter of engagement would include: • Confirmation of the auditor’s acceptance of the appointment. • The auditor is responsible for reporting on the accounts to the shareholders Page 34 s • The directors of the company have a statutory duty to maintain the books of the company and are responsible for the preparation of the financial statements. • The directors are responsible for the prevention and detection of fraud. • The fact that because of the test nature and other inherent limitations of an audit, there is the unavoidable risk that some material misstatements may remain undiscovered. • The scope of the audit including reference to appropriate legislation and standards. • There should be unrestricted access to whatever books and records the auditor needs in the performance of his duties. Other points to be included: • Arrangements regarding the planning and performance of the audit. • The expectation of receiving from management written confirmation regarding representations made in connection with the audit. • Request for the client to confirm in writing the terms of the letter. • The fee to be charged and the credit terms. • The form of any reports or other communication of results of the engagement. Other issues • On recurring audits, the auditor should consider whether circumstances require the terms of the engagement to be revised and whether there is a need to remind the client of the existing terms of the engagement. • An auditor who, before the completion of the engagement, is requested to change the engagement to one which provides a lower level of assurance, should consider the appropriateness of doing so. Where the terms are changed, both parties should agree on the new terms. Note, the auditor should not agree to a change of engagement where there is no reasonable justification for doing so. E. BOOKS AND DOCUMENTS ISQC1 states that the firm should establish policies and procedures for the retention of engagement documentation for a period sufficient to meet the needs of the firm or as required by law or regulation. Unless otherwise specified by law or regulation, engagement documentation is the property of the audit firm. The firm may, at its discretion, make portions of, or extracts from, engagement documentation available to clients, provided such disclosure does not undermine the validity of the work performed, or, in the case of assurance engagements, the independence of the firm or its personnel. Audit working papers belong to the auditor and cannot be taken over by another set of auditors taking over the audit assignment. In practice, the previous auditors provide the new auditors with enough carry over information such as the lead schedules behind the make up of the financial statements. The auditor owes a duty of confidentiality to the client, so documents about the client should not be given to third parties unless: Page 35 s • The client agrees to the disclosure • The disclosure is required by law or court order • Disclosure is otherwise in accordance with the rules of professional conduct. The previous auditors should ensure that all the books and documents belonging to the client are returned promptly. In some cases, the previous auditors are allowed to keep the books where they are exercising a lien. This is a suppliers right to retain possession of a customer’s property until the customer pays up what is owed. There are strict conditions when this can be enforced: • The books and documents must actually belong to the client • The auditor must have got them by proper means • The actual work must have been done and a fee note raised and given to the client • The fee must relate to the held documents. Financial statements and tax compliance work belong to the client, even if the auditor/accountant has prepared them. F. CHANGE IN AUDITORS Companies do actually change their auditors. It is important that auditors understand why a company may seek to change their auditor in a bid to prevent this from happening to them. The following sets out the reasons why this can happen: Audit fee Many companies perceive that an audit has very little value. In turn this makes the audit fee a very sensitive issue. • The fee may be perceived to be too high. Remember, a lot of the audit work may be done off site and the hours charged at the firms office will belong to the managers and partners, so the client might not understand why the fee is so high. • It may not be seen as good value for money. For example, a client may have important tax work carried out for him. The fee charged may be way lower than that of the audit, probably due to the time involved, yet the client might see the value of this work far greater than that of the audit. • The current fee might not appear to be very competitive. Other similar firms may be getting audit services for less. • The client may put the audit out to tender to see whether the price is actually negotiable, even though he may have no intention of changing his auditor. • The audit fee may breach the recommended level of overall practice fees as laid down by ethics and auditor may have no other alternative but to resign. Audit firm may not seek re-election • The auditor may choose not to stand for ethical reasons, such as he doubts the integrity of management • Conflicts of interest may have arisen such as competition between clients or maybe he has been offered some lucrative work by the client and he may have to resign the audit Page 36 s • The auditor may have a disagreement with the client such as in the formulation of accounting policies • The auditor may simply not want to reduce his audit fee. Size of the company • The company may be growing at such a rate that the audit firm no longer has the necessary resources, staff, time, and expertise, to allow it to retain the audit. Remember the principle of professional competence and due care. • Alternatively, the company may be constricting and it now finds that it can avail of the audit exemption specified under relevant jurisdiction regulations. • There is very little that the auditor can do in each of these cases. Other reasons • With small companies, the audit is almost a personal service. If the relationship breaks down, there may be no where to go except discontinue the relationship. Within a big firm with big audit clients, you could simply change the engagement partner. • As part of the safeguards against the threats to independence, audit rotation was put forward. This is where the audit moves to another firm although in the previous point, rotating to another engagement partner within the same firm will mean the same thing. Question 3.1 A B Ltd, a large quoted company, was founded and controlled by Mr. Narang. The principle business of the company was to develop undeveloped land in city centres into apartment blocks. In 2010, the Revenue Authorities became suspicious of the nature of the operations been carried out by the company and instigated an investigation. The investigation highlighted weak organisational internal controls and non-existence in many cases. Payments to unknown persons and fictitious consultancy firms were found. In addition Mr Narang maintained a secret expense account that was used to disburse funds to himself. The board of directors did not know of the existence of the account which was maintained by the audit engagement partner. The auditors were heavily criticised in the report. Winalot & Co the firm of auditors had an aggressive marketing campaign and had increased its audit fees substantially over a number of years. They had accepted the audit appointment in 2008 after the previous auditor had been dismissed. The audit report for 2007 had been heavily qualified on the ground of poor internal control and lack of audit evidence. Mr Narang had approached several firms of auditors in order to ascertain whether they would qualify the audit report given the present system of internal controls. Winalot said it was unlikely that they would qualify the report. They realised that Mr Narang was opinion shopping but were prepared to give an opinion in order to attract the client to their firm. The PLC subsequently filed for insolvency and the auditors were sued for negligence by a creditor. Page 37 s You are required to: 1. Describe the procedures that an audit firm should carry out before accepting a new client with a potentially high audit risk. 2. Detail the ethical problems raised by the maintenance of the secret expense by the audit partner. 3. Suggest measures to try and minimise the practice of opinion shopping by prospective audit clients. 4. Explain how audit firms can reduce the risk of litigation and its effects upon the audit practice. Question 3.2 Why would an auditor not seek re-election and what practical issues should an auditor consider when submitting a tender. Question 3.3 Discuss accountants and the advertising of fees. Page 38 s Study Unit 4 Professional Responsibility and Liability Contents A. B. C. Fraud Professional Liability Misconduct D. Professional Indemnity Insurance E. Sample Questions Page 39 PROFESSIONAL RESPONSIBILITY AND LIABILITY A. FRAUD An auditor’s main concern in an audit is the risk of a material misstatement in the financial statements. These material misstatements can arise from fraud or error. An error is an unintentional misstatement in the financial statements, whether an omission of an amount or a disclosure. It can be a mistake in gathering or processing data for the accounts, an incorrect accounting estimate or a mistake in the application of accounting principles. Fraud is an intentional act by one or more individuals among management, employees or third parties, involving the use of deception to obtain an unjust or illegal advantage. Auditors do not make legal determination of whether fraud has actually occurred, the auditor is concerned with fraud that causes a material misstatement in the financial statements. Responsibility ISA 240: the auditor’s responsibility to consider fraud in an audit of financial statements, states quite clearly in paragraph 240.13 that the primary responsibility for the prevention and detection of fraud rests with the management and those charged with governance of the entity. It is their responsibility to establish a control environment to assist in achieving the orderly and efficient conduct of the entities operations. It is up to them to put a strong emphasis within the entity on fraud prevention. The auditor does not have a specific responsibility to prevent or detect fraud, but he must consider whether it has caused a material misstatement in the financial statements. Types of fraud There are two types of intentional misstatement: • Fraudulent financial reporting • Misappropriation of assets Fraudulent financial reporting This may be accomplished by the following: • Manipulation, falsification, or alteration of accounting records or supporting documentation from which the accounts are prepared • Misrepresentation in or intentional omission from the accounts of events, transactions or other significant information Page 40 s • Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation or disclosure. Specifically fraud can be committed by management overriding controls using techniques such as: • recording fictitious journal entries • inappropriately adjusting assumptions • omitting, advancing or delaying recognition of events or transactions in the correct accounting period • Concealing or not disclosing facts that could affect amounts recorded in the financial statements • Engaging in complex transactions that are structured to misrepresent the financial position • Altering records and terms related to significant and unusual transactions. Misappropriation of assets This involves the theft of a company’s assets. While management are in a position to be able to disguise or conceal misappropriations in ways that are difficult to detect, small and immaterial amounts misappropriated are often perpetrated by employees. Misappropriations can be accomplished in a number of ways: • Embezzling receipts • Stealing physical assets or intellectual property • Causing a entity to pay for something they never received • Using an entity’s assets for own personal use. The misappropriation of assets is often accompanied by false or misleading records or documents in order to conceal the fact that the assets are missing. Why is there fraud Fraud occurs because • There is an incentive or pressure to commit fraud • A perceived opportunity to do so • Rationalisation of the act. • Individuals may be living beyond their means • Management is under pressure to reach targets • An individual may believe internal controls can be over-ridden. The auditors approach in relation to fraud ISA paragraph 240.3 states that in planning and performing the audit to reduce risk to an acceptable level, the auditor should consider the risks of material misstatement in the financial statements due to fraud. Page 41 s 1. 2. 3. 4. 5. 6. 7. Maintain an attitude of professional scepticism Audit team should discuss the entity’s susceptibility to fraud Carry out risk assessment procedures Respond to the assessed risks Consider whether any identified misstatement is indicative of fraud Obtain written representations from management relating to fraud Communicate with management ISA 240.24 states that the auditor should maintain an attitude of professional scepticism throughout the audit, recognising the possibility that a material misstatement due to fraud could exist notwithstanding the auditors past experience with the entity about the honesty and integrity of management. Members of the engagement team should discuss the susceptibility of the entity’s financial statements to material misstatements due to fraud. (ISA 240.27) The engagement partner should consider which matters are to be communicated to members of the audit team not involved in the discussion (ISA 240.29). The discussion may include: • An exchange of ideas about how and where a company may be susceptible to fraud, how management could conceal fraud and how assets could be misappropriated. • A consideration of circumstance that might lead to aggressive earnings management • A consideration of known factors both external and internal that may create an incentive or pressure from management or others to commit fraud • A consideration of management involvement in the supervision of employees with access to cash or other assets susceptible to misappropriation • A consideration of any unusual or unexplained changes in behaviour or lifestyle of management or employees that has come to the teams’ attention • Emphasising the importance of professional scepticism • A consideration of the types of circumstances that might indicate fraud • A consideration of how unpredictability will be incorporated into the audit • A consideration of audit procedures that might be selected to respond to any suspicions of fraud • A consideration of any allegations that have come to the auditors attention • A consideration of the risk of management override of controls. Risk assessment procedures The auditor should undertake risk assessment procedures in order to obtain an understanding of the entity and its environment, including its internal control. As part of this work the auditor performs procedures to obtain information that is used to identify the risks of misstatement due to fraud. These procedures include: • Making inquiries of management as to how they identify and respond to the risks of fraud • Consider whether fraud risk factors are present Page 42 s • Consider the results of analytical procedures and any other relevant information When obtaining an understanding of the entity and its environment, including its internal control, the auditor should make inquiries of management regarding: • • • • Management’s assessment of the risk of fraud Management’s process for identifying and responding to the risks Management’s communication to those charged with governance Management’s communication, if any, to employees regarding its views on business practices and ethical behaviour. The auditor should make inquiries of management, internal audit and others within the entity, to determine whether they have knowledge of any actual or suspected fraud. The auditor should obtain an understanding of how those charged with governance exercise oversight of management processes for identifying and responding to risks and the internal control that management has established to mitigate these risks. The auditor should make inquiries of those charged with governance to determine whether they have knowledge of any actual or suspected fraud. When obtaining an understanding of the entity and its environment, the auditor should consider whether the information obtained indicates that one or more fraud risk factors are present. Fraud risk factors are detailed in appendix 1 of ISA 240. When performing analytical procedures, the auditor should consider unusual or unexpected relationships that may indicate risks of material misstatements due to fraud. When identifying and assessing the risks of material misstatement at the financial statement level, and at the assertion level for classes of transactions, account balance and disclosures, the auditor should identify and assess the risk of material misstatement due to fraud. Those assessed risks that could result in a material misstatement are significant risks and accordingly, the auditor should evaluate the design of the related controls and determine whether they have been implemented. The auditor identifies the risks of fraud, relates the identified risks to what can go wrong at the assertion level and considers the likely magnitude of a potential misstatement. Responses to risk The auditor should determine overall responses to address the assessed risks of material misstatement due to the fraud at the financial statement level and should design and perform further audit procedures whose nature, timing and extent are responsive to the assessed risks at the assertion level. Page 43 s The auditor should respond in the following ways: • A response that has an overall effect on how the audit is conducted • A response to identified risks at the assertion level • A response to identified risks where management override controls are involved. In determining overall responses to address the risk of material misstatement due to fraud at the financial statement level the auditor should consider • the assignment and supervision of personnel • the accounting policies used • Incorporate an element of unpredictability in the selection of the nature, timing and extent of audit procedures. Audit procedures responsive to risks at assertion level may change the nature, timing and extent of audit procedures such as: • Audit evidence may need to be more reliable and relevant or to obtain additional corroborative information. Physical inspection or observation may become more important. • Timing of substantive tests may need to be modified, for example in revenue recognition testing. • Sample sizes may need to be increased. • (see appendix 2 ISA 240) To respond to the risk of management override of controls, the auditor should design and perform audit procedures to • test the appropriateness of journal entries • review accounting estimates and • obtain an understanding of the business rationale of significant transactions that are outside the normal course of business for the entity. Evaluation of audit evidence The auditor evaluates whether the risks of material misstatement are appropriate based on the evidence gathered. He must also consider the reliability of management representations and must obtain from the management in writing, that the management accepts its responsibilities in relation to the prevention and detection of fraud and has made all relevant disclosure to the auditors. The auditor must document: • The significant decisions reached during the audit team discussion of fraud • The identified and assessed risks of material misstatement due to fraud • The response to the assessed risks • Communication to management Page 44 s Reporting The auditor should communicate to the appropriate level of management any identified fraud. Where the fraud involves management or key employees in internal control operations, the auditor should communicate as soon as possible any such fraud to those charged with governance. The auditor may have a statutory duty to report fraudulent behaviour to a regulator outside the entity. Withdrawal from audit The auditor should consider resigning from the audit if exceptional circumstances arise that would bring into question the auditor’s ability to continue in office. If the auditor withdraws, he should discuss with the appropriate level of management as to the reasons and should consider whether there are legal or professional requirements to report to third parties. B. PROFESSIONAL LIABILITY Auditors may have professional liability under statute law and in the tort of negligence. Statute law There are occasions when auditors have professional liability under statute law: • In insolvency legislation, the auditor could be found to be an officer of the company and thus could be charged with a criminal offence in connection with the winding up of the company. • An auditor could be found to be guilty of insider dealing, which is a criminal offence. • Auditors could be found guilty of a criminal offence in respect of money laundering issues as to their failure to report any known suspicions to the proper authority. Tort of negligence Negligence is based on customary/common law. It seeks to provide compensation to loss suffered by one due to another’s wrongful neglect. To succeed, an injured party must prove: • A duty of care existed • The duty of care was breached • The actual breach caused the loss. Who would take an action against an Auditor If an auditor gave an incorrect audit opinion the following parties might take an action: • The company • The shareholders Page 45 s • The bank • Other lenders • Other interested third parties The key difference between all the above mentioned parties is the nature and duty of care owed to them by the auditor. Audit client An auditor owes a duty of care to the company as it is the audit client. The company has a contract with the audit firm. Therefore, the duty of care is automatic under law. The company is all the shareholders acting as a body; it cannot be represented by one shareholder alone. The standard of work of the auditor is generally defined by legislation. A number of judgements exist which have gauged the level of care as specific legislation does not exist which states clearly how an auditor should discharge his duty of care. EG. Re Kingston cotton mills 1896 Court of Appeal, England “.it is the duty of the auditor to bring to bear on the work he has performed that skill, care and caution which a reasonably competent, careful and cautious auditor would use. What is reasonable skill, care and caution, must depend on the particular circumstances of the case.” EG. Re Thomas Gerrard & son Ltd 1967 Chancery Division, England “…the real ground on which re Kingston cotton mills….is, I think, capable of being distinguished is that the standards of reasonable care and skill are, upon the expert evidence, more exacting today than those which prevailed in 1896.” EG. Re Fomento(sterling area) Ltd v Selsdon fountain pen co Ltd 1958 “…they must come to it with an inquiring mind, not suspicious of dishonesty…..but suspecting that someone may have made a mistake somewhere and that a check must be made to ensure that there has been none.” Auditors have to be careful in forming an opinion and they must give consideration to all relevant matters. If an opinion reached by an auditor is one that no reasonably competent auditor would be likely to reach, then the auditor would possibly be held for negligence. Third parties The auditor can only owe a duty of care to parties other than the audit client, if one can be established. Third parties will include any individual shareholders, potential investors and the bank. In these cases, there is no contract with the audit firm. Therefore, there is no implied duty of care. Page 46 s Case law seems to suggest that the courts have been reluctant to attribute a duty of care for third parties to the auditor. EG. Caparo industries plc v Dickman and others 1990 England House of Lords - Tort Caparo relied on a set of accounts to purchase shares in a company. Subsequently, they alleged that the accounts were misleading. They argued the auditors owed a duty of care. The House of Lords found that there was no duty of care. The audit complied with the company’s legislation and there was no mention in that legislation to suggest that auditors should protect the interests of investors. EG. James McNaughton paper group Ltd v Hicks Anderson 1990 The position held that a restrictive approach was now adopted to any extension of the scope of the duty of care beyond the person directly intended by the auditor. In addition, all circumstances should now be taken into account in deciding on a duty of care. However, in 1995, a high court judge made an award against BDO as their joint audit of a company in which ADT were investing was held to be a contractual relationship with ADT. Problems however still arise after this case law. The reality is that third parties do rely on audited accounts. The perception is if you are required to file your accounts with for example the Office of Registrar General in Rwanda, then this information must be credible and independent. It seems unfair that auditors should bear full responsibility for something for which they do not have the primary responsibility. In recent times, directors of companies are required by law not to make misleading statements to auditors. Banks and other major lenders appear to have a more special relationship than other third parties. Loan facilities will often contain clauses requiring audited accounts and up to date financial information on a regular basis. This may be seen to document a relationship with the auditor that establishes a duty of care. EG. Royal Bank of Scotland v Bannerman, Johnstone Maclay and other 2002 The bank provided an overdraft facility to the company, who it is claimed misstated its position due to a fraud. It was argued that the auditors neglected to find the fraud. The judge found that the auditors had a duty of care. They knew that the bank need audited accounts as part of the overdraft arrangement and could have issued a disclaimer to the bank. But they didn’t and this was an important factor in deciding that they did owe a duty of care. Litigation avoidance One way of dealing with litigation is to try and avoid it. How? • Have clear client acceptance procedures, screen new clients, use an engagement letter. • Perform all audit work in accordance with standards and best practice. • Have sensible and effective quality control procedures in place. Page 47 s • Issue appropriate disclaimers. Auditors may attempt to limit their liability by issuing disclaimers, although this may not always be effective in law. C. MISCONDUCT Misconduct includes any act or default that is likely to bring discredit to the member, relevant firm or registered student. A member should comply with relevant laws and regulations and should avoid any action that discredits the profession. A member found guilty of misconduct by a competent court shall be liable to disciplinary action, the penalties for which are at the discretion of the professional bodies committees dealing with this area. Misconduct could include: • Deception • Forgery • Theft • Dishonesty. Honesty and integrity is a fundamental principle for auditors as they are in a position of trust. Dishonesty therefore would be taken very seriously. D. PROFESSIONAL INDEMNITY INSURANCE Most professions insist that auditors take out professional indemnity insurance. This is insurance against civil claims made by clients and third parties arising out of the work undertaken by a firm. Fidelity guarantee is insurance against liability arising through any acts of fraud or dishonesty by an employee of a firm in respect of money or goods held in trust by the firm. Insurance is important in order to compensate the client as it is highly unlikely that a firm would have the necessary resources to fully compensate a client. It also provides some protection for the firm against bankruptcy. There is a downside to the insurance. It is quite expensive and there may also be limits to the cover. There is also the risk that some auditors will take less care than their duty requires as they have a safety net if something goes wrong. It is also common for the insurance requirement to remain in place after a member ceases to engage in public practice. The major accountancy firms have been interested in trying to limit their liability for partners in the event of negligence. Page 48 s Question 4.1 Write a note, where you must consider the extent to which an auditor should be responsible for detecting fraud when auditing the accounts of limited companies. 1. Outline the extent to which an auditor is responsible for detecting fraud. 2. Discuss whether it would be reasonable to extend the auditor’s responsibilities and are there any practical problems of extending such responsibilities? 3. Conclude on and define the extent to which you consider it reasonable for an auditor to be responsible for detecting fraud. Question 4.2 In an action for negligence, what must occur in order to proceed? Question 4.3 What practical actions can an auditor apply in order to avoid litigation? Page 49 s BLANK Page 50 Study Unit 5 Practice Management & Regulatory Environment Contents A. B. C. Risks to which firms are exposed Quality Control What are the Current Trends? D. Corporate Governance E. Law and Regulation F. Sample Questions Page 51 s PRACTICE MANAGEMENT & REGULATORY ENVIRONMENT A. RISKS TO WHICH FIRMS ARE EXPOSED A key risk facing any audit firm is that the business will fail. In this respect an audit firm is no different from any other business venture. Risks specific to audit firms: • • • • • Litigation against the firm Client loss (changes in auditors!!) Disciplinary action by the professional body Loss of key audit personnel Competition Diagram 1 Litigation against audit firm Bad publicity Disciplinary action by Professional Body Loss of the litigious client Loss of other clients To competitors Client Loss Risk of Business failure Page 52 s Loss of key audit personnel Risk Management As part of managing their own business effectively, auditors should have a system of risk management in place. They should identify the risks and take steps to mitigate against these risks. For example, an auditor can mitigate against business risks by taking out key person (keyman) insurance and putting in place client care procedures. In general, the risk of business failure for audit firms can be mitigated by observing regulatory or professional requirements. Such requirements can be found within the International standards on auditing and the code of ethics. The standards give a good framework within which auditors can operate. This framework ensures that there is a standard level of quality and consistency between all audit firms. If the international standards on auditing are not followed by auditors, they run the risk of disciplinary action by their respective professional bodies. In addition, where there is negligence, there is also the risk of litigation and thus the risk of business failure. B. QUALITY CONTROL Auditing standards stress the importance of quality control, both at the audit firm level and the audit engagement level. ISQC1 Quality Control for firms that perform audits and reviews of historical financial information, and other assurance and related services engagements helps audit firms establish quality standards for their own business, while ISA 220 Quality Control for audits of historical financial information requires firms to implement quality control procedures over individual audit assignments. Quality control at firm level ISQC1 (11) establishes that the firm should establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with professional standards and regulatory and legal requirements, and that reports issued by the firm or engagement partners are appropriate in the circumstances. A system of quality control consists of policies designed to achieve the objectives and the procedures necessary to implement and monitor compliance with those policies. All quality control policies and procedures should be documented and communicated to the firm’s personnel (ISQC1(17)). Elements of a system of quality control: • Leadership responsibilities for quality within the firm • Ethical requirements • Acceptance and continuance of client relationships and specific engagements Page 53 s • • • Human resources Engagement performance Monitoring Leadership The aim is to instill such policies and procedures in that the internal culture of the firm is one where quality is essential and should be considered to be the norm. Leadership must come from the top down and with that in mind the standard recommends that a senior management person should assume the overall responsibility. ISQC1(19) sets out that any person assigned the overall responsibility for a firm’s quality control system should have sufficient and appropriate experience and ability and the necessary authority to assume that responsibility. Ethics The firm should establish policies and procedures designed to provide it with reasonable assurance that the firm and its personnel comply with relevant ethical requirements. Such ethical requirements include the fundamental principles of integrity, objectivity, professional competence & due care, confidentiality and professional behaviour. Acceptance and continuance of client relationships and specific engagements A firm should establish policies and procedures for the acceptance and continuance of client relationships and specific engagements. They should be designed to provide it with reasonable assurance that it will only undertake or continue relationships and engagements where it has considered (1) the integrity of the client and does not have information that would lead it to conclude that the client lacks integrity, (2) is competent to perform the engagement, (3) has the capabilities, time and resources to do so and (4) can comply with ethical requirements. Human Resources An audit firm’s desire for quality will require policies and procedures on ensuring excellence in its staff. It should have sufficient personnel with the necessary experience, competence and ethical principles necessary to perform audits in accordance with the professional standards and regulatory and legal requirements. Such policies and procedures will address the following issues: • Recruitment • Performance evaluation • Capabilities • Competence • Career development • Compensation • Estimation of personnel needs Page 54 s Capabilities and competence can be developed through: • Professional education • Continuing professional development and training • Work experience • On the job training Engagement performance ISQC1(32-47) states that the firm should establish policies and procedures designed to provide it with reasonable assurance that engagements are performed in accordance with professional standards and regulatory and legal requirements, and that the firm or the engagement partner issues reports that are appropriate in the circumstances. Through its policies and procedures, the firm seeks to establish the consistency in the quality of engagement performance. This is often accomplished through written or electronic manuals, software tools or other forms of standardized documentation. Ensuring good engagement performance involves a number of issues: • Direction • Supervision • Review • Consultation • Resolution of disputes Consultation In ISQC1.34 the firm should establish policies and procedures designed to provide it with reasonable assurance that: • Appropriate consultation takes place on difficult or contentious matters • Sufficient resources are available to enable appropriate consultation • The nature and scope of such consultations are documented • Conclusions resulting from consultations are documented and implemented Where an audit firm is small, this may necessitate external consulting. Resolution of disputes A firm should establish policies and procedures for dealing with and resolving differences of opinion. Quality control review A firm should establish policies and procedures requiring, for appropriate engagements, a quality control review that provides an objective evaluation of significant judgments made on an assignment and the conclusions reached in forming an opinion on a set of accounts. An audit firm must have standards as to what constitutes a suitable quality control review. These standards should cover: • The nature, timing and extent of such a review, Page 55 s This could be discussions with an engagement partner, a review of financial statements and consideration of whether reporting is appropriate. May involve some selective review of working papers particularly where there was significant judgment applied, • The criteria of eligibility of the reviewer, The individual selected should have sufficient technical expertise and should be objective. • The documentation required It should show that the review was competed before the audit report is signed off. In respect of a listed company, a quality control review must be carried out before the audit report is signed off. In respect of a listed company, a review should consider: • The engagement teams evaluation of independence • Significant risks identified and the responses to those risks • Judgments with respect to materiality and significant risks • Whether appropriate consultation has taken place • Significance of misstatements identified, both amended and un-amended • Matters to be communicated to management • Whether selected working papers support conclusions reached • Whether report to be issued is appropriate Monitoring Firms must have policies and procedures in place to ensure that their quality control system is: • Relevant • Adequate • Operating effectively • Complied with in practice In order to achieve the objectives, a firm must monitor the quality control system. This should be reported to the management of the firm on an annual basis. Types of monitoring activities: • Ongoing evaluation and/or • Periodic inspection of selected audits Deficiencies found may be one-offs, but systematic or repetitive deficiencies will require corrective action such as: • Taking appropriate remedial action relating to an individual • Changes to the quality control system • Pointers to the training dept. • Disciplinary action against those who fail to comply with the policies and procedures Page 56 s Quality control at audit engagement level ISA 220.2 states that the engagement team should implement quality control procedures that are applicable to the individual audit engagement. This standard applies the principles laid down in the ISQC1. The engagement partner should • Take responsibility for the overall quality on each audit engagement to which the partner is assigned. • Consider whether members of the engagement team have complied with ethical requirements. • Form a conclusion on compliance with independence requirements that apply to the audit engagement. • Be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and specific audit engagements have been followed, and that conclusions reached in this regard are appropriate and have been documented. • Be satisfied that the engagement team has the appropriate capabilities, competence and time to perform the audit engagement in accordance with professional standards and regulatory and legal requirements, and to enable an auditor’s report that is appropriate in the circumstances. • Take responsibility for the direction, supervision and performance of the audit engagement in compliance with professional standards and regulatory and legal requirements. Engagement performance ISA 220.21 states that the engagement partner should take responsibility for the direction, supervision and performance of the audit engagement in compliance with professional standards and regulatory and legal requirement, and for the auditor’s report that is issued to be appropriate in the circumstances. The audit engagement can be directed by informing members of the team of: • Their responsibilities such as maintaining an objective state of mind, an appropriate level of professional scepticism and performing the work in accordance with due care. • The nature of the entity’s business • Risk related issues • Problems that may arise • The detailed approach to the performance of the engagement. Supervision includes: • Tracking the progress of the engagement • Considering the capabilities and competence of members of the team, whether they have sufficient time, they understand their instructions, and whether the work is being carried in accordance with the planned approach. • Addressing significant issues as they arise, considering their significance and modifying the planned approach appropriately. Page 57 s • Identifying matters for consultation by more experienced engagement team members during the engagement. Review responsibilities are determined on the basis that the more experienced members of the audit engagement, review work performed by less experienced persons. The reviewers consider whether: • The work has been performed in accordance with professional standards • Significant matters have been raised for further consultation. • Appropriate consultations have taken place and the consultations have been documented and implemented. • There is a need to revise the nature, timing and extent of the work performed. • The work performed supports the conclusions reached and is appropriately documented. • The evidence obtained is sufficient and appropriate to support the auditor’s report. • The objectives of the audit engagement procedures have been achieved. Before the auditor’s report is issued, the engagement partner, through review of the audit documentation and discussion with the engagement team, should be satisfied that sufficient appropriate audit evidence has been obtained to support the conclusions reached and for the audit report to be issued. When difficult or contentious issues arise, the team should consult on the matters and document the conclusions. If the differences arise as between partner and audit team, or partner and quality control reviewer, the differences should be resolved according with the firm’s policies. In some circumstances, it may be appropriate for the engagement team to consult outside the firm, for example, where the firm lacks the internal resources. Quality control review For audits of financial statements of listed companies, the engagement partner should: • Appoint a quality control reviewer. • Discuss with the reviewer significant matters which have arisen during the audit. • Not issue the audit report until completion of the review. Monitoring The engagement partner should consider: • Whether deficiencies noted from the results of the firm’s monitoring process may affect the audit engagement. • Whether the measures the firm took to rectify the situation are sufficient in the context of the audit. A deficiency in the firm’s system of quality control does not indicate that a particular audit engagement was not performed in accordance with professional standards. Page 58 s C. WHAT ARE THE CURRENT TRENDS? There are three distinct types of audit firms. • Big four 1 • Medium sized • Small Their size is classified by their fee income earned. Mergers There is merger activity at all levels as firms attempt to consolidate their position or attempt to move up the ladder. The merger activity among the big four raises issues about monopolies. This can result in reduced choices for larger clients. Also, conflicts of interest may arise. The current debate about the audit exemption limits under certain jurisdiction regulationsand the fact that it is going to rise substantially could have a significant impact on the client base of small audit firms. They may be forced to merge to compete for the larger audit clients. Globalization This concerns the big four and the larger of the medium sized firms. There are two approaches to globalization: • Affiliation Mainly affects the big four. It allows a brand name to develop. • Co-operation Mainly affects the medium firms. It is international co-operation through a network of sister companies. The benefits of globalization are that audit firms can now meet the needs of international companies. However, there can be dramatic knock on effects for international firms e.g. Andersens (Enron’s auditors). Divesting Services Consultancy is one of the key services which have been divested from the audit firms. The independence ethics are certainly fuelling this. Quality Control Regulations These regulations impact differently on large and small firms. Small firms may need to hire external experts. 1 Being PricewaterhouseCoopers (PwC), Deloittes, KPMG and Ernst & Young. All are in Rwanda Page 59 s D. CORPORATE GOVERNANCE In the previous sections we looked at frameworks within which audit firms operated. Now, we will look at frameworks, for client companies, to ensure that they deal fairly with their members. A string of high profile scandals and frauds in the 1980’s and the 1990’s forced for example, the UK government to set up voluntary codes of best practice to enforce good practice by directors and to communicate the adherence to good practice by management to the shareholders. It was vital that companies were managed well i.e. there was good corporate governance. For example: The Cadbury report (in the UK) defines Corporate Governance as: “The system by which companies are directed and controlled”. Why is good corporate governance important? Shareholders and managers are usually separate in a company and it is important that the management of a company deals fairly with the investment made by the owners. In smaller companies, shareholders are fully informed about the management of the business as they are often the directors themselves. However, in large companies the day to day running of a company is the responsibility of the directors. Shareholders only get a look-in at the Annual Meeting. In addition, auditors only report on the truth and fairness of financial statements. They do not report on how the shareholders’ investment is being managed and whether their investment is subject to fraud. Codes of best practice Two prominent codes have been formed and are considered best practice in modern times. 1. The Cadbury report 2. The Combined code The Cadbury Report The Cadbury report was issued in 1992. Its terms of reference considered: • The responsibilities of executive and non-executive directors and the frequency, clarity and form in which information should be provided to shareholders. • The case for audit committees, their composition and role. • The responsibilities of auditors and the extent and value of the audit. • The links between auditors, shareholders and the directors. The Cadbury report was aimed at directors of all UK PLCs, but directors of all companies are encouraged to apply the code. Directors should state in the financial statements, normally through the directors’ report, whether they comply with the code and must give any reasons for non-compliance. Page 60 s The Cadbury report covered a number of areas including the board of directors, nonexecutive directors, executive directors and the audit function. Some of the provisions include: Board of Directors • They should meet on a regular basis. • They should have clearly accepted divisions of responsibilities, so no one person has complete power. • The posts of chairman and CEO should be separate. • Decisions which require a single signature or several signatures need to be laid out in a formal schedule and procedures must be put in place to ensure that the schedule is followed. It will probably include material acquisitions and disposals of company assets, investments, capital projects, borrowings and foreign currency transactions. Non-executive directors • They are not involved in the day to day running of the company and should bring their independent judgment to bear in the affairs of the company. Such affairs may include key appointments and standards of conduct. • There should be no business or financial connection between the company and the nonexecutive directors other than fees and a shareholding. • Their fees should reflect the time they spend on the business. • They should not participate in share option schemes or pension schemes. • Appointments of non-executive directors should be for a specific term and automatic re-appointment is discouraged. • Procedures should exist whereby they may take independent advice. • A remuneration committee consisting of non-executive directors should decide on the level of pay for executive directors. Executive directors • They run the company on a day to day basis and should have service contracts in place of not more than three years in length, unless approved by the shareholders. • Directors’ emoluments should be fully disclosed in the accounts and should be analysed between salary and performance based pay. Audit • The code states that the audit is the cornerstone of corporate governance. It is an objective and external check on the stewardship of management. • Some flaws exist in the framework for auditing, such as choices in accounting treatments, poor links between shareholders and auditors, price competition between audit firms and the “expectations gap” between auditors and the public. • Disclosing fees for audit in the financial statements should safeguard against the threat of objectivity where auditors offer other services to their audit clients. • Formal guidelines concerning audit rotation should be drawn up by the accounting profession. • The accountancy profession should be involved in setting criteria for the evaluation of internal control. Page 61 s • There is a need for auditors to report on going concern. This is now reflected in auditing standards. The Cadbury code is quite detailed and could be cumbersome for small companies. With this in mind a special version was formed for small listed companies (Cisco code). Reduction in required numbers of non-executive directors and the non- requirement to split roles of CEO and chairman are the main differences. The Combined Code For example the UK stock exchange issues guidance on a regular basis. In 1998, it issued the combined code. This combined key guidance from various reports including the Cadbury report into the one code. Some of its principles included: • Every company should have an effective board. • There should be clear divisions of responsibilities at board level. • There should be an appropriate balance of executive and non-executive directors. • A formal procedure for appointments to the board should exist. • The board should receive timely information in order to discharge its duties. • All directors should maintain and upgrade their skills and knowledge. • There should be an annual evaluation of its own performance. • All directors should be submitted to re-election at appropriate time intervals. • There should be appropriate levels of remuneration that is sufficient to attract, retain and motive individuals of the necessary quality required. • A significant portion of pay should be performance related. • A formal procedure for the fixing of pay levels should exist and no director should have a hand in fixing his/her own pay. • The board should present a balance assessment of the company’s performance. • The board should implement a good system of internal control. • The board should have meaningful communication with the shareholders and should use the Annual Meeting to communicate with investors. For example the UK Stock exchange rules require that the annual report includes a statement of how a company has applied the principles of the combined code and must disclose whether there has been compliance with those principles. Auditors should review this statement. Although the stock exchange rules require the code to be complied with, there is no statutory duty for companies to do so. It is in fact a voluntary code. This allows for flexibility in its application although shareholders will be aware of the position due to the disclosure requirements. There is a view though that the disclosure of non-compliance is insufficient as the Annual Meeting is not sufficient protection for shareholders. In addition, being a voluntary code allows companies to opt out to the detriment of their shareholders and there are companies which, while unlisted, should be encouraged to apply the codes. Page 62 s Making the code obligatory may create an excessive burden of requirement especially for smaller companies. Audit Committees Audit committees are generally made up of non-executive directors. They are perceived to increase confidence in financial reports. Recommendations contained in the combined code include • Audit committee should comprise at least three non-executive directors (two for smaller companies). • Its main role and responsibilities should be clearly set out in written terms of reference. • The committee should be provided with sufficient resources to undertake its duties. Role and responsibilities • To monitor the integrity of the financial statements and other formal announcements. • To review the internal financial controls and the company’s control and risk management systems. • To monitor and review the effectiveness of the internal audit function. • To make recommendations regarding the appointment of external auditors and their remuneration. • To monitor and review the external auditor’s independence and objectivity. • To develop and implement policy on the engagement of the external auditor in other non-audit services. Advantages of an audit committee • Provides an independent point of contact for the external auditor, particularly in the event of disagreements. • Can create a climate of discipline and control. • Increased confidence in the credibility and objectivity of financial reports, by increasing the quality of the financial reporting and enabling the non-executive directors to contribute an independent judgment. • Internal auditors can report directly to the committee thereby providing a greater degree of independence from management. • The existence of such a committee should make the executive directors more aware of their duties and responsibilities. • Can act as a deterrent to fraud or illegal acts by executive directors. Disadvantages of an audit committee • Can be difficult to source sufficient non-executive directors with the necessary competence to be effective. • Auditors may not raise issues of judgment where there are formalised reporting procedures. • Costs may increase. • Findings are generally not made public, so it is not always clear what they actually do. Page 63 s Internal control effectiveness Internal control is an essential tool in having good corporate governance. The directors of a company are responsible for putting in place an effective system of internal control. An effective system of internal control will help management safeguard the assets of a company, prevent and detect fraud and therefore, safeguard the shareholders’ investment. In addition, it helps ensure reliability of reporting and compliance with laws. The use of the word help denotes the fact that there are inherent limitations in any system of internal controls and as such there can be no such thing as absolute assurance. The directors need to set up internal control procedures and need to monitor these to ensure that they are operating effectively. The system of internal control will reflect the control environment which depends a lot on the attitude of the directors towards risk. A company may decide to set up an internal audit function to monitor and assess the system of internal control. The combined code recommends that the board of directors reports on the review of internal controls. This assessment should cover the changes in risks which the company faces and its ability to respond to these changes, the scope and quality of management’s monitoring of risk and internal control and the extent and frequency of reports to the board. It should also assess the significant controls, failings and weaknesses that might have a material impact on the accounts. Auditors should assess the review carried out by the directors. They should assess whether the company’s summary of the process of review is supported by documentation prepared by the directors and that it reflects that process. This review is not as defined as an audit. Therefore, it is only possible to give limited assurance. For this reason, the auditors are not expected to assess whether the director’s review covers all risks and controls and whether the risks are satisfactorily addressed by the internal controls. In order to avoid any misunderstandings, a paragraph is inserted into the audit report setting out the scope of the auditor’s role. Auditors should bring to the attention of directors any material weaknesses they find in the system of internal control. Auditors may report by exception if problems arise such as: • The auditors understanding of the review process differs somewhat from what the board says. Page 64 s • The processes that deal with material internal control aspects do not reflect what the auditor believes. • The board failing to make appropriate disclosures, failing to conduct a review or makes disclosures which are not consistent with what the auditor already knows. E. LAW AND REGULATION The previous sections referred to codes which, by and, large are voluntary codes. Companies, however, are statutory bound to comply with laws and regulations. Some of the laws and regulations affecting companies are: • Company law • Health and safety regulations • Employment law • Civil law, both tort and contract • Environmental law and regulation • Customary law where not covered by statute ISA 250: consideration of laws and regulations in an audit of financial statements establishes standards and guidance on the auditor responsibilities to consider laws and regulations in an audit of financial statements. ISA 250.2 states that when designing and performing audit procedures and in evaluating and reporting the results thereof, the auditor should recognise that non-compliance by the entity with laws and regulations may materially affect the financial statements. As with the system of internal control, an audit cannot be expected to detect non-compliance with all the laws and regulations applicable to a company. Detection, regardless of materiality, requires consideration of the implications for the integrity of management or employees and the possible effect on other aspects of the audit. Non-compliance can be intentional or unintentional acts of omission or inclusion by the entity. Non-compliance is a legal determination and is beyond the auditor’s professional competence and while an auditor’s experience and training may well provide a basis for recognition, ultimately, it can only be determined by a court of law. The further removed the non-compliance is from the events and transactions normally reflected in the financial statements, the less likely the auditor is to become aware of it or recognise non-compliance. Responsibility of Management It is management’s responsibility to ensure that the entity’s operations are conducted in accordance with laws and regulations. The responsibility for the prevention and detection of non-compliance rests with management. Page 65 s The following policies and procedures may assist management in discharging its responsibilities: • Monitoring legal requirements and ensuring that operating procedures are designed to meet these requirements. • Instituting and operating appropriate internal control. • Developing, publicising and following a code of conduct. • Ensuring employees are properly trained and understand the code of conduct. • Monitoring compliance with the code of conduct and acting appropriately to discipline employees who fail to comply with it. • Engaging legal advisors to assist in monitoring legal requirements • Maintaining a register of significant laws with which the entity has to comply within its particular industry and a record of complaints. In larger companies, these policies and procedures may be supplemented by an internal audit function and an audit committee possibly split between a legal dept. and a compliance function. Directors of the company have responsibility to provide information required by the auditor, to which they have a legal right of access. Such legislation also provides that it is a criminal offence to give the auditor information or explanations which are misleading, false or deceptive. The auditor’s consideration The auditor cannot be held responsible for preventing non-compliance, although an annual audit may act as a deterrent. Even though an audit is properly planned and performed in accordance with standards, there is the unavoidable risk that some material misstatements will not be detected in the financial statements. The risk is higher with regard to material misstatements resulting from noncompliance with laws and regulations due to factors such as: • There are many laws and regulations that typically do not have a material effect on the financial statements (mainly operational aspects) and are not captured by the entity’s information systems. • The effectiveness of audit procedures is affected by the inherent limitations of internal control and the use of testing. • Much of the audit evidence obtained is persuasive rather than conclusive. • Non-compliance may involve conduct designed to conceal it, such as collusion, forgery, omission, senior management override of controls or intentional misrepresentations made to the auditor. ISA250(12 -17) states that auditors should plan and perform the audit with an attitude of professional scepticism recognising that the audit may reveal conditions or events that would lead to questioning whether an entity is complying with laws and regulations. The auditor would test for compliance with specific laws and regulations only if engaged to do so. Page 66 s In order to plan the audit, the auditor should obtain a general understanding of the legal and regulatory framework applicable to the entity and the industry and how the entity is complying with that framework. The auditor should recognise that some laws may give rise to business risks that have a fundamental effect on the operations of the entity. For example, non-compliance with the licensing laws relating to a bank could force it out of business. One of the most difficult distinctions in practice is deciding which laws are central to which businesses and when. To obtain a general understanding of laws and regulations, an auditor would ordinarily: • Use the existing understanding of the entity’s industry, regulatory and other external factors. • Inquire of management concerning their policies and procedures regarding compliance and as to the laws and regulations that may be expected to have a fundamental effect on the operations of the entity. • Discuss with management the policies or procedures adopted for identifying, evaluating and accounting for litigation claims and assessments. • Discuss the legal and regulatory framework with auditors of subsidiaries. ISA25018-29 lays out that, after obtaining the general understanding, the auditor should design procedures to help identify possible or actual instances of non-compliance with the laws and regulations, which are central to the entity’s ability to conduct its business and hence to its financial statements. Further, the auditor should obtain sufficient, appropriate audit evidence about compliance with those laws and regulations, which the auditor recognises as having an effect on the determination of material amounts and disclosures in the financial statements. Some of the laws and regulation include ones which prohibit a company from making distributions except out of distributable profits and laws which require the auditor to expressly report on non-compliance such as maintenance of proper books of account or disclosures of directors’ remuneration. Other than those mentioned above, the auditor does not perform other audit procedures on the entity’s compliance since this would be outside the scope of the audit. The auditor should be alert to the fact that audit procedures applied for the purposes of forming an opinion on the financial statements, such as reading of minutes, may highlight possible instances of non-compliance. In addition, non-compliance issues might incur obligations for audit firms to report money laundering offences. It should be noted though that there is a distinction between checking systems of compliance and checking actual compliance. The auditor should obtain written representations from management that they have disclosed to the auditor all known actual or possible non-compliance with laws and regulations whose effects should be considered when preparing the financial statements. In addition, where applicable, the written representations should include the actual or contingent consequences which may arise from the non-compliance. Page 67 s In the absence of audit evidence to the contrary, the auditor is entitled to assume the entity is compliant with these laws and regulations. The auditor’s responsibility in expressing an opinion on financial statements does not extend to determining whether the entity has complied in every respect with tax legislation. The auditor only needs sufficient audit evidence to give a reasonable assurance that the tax amounts in the financial statements are not materially misstated. ISA 250 A1 – A21 gives a number of examples where non-compliance may have occurred. What to do when non-compliance is discovered When the auditor becomes aware of non-compliance, the auditor should obtain an understanding of the nature of the act and the circumstances in which it has occurred, and sufficient other information to evaluate the possible effect on the financial statements. The auditor must consider: • The potential financial consequences such as fines, penalties and/or litigation. • Whether the potential financial consequences require disclosure. • Whether these consequences are so serious they call into question the truth and fairness of the accounts. When the auditor believes there is non-compliance, he must document the findings and discuss them with management. Bear in mind that the discussions with management should be subject to compliance with legislation relating to “tipping off” particularly with any requirement to report findings direct to a third party. When adequate information about suspected non-compliance cannot be obtained, the auditor should consider the effect of the lack of sufficient appropriate audit evidence on the audit report. He should consider the implications in relation to the reliability of management representations. Reporting of non-compliance As soon as possible, the auditor should communicate with management, or obtain audit evidence that management are appropriately informed, regarding non-compliance that comes to the auditor’s attention. If in the auditor’s judgment, the non-compliance is intentional and/or material, the auditor should communicate without delay. If the auditor suspects senior management, then he should communicate to the next higher level, such as the audit committee. Failing that, he should seek legal advice. In the case of money laundering it may be appropriate to report the matter direct to the appropriate authority. Audit report implications • If the auditor concludes that the non-compliance has a material effect on the accounts and has not been properly reflected, he should express a qualified or adverse opinion. Page 68 s • If the auditor has not been able to obtain sufficient evidence to evaluate whether a material non-compliance has occurred, he should qualify his report or issue a disclaimer of opinion on the basis of a scope limitation. Third part reporting Although the auditor has a duty of confidentiality, where non-compliance gives rise to a statutory duty to report, the auditor should do so without undue delay. Withdrawal from the engagement The auditor may conclude that withdrawal is necessary when remedial action is not taken, even when the non-compliance is not material. Resignation is a step of last resort. Money Laundering Money laundering is a very hot topic in recent times. Money laundering is the process by which criminals attempt to conceal the true origin and ownership of the proceeds of their criminal activity, allowing them to maintain control over the proceeds and ultimately, providing a legitimate cover for the source of their income. Anti-money laundering legislation imposes a duty to report money laundering in respect of the proceeds of all crime. Audit firms are required to report suspicions that a criminal offence has been committed, regardless of whether the offence has been committed by a client or by a third party. In addition, they need to be alert to the danger of making disclosures that are likely to tip off a money launderer, as this is a criminal offence There is no legal right not to make a report and the auditor is not constrained by his professional duty of confidence, although in all cases any such reporting must be made in good faith. In this case, he is protected by law from having the client take a civil case against him. However, if he did not have reasonable grounds on which to make a report to a third party, he may be sued by his client for breach of confidentiality. Under legislation, all businesses (including audit firms) are required to set up systems to prevent money laundering such as: • Appointing a money laundering reporting officer, who reports direct to the Police. • Undertaking customer due diligence, mandatory verification of identification. • Reporting suspicions of money laundering. • Maintaining specific records, for a minimum period of five years. • Put in place internal controls to ensure continued compliance with the legislation • Training staff in all of these issues. Failure to do these is a criminal offence. Problems for auditors The duty of confidentiality, which will probably require further ethical guidance, is a problem for the auditor, although firms should not risk breaking the law by not reporting. Normal reporting requirements may conflict with money laundering offences. Page 69 s For example, reporting a suspicion may have a material impact on the accounts which should be disclosed to the shareholders in an audit report. However, this may be considered to be tipping off. Even resigning your position could be seen as tipping off. Question 5.1 There has been an increase in the size of audit firms and this has been a source of concern to regulators and clients. Some audit firms feel that mergers between the largest firms of auditors are necessary in order to meet the global demand for their services. However, clients are concerned that such mergers will create monopolistic market for audit services which will not be in anyone’s best interests. You are required to explain why: 1. The larger audit firms might wish to merge. 2. These mergers have the potential to create problems. Question 5.2 A key risk facing audit firms is that their business will fail. What factors causes this risk? Question 5.3 Explain how an audit can be lost due to its size. Question 5.4 Read Ltd carries on a wholesale book operation. To the end of 2010 the growth in turnover to RWF25m has continued to match the rate of inflation. Costs have been contained by reducing staff numbers from 96 to 90. The asset turnover is holding at five times. The accountant has prepared draft accounts and has included a directors’ responsibilities statement. “The directors are required by company law to prepare financial statements for each financial period which give a true and fair view of the state of affairs of the group as at the end of the financial period and of the profit and loss for that period. In preparing the financial statements, suitable accounting policies have been used and applied consistently, and reasonable and prudent judgment and estimates have been made, applicable accounting standards have been followed. The directors are also responsible for maintaining adequate accounting records, for safeguarding the assets of the group and for preventing and detecting fraud and other irregularities.” On reading the statement, a director comments that the statement included aspects he had always assumed were the responsibility of the auditor and complained about all these irrelevant new rules. He requested that the accountant should prepare a memo for the board of directors what is going on. Page 70 s Assume you are the accountant and draft a memo for the board explaining: 1. The background to the directors’ responsibilities statement and its inclusion in the annual report 2. What is meant by a true and fair view and how the board can assess whether the financial statements give a true and fair view and recommend adequate steps for safeguarding the assets and preventing and detecting fraud. Page 71 s BLANK Page 72 Study Unit 6 Audit Planning and Strategy Contents A. B. C. D. E. F. G. H I. J. Audit Planning Materiality Risk The Risk Approach Systems and Controls Cycles and Transactions Balance Sheet Approach Directional Testing Analytical Procedures Sample Questions Page 73 s AUDIT PLANNING AND STRATEGY A. AUDIT PLANNING ISA 300: planning an audit of financial statements establishes standards and guidance on the considerations and activities applicable to planning an audit. The auditor should: • Plan the audit so that the engagement will be performed in an effective manner. • Perform certain procedures at the beginning of the audit, namely, the continuance of the client relationship, evaluation of compliance with ethical requirements including independence and establishing an understanding of the terms of the engagement. • Establish the overall audit strategy and set out the scope, timing and direction of the audit. • Develop an audit plan in order to reduce audit risk to an acceptably low level. • Update and change the audit strategy and plan as necessary during the course of the audit. • Plan the nature, timing and extent of direction and supervision of the audit team and a review of their work. • Document the overall audit strategy and the audit plan, including any significant changes made during the audit engagement. • Prior to starting an initial audit, perform procedures regarding the acceptance of the client relationship and the specific audit engagement, and communicate with the previous auditor in compliance with relevant ethical requirements. Adequate planning helps to ensure that: • Appropriate attention is devoted to the important areas • Potential problems are identified and resolved on a timely basis • The audit engagement is properly organised and managed • There is proper assignment of work to engagement members • There is direction and supervision of team members and review of their work • There is proper co-ordination of work done by experts. The nature and extent of planning activities will vary according to the size and complexity of the entity, the auditor’s previous experience with the entity and changes in circumstances that occur during the audit engagement. The establishing of the overall strategy involves considering the important factors that will determine the focus of the audit team’s effort, such as the: • The determination of appropriate materiality levels, • Preliminary identification of areas where there may be higher risks of material misstatement, • Preliminary identification of material components and account balances, • Evaluation of whether the auditor may plan to obtain evidence regarding the effectiveness of internal control, • The identification of recent significant entity-specific, industry, financial reporting or other relevant developments. Page 74 s The appendix of ISA 300 sets out examples of matters the auditor may consider in establishing the overall audit strategy. It is split between the scope of the audit engagement, the reporting objectives, timing of the audit and communications required and the direction of the audit. ISA 315: Understanding the entity and its environment and assessing the risks of material misstatement establishes standards and guidance on obtaining an understanding of the entity and its environment including its internal control, and on assessing the risks of material misstatement in a financial statement audit. The auditor should: • Obtain an understanding of the entity and its environment, including its internal control. This understanding should be sufficient to identify and assess the risks of material misstatement of the financial statements whether due to fraud or error, and it should be sufficient to design and perform further audit procedures. The auditor may obtain this understanding through: - Performing risk assessment procedures such as inquiries of management and others within the entity, analytical procedures, and observation and inspection. - Determining whether changes have occurred that may affect the relevance of information, obtained in prior periods, in the current audit. - Ensuring that members of the engagement team discuss the susceptibility of the entity’s financial statements to material misstatements. • Obtain an understanding of relevant industry, regulatory, and other external factors including the applicable financial reporting framework. • Obtain an understanding of the nature of the entity, such as its operations, ownership, governance, types of investments it is making, structure and financing. • Obtain an understanding of the entity’s selection and application of accounting policies and consider whether they are appropriate for its business and consistent with the applicable financial reporting framework and accounting policies used in the relevant industry. • Obtain an understanding of the entity’s objectives and strategies, and the related business risks that may result in material misstatements of the financial statements. • Obtain an understanding of the measurement and review of the entity’s financial performance such as internal management information (budgets, variance analysis, dept. reports) and external information (analyst’s reports and credit rating agency reports). When the auditor intends to make use of the performance measures, he should consider whether the information provides a reliable basis and is sufficiently precise for such a purpose. • Obtain an understanding of internal control relevant to the audit. This involves evaluating the design of a control and determining whether it has been implemented. Not all controls are relevant to the auditor’s risk assessment. • Obtain an understanding of the control environment. The control environment sets the tone of an organisation, influencing the control consciousness of its people. It is the foundation for effective internal control, providing discipline and structure. • Obtain an understanding of the entity’s process for identifying business risks relevant to financial reporting objectives and deciding about actions to address those risks, and the results thereof. Page 75 s • Obtain an understanding of the information systems, including the related business processes, relevant to financial reporting. • Understand how the entity communicates financial reporting roles and responsibilities and significant matters relating to financial reporting. • Obtain a sufficient understanding of control activities to assess the risks of material misstatements and to design further audit procedures responsive to assessed risks. Examples of specific control activities include authorisation, performance reviews, information processing, physical controls and segregation of duties. • Obtain an understanding of how the entity has responded to risks arising from IT. The auditor considers whether the entity has responded adequately to the risks arising from IT by establishing effective general controls and application controls. • Obtain an understanding of the major types of activities that the entity uses to monitor internal controls over financial reporting, including those related to those control activities relevant to the audit, and how the entity initiates corrective actions to its controls. • Identify and assess the risks of material misstatements at the financial statement level, and at the assertion level for classes of transactions, account balances and disclosures. • Determine which of the risks identified require special audit consideration. In considering the nature of the risks, the auditor should consider the risk of fraud, relationship to recent developments, complexity of transactions, significant related transactions, the degree of subjectivity and the existence of unusual transactions. Routine, non-complex transactions are less likely to give rise to significant risk than unusual transactions because the latter have probably more management intervention or complex accounting principles. • Inform management as soon as is practicable, and at an appropriate level of responsibility, of material weaknesses in the design or implementation of internal controls which come to the auditor’s attention. • Document the discussion among the audit team of the susceptibility of the entity’s accounts to material misstatements and significant decisions reached, key elements of the understanding obtained of the entity, identified and assessed risks of material misstatement and the risks identified and related controls evaluated. Risk assessment procedures The auditor may consider making inquiries of the entity’s legal counsel or of valuation experts. Reviewing information obtained from external sources such as reports by analysts, banks or other rating agencies, trade and economic journals may also be useful in obtaining information about the entity. Although much of the information can be obtained from management and those responsible for financial reporting, inquiries of others such as production and internal audit personnel may be useful in providing a different prospective in identifying risks of material misstatements. Observation and inspection may support inquiries of management. Such audit procedures include: Page 76 s • • • • • Observation of activities and operations Inspection of documents and records Reading reports prepared by management Visits to premises and plant facilities Carrying out walk-through tests Controls relevant to the audit Ordinarily, controls that are relevant to an audit pertain to the objective of preparing financial statements. Controls over the completeness and accuracy of information may also be relevant if the auditor intends to make use of the information in designing and performing further procedures. Controls relating to operations and compliance objectives may be relevant if they pertain to data the auditor evaluates or uses in applying audit procedures. Information systems The auditor should obtain an understanding of the information systems, including the business processes, relevant to financial reporting, including the following areas: • The classes of transactions in the entity’s operations that are significant to the financial statements • The procedures, within both IT and manual systems, by which those transactions are initiated, recorded, processed and reported in the financial statements • The related accounting records, whether electronic or manual, supporting information, and specific accounts in the financial statements, in respect of initiating, recording, processing and reporting transactions • How the information systems capture events and conditions, other than classes of transactions, that are significant to the financial statements • The financial reporting processes used to prepare the entity’s financial statements, including significant accounting estimates and disclosures. IT controls General IT controls are policies and procedures that relate to many applications and support the effective functioning of such controls by helping to ensure the continued proper operation of information systems. These controls maintain the integrity of information and security of data and include: • Data centre and network operations • System software acquisition, change and maintenance • Access security • Application system acquisition, development and maintenance • Encryption Application controls are manual or automated procedures that typically operate at a business process level. They can be preventative or detective in nature and are designed to ensure the integrity of the accounting records. Examples include: • Edit checks of input data Page 77 s • Numerical sequence checks Assessing the risks of material misstatement The auditor should: • Identify risks throughout the process • Relate the risk to what can go wrong at the assertion level • Consider whether the risks are of a magnitude that could result in a material misstatement in the financial statements • Consider the likelihood that the risks could result in a material misstatement of the financial statements. A1- A 134 ISA 315 provides additional guidance on understanding the entity and its environment and lays out conditions and events that may indicate risks of material misstatement. ISA 330: The auditor’s procedures in response to assessed risks establishes standards and provides guidance on determining overall responses and designing and performing further audit procedures to respond to the assessed risks of material misstatements. The standard requires the auditor to determine overall responses to address risks of material misstatement at the financial statement level and provides guidance on the nature of those responses. The auditor is required to design and perform further audit procedures, including tests of the operating effectiveness of controls, when relevant or required, and substantive procedures, whose nature, timing, and extent are responsive to the assessed risks of material misstatement at the assertion level. In addition, this section includes matters the auditor considers in determining the nature, timing, and extent of such audit procedures. The auditor is required to evaluate whether the risk assessment remains appropriate and to conclude whether sufficient appropriate audit evidence has been obtained. The standard establishes related documentation requirements. In order to reduce the audit risk to an acceptably low level, the auditor should determine overall responses to assessed risks at the financial statement level. Overall responses may include: • Emphasising to the audit team of the need to maintain professional scepticism • Assigning more experienced staff or hiring expert help when needed • Providing more supervision • Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed • Making changes to the nature, timing, or extent of audit procedures The assessment of the risk of material misstatement is affected by the auditor’s understanding of the control environment. Page 78 s An effective control environment may allow an auditor to have more confidence in internal control and the reliability of audit evidence generated internally within the entity. If there are weaknesses in the control environment, the auditor: • conducts more audit procedures as at the period end rather than at an interim date, • seeks more extensive audit evidence from substantive procedures, • modifies the nature of audit procedures to obtain more persuasive audit evidence, • Increases the number of locations to be included in the audit scope. The evaluation of the control environment will help the auditor determine whether there should be a substantive or a combined approach (tests of controls and substantive procedures). In designing further audit procedures, the auditor should consider: • the significance of the risk • the likelihood that a material misstatement will occur • the characteristics of the class of transactions or account balances • the nature of specific controls and in particular whether they are manual or automated • Whether the auditor expects to obtain evidence to determine if controls are effective in preventing, or detecting and correcting material misstatements. The nature of further audit procedures refers to their: • Purpose: Tests of controls or substantive procedures; • Type: Inspection, observation, inquiry, confirmation, recalculation, re-performance, analytical procedures. Certain audit procedures may be more appropriate for some assertions. The selection of the procedure is based on the assessment of risk. The higher the risk, the more reliable and relevant is the audit evidence from substantive tests. The auditor may perform audit procedures at an interim date or at period end (timing). The higher the risk, the more likely the auditor will perform substantive tests nearer to or at the period end. Certain audit procedures can only be performed at or after the period end, such as agreeing the financial statements to the accounting records and examining adjustments made during the course of preparing the financial statements. The extent (sample size or number of observations) is determined by the judgement of the auditor after considering: • Materiality • Assessed risk • Degree of assurance required Page 79 s The auditor is required to perform tests of controls when the auditor relies on the effectiveness of controls or when substantive tests alone do not provide sufficient appropriate audit evidence. The auditor should perform other audit procedures in combination with inquiry to test the operating effectiveness of controls. Irrespective of the assessed risk of material misstatements, the auditor should design and perform substantive tests for each material class of transaction, account balance and disclosure. Remember, an auditor’s assessment of risk is judgemental and there are inherent limitations to internal control. The auditor’s substantive procedures should include the following related to the financial statement closing process: • Agreeing the financial statements to the underlying accounting records and • Examining material journal entries and other adjustments made during the course of preparing the financial statements. Where an auditor determines that an assessed risk at the assertion level is a significant risk, he should perform substantive procedures that are specific to that risk. The auditor should perform audit procedures to evaluate whether the overall presentation of the financial statements, including the related disclosures, are in accordance with the applicable financial reporting framework. Based on the audit procedures performed and the audit evidence obtained, the auditor should evaluate whether the assessments of the risks at the assertion level remain appropriate. He should conclude whether sufficient appropriate audit evidence has been obtained to reduce to an acceptably low level the risk of material misstatement in the financial statements. Where it is not sufficient and the auditor is unable to obtain further evidence, he should express a qualified opinion or a disclaimer of opinion. Finally, the auditor should document the overall responses to address the risks and the nature, timing and extent of the further audit procedures and the results thereof. In addition, where there is reliance on controls, the auditor should document the conclusions reached with regard to relying on such controls that were tested. General planning matters When planning an audit you also need to consider some admin matters: Audit Staff Have the staff got the correct level of qualifications and experience. Do they have specialist skills that may be required. What about the staff’s relationship among themselves and with client staff. Are staff available and what about travel arrangements. Page 80 s Client management Continuity of staff is often important to client companies. Also, consistency of staff may help audit efficiency. Location of audit Need to consider the distance for audit staff to travel, the staff’s mobility and the location of the review by manager. Multiple locations often require some decision as to which locations should be visited, the allocation of your staff to these locations and managing the visits to each selected sites. Deadlines Key deadlines are stock-counts, date of draft accounts available, main audit visit, audit manager review, partner review, audit clearance meeting, audit report to be signed and date of Annual Meeting. It is important to plan the work so that these deadlines can be achieved. Use of IT Need to consider whether the client has a computerised system and whether the auditor will use CAATs 2. Will the auditor use computers to complete the working papers and communicate with the partner. Time budgets These are an important part of planning. Times should be estimated accurately and communicated to the audit team. The audit team should record variances with the budget for planning purposes for the next audit. The budget will be based on prior year records, risk assessments and materiality. Example of an outline audit plan Initial visit If this is a new client, this visit should occur as soon as possible after the terms of the engagement have been agreed between the client and the audit partner. This visit is essential in building up a background about the client company in order to assist in the detailed planning of the audit. The auditor will use techniques such as inquiry, observation and review of documentation in order to understand details about the company such as: • The development and past history • The nature of the environment in which it operates • Products and processes • Organisational plans • Accounting and internal controls in operation • The maintenance of accounting records. In respect of the internal controls, it would be expected to carry out walkthrough tests to confirm the operation of the controls as described. If this is an existing client, the visit may 2 CAAT - Computer aided auditing techniques Page 81 s simply take the form of a brief meeting, or simply be a phone call, to establish any changes since the previous audit in respect of the company’s operations or environment. Interim Visit Ideally this visit should take place close to the year end. The purpose of this visit is to carry out detailed tests on the client’s accounting and internal controls with a view to establishing those controls on which you can rely. Where controls are operating effectively, restricted only substantive procedures need be carried out. Where controls are ineffective in practice, more extensive substantive tests will need to be carried out At this stage, if any weaknesses in controls have been noted, it may be appropriate to draft a letter to the client management. Final Visit This visit will take place after the accounting year end. On this visit, the detailed substantive procedures will be carried out in order to substantiate the figures in the accounting records and subsequently, the financial statements. After an overall review of the financial statements, the auditor will be able to assess whether sufficient and appropriate evidence has been obtained in order to draw reasonable conclusions so that an opinion can be expressed on the financial statements. Examples of the work to be carried out would include: • Discussion with management of known risk areas • Attendance at stock count • Verification of assets/liabilities and income/expenditure • Follow up on outstanding interim audit issues • Review of post balance sheet events • Seek and obtain representations from management • Review financial statements • Draft an audit report B. MATERIALITY (ISA 320) An auditor should consider materiality and its relationship with audit risk when conducting an audit. In designing the audit plan, the auditor should set an acceptable materiality level. He should consider this materiality at both the overall financial statement level and in relation to classes of transactions, account balances and disclosures. Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. An item might be material due to its nature, value or impact on users of accounts. • Nature Transactions involving directors generally affect users of accounts. • Value Page 82 s Inventory stocks in a manufacturing company may represent a high percentage of current assets. • Impact An end of year journal could convert a loss into a profit, thus affecting the users of accounts. The auditor’s assessment of materiality helps the auditor to decide: • What items and how many to examine • Whether to use sampling and analytical procedures • What audit procedures can be expected to reduce audit risk to an acceptably low level. There is a relationship between materiality and the level of audit risk. The higher the material figure is set, the higher the audit risk. The auditor could compensate for this by either • Reducing the risk, where this is possible, and supporting this by carrying out extended or additional tests of control or • Reducing detection risk by modifying the nature, timing and extent of planned substantive tests. Problems • Materiality is a matter of judgement. • Some matters could fall outside the criteria, although they could affect users of the accounts. • Percentage guidelines need to be used carefully. What figure do you select to base the percentage on - Gross profit, profit before director’s salaries, assets, costs? Materiality needs to be tailored to the business and the anticipated user. There is currently an exposure draft on Materiality. The key issues are: • Clear definition of materiality, • Auditors should consider users as a whole rather than considering individual users, • More guidance on the use of percentage benchmarks, • Requires auditors to communicate all discovered misstatements to management, • Setting a level doesn’t mean that some matters should be ignored. C. RISK Auditors should assess the risk of material misstatements arising in the financial statements and carry out procedures in response to assessed risks. Page 83 s Risk can be analysed as follows: Overall risk Audit risk Risk of material misstatement Business risk Detection risk Financial risk Inherent risk Operational risk Compliance risk Control risk Overall risk is split into audit risk and business risk. Audit risk is sometimes known as assignment or engagement risk. It is focused on the financial statements of the business. Inherent risk is the susceptibility of an account balance or class of transaction to material misstatement, irrespective of related internal controls. It may be due to the characteristics of those items such as the fact they are estimates or that they are important items in the accounts. Auditors use their professional judgment and their understanding of the client company to assess the inherent risk. Control risk is such that the clients controls fail to prevent, detect and/or correct material misstatements. Detection risk is such that the audit procedures applied by the auditor will fail to detect material misstatements. There are limitations to the audit process and detection risk relates to the inability of auditors to examine all evidence. Also, we have seen previous that audit evidence is persuasive rather than conclusive, so some detection risk always exists. The auditor’s assessment of inherent and control risk will influence the nature, timing and extent of the substantive procedures which are required to reduce the detection risk and, hence, audit risk. Examples of risk factors which affect the client: Page 84 s • Integrity and attitude to risk of management. Problems can be caused where there is domination by a single individual, • A lack of management experience and knowledge can affect the quality of financial management, • Unusual pressures on management can lead to tight reporting deadlines or market or financing expectations, • The nature of the business can lead to potential problems such as technological obsolescence or over-dependence on single products, • Industry factors such as competitive conditions, regulatory requirements, technology developments, • IT problems include lack of supporting documentation, expertise heavily dependent on a few people and potential risk of unauthorised access to systems. Examples of risk factors affecting account balances or transactions: • Areas which require prior year adjustments or require high level of estimation, • Where expert valuations are required due to complex issues, • Account balances such as cash, stock, portable assets which are prone to fraud, • The existence of high volume transactions where systems may be unable to cope, • Unusual transactions, • Major changes in staff or low morale issues. Business risk arises in the operations of a business. It is split into three distinct types: • Financial risk arising from financial activities or financial consequences such as cash flow issues, overtrading, going concern, breakdown of accounting systems, credit risk and currency risk. • Operational risks arise with regard to the operations of the business such as risk of losing a major supplier, physical disasters, loss of key personnel and poor brand management. • Compliance risks arise from non-compliance with laws and regulations within which the company operates or environmental issues. Relationship between risks Initially, it would appear that audit risk and business risk are unrelated, as audit risks are limited only to the financial statements. However, business risks include all risks facing the business and this includes inherent risks and control risks, which form part of the audit risk. Although audit risk is focused on the financial statements, business risk does form part of the inherent risk associated with the financial statements because, if such risks materialise, then the whole going concern basis of the business could be affected and this has major implications for the financial statements. D. THE RISK APPROACH Risk is a key issue in any audit and the most common approach to carrying out an audit incorporates a recognition of those risks. This is called the risk-based approach. There are other approaches and other techniques and the risk based approach is used in conjunction with these other approaches. Page 85 s Auditors apply judgment to determine what level of risk pertains to different areas of a client’s system and devise appropriate audit tests. Risk-based auditing ensures that the greatest effort is directed at those areas of the financial statements that are most likely to be misstated. The chance of detecting errors is therefore improved and time is not wasted on testing safe areas. For example, in a small manufacturing company, an auditor will need to do more work on inventory than say land & buildings. Inventory can be a complex area, with probably a significant number of line items and there is the risk of obsolete stock. Why is the risk-based auditing used more increasingly: • Growing complexity of the business environment, such as advanced computer systems and the globalisation of business, increases the risk of fraud or misstatement. • Pressure on auditors to keep fees down but improve the level of service. ISA 315 requires that auditors consider the entity’s process for assessing its own business risks. They must consider the factors that lead to the problems which may cause material misstatements and what can the audit contribute to the business pursuing its goals. The business risk approach was developed because it was believed that in some instances the risk of misstatement arose mainly from the business risks of the company. This business approach tries to mirror the risk management steps that have been taken by the directors. It is also known as the top down approach in that it starts at the objectives of the company and works down to the financial statements, rather than working up from the financial statements which has been the historical approach to auditing. Controls testing is aimed at high level controls and substantive testing is reduced. Principal risks include: • Economic pressures causing reduced sales and eroding margins, • Demands for extended credit, • Product quality issues re inadequate control over supply chain etc., • Customer dissatisfaction re order requirements and invoicing errors etc., • Unacceptable service response calls, • Out of date IT systems. These risks can impact on inventory values, receivables recoverable, provisions and contingencies and going concern. The effect of the top down approach is that the auditor pays more attention to high level controls, such as the control environment and corporate governance, than the traditional approach. In addition, analytical review procedures are used more extensively as the auditor is keen to understand the business more clearly. The combination of the above two factors will result in reduced substantive detailed testing, although it is not eliminated completely. Page 86 s Business risk approach advantages: • There is added value given to clients as the approach focuses on the business as a whole rather than just the financial statements. • Where audit attention is focused on high levels of controls and use of analytical procedures, there is increased audit efficiency. • There is no need to focus on routine processes where technological developments have rendered them less prone to error than in previous times. • The approach responds to corporate governance issues in recent years. • There is a lower engagement risk through a better understanding of the client’s business. E. SYSTEMS AND CONTROLS This approach is always used in conjunction with other approaches as substantive testing can never be eliminated completely. Management is required to institute a system of controls which is capable of safeguarding the assets of the shareholders. Auditors assess the controls put in place by directors and ascertain whether they are effective and can be relied upon for the purposes of the audit. They carry out tests to ensure that the systems operate as they are supposed to. If the controls are ineffective, the control risk is high and it is important to undertake higher levels of substantive testing. F. CYCLES AND TRANSACTIONS An auditor may choose to carry out substantive tests on the transactions of the business in the relevant period. Cycles testing is closely linked to systems testing as it is based on the same systems. However, with the cycles approach, the auditors test the transactions which have occurred, resulting in the entries in the books, such as sales transactions, purchases, expenses etc. The auditor substantiates the transactions which appear in the financial statements. A sample of transactions is selected and each transaction is tested to ensure that the transaction is complete and is processed correctly through the complete cycle. G. BALANCE SHEET APPROACH An auditor may choose to carry out substantive tests on the year end balances. This is the most common approach to substantive testing after controls have been tested. The balance sheet shows a snapshot of the financial position. If it is fairly stated and the previous year’s figures were also fairly stated, then it is reasonable to undertake lower level testing on the profit and loss transactions e.g. analytical review. There is a relationship with the business risk approach. The element of substantive testing which remains in a business risk approach can be undertaken in this approach. In some cases, most notably small companies, the business risks may be strongly linked to management being concentrated in one person, and/or balance sheets may be uncomplicated. In these cases, it is probably more cost effective to undertake a highly substantive balance sheet audit rather than to undertake a business risk assessment. Page 87 s It should be noted though, that when not undertaken in conjunction with a risk based approach or systems testing, the level of detailed testing required can be high in a balance sheet approach making it very costly. H. DIRECTIONAL TESTING Directional testing is a method of discovering errors and omissions in the financial statements through undertaking detailed substantive testing. It can be broken down into two categories: tests to discover errors and tests to discover omissions. Checking entries from the books back to supporting documentation should help to detect errors causing an overstatement or an understatement. For example, selecting sales transactions from the sales ledger and tracing them back to sales invoices and price lists to ensure that sales are priced correctly. To discover omissions the auditor must start from outside the accounting records and trace through to the records in the books. For example, to check the completeness of purchases, select a number of GRNs and check through to the stock records and the purchase ledger. Directional testing is appropriate when testing the financial statement assertions of existence, completeness, rights & obligations, and valuation. The concept of directional testing derives from the principle of double entry bookkeeping. Therefore any misstatement of a debit entry will result in either a corresponding misstatement of a credit entry or a misstatement in the opposite direction of another debit entry. A test for an overstatement of an asset also gives comfort on understatement of other assets, overstatement of liabilities, overstatement of income and understatement of expenses. In other words by performing tests, the auditor obtains audit assurance in other audit areas. A major advantage of this approach is its cost-effectiveness. Assets and expenses are tested for overstatement only, while liabilities and income for understatement only. Directional testing is particularly useful when there is a high level of detailed testing to be carried out, such as when the auditors have assessed the controls and accounting systems and have found them to be ineffective. I. ANALYTICAL PROCEDURES These procedures are important at all stages of the audit, such as planning, substantive procedures and the overall review. It consists of comparing items like current financial information with prior year financial information and analysing predictable relationships such as the relationship between receivables and credit sales. The use of analytical procedures generally arises in the business risk approach and is also used in reviews, assurance engagements and reviewing prospective financial information. Page 88 s When deciding to use analytical procedures as substantive procedures, the auditor must consider: • The plausibility and predictability of the relationships, such as the strong relationship between turnover and sales commission, • The objectives of the procedures and the extent to which their results are reliable, • The detail to which information can be analysed, such as info at dept. level, • The availability of information both financial and non-financial, • The relevance of the information such as budgets, • The comparability of the information - Average performances over an industry may vary widely, • The knowledge gained during previous audits such as effectiveness of controls. When determining that reliance can be placed on the results of such testing the auditor should consider whether there are other audit procedures directed towards the same assertions, the accuracy with which the results can be predicted and the frequency with which a relationship is observed. Practical techniques Important accounting ratios • Gross profit margins • Average collection period • Stock turnover • Current ratio • Acid test ratio • Debt to equity capital • Return on capital employed Related items • Payables and purchases • Inventories and cost of sales • Non-current assets and depreciation, repairs and maintenance • Loans and interest • Receivables and bad debts • Receivables and sales Ratios on their own are of little use. They should be compared to previous years and other comparable companies. In addition, the auditor should use non-financial information to produce ratios such as sales revenue per unit of sale. Other analytical techniques include: • Examining related accounts in conjunction with others • Trend analysis • Reasonableness tests such as calculating expected values. Page 89 s Information technology can be used in trend analysis to enable auditors to see trends graphically with relative ease and speed. General When seeking to identify an appropriate strategy for a particular audit, it is important to remember that the approaches are linked and in some cases it is wise to use two or more: • Directional testing with balance sheet approach as they are both substantive testing issues, • Risk and cycles based approach with low level of large transactions, • Risk and balance sheet approach where substantial numbers of sales transactions with substantial receivables. Question 6.1 M Ltd is a long standing client of the audit firm. You were the audit senior on the assignment last year and now you are the audit supervisor. The partner has asked you to plan the audit for the current year. Client has approx. 100 customers but 6 account for 80% of value. A new customer, York, has come in with the potential to account for 20% of total sales in the coming year. Only 1 month of its sales are included in the figures to be audited. York is also an audit client of the firm and you are aware that they have had problems with their previous suppliers who broke off relations with them due to York’s poor payment record. This year the company decided to factor its debts the result of a previous history of bad debts where large customers went bust and they sacked a sales ledger clerk near the end of the year and outsourced the sales ledger function to the factor. The sales ledger clerk has threatened that she will sue for unfair dismissal and for sexual discrimination. There is also a large bank loan with a covenant attaching. One specific term states that the bank requires an interest cover of 2.5 and current ratio of 1.5. Your audit assistant has attended the stock count and noted a high level of old inventory included in the count. Balance sheet extract 2010 RWF’000s Tangible assets Current assets: Stock Debtors Cash Assets Current liabilities: Creditors Bank loan Long term liabilities: Bank loan 460 324 15 381 10 RWF’000s 210 799 1009 391 250 Page 90 s 2009 RWF’000s 370 250 69 367 10 RWF’000s 243 689 932 377 260 Profit and Loss extracts Sales Cost of sales Gross margin Admin exp. Other exp. Profit before interest & tax Interest 2010 RWF’000s 2534 1583 951 476 400 75 14 2009 RWF’000s 2967 1823 1144 488 432 224 14 Requirements: 1. Comment on the materiality level you would set 2. Identify the audit risks 3. Outline the key administrative planning matters that are outstanding 4. Discuss whether a conflict of interest arises with respect to the audit and what steps the auditor should take. Question 6.2 Giftware.com is a company with a chain of shops selling gifts to the tourist market. The company has been a long standing client. Half way through the year the two directors who are also shareholders decided to close down some of the smaller shops which have not been performing well. Instead they have decided to set up a mail order business and to trade through their website. Customers can order gifts via an email order form giving their credit card details on that form. The goods will then be posted to the customer or the gift recipient. The company has retained its major shops in solid locations. Customers may log on in the shops and order what they require, if it is not available in the store they are in. At the same time as launching the mail order system, the owners decided that they would offer a mailing service for goods bought in the shops as well. Some of the staff from the closed shops have been transferred to the warehouse where the electronic arm of the business now operates. The website is not integrated into the sales ledger. A sales clerk, Ange prints 2 copies of every email request. She checks the order to the availability of stock and then emails the customer if the gift is going to take more than a week to process. She offers them the chance to change their order if they do so wish. When the item is in stock, she sends one copy of the order to the warehouse where the order is packed and despatched to the customer. The warehouse manager returns the first copy of the order to another sales clerk, Mary, marked despatched. Mary retrieves the second copy of the order, processes the credit card payment, marks the first order as paid and shreds the second copy of the order. The marked up invoice is filed in a paid invoices file. When there are lots of orders, Mary helps Ange out and vice versa if lots of orders have been despatched. Page 91 s Requirement: 1. 2. 3. 4. Identify the business risks now facing the company with its e-commerce operations; Identify any additional audit risks which may have arisen from the decision; Propose and justify an audit strategy; Suggest minor amendments to control procedures in order to make operations run more smoothly. Page 92 s Study Unit 7 Audit Evidence Contents A. B. C. D. E. F. Audit Evidence Introduction Related Parties Management Representations Using the Work of Others Documentation Sample Questions Page 93 s AUDIT EVIDENCE A. AUDIT EVIDENCE INTRODUCTION The purpose of ISA 500 is to establish standards and provide guidance on what constitutes audit evidence in an audit of financial statements, the quantity and quality of audit evidence to be obtained, and the audit procedures that auditors use for obtaining that audit evidence. In order to form an opinion, an auditor must obtain evidence. This evidence should be sufficient, relevant and reliable. The auditor designs substantive procedures to obtain this evidence about the financial statement assertions. By approving the financial statements, the directors are making representations about the information therein. These assertions may fall into the following categories: (a) Assertions about classes of transactions and events for the period under audit: • Occurrence—transactions and events that have been recorded have occurred and pertain to the entity. • Completeness—all transactions and events that should have been recorded have been recorded. • Accuracy—amounts and other data relating to recorded transactions and events have been recorded appropriately. • Cut-off—transactions and events have been recorded in the correct accounting period. • Classification—transactions and events have been recorded in the proper accounts. (b) Assertions about account balances at the period end: • Existence—assets and liabilities exist. • Completeness—all assets and liabilities that should have been recorded have been recorded. • Rights and obligations—the entity holds or controls the rights to assets and liabilities are the obligations of the entity. • Valuation and allocation —assets and liabilities are included in the financial statements at appropriate amounts. (c) Assertions about presentation and disclosure: • Occurrence and rights and obligations—disclosed events, transactions, and other matters have occurred and pertain to the entity. • Completeness—all disclosures that should have been included in the financial statements have been included. • Classification and understandability—financial information is appropriately presented and described, and disclosures are clearly expressed. • Accuracy and valuation—financial and other information are disclosed fairly and at appropriate amounts. Page 94 s Procedures used by auditors to obtain evidence Inspection of tangible assets Inspection confirms existence and valuation and gives evidence of completion. It does not however confirm rights and obligations. Inspection of documents and records Confirmation to documentation confirms existence of an asset or that a transaction has occurred. Confirmation that items are in the books shows completeness. Also helps testing cut-off. It provides evidence of valuation, measurement, rights and obligations and presentation and disclosure. Observation This procedure is of limited use in that it only confirms that a procedure took place when it was observed. Inquiry and confirmation Information sought from client or external sources. The strength of the evidence depends on knowledge and integrity of the source of the information. Recalculation and Re-Performance Checking calculations of client records Audit automation tools Such as computer assisted auditing techniques Analytical procedures Sufficient and appropriate Sufficiency is the measure of the quantity of the evidence, while the appropriateness is the measure of the quality (reliability & relevance) of the evidence. This applies to both tests of controls and substantive procedures. An auditor’s judgment as to what is sufficient appropriate evidence is influenced by the following factors: • Risk assessment, is it low or high, • The nature of the accounting and internal control systems, • The materiality of the item being examined, • The experience gained during previous audits, • The auditor’s knowledge of the business and industry, • The results of audit procedures, • The source and reliability of the information available. Appropriate – relevance The relevance of audit evidence should be considered in relation to the overall audit objective of forming an audit opinion and reporting on the financial statements. The evidence should allow the auditor to conclude on the following: • Balance sheet items Page 95 s Is there suitable completeness, existence, ownership, valuation and disclosure issues? • Profit and loss items Is there suitable completeness, occurrence, valuation and disclosure issues? Appropriate – reliable Reliability of audit evidence depends on the particular circumstances of each case. However, the following should be considered: • Documentary evidence is more reliable that oral evidence; • Evidence from external independent sources is more reliable than that within an entity; • Evidence from the auditor by such means as analysis and physical inspection is more reliable than evidence obtained by/from others. Sufficiency The auditor needs to obtain sufficient, relevant and reliable evidence to form a reasonable basis for his opinion on the financial statements. His judgement of sufficiency will be influenced by such factors as: • His knowledge of the business and its environment, • The risk of misstatement, • The quality of the evidence. However, merely obtaining more audit evidence may not compensate for its poor quality. Computer assisted audit techniques (CAAT) Audit software Used where client has computer systems and large volumes of data. The auditor can scrutinise large volumes of data and free up his time for review and follow up results rather than having to extract the data and select samples. Before using software the auditor should have a basic understanding of data processing and the client’s computer application. If the application is complex the auditor may need to have some knowledge of systems analysis. He also needs to consider how easy is it to transfer the data and extract it. Examples of audit software include interrogation software (e.g. IDEA), comparison programmes, interactive software for on-line interrogation and resident code software to review transactions as they are processed. Page 96 s Test data are used to assess a system’s performance. The expected results are known in advance and are compared against the output using the test data. You can also use the test data to check the controls of the system such as attempting to process invalid data. A significant problem using test data is that it may result in corrupting a data file. Some systems have controls that prevent the easy removal of data without leaving a mark. Other problems include the fact that you are only testing the operation of the system at a point in time. Audit sampling ISA 530 states that when designing audit procedures, the auditor should determine appropriate means for selecting items for testing so as to gather sufficient appropriate audit evidence to meet the objectives of the audit procedures. Auditors do not examine all information that is available to them (audit limitation) as it is impractical to do so and as a result audit sampling is used to produce valid conclusions. Audit sampling involves the application of audit procedures to less than 100% of items within a class of transactions or account balance such that all sampling units have a chance of selection. Audit sampling can use either a statistical or a non-statistical approach. Error means either control deviations, when performing tests of controls, or misstatements, when performing tests of details. Similarly, total error is used to mean either the rate of deviation or total misstatement. Anomalous error means an error that arises from an isolated event that has not recurred other than on specifically identifiable occasions and is therefore not representative of errors. Population means the entire set of data from which a sample is selected and about which the auditor wishes to draw conclusions. Sampling risk arises from the possibility that the auditor's conclusion, based on a sample, may be different from the conclusion reached if the entire population were subjected to the same audit procedure. There are two types of sampling risk: • The risk the auditor will conclude that controls are more effective than they actually are, or that a material error does not exist when in fact it does. This type of risk affects audit effectiveness and is more likely to lead to an inappropriate audit opinion; and • The risk the auditor will conclude that controls are less effective than they actually are, or that a material error exists when in fact it does not. This type of risk affects audit efficiency as it leads to additional work to establish that initial conclusions were incorrect.Non-sampling risk arises from factors that cause the auditor to reach an Page 97 s erroneous conclusion for any reason not related to the size of the sample. For example, ordinarily the auditor finds it necessary to rely on audit evidence that is persuasive rather than conclusive, the auditor might use inappropriate audit procedures, or the auditor might misinterpret audit evidence and fail to recognise an error. Sampling unit means the individual items constituting a population, for example checks listed on deposit slips, credit entries on bank statements, sales invoices or debtors' balances. Statistical sampling means any approach to sampling that has the following characteristics: • Random selection of a sample; and • Use of probability theory to evaluate sample results. Sampling, that does not have the above characteristics, is considered non-statistical sampling. Stratification is the process of dividing a population into subpopulations, each of which is a group of sampling units which have similar characteristics (often monetary value). Tolerable error means the maximum error in a population the auditor is willing to accept. Selecting Items for Testing to Gather Audit Evidence The decision as to which approach to use will depend on the circumstances, and the application of any one or combination of the available means may be appropriate in particular circumstances. While the decision is made on the basis of the risk of material misstatement related to the assertion being tested and audit efficiency, the auditor needs to be satisfied that methods used are effective in providing sufficient appropriate audit evidence to meet the objectives of the audit procedure. • Selecting All Items (100% examination) The auditor may decide that it will be most appropriate to examine the entire population of items that make up a class of transactions or account balance. 100% examination is unlikely in the case of the tests of controls, it is more common for tests of details. For example, 100% examination may be appropriate when the population constitutes a small number of large value items, when there is a significant risk and other means do not provide sufficient appropriate audit evidence, or when the repetitive nature of a calculation or other process performed automatically by an information system makes a 100% examination cost effective, for example, through the use of computer assisted audit techniques (CAATs). • Selecting Specific Items The auditor may decide to select specific items from a population based on such factors as the auditor's understanding of the entity, the assessed risk of material misstatement, and the characteristics of the population being tested. The judgmental selection of specific items is subject to non-sampling risk. Specific items selected may include high value or key items.While selective examination of specific items from a class of transactions or account balance will often be an efficient means of gathering audit evidence, it does not constitute audit sampling. The results of audit procedures applied to items selected in this way cannot Page 98 s be projected to the entire population. The auditor considers the need to obtain sufficient appropriate evidence regarding the rest of the population when that remainder is material. • Audit Sampling The auditor may decide to apply audit sampling to a class of transactions or account balance. Audit sampling can be applied using either non-statistical or statistical sampling methods. Statistical Versus Non-statistical Sampling Approaches The decision whether to use a statistical or non-statistical sampling approach is a matter for the auditor's judgment regarding the most efficient manner to obtain sufficient appropriate audit evidence in the particular circumstances. For example, in the case of tests of controls the auditor's analysis of the nature and cause of errors will often be more important than the statistical analysis of the count of errors. In such a situation, non-statistical sampling may be most appropriate. Sample Size In determining the sample size, the auditor should consider whether sampling risk is reduced to an acceptably low level. Sample size is affected by the level of sampling risk that the auditor is willing to accept. The lower the risk the auditor is willing to accept, the greater the sample size will need to be. The sample size can be determined by the application of a statistically-based formula or through the exercise of professional judgment objectively applied to the circumstances. Selecting the Sample The auditor should select items for the sample with the expectation that all sampling units in the population have a chance of selection. Statistical sampling requires that sample items are selected at random so that each sampling unit has a known chance of being selected. The sampling units might be physical items (such as invoices) or monetary units. With nonstatistical sampling, an auditor uses professional judgment to select the items for a sample. Because the purpose of sampling is to draw conclusions about the entire population, the auditor endeavours to select a representative sample by choosing sample items which have characteristics typical of the population, and the sample needs to be selected so that bias is avoided. B. RELATED PARTIES ISA 550 states that the auditor should perform audit procedures designed to obtain sufficient appropriate audit evidence regarding the identification and disclosure by management of related parties and the effect of related party transactions that are material to the financial statements. Where there is any indication that such circumstances exist, the auditor should perform audit procedures as are appropriate in the circumstances. Page 99 s Management is responsible for the identification and disclosure of related parties and transactions with such parties. This responsibility requires management to implement adequate internal control to ensure that transactions are appropriately identified and disclosed. As transactions between related parties may not be on an arm's length basis and there may be a conflict of interest, management usually ensure that such transactions are subject to appropriate approval procedures. The approval of material related party transactions is often recorded in the minutes of meetings. In owner managed entities similar approval procedures would ideally apply. Often, however, procedures are less formalised because the owner manager is often personally aware of and, implicitly or explicitly approves, all such transactions. Definition of Related Parties and Related party transactions Parties are related if one controls the other or is in a position to exercise influence over the other in financial and operational decisions. Related transactions are those between related parties regardless of whether any consideration has taken place. Inherent difficulties of detection Related party transactions are often inherently difficult for the auditor to detect. • The definition of a related party is complex and in part subjective and it may not always be self-evident to management whether a party is related. • Many information systems are not designed to either distinguish or summarise related party transactions and outstanding balances between an entity and its related parties. • An audit cannot be expected to detect all related party transactions. Importance of related Parties The auditor needs to have a sufficient understanding of the entity and its environment to enable identification of the events and transactions that may result in a risk of material misstatement regarding related parties and transactions with such parties because: • The applicable financial reporting framework may require disclosure in the financial statements of certain related party relationships and transactions • The existence of related parties or related party transactions may affect the financial statements such as the entity's tax liability. • The source of audit evidence affects the auditor's assessment of its reliability. A greater degree of reliance is placed on audit evidence that is obtained from unrelated third parties; • A related party transaction may be motivated by other than ordinary business considerations, for example, profit sharing or even fraud; and • Transfers of goods and services with related parties may be in accordance with specified transfer pricing policies or under reciprocal trading arrangements which may give rise to accounting recognition and measurement issues. In particular an entity may have received or provided management services at no charge. The risk that undisclosed related party transactions, or outstanding balances between an entity and its related parties, will not be detected by the auditor is especially high when: • Related party transactions have taken place without charge, Page 100 s • Related party transactions are not self-evident to the auditor, • Transactions are with a party that the auditor could not reasonably be expected to know is a related party, • Transactions undertaken with a related party in an earlier period have remained unsettled for a considerable period of time, • Active steps have been taken by those charged with governance or management to conceal either the full terms of a transaction or that a transaction is, in substance, with a related party. Existence and Disclosure of Related Parties When planning the audit the auditor should assess the risk that material undisclosed related party transactions, or undisclosed outstanding balances between an entity and its related parties may exist. The auditor should review information provided by management identifying the names of all known related parties and should perform the following audit procedures in respect of the completeness of this information: • Review prior year working papers for names of known related parties; • Review the entity's procedures for identification of related parties; • Inquire as to the affiliation of management and officers with other entities; • Review shareholder records to determine the names of principal shareholders or, if appropriate, obtain a listing of principal shareholders from the share register; • Review minutes of the meetings of shareholders and those charged with governance and other relevant statutory records such as the register of directors' interests; • Inquire of other auditors currently involved in the audit, or predecessor auditors, as to their knowledge of additional related parties; • Review the income tax returns and other information supplied to regulatory agencies; • Review invoices and correspondence from lawyers for indications of the existence of related parties or related party transactions; and • Inquire of the names of all pension and other trusts established for the benefit of employees and the names of their management. If, in the auditor's judgment, there is a lower risk of significant related parties remaining undetected, these procedures may be modified as appropriate. Where the applicable financial reporting framework requires disclosure of related party relationships, the auditor should be satisfied that the disclosure is adequate. Transactions with Related Parties The auditor should review information provided by management identifying related party transactions and should be alert for other material related party transactions. When obtaining an understanding of the entity's internal control, the auditor should consider the adequacy of control activities over the authorisation and recording of related party transactions. Page 101 s During the course of the audit, the auditor needs to be alert for transactions which appear unusual in the circumstances and may indicate the existence of previously unidentified related parties. Examples include: • Transactions which have abnormal terms of trade, such as unusual prices, interest rates, guarantees, and repayment terms. • Transactions which lack an apparent logical business reason for their occurrence. • Transactions in which substance differs from form. • Transactions processed in an unusual manner • High volume or significant transactions with certain customers or suppliers as compared with others. • Unrecorded transactions such as the receipt or provision of management services at no charge. During the course of the audit, the auditor carries out audit procedures which may identify the existence of transactions with related parties. Examples include: • Performing detailed tests of transactions and balances, • Reviewing minutes of meetings of shareholders and those charged with governance, • Reviewing accounting records for large or unusual transactions or balances, paying particular attention to transactions recognised at or near the end of the reporting period, • Reviewing confirmations of loans receivable and payable and confirmations from banks. Such a review may indicate guarantor relationship and other related party transactions. • Reviewing investment transactions, for example, purchase or sale of an equity interest in a joint venture or other entity. Examining Identified Related Party Transactions In examining the identified related party transactions, the auditor should obtain sufficient appropriate audit evidence as to whether these transactions have been properly recorded and disclosed. Given the nature of related party relationships, audit evidence of a related party transaction may be limited. Because of the limited availability of appropriate audit evidence about such transactions, the auditor considers performing audit procedures such as: • Discussing the purpose of the transaction with management , • Confirming the terms and amount of the transaction with the related party, • Inspecting information in possession of the related party, • Corroborating with the related party the explanation of the purpose of the transaction and, if necessary, confirming that the transaction is bona fide, • Obtaining information from an unrelated third party, • Confirming or discussing information with persons associated with the transaction such as banks, lawyers, guarantors and agents. Page 102 s Disclosures Relating to Control of the Entity The auditor should obtain sufficient appropriate audit evidence that disclosures in the financial statements relating to control of the entity are properly stated. Management Representations The auditor should obtain a written representation from management concerning the completeness of information provided regarding the identification of related parties; and the adequacy of related party disclosures in the financial statements Audit Conclusions and Reporting If the auditor is unable to obtain sufficient appropriate audit evidence concerning related parties and transactions with such parties or concludes that their disclosure in the financial statements is not adequate, the auditor should modify the audit report appropriately. Problems associated with applying the standard include the identification of the controlling party which may be difficult and the auditor may not be able to determine whether transactions are material. (See materiality notes and limitations of criteria) What procedures should a company put in place: • Advise all directors and officers that they have a responsibility to disclose appropriate transactions; • Record all such transactions in the minutes of directors’ meetings; • Maintain a register of all details which should be disclosed; • Set out approval procedures in respect of transactions which fall under related party issues; • Obtain a formal statement annually from each director indicating the necessary disclosures. Audit procedures to assess such a system • • • • • • C. Inspect the board minutes Examine any agreements and contracts involving directors Consider whether transactions disclosed are on commercial grounds Assess the recoverability of amounts due in respect of directors or connected persons Review the legality of the disclosable transactions Review subsequent events after the year end for any additional disclosure requirements MANAGEMENT REPRESENTATIONS ISA 580 states that the auditor should obtain appropriate representations from management. These are an important source of evidence. Indeed these may be the only suitable evidence available where knowledge of such facts is confined to management or may even be one of Page 103 s judgement and opinion. The representations may be oral or written and may be obtained either on a formal or informal basis. The auditors will include this information in their audit working papers where it forms part of their total audit evidence. Written confirmation should be obtained before the audit report is issued. Acknowledgment by Management of its Responsibility for the Financial Statements The auditor should obtain audit evidence that management acknowledges its responsibility for the fair presentation of the financial statements in accordance with the applicable financial reporting framework, and has approved the financial statements. This normally occurs when the auditor gets a signed copy of the financial statements which usually includes a statement of management responsibilities. On the other hand the auditor can obtain audit evidence from relevant minutes of meetings by obtaining a written representation from management. Representations by Management as Audit Evidence The auditor should obtain written representations from management on matters material to the financial statements when other audit evidence cannot reasonably be expected to exist. It may be necessary to inform management of the auditor's understanding of materiality. The possibility of misunderstandings between the auditor and management is reduced when oral representations are confirmed by management in writing. The auditor should obtain written representations from management that: • It acknowledges its responsibility for the design and implementation of internal control to prevent and detect error; and • It believes the effects of those uncorrected financial misstatements aggregated by the auditor during the audit are immaterial to the financial statements taken as a whole. During the course of an audit, management makes many representations to the auditor, either unsolicited or in response to specific inquiries. When such representations relate to matters which are material to the financial statements, the auditor will need to: • Seek corroborative audit evidence from sources inside or outside the entity, • Evaluate whether the representations made by management appear reasonable and consistent with other audit evidence obtained and • Consider whether the individuals making the representations can be expected to be well informed on the particular matters. Representations by management cannot be a substitute for other audit evidence that the auditor could reasonably expect to be available. If the auditor is unable to obtain sufficient appropriate audit evidence regarding a matter which has a material effect on the financial statements and such audit evidence is expected to be available, this will constitute a limitation in the scope of the audit, even if a representation has been received on the matter. Page 104 s In certain instances, audit evidence other than that obtained by performing inquiry may not be reasonably expected to be available; therefore the auditor obtains a written representation by management. If a representation by management is contradicted by other audit evidence, the auditor should investigate the circumstances and, when necessary, reconsider the reliability of other representations made by management. Documentation of Representations by Management The auditor would ordinarily include, in audit working papers, evidence of management's representations in the form of a summary of oral discussions with management or written representations from management. A written representation is ordinarily more reliable audit evidence than an oral representation and can take the form of: • A representation letter from management, • A letter from the auditor outlining the auditor's understanding of management's representations, duly acknowledged and confirmed by management, • Relevant minutes of meetings of the board of directors or similar body or a signed copy of the financial statements. Basic Elements of a Management Representation Letter When requesting a management representation letter, the auditor should request that it be addressed to the auditor, contain specified information and be appropriately dated and signed. It would ordinarily be dated the same date as the auditor's report. A management representation letter would ordinarily be signed by the members of management who have primary responsibility for the entity and its financial aspects (ordinarily the senior executive officer and the senior financial officer) based on the best of their knowledge and belief. Action if Management Refuses to Provide Representations If management refuses to provide a representation that the auditor considers necessary, this constitutes a scope limitation and the auditor should express a qualified opinion or a disclaimer of opinion. In such circumstances, the auditor would evaluate any reliance placed on other representations made by management during the course of the audit and consider if the other implications of the refusal may have any additional effect on the auditor's report. D. USING THE WORK OF OTHERS The auditor is not expected to have the expertise of a person trained for or qualified to engage in the practice of another profession or occupation, such as an actuary or engineer. For this Page 105 s reason an auditor may need to use the work of an expert to obtain sufficient, appropriate audit evidence. "Expert" means a person or firm possessing special skill, knowledge and experience in a particular field other than accounting and auditing. When using the work performed by an expert, the auditor should obtain sufficient appropriate audit evidence that such work is adequate for the purposes of the audit. If unable to obtain sufficient appropriate audit evidence, the auditor should consider the need to modify the auditor's report. Although the auditor may use the work of an expert, the auditor has sole responsibility for the audit opinion. The expert can be engaged by the client or the auditor themselves. When the expert is employed by the audit firm, the auditor will be able to rely on the firm's own systems for recruitment and training that determine that expert's capabilities and competence instead of needing to evaluate them for each audit engagement. If neither the auditor nor the entity employs an appropriate expert, the auditor considers asking management to engage an appropriate expert subject to the auditor being satisfied as to the expert's competence and objectivity. If management is unable or unwilling to engage an expert, the auditor may consider engaging an expert or whether sufficient appropriate audit evidence can be obtained from other sources. Determining the Need to Use the Work of an Expert In obtaining an understanding of the entity and performing further procedures in response to assessed risks, the auditor may need to obtain, in conjunction with the entity or independently, audit evidence in the form of reports, opinions, valuations and statements of an expert. Examples are: • Valuations of certain types of assets, for example, land and buildings, plant and machinery, works of art, and precious stones. • Determination of quantities or physical condition of assets, for example, minerals stored in stockpiles, underground mineral and petroleum reserves, and the remaining useful life of plant and machinery • Determination of amounts using specialised techniques or methods, for example, an actuarial valuation. • The measurement of work completed and to be completed on contracts in progress • Legal opinions concerning interpretations of agreements, statutes and regulations. When determining the need to use the work of an expert, the auditor would consider • The engagement team's knowledge and previous experience of the matter being considered; • The risk of material misstatement based on the nature, complexity, and materiality of the matter being considered and • The quantity and quality of other audit evidence expected to be obtained. Page 106 s Competence and Objectivity of the Expert When planning to use the work of an expert, the auditor should evaluate the professional competence of the expert. This will involve considering • The expert's professional certification or licensing by, or membership of, an appropriate professional body and • Experience and reputation in the field in which the auditor is seeking audit evidence. The auditor should also evaluate the objectivity of the expert. The risk that an expert's objectivity will be impaired increases when the expert is: • Employed by the entity or • Related in some other manner to the entity, for example, by being financially dependent upon or having an investment in the entity If the auditor is concerned regarding the competence or objectivity of the expert, the auditor needs to discuss any reservations with management and consider whether sufficient appropriate audit evidence can be obtained concerning the work of an expert. The auditor may need to undertake additional audit procedures or seek audit evidence from another expert. If the auditor is unable to obtain sufficient appropriate audit evidence concerning the work of an expert, the auditor needs to consider modifying the auditor's report. Scope of the Expert's Work The auditor should obtain sufficient appropriate audit evidence that the scope of the expert's work is adequate for the purposes of the audit. Audit evidence may be obtained through a review of the terms of reference which are often set out in written instructions from the entity to the expert. Such instructions to the expert may cover matters such as: • The objectives and scope of the expert's work, • A general outline of the specific matters the auditor expects the report to cover, • The intended use by the auditor of the expert's work, including the possible communication to third parties of the expert's identity and extent of involvement, • The extent of the expert's access to appropriate records and files, • Clarification of the expert's relationship with the entity, if any, • Confidentiality of the entity's information, • Information regarding the assumptions and methods intended to be used by the expert and their consistency with those used in prior periods. In the event that these matters are not clearly set out in written instructions to the expert, the auditor may need to communicate with the expert directly to obtain audit evidence in this regard. In obtaining an understanding of the entity, the auditor also considers whether to include the expert during the engagement team's discussion of the susceptibility of the entity's financial statements to material misstatement. Page 107 s Evaluating the Work of the Expert The auditor should evaluate the appropriateness of the expert's work as audit evidence regarding the assertion being considered. This will involve evaluation of whether the substance of the expert's findings is properly reflected in the financial statements or supports the assertions, and consideration of: • Source data used, • Assumptions and methods used and their consistency with prior periods, • When the expert carried out the work, • Results of the expert's work in the light of the auditor's overall knowledge of the business and of the results of other audit procedures. When considering whether the expert has used source data which is appropriate in the circumstances, the auditor would consider the following procedures: • Making inquiries regarding any procedures undertaken by the expert to establish whether the source data are relevant and reliable and • Reviewing or testing the data used by the expert. The appropriateness and reasonableness of assumptions and methods used and their application are the responsibility of the expert. The auditor does not have the same expertise and, therefore, cannot always challenge the expert's assumptions and methods. However, the auditor will need to obtain an understanding of the assumptions and methods used and to consider whether they are appropriate and reasonable, based on the auditor's knowledge of the business and the results of other audit procedures. Results of the expert If the results of the expert's work do not provide sufficient appropriate audit evidence or if the results are not consistent with other audit evidence, the auditor should resolve the matter. This may involve discussions with the entity and the expert, applying additional audit procedures, including possibly engaging another expert, or modifying the auditor's report. Reference to an Expert in the Auditor's Report When issuing an unmodified auditor's report, the auditor should not refer to the work of an expert. Such a reference might be misunderstood to be a qualification of the auditor's opinion or a division of responsibility, neither of which is intended. If, as a result of the work of an expert, the auditor decides to issue a modified auditor's report, in some circumstances it may be appropriate, in explaining the nature of the modification, to refer to or describe the work of the expert (including the identity of the expert and the extent of the expert's involvement). In these circumstances, the auditor would obtain the permission of the expert before making such a reference. If permission is refused and the auditor believes a reference is necessary, the auditor may need to seek legal advice. Page 108 s Internal audit If the client has an internal audit dept., it may sometimes be possible for the external auditor to make use of their work in arriving at their audit opinion. E. DOCUMENTATION All evidence obtained during an audit should be documented. The auditor’s working papers are the evidence of all the work done which supports his audit opinion. Where evidence is difficult to obtain such as related parties or discussions with management, it is imperative that written notes are made of conversations, particularly where they concern material matters. Working papers should be reviewed by more senior members of staff before an audit conclusion is reached. The review should consider whether: • The work has been performed in line with the detailed audit programmes, • The work performed and the results thereof have been adequately documented, • Any significant matters have been resolved or are reflected in the audit opinion, • The objectives of the audit procedures have been achieved, • The conclusions expressed are consistent with the results of the work performed and support the opinion of the auditor. The following documentation should be reviewed on a timely basis: • The overall audit strategy and the detailed audit plan, • The assessment of inherent and control risks, • The results of control and substantive procedures and the conclusions drawn from them, • The proposed audit adjustments to the financial statements. In some cases, particularly large complex audits, personnel not involved in the audit may be asked to review some or all of the audit work. This is sometimes known as a peer review or a hot review. Question 7.1 You are the manager in charge of the audit of Newworld properties and you have been asked to prepare the letter of representation which will be signed by the company’s directors. There are two material items in the accounts for the year ended 30 April 2010 on which you want the directors to confirm that the treatment in the accounts are correct. Oldworld Builders, a subsidiary company, is experiencing going concern problems and you want the directors to confirm that they intend to support the subsidiary for the foreseeable future. Trouble Manufacturing Ltd is in dispute with Newworld properties over repairs required to a building they purchased a number of years ago. The customer is claiming that RWF3m Page 109 s worth of repairs are required and that Newworld properties is liable to pay for these repairs as a result of negligent construction of the building. In addition, Trouble is claiming RWF2m for the cost of disruption to the business due to the faults in the building. Newworld properties have obtained the advice from their lawyer and a surveyor, and the directors believe that there are no grounds for the claim. However, Newworld has included a note in its accounts concerning this contingent liability. You are required to: 1. Draft a letter of representation for the directors to sign. You should include the two items above and any other required matters. 2. Discuss the letter of representation as reliable audit evidence and the extent to which auditors can rely on this form of evidence. 3. Describe the work to be performed to check whether a provision in respect of Trouble Manufacturing Ltd should be included in the accounts. 4. Describe the matters to consider and the further action that is necessary if the directors refuse to sign the letter of representation because of the legal claim from Trouble Manufacturing Ltd. Question 7.2 What are the audit objectives. Page 110 s Study Unit 8 Audit Evaluation and Review Contents A. B. C. D. E. F. G. H. Review Procedures Opening Balances Comparatives Other Information Subsequent Events Going Concern Compliance with International Financial Reporting Standards Sample Questions Page 111 s Audit Evaluation and Review A. REVIEW PROCEDURES An auditor must perform and document an overall review of the financial statements before making an audit opinion. This review, along with the conclusions drawn from other audit evidence obtained, gives the auditor a reasonable basis for his opinion on the financial statements. It needs to be carried out by a senior member of the audit team, who has the appropriate skills and experience. Compliance with accounting regulations The auditor should consider whether the financial statements are in accordance with statutory requirements and whether the accounting policies are in accordance with accounting standards. In addition, the policies should be appropriate to the entity, properly disclosed and consistently applied. When assessing the accounting policies used by the entity, the auditor should consider policies adopted in specific industries, standards and guidelines, the need for a true and fair view and the need to reflect substance over form. Review for consistency and reasonableness The auditor needs to consider whether the financial statements are consistent with his knowledge of the entity’s business and with the evidence accumulated from other audit procedures, and that the manner of disclosure is fair. The auditor will consider: • Information and explanations received during the audit, • New factors which may affect presentation and/or disclosure requirements, • Results of analytical procedures applied, • Undue influence by directors, • The potential impact of the aggregate of uncorrected misstatements identified. Analytical procedures Analytical review procedures are used as part of the overall review procedure. This review should cover accounting ratios, changes in products/customers, price and product mix changes, wages changes, variances, trends in production and sales, changes in material/labour content of production and variations caused by industry or economy factors. Significant fluctuations and unexpected relationships must be investigated. Summarise errors During the course of the audit of financial statements, there will be material and immaterial errors uncovered. The client will normally adjust the financial statements to take account of Page 112 s these errors. At the end of the audit however, there may be some outstanding errors and the auditors will summarise these unadjusted errors. The summary of errors will not only list errors from the current year, but also those that exist from previous years. This allows errors to be highlighted that are reversals of errors from previous years, such as in the valuation of closing/opening stock. The auditor should show both the balance sheet and the profit and loss effect of these errors. Evaluating the effect of misstatements As part of the standard on materiality (ISA 320) in evaluating whether the financial statements are prepared in accordance with an applicable financial reporting framework, the auditor should assess whether the aggregate of uncorrected misstatements that have been identified during the audit is material. The aggregate of uncorrected misstatements are: • Specific misstatements identified by the auditor, including ones identified during the audit of the previous period if they affect the current period and • The auditor’s best estimate of other misstatements which cannot be quantified specifically. If the aggregate of misstatements is material, the auditor must consider reducing audit risk by carrying out additional testing. Otherwise, he may request management to adjust the financial statements for the identified misstatements which the latter may wish to do anyway. If the aggregate of the misstatements approaches the level of materiality, the auditor should consider whether it is likely that undetected misstatements, when taken with the aggregated uncorrected misstatements, could exceed the materiality level. If so, he should consider reducing the risk by performing additional testing or as before requesting management to adjust the financial statements for the identified misstatements. Completion checklists Auditors frequently use checklists as control documents and evidence, that all final procedures have been carried out and that all material amounts are supported by sufficient appropriate audit evidence. The checklists should be signed off. B. OPENING BALANCES Opening balances are based on the closing balances of the prior period and reflect transactions of and accounting policies applied to the prior period. ISA 510 provides guidance on when the financial statements of an entity are audited for the first time and when the financial statements for the prior period were audited by another auditor. For initial audit engagements, the auditor should obtain sufficient appropriate audit evidence that: Page 113 s • The opening balances do not contain misstatements that materially affect the current period's financial statements; • The prior period's closing balances have been correctly brought forward to the current period or, when appropriate, have been restated; and • Appropriate accounting policies are consistently applied or changes in accounting policies have been properly accounted for and adequately presented and disclosed. Appropriate sufficient audit evidence will depend on matters such as: • The accounting policies, • Whether the prior periods financial statements were audited and if so whether the auditors’ report was qualified, • The nature of the accounts and the risk of misstatement in the current period, • The materiality of the opening balances relative to the current period balances. Where the prior period’s financial statements were audited by other auditors, the current auditor may be able to obtain sufficient appropriate audit evidence regarding opening balance by reviewing the other auditor’s working papers. The current auditor should consider the professional competence and independence of the other auditor. If the previous audit report was qualified, the auditor should pay particular attention in the current period to those matters that resulted in the qualification. Where the prior period accounts were not audited or where the auditor has not obtained sufficient appropriate evidence, he must perform other procedures. Examples would include: • In respect of current assets and liabilities, some audit evidence can usually be obtained as part of the current periods audit procedures such as the collection of opening debtors during the current period. This will provide some evidence of their existence, rights and obligations, completeness and valuation at the beginning of the period. • The opening stock position may require observing a current physical count and then reconciling it back to the opening position, testing the valuation of the opening stock items and carrying out testing on gross margins and cut off procedures. • For non-current assets and liabilities, the auditor may be able to obtain external confirmation of opening balances with third parties e.g. long term debt and investments. If, after performing audit procedures, the auditor is unable to obtain sufficient appropriate audit evidence concerning opening balances, the auditor's report should include: • A qualified opinion or • A disclaimer of opinion or • In those jurisdictions where it is permitted, an opinion which is qualified or disclaimed regarding the results of operations and unqualified regarding financial position. If the opening balances contain misstatements which could materially affect the current financial statements, the auditor should inform management and, after having obtained management's authorisation, the previous auditor, if any. If the effect of the misstatement is not properly accounted for and adequately presented and disclosed, the auditor should express a qualified opinion or an adverse opinion, as appropriate. Page 114 s If the current period's accounting policies have not been consistently applied in relation to opening balances and if the change has not been properly accounted for and adequately presented and disclosed, the auditor should express a qualified opinion or an adverse opinion as appropriate. If the entity's prior period auditor's report was qualified, the auditor should consider the effect on the current period's financial statements. For example, if there was a scope limitation, such as one due to the inability to determine opening inventory in the prior period, the auditor may not need to qualify or disclaim the current period's audit opinion. However, if a modification regarding the prior period's financial statements remains relevant and material to the current period's financial statements, the auditor should modify the current auditor's report accordingly. C. COMPARATIVES ISA 710 establishes the standards and provides guidance in this area. The auditor should determine whether the comparatives comply in all material respects with the financial reporting framework applicable to the financial statements being audited. Different countries have different reporting frameworks. The auditor should obtain sufficient appropriate audit evidence that amounts derived from the preceding period's financial statements are free from material misstatements and are appropriately incorporated in the financial statements for the current period. Corresponding figures are amounts and other disclosures for the preceding period that are included as part of the current period financial statements, and are intended to be read in relation to the amounts and other disclosures relating to the current period. These corresponding figures are not presented as complete financial statements capable of standing alone, but are an integral part of the current period financial statements intended to be read only in relationship to the current period figures. Comparative financial statements are amounts and other disclosures for the preceding period that are included for comparison with the financial statements of the current period, but do not form part of the current period financial statements. Comparatives are presented in compliance with the applicable financial reporting framework. The essential audit reporting differences are that: • For corresponding figures, the auditor's report refers only to the financial statements of the current period whereas • For comparative financial statements, the auditor's report refers to each period for which financial statements are presented. Corresponding figures The auditor should obtain sufficient appropriate audit evidence that the corresponding figures meet the requirements of the applicable financial reporting framework. The extent of audit procedures performed on the corresponding figures is significantly less than for the audit of the current period figures. Page 115 s The auditor should obtain sufficient appropriate audit evidence that: • The accounting policies used for the corresponding amounts are consistent with those of the current period and appropriate adjustments and disclosures have been made, • The corresponding amounts agree with the amounts and other disclosures presented in the preceding period and are free from errors in the context of the financial statements of the current period, • Where corresponding amounts have been adjusted as required by relevant legislation and accounting standards, appropriate disclosures have been made. Reporting When the comparatives are presented as corresponding figures, the auditor should issue an audit report in which the comparatives are not specifically identified because the auditor's opinion is on the current period financial statements as a whole, including the corresponding figures. Where the auditor's report on the prior period, as previously issued, included a qualified opinion, disclaimer of opinion, or adverse opinion and the matter that gave rise to the modification is: • Unresolved, and results in a modification of the auditor's report regarding the current period figures, the auditor's report should also be modified regarding the corresponding figures or • Unresolved, but does not result in a modification of the auditor's report regarding the current period figures, the auditor's report should be modified regarding the corresponding figures only, or • Resolved and properly dealt with in the financial statements, the current report does not need a reference to the previous modification. However, if the matter is material to the current period, the auditor may include an ‘emphasis of matter’ paragraph dealing with the situation. During the course of the current audit the auditor may become aware of a material misstatement that affects the prior period financial statements on which an unqualified report had been previously issued. • If the prior period financial statements have been revised and reissued with a new auditor's report, the auditor should obtain sufficient appropriate audit evidence that the corresponding figures agree with the revised financial statements or, • If the prior period financial statements have not been revised and reissued, and the corresponding figures have not been properly restated and/or appropriate disclosures have not been made, the auditor should issue a modified report on the current period financial statements modified with respect to the corresponding figures included therein. • If prior period financial statements have not been revised and an auditor's report has not been reissued, but the corresponding figures have been properly restated and/or appropriate disclosures have been made in the current period financial statements, the auditor may include an ‘emphasis of matter’ paragraph describing the circumstances and refer to the appropriate disclosures. Page 116 s In some jurisdictions, the incoming auditor is permitted to refer to the previous auditor's report on the corresponding figures in the incoming auditor's report for the current period. When the auditor decides to refer to another auditor, the incoming auditor's report should indicate: • That the financial statements of the prior period were audited by another auditor, • The type of report issued by the previous auditor and, if the report was modified, the reasons for the qualification and • The date of that report. When the prior period financial statements are not audited, the incoming auditor should state in the auditor's report that the corresponding figures are unaudited. The making of such a statement does not relieve the auditor of his responsibilities to perform appropriate audit procedures regarding the opening balances. If the auditor is not able to obtain sufficient appropriate audit evidence regarding the corresponding figures or, if there is not adequate disclosure, the auditor should consider the implications for his report. In situations where the incoming auditor identifies that the corresponding figures are materially misstated, the auditor should request management to revise the corresponding figures or if management refuses to do so, appropriately modify the report. Comparative financial statements The auditor should obtain sufficient appropriate audit evidence that the comparative financial statements meet the requirements of the applicable financial reporting framework. This involves evaluating whether: • Accounting policies of the prior period are consistent with those of the current period, • Prior period figures agree with the amounts and other disclosures presented in the prior period and • Appropriate adjustments and disclosures have been made. Reporting When the comparatives are presented as comparative financial statements, the auditor should issue a report in which the comparatives are specifically identified because the auditor's opinion is expressed individually on the financial statements of each period presented. Since the auditor's report on comparative financial statements applies to the individual financial statements presented, the auditor may express a qualified or adverse opinion, disclaim an opinion or include an ‘emphasis of matter’ paragraph with respect to one or more financial statements for one or more periods, while issuing a different report on the other financial statements. When reporting on the prior period financial statements in connection with the current year's audit, if the opinion on such prior period financial statements is different from the opinion previously expressed, the auditor should disclose the substantive reasons for the different Page 117 s opinion in an emphasis of matter paragraph. This may arise when he becomes aware of circumstances or events that materially affect the financial statements of a prior period during the course of the audit of the current period. When the financial statements of the prior period were audited by another auditor: • The previous auditor may reissue the audit report on the prior period with the incoming auditor only reporting on the current period or • The incoming auditor’s report should state the prior period was audited by another auditor, the type of report issued by the other auditor (if qualified - the reasons) and the date of that report. In the course of the current audit the incoming auditor may become aware of a material misstatement that affects the prior period accounts on which the previous auditor had previously unqualified. In these circumstances, the incoming auditor should discuss the matter with management and, after having obtained management's authorisation, contact the previous auditor and propose that the prior period financial statements be restated. If the previous auditor agrees to reissue the audit report on the restated financial statements of the prior period, the auditor should only report on the current period. If the previous auditor does not agree with the proposed restatement or refuses to reissue the audit report on the prior period financial statements, the introductory paragraph of the current auditor's report should indicate that the previous auditor reported on the financial statements of the prior period before restatement. In addition, if the incoming auditor applies sufficient audit procedures to be satisfied as to the appropriateness of the restatement adjustment, he may include a paragraph in his report. When the prior period financial statements are not audited, the incoming auditor should state in the auditor's report that the comparative financial statements are unaudited. This statement does not relieve the auditor of the requirement to carry out appropriate audit procedures regarding opening balances. In situations where the incoming auditor identifies that the prior year unaudited figures are materially misstated, the auditor should request management to revise the prior year's figures or if management refuses to do so, appropriately qualify the report. D. OTHER INFORMATION Other information is financial and non-financial other than that included in the audited financial statements. ISA 720 states that an auditor should read the other information to identify material inconsistencies with the audited financial statements. If, as a result of reading the other information, the auditor becomes aware of any apparent misstatements therein, or identifies any material inconsistencies with the audited financial statements, the auditor should seek to resolve them. Page 118 s A ''material inconsistency'' exists when other information contradicts information contained in the audited financial statements. A material inconsistency may raise doubts about the audit conclusions drawn from audit evidence previously obtained and, possibly, about the basis for the auditor's opinion on the financial statements. An entity issues on an annual basis its audited financial statements together with the auditor's report thereon. This document is frequently referred to as the ''annual report.'' In issuing such a document, an entity may also include other financial and non-financial information. Examples of other information include a report by management on operations, financial summaries or highlights, employment data, planned capital expenditures, financial ratios, names of officers and directors and selected quarterly data. In certain circumstances, the auditor has a statutory or contractual obligation to report specifically on other information. In other circumstances, the auditor has no such obligation. However, the auditor needs to give consideration to such other information when issuing a report on the financial statements, as the credibility of the audited financial statements may be undermined by inconsistencies which may exist between the audited financial statements and other information. The credibility of the audited financial statements may also be undermined by misstatements within the other information. Some jurisdictions require the auditor to apply specific procedures to certain of the other information, for example, required supplementary data and interim financial information. If such other information is omitted or contains deficiencies, the auditor may be required to refer to the matter in the auditor's report. When there is an obligation to report specifically on other information, the auditor's responsibilities are determined by the nature of the engagement and by local legislation and professional standards. Access to other information In order that an auditor can consider other information included in the annual report, timely access to such information will be required. The auditor therefore needs to make appropriate arrangements with the entity to obtain such information prior to the date of the auditor's report. In certain circumstances, all the other information may not be available prior to such date. In these circumstances, the auditor would need to consider his options. Material inconsistencies If, on reading the other information, the auditor identifies a material inconsistency, he should determine whether the audited financial statements or the other information needs to be amended. If the auditor identifies a material inconsistency he should seek to resolve the matter through discussion with management. Page 119 s If the auditor concludes that the other information contains inconsistencies with the financial statements and the auditor is unable to resolve them through discussion with management, he should consider requesting management to consult with a qualified third party, such as the entity's legal counsel and consider the advice received. If an amendment is necessary in the audited financial statements and the entity refuses to make the amendment, the auditor should express a qualified or adverse opinion. If an amendment is necessary in the other information and the entity refuses to make the amendment, the auditor should consider including in the auditor's report an ‘emphasis of matter’ paragraph describing the material inconsistency or take other actions. The actions taken, such as not issuing the auditor's report or withdrawing from the engagement, will depend upon the particular circumstances and the nature and significance of the inconsistency. The auditor would also consider obtaining legal advice as to further action. Material misstatements of fact While reading the other information for the purpose of identifying material inconsistencies, the auditor may become aware of a material misstatement of fact. A ''material misstatement of fact'' in other information exists when such information, not related to matters appearing in the audited financial statements, is incorrectly stated. If the auditor becomes aware that the other information appears to include a material misstatement of fact, the auditor should discuss the matter with the entity's management. When discussing the matter with the entity's management, the auditor may not be able to evaluate the validity of the other information and management's responses to the auditor's inquiries and would need to consider whether valid differences of judgment or opinion exist. The auditor should consider whether the other information requires to be amended. When the auditor still considers that there is an apparent misstatement of fact, the auditor should request management to consult with a qualified third party, such as the entity's legal counsel and should consider the advice received. If the auditor concludes that there is a material misstatement of fact in the other information which management refuses to correct, the auditor should consider taking further appropriate action. The actions taken could include such steps as notifying management in writing of the auditor's concern regarding the other information and obtaining legal advice. Availability of other information after the date of the auditor’s report: Where all the other information is not available to the auditor prior to the date of the auditor's report, the auditor should read the other information at the earliest possible opportunity thereafter to identify material inconsistencies. Page 120 s If, on reading the other information, the auditor identifies a material inconsistency or becomes aware of an apparent material misstatement of fact, the auditor should determine whether the audited financial statements or the other information need revision. When revision of the other information is necessary and the entity agrees to make the revision, the auditor should carry out the audit procedures necessary under the circumstances. The audit procedures may include reviewing the steps taken by management to ensure that individuals in receipt of the previously issued financial statements, the auditor's report thereon and the other information, are informed of the revision. When revision of the other information is necessary but management refuses to make the revision, the auditor should consider taking further appropriate action. The actions taken could include such steps as notifying management in writing of the auditor's concern regarding the other information and obtaining legal advice E. SUBSEQUENT EVENTS The auditor should consider the effect of subsequent events (events after the balance sheet date) on the financial statements and on the auditor's report. Events after the balance sheet date deals with the treatment in financial statements of events, both favourable and unfavourable, that occur between the balance sheet date and the date when the financial statements are authorised for issue and identifies two types: • Those that provide evidence of conditions that existed at the balance sheet - adjusting events - and • Those that are indicative of conditions which arose after the balance sheet date - nonadjusting events. Events occurring up to the date of the auditor’s report The auditor should perform audit procedures designed to obtain sufficient appropriate audit evidence that all events up to the date of the auditor's report that may require adjustment of, or disclosure in, the financial statements have been identified. These procedures are in addition to procedures that may be applied to specific transactions occurring after period end to obtain audit evidence as to account balances as at period end, for example, the testing of stock cut-off and payments to creditors. The audit procedures to identify events that may require adjustment would be performed as near as possible to the date of the auditor's report. Such audit procedures would take into account the auditor's risk assessment and include the following: • Reviewing management procedures to ensure that subsequent events are identified. • Reading minutes of the meetings of shareholders and directors held after the period end and inquiring about matters discussed for which minutes are not yet available. • Reading the entity's latest available interim financial statements and, as considered necessary and appropriate, budgets, cash flow forecasts and other related reports. • Inquiring of the entity's legal counsel concerning litigation and claims. Page 121 s • Inquiring of management as to whether any subsequent events have occurred which might affect the financial statements such as the following specific matters: - The current status of items based on preliminary or inconclusive data, - New commitments, borrowings or guarantees, - Major sales or acquisition of assets occurred or planned, - Issue of new shares or debentures or an agreement/plans to merge or liquidate, - Assets appropriated by government or destroyed by fire or flood, - Developments regarding risk areas and contingencies, - Unusual accounting adjustments made or contemplated, - Any events occurring or likely to occur which will bring into question the appropriateness of accounting policies used in the financial statements. When the auditor becomes aware of events that materially affect the financial statements, he should consider whether such events are properly accounted for and adequately disclosed. Facts discovered after date of the auditor’s report but before the financial statements are issued The auditor does not have any responsibility to perform audit procedures or make any inquiry regarding the financial statements after the date of the auditor's report. During the period from the date of the auditor's report to the date the financial statements are issued, the responsibility to inform the auditor of facts that may affect the financial statements rests with management. Where after the date of the auditor's report but before the financial statements are issued, the auditor becomes aware of a fact that may materially affect the financial statements, the auditor should consider whether the financial statements need amendment. He should discuss the matter with management and should take the action appropriate in the circumstances. When management amends the financial statements, the auditor would carry out additional audit procedures and should issue a new report on the amended financial statements. The new report would be dated not earlier than the amended financial statements are signed or approved by management. When management does not amend the financial statements in circumstances where the auditor believes they need to be amended and the auditor's report has not been released to the entity, the auditor should express a qualified opinion or an adverse opinion. When the auditor's report has been released to the entity, the auditor would notify management not to issue the financial statements and the auditor's report thereon to third parties. If they are subsequently released, the auditor needs to take action to prevent reliance on the audit report. The action taken will depend on the auditor's legal rights and obligations and the recommendations of the auditor's lawyer. Facts discovered after the financial statements have been issued After the financial statements are issued, the auditor has no obligation to make any further inquiry. Page 122 s When, after the financial statements have been issued, the auditor becomes aware of a fact which existed at the date of the auditor's report and which, if known at that date, may have caused the auditor to qualify his report, the auditor should consider whether the financial statements need revision, should discuss the matter with management and should take the action appropriate in the circumstances. Where the auditor becomes aware of a fact relevant to the audited financial statements that did not exist at the date of the auditor's report there are no statutory provisions for revising financial statements. The auditor should discuss with management whether they should withdraw the financial statements and where management decides not to do so the auditor may wish to take advice on whether it might be possible to withdraw their report. A possible course of action may include making a statement by management or the auditor at the annual general meeting. In any event legal advice may be helpful. When management revise the financial statements, the auditor should carry out the audit procedures necessary in the circumstances and should review the steps taken by management to ensure that anyone in receipt of the previously issued financial statements together with the auditor's report thereon is informed of the situation. The auditor should issue a new report on the revised financial statements. The new auditor's report should include an emphasis of a matter paragraph referring to a note to the financial statements that more extensively discusses the reason for the revision of the previously issued financial statements and to the earlier report issued by the auditor. The new auditor's report would be dated not earlier than the date the revised financial statements are approved. When management does not take the necessary steps to ensure that anyone in receipt of the previously issued financial statements together with the auditor's report thereon is informed of the situation and does not revise the financial statements in circumstances where the auditor believes they need to be revised, the auditor should notify management that action will be taken by the auditor to prevent future reliance on the auditor's report. The action taken will depend on the auditor's legal rights and obligations and the recommendations of the auditor's lawyers. F. GOING CONCERN When planning and performing audit procedures and, in evaluating the results, the auditor should consider the appropriateness of management's use of the going concern assumption in the preparation of the financial statements. Going concern is viewed as continuing in business for the foreseeable future with neither the intention nor need to cease trading. Assets and liabilities are recorded on the basis that one can realise assets and discharge liabilities in the normal course of business. When preparing the financial statements, management should make an assessment of the company’s ability to continue as a going concern. Page 123 s Management's assessment of the going concern assumption involves making a judgment, at a particular point in time, about the future outcome of events or conditions that are inherently uncertain. The following factors are relevant: • The degree of uncertainty associated with the outcome of an event or condition increases significantly the further into the future a judgment is being made about the outcome of an event or condition. • Any judgment about the future is based on information available at the time at which the judgment is made. Subsequent events can contradict a judgment that was reasonable at the time it was made. • The size and complexity of the entity, the nature and condition of its business and the degree to which it is affected by external factors all affect the judgment regarding the outcome of events or conditions. Possible indicators of going concern problems: Financial • Net liability or net current liability position, • Necessary borrowing facilities have not been agreed, • Borrowings approaching maturity without realistic prospects of renewal or repayment, • Excessive reliance on short-term borrowings to finance long-term assets, • Major debt repayment falling due where refinancing is necessary, • Major restructuring of debt, • Indications of withdrawal of financial support by debtors and other creditors, • Negative operating cash flows and adverse key financial ratios, • Substantial operating losses or significant deterioration in the value of assets used to generate cash flows, • Major losses or cash flow problems that have arisen since the balance sheet date, • Arrears or discontinuance of dividends, • Inability to pay creditors on due dates, • Inability to comply with the terms of loan agreements, • Reduction in normal terms of trade credit by suppliers, • Change from credit to cash-on-delivery transactions with suppliers, • Inability to obtain financing for essential new product development, • Substantial sales of fixed assets not intended to be replaced. Operating • Loss of key management and staff without replacement, • Loss of a major market, franchise, licence, or principal supplier, • Labour difficulties or shortages of important supplies, • Fundamental changes in the market or technology to which the entity is unable to adapt adequately, • Excessive dependence on a few product lines where the market is depressed, • Technical developments that render a key product obsolete. Other • Non-compliance with capital or other statutory requirements Page 124 s • Pending legal or regulatory proceedings against the entity that may, if successful, result in claims that are unlikely to be satisfied • Changes in legislation or government policy expected to adversely affect the entity • Issues which involve a range of possible outcomes so wide that an unfavourable result could affect the appropriateness of the going concern basis The significance of such events or conditions can often be mitigated by other factors: • The effect of an entity being unable to make its normal debt repayments may be counterbalanced by management's plans to maintain adequate cash flows by alternative means, such as by disposal of assets or rescheduling of loan repayments. • Similarly, the loss of a principal supplier may be mitigated by the availability of a suitable alternative source of supply. Auditor’s responsibilities The auditor's responsibility is to consider: • The appropriateness of management's use of the going concern assumption in the preparation of the financial statements, and • Whether there are material uncertainties about the entity's ability to continue as a going concern that need to be disclosed in the financial statements. In obtaining an understanding of the entity, the auditor should consider whether there are events or conditions and related business risks that may cast significant doubt on the entity's ability to continue as a going concern. In addition, he should remain alert for audit evidence of events or conditions in performing audit procedures throughout the audit and consider whether any identified affect his assessment of the risks of material misstatements. Management may have already made a preliminary assessment when the auditor is performing risk assessment procedures. If so, the auditor should review that assessment to determine whether management has identified events or conditions and what plans they have to address them. If management has not yet made a preliminary assessment, the auditor should discuss with management the basis for their intended use of the going concern assumption, and inquires of management whether events or conditions exist. The auditor should evaluate management's assessment of the entity's ability to continue as a going concern. He should consider the same period as that used by management in making its assessment under the applicable financial reporting framework. If management's assessment of the entity's ability to continue as a going concern covers less than twelve months from the balance sheet date, the auditor should ask management to extend its assessment period to twelve months from the balance sheet date. In evaluating management's assessment, the auditor should consider • The process management followed to make its assessment, • The assumptions on which the assessment is based and • Management's plans for future action. There is no need for a detailed assessment by management and extensive review by the auditor if the company has a good history of profitable operations and access to sufficient financial resources. Page 125 s The auditor does not have a responsibility to design audit procedures other than inquiry of management. However, he may become aware of such known events or conditions during the planning and performance of the audit, including subsequent events procedures. He should therefore inquire of management as to its knowledge of events or conditions beyond the period of assessment used by management that may cast significant doubt on the entity's ability to continue as a going concern. Since the degree of uncertainty associated with the outcome of an event or condition increases further into the future the indications of going concern issues will need to be significant before the auditor considers taking further action. The auditor may need to ask management to determine the potential significance of the event or condition on their going concern assessment. Additional audit procedures When events or conditions have been identified which may cast significant doubt on the entity's ability to continue as a going concern, the auditor should: • Review management's plans for future actions based on its going concern assessment, • Gather sufficient appropriate audit evidence to confirm or dispel whether or not a material uncertainty exists through carrying out audit procedures considered necessary, including considering the effect of any plans of management and other mitigating factors and • Seek written representations from management regarding its plans for future action. Such audit procedures may include: • Analysing and discussing cash flow, profit and other forecasts with management, • Analysing and discussing the entity's latest available interim financial statements, • Reviewing terms of loan agreements and determining whether any were breached, • Reading minutes of the meetings of shareholders, directors, management and relevant committees for reference to financing difficulties, • Inquiring of the entity's lawyer regarding the existence of litigation and claims and the reasonableness of management's assessments of their outcome and the estimate of their financial implications, • Confirming the existence, legality and enforceability of arrangements to provide or maintain financial support with related and third parties and assessing the financial ability of such parties to provide additional funds, • Considering the entity's plans to deal with unfilled customer orders, • Reviewing events after period end to identify those that either mitigate or otherwise affect the entity's ability to continue as a going concern. When analysis of cash flow is a significant factor in considering the future outcome of events or conditions the auditor should consider: • The reliability of the entity's information system for generating such information, • Whether there is adequate support for the assumptions underlying the forecast and • The comparability of prospective financial information with historical results and results to date. Page 126 s Audit Conclusions and Reporting Based on the audit evidence obtained, the auditor should determine if, in his judgment, a material uncertainty exists related to events or conditions that alone or in aggregate, may cast significant doubt on the entity's ability to continue as a going concern. If the use of the going concern assumption is appropriate but a material uncertainty exists, the auditor considers whether the financial statements: • Adequately describe the principal events or conditions that give rise to the significant doubt on the entity's ability to continue in operation and management's plans to deal with these events or conditions and • State clearly that there is a material uncertainty and thus be unable to realise its assets and discharge its liabilities in the normal course of business. If adequate disclosure is made in the financial statements, the auditor should express an unqualified opinion but modify the auditor's report by adding an ‘emphasis of matter’ paragraph that highlights the existence of a material uncertainty and draws attention to the note in the financial statements. If adequate disclosure is not made in the financial statements, the auditor should express a qualified or adverse opinion. The report should include specific reference to the fact that there is a material uncertainty that may cast significant doubt about the entity's ability to continue as a going concern. If, in the auditor's judgment, the entity will not be able to continue as a going concern, the auditor should express an adverse opinion if the financial statements have been prepared on a going concern basis regardless of whether or not disclosure has been made. If management is unwilling to make or extend its assessment when requested to do so by the auditor, the auditor should consider the need to qualify the auditor's report as a result of the limitation on the scope of the auditor's work. When there is significant delay in the signature or approval of the financial statements by management after the balance sheet date, the auditor should consider the reasons for the delay. When the delay could be related to events or conditions relating to the going concern assessment, the auditor should consider the need to perform additional audit procedures. G. COMPLIANCE WITH REPORTING STANDARDS INTERNATIONAL FINANCIAL Financial statements must give a true and fair view under the relevant reporting framework. Auditors must ensure that this is so. Companies report on their financial statements compliance with international standards and their own national accounting framework. It would not be acceptable to issue an unqualified report in respect of compliance with international standards where there is divergence from national standards. Page 127 s Financial statements prepared in accordance with IFRSs In order to comply with IFRSs, the financial statements must comply with each standard. Where there is a note specifying certain departures or partial compliance, then it is inappropriate to give an unqualified opinion. Financial statements prepared in accordance with more than one reporting framework Unless there is significant convergence of national standards with international standards, it is unlikely that a set of financial statements can comply with two frameworks. It might be better to report on one framework only. If both are required to be reported on, the auditors will have to qualify their opinion in respect of one of the frameworks. It should be noted that Article 254 of Law 7/2009 of 27/04/2009 relating to companies states that “The financial statements of a company shall comply with international standards”. Financial statements in accordance with another acceptable financial reporting frame work In this case the financial statements are probably prepared in accordance with national standards and may contain a note showing a reconciliation to international standards. The note should give a true and fair view and therefore the auditor should accumulate sufficient and appropriate evidence in respect of this note. Question 8.1 You are the audit senior of EX electronics. They are involved in the assembly of microcomputers and sell them along with associated equipment to retailers. Many of the supplies are bought from the far-east. These computers are used by businesses for a variety of services such as accounting and word processing. The audit partner has asked you to consider the firm’s audit responsibilities in relation to subsequent events after the balance sheet date and any necessary audit work you might carry out. You are required to: (a) Describe the responsibilities of the auditor for detecting errors in the accounts during the following periods: 1. From period end to date of audit report 2. Date of audit report to issue of financial statements 3. After financial statements are issued (b)List the audit work you will carry out in period 1 considering subsequent events. (c) Describe the work you will carry out in period 2 to ensure that no adjustments are required to the accounts. Question 8.2 Identify enquiries which may be made of management when reviewing for subsequent events. Page 128 s Question 8.3 Briefly describe what issues analytical review may focus on. Page 129 s BLANK Page 130 s Study Unit 9 Audit Reports Contents A. B. C. D. E. F. Forming and Audit Opinion The Problem of Communication Electronic Reporting Special Purpose Reports Reporting to Management Sample Questions Page 131 s AUDIT REPORTS Auditors obtain evidence and draw conclusions from that evidence in order to express an opinion on a set of financial statements. A. FORMING AN AUDIT OPINION There are various audit opinions which can be expressed on a set of financial statements. Description Audit opinion Accounts show a true and fair view Unqualified audit opinion Material items do not show a true and fair Modified audit report view Accounts show a true and fair view except for………. A true and fair view is not shown because Adverse audit opinion disagreements are pervasive to the accounts. Perhaps there a significant number of material disagreements that do not show a true and fair view. The auditor cannot tell whether a true and Modified audit report fair view is given in respect of material Accounts show a true and fair view except items due to limitation in scope. for………. Auditor cannot tell whether a true and fair Disclaimer of opinion view is given at all due to a limitation in scope. The auditor needs to consider a number of key matters: • Has he received all the information and explanations necessary • Has he carried out all the procedures needed to meet applicable auditing standards. • Have applicable accounting requirements been used in the preparation of the financial statements. • Do the financial statements give a true and fair view. The Process of forming an audit opinion: • Ascertain whether all the evidence reasonably expected to be available has been obtained and has been evaluated. • Assess whether the effect of not gaining sufficient and relevant evidence is such that the financial statements could be misleading as a whole or in material part. The former would require a disclaimer of opinion while the latter would require an “except for” opinion. • Ascertain whether the financial statements are prepared in accordance with IFRS and generally accepted accounting principles. • Assess whether a departure from the accepted accounting principles is required to give a true and fair view and has there been adequate disclosure. Page 132 s • Assess whether any unnecessary departure from accounting principles is material or pervasive to the financial statements. A material departure will give an “except for” opinion while a pervasive departure will result in an adverse opinion. • Conclude as a whole whether the financial statements give a true and fair view. Impact of the Auditor’s report on Both Matters of Opinion and Matters of Fact Matters of opinion • Has the company kept proper books of account. • Have proper returns sufficient for the purposes of the audit been received by the auditor. • Have the accounts been properly prepared and do they show a true and fair view. • Does a financial situation exist which would require the convening of a Special Meeting Where group accounts are submitted, have the group accounts been properly prepared in accordance with the companies acts so as to give a true and fair view. Matters of facts • Are the accounts in agreement with the books. • Has the auditor obtained all the information and explanations which are necessary for the purposes of the audit. • Is the information in the director’s report consistent with the financial statements. ‘Emphasis of matter’ paragraph An auditor will use an ‘emphasis of matter’ paragraph to highlight a specific matter (when he has issued an unqualified audit report) such as a fundamental uncertainty. Examples could include questions over the recoverability of a debtor balance or a potential liability such as a fine. The auditor may feel that there is sufficient disclosure in the accounts and as such there is no need to issue a qualified audit report. He may however, wish to draw the reader’s attention to this matter and hence the emphasis of matter paragraph. B. THE PROBLEM OF COMMUNICATION The communication problem is caused by a number of factors that can be identified as: • Understandability Auditing is full of jargon. There are auditing standards and guidelines and it is a technical art. There is a language that non-auditors may find difficult to understand. Communicating the audit opinion in a form that all people can understand can be very difficult. • Responsibility As far as the law is concerned the auditors are responsible for certain duties. In addition, professional standards may apply other duties on the auditor. Users of the financial statements however, may not have the same perception of what the auditor’s duties are i.e. the expectations gaps. Page 133 s • Availability The fact that companies now tend to publish their financial statements on their websites, means that the availability of audit reports to the general public has increased. Auditors need to consider the risks that this brings. It is true to say that the fact that the accounts are now available for public scrutiny adds to the perception that the auditor’s report is now addressed to more than just the shareholders. The standard report The standard report is designed to eliminate the problems of lack of understandability. The report contains certain elements: • It is clearly addressed to shareholders, • There are introductory paragraphs which outline what the report refers to, • There are paragraphs outlining the responsibilities of the auditors and the directors, • There is an explanation of the basis on which the auditors have come to their conclusions, • There is an expression of an opinion. However, it still includes technical terms and is still a difficult document to fully understand. It can be argued that the existence of the standard report adds complexity to the situation and that it may be better to have tailored reports to each client’s specific situations. Its advantages are that it should be easier for users to understand and that it should contain certain elements in common with other audit reports which can be compared like for like. C. ELECTRONIC REPORTING When financial information is made available electronically, the auditor must ensure that their report is not misrepresented. Consent The auditing practices board issued a bulletin that recommends that the directors should obtain the consent of the auditor to publish the audit report on a website. Ideally, the matter should be clarified in the letter of engagement. The auditor may reserve the right to give consent if they do not like the presentation of the report and the associated financial statements. They should also ensure that their report is appropriately worded for inclusion on a website. It should probably contain references to specific financial statements rather than reference to page numbers. Controls The auditor should carry out the following procedures where their report is to be published electronically. Page 134 s • Review the process of deriving the information from the hardcopy accounts. • Check that the information is identical to the hardcopy information. • Review whether the presentation has been distorted giving a different perspective from the original hardcopy. The directors are responsible for ensuring that the hardcopy report is not tampered with once it is up on the website. D. SPECIAL PURPOSE REPORTS Auditors may issue special reports on summary financial statements, revised financial statements and distributions following an audit qualification. Summarised financial statements These may be prepared by management in order to inform user groups such as shareholders or bankers of the company’s financial position and the results of its operations. The auditor should not report on these summarised financial statements unless he has expressed an audit opinion on the financial statements from which the summary information is derived. Distributions following an audit qualification Distributions in certain jurisdictions e.g. Rwanda and Ireland such as dividends can only be made out of accumulated realised profits less accumulated realised losses. A modified audit report may state whether the subject matter of the qualification is material in determining whether a dividend can be paid. Revised accounts The revision of accounts may be undertaken by a revision by replacement or a revision by supplementary note. In both case the accounts should be prepared and then approved by management as at the original date of the accounts. The extent of any revision is limited to that resulting from facts which were known at the original date of approval. The auditor has no duty to search for any further evidence which may affect the accounts to which the report relates. However, if such a matter comes to his attention, he should discuss any appropriate revision with management. If the latter is unwilling to revise the accounts, then the auditor should consider taking legal advice. The auditor should follow specific procedures such as: • Review the original audit plan and the extent to which additional audit evidence is required. • Reassess any matters of judgment involved in the original audit. • Obtain evidence specific to the revised amounts. Page 135 s • Review the period after the date on which the original accounts were approved. • Review the revised accounts, in light of the conclusions drawn from other audit evidence obtained, to give the auditor a reasonable basis for his opinion on the accounts. • Consider any legal consequences of the revision. E. REPORTING TO MANAGEMENT Auditors report relevant audit matters to management and will often produce a management letter detailing control weaknesses observed during an audit. The auditor should communicate matters of governance interest arising from the audit of financial statements with those charged with governance of an entity. The scope is limited to those matters that specifically come to the auditor’s attention during the course of his audit. He is not responsible for designing specific tests and procedures to identify matters of governance. The auditor should determine the relevant persons who are charged with governance and with whom audit matters of governance interest are communicated. To avoid misunderstandings, the engagement letter should explain that the auditor will only communicate matters that come to their attention as a result of the performance of the audit. The engagement letter may describe the form which the communication will take, identify the relevant persons to whom the communication should go and identify any specific matters of governance which have been agreed to be communicated. The auditor should consider matters of governance that arise from the audit of the financial statements and communicate them to those charged with governance. Such matters would include: • The general approach or scope of the audit, • Selection of and changes in significant accounting policies, • The potential effect of any significant risks and exposures, • Significant audit adjustments, • Material uncertainties that may affect the going concern basis, • Significant disagreements with management, • Expected modifications to the audit report, • Other matters such as weaknesses in internal controls or fraud involving management, • Other matters mentioned in the letter of engagement. The auditor should consider audit matters of governance on a timely basis. He should have regard to local laws and regulations when communicating to management. Page 136 s Question 9.1 You are the audit partner in charge of WB Ltd. The company is developing a website and its directors wish to provide full access to the audited financial statements. What are the issues that are likely to concern you? Question 9.2 Webup Ltd has an operational website on which customers are trading. It was developed and installed by an outside firm but will be maintained solely by the IT manager of Webup. There is no external maintenance agreement in place. The cost of the website development was substantial and it made quite a dent in the profit and loss account figures. Webup has an arrangement with a couple of other companies to have free advertising on each others’ websites. This is not reflected in the financial statements. During the audit what evidence would you seek in relation to the above information and are there any implications for your audit report. Question 9.3 You are the audit senior on High Street Fashions (HSF) Ltd. The company owns a chain of upmarket clothing stores and also has a manufacturing facility doing its own brand. Its own brand accounts for 50% of sales and inventory. Profits for the year have improved to RWF7m from RWF3m last year and the balance sheet is healthy at RWF23m up from RWF15m last year. The stores are revalued every year with a couple this year achieving sharp increases due to a booming property market. In addition, a number of stores had refits. The increase in assets due to the refits and revaluations is RWF10m. Its manufacturing facility is not revalued. The company’s stock is RWF1.6m and is valued at the lower of cost or net realisable value. The cost is derived after deducting a suitable margin from the selling price. Exchanges and refunds are common in the stores as none of them has suitable fitting/changing rooms. HSF does not make any provision in the accounts for any refunds. Discuss the implications on the audit report of the above points. Question 9.4 What are the types of audit opinions that can be given on an audit report? Page 137 s BLANK Page 138 s Study Unit 10 Audit of Financial Statements Contents A. B. C. D. E. F. G. Introduction Construction Contracts Liabilities Income Expenses Disclosures Sample Questions Page 139 s AUDIT OF FINANCIAL STATEMENTS A. INTRODUCTION When you are auditing items appearing in the financial statements, you need to consider the following matters: • Risk, • Materiality, • Relevant accounting standards, • Audit evidence. B. ASSETS The key audit objectives are existence, completeness, valuation and rights and obligations. Inventories of Stock, Work in Progress and Finished Goods The auditor needs to evaluate whether the valuation of stock is reasonable. IAS 2 states that stock should be measured at the lower of cost and net realisable value. Costs would include cost of purchase and any other costs incurred in bringing the stock to its present condition and location. Audit work specific to inventories This will cover areas such as quantities, identification, condition, cut-off and valuation. • Review the written count instructions issued to client staff. Evaluate whether the instructions if followed are likely to derive an accurate count. • Attend at count and assess whether count is in accordance with instructions. • Carry out test counts at physical stock-take and check against client records. Note counts of specific items for further testing at final audit stage. • Ensure there is adequate control over the issue and return of all count sheets. • At the final audit stage, agree all items noted on stock count to the final evaluation. • Ensure that all staff responsible for counting have the necessary expertise to ensure all items are identified and counting accurately. • Test identification of individual items with appropriate catalogues etc. • Compare a sample of descriptions from the valuation back to the rough stock sheets. • Test the condition of a sample of items on the stock count making note of any items that appear damaged or appear to have been around for a long time. • Ensure that items noted as less than perfect are written down in the final valuation. • Observe at count whether there is movement of stock and assess the controls over the control of movement of stock on the day of the count. • Make a note of the last despatch note and the last goods inward note written. • Carry out sample tests to ensure sales/purchases are accounted for in the correct period. • Select a sample of prices in the final valuation and agree back to supplier’s invoices. • Select a sample of prices used and assess their net realisable value. • Review the stock note in the accounts to assess whether there is appropriate disclosure. • Review the letter of representation to ensure there is an adequate reference to stock. Page 140 s The method of stock valuation may be based on unit cost, FIFO, LIFO or average stock. The auditor should determine whether the method used is appropriate and properly applied. Manufacturing stock valuation may also incorporate labour costs and production overheads. Standard costing IAS 2 allows standard costing to be used where prices are fluctuating. The auditor should ensure that the standard costing is appropriate in the circumstances and that the calculation of the standard cost is reasonable. In evaluating the appropriateness of standard costing you must consider whether prices are in fact fluctuating, whether this is the best accounting policy, if the policy has changed from the previous year how do the two years compare and is their sufficient disclosure. In assessing the reasonableness of the calculation you must review the specific calculation, check the calculations, review them for reasonableness and verify specific elements of the calculation to source documentation such as purchase invoices, wages and overheads. Construction contracts IAS 11 sets out the following accounting treatments: • Contract revenue and cost should be recognised in the period in which the work is performed. • An excess of total costs over total revenue should be recognised as an expense. • Any costs incurred, which relate to future activity should be recognised as an asset if it is probable that they will be recovered. (work in progress) • Where amounts have been recognised as contract revenue, but their recoverability becomes doubtful, recognise as an expense and not as a deduction from revenue. The auditor should ensure that revenue and expenses have been correctly recognised and that any asset recognised for cost incurred in relation to future activity are recoverable. Procedures that might be employed would include: • Verify revenue figures to certification of work completed, • Verify cost figures to invoices and ensure that they relate to the current period, • Ensure that capitalised costs relating to future activity are verified by reviewing invoices and work schedules, • Review contract to ensure that capitalised costs are recoverable, • Undertake bad debt review and ensure that any debt that is not collectable has been treated as an expense. Non-Current Assets The auditor will concentrate on areas such as rights and obligations, valuation, existence, occurrence and presentation and disclosure. Specific tests would include: • Reconcile opening figures, from last year’s file to the current accounting records. Page 141 s • Obtain a summary of assets analysed into categories such as cost, additions, disposals, depreciation and net book value. Agree these figures to source documentation. • Review the nominal ledger accounts and asset registers for any unusual items. • Verify title to assets by inspection of title deeds and land registry certificates. • Obtain list of additions and verify ownership by inspection of architect’s certificates, invoices etc. Check that purchases have been authorised. • Review for evidence of charges in statutory books and by company search. • Examine invoices received after the year end, orders and minutes for evidence of capital commitments which may require disclosure. • Verify costs of additions to supplier’s invoices. • Check that costs have been capitalised correctly. • Where the clients have used their own labour to construct assets, ensure that materials, labour and overheads have been correctly analysed and are properly charged to capital. • Review depreciation rates applied in relation to assets lives. • For revalued assets, ensure that the depreciation is charged on the revalued amount. • Ensure no further depreciation has been provided on fully depreciated assets. • Check valuation by inspecting any recent valuation certificate and considering the experience of a valuer, scope of his work and methods and assumptions made. • Review insurance policies for all categories of tangible non-current assets and consider the adequacy of their insured values and check expiry dates. • Consider any evidence of permanent diminution in value e.g. physical inspection, asset no longer used etc. • Make physical inspection of a sample of items and confirm that they are recorded in the asset register and the accounting records. • Reconcile the asset register to the accounting records. • Obtain or prepare a list of disposals and scrappings from non-current assets during the year. Reconcile original cost with sale proceeds and verify book profits and losses. Check assets have been deleted from the asset register. • Consider whether disclosure complies with legislation and accounting standards. Lack of an asset register If a non-current asset register is not kept, the auditor should obtain a schedule of all the major items of non-current assets showing the original cost and estimated depreciated value. He should reconcile both the cost and depreciated value with the draft accounts. In the absence of an asset register, the auditor is faced with a problem in relation to disposals. Where there is a schedule of items from previous years the continuing existence of assets may be checked to this schedule but where there is none the auditor will have to rely more on a scrutiny of the cashbook for any large unexplained receipts and management representations. At the end of the day the auditor may well conclude that there is material uncertainty as to the existence and valuation of non-current assets and be forced to give an appropriate qualification in their audit report in that they will not have received all the information and explanations considered necessary for the purposes of their audit. Page 142 s IAS 36 states that tangible and intangible assets should be recorded in the financial statements at no more than their recoverable amount. In certain circumstances, assets should be subject to an impairment review: • Assess whether a review might be necessary from knowledge of the business • Obtain the clients workings of the impairment loss • Consider whether they are reasonable and recalculate to ensure they are correct. • If possible verify new value to documentation such as a valuer’s report. Intangible non-current assets These types of assets usually include patents, licences, trade-marks, copyrights, franchises, development costs and goodwill. All intangibles should be subject to an annual impairment review. An intangible asset is an identifiable non-monetary asset without physical substance. The asset must be controlled by the enterprise as a result of events in the past and something from which a company expects future economic benefits to flow. An item should not be recognised as an intangible asset unless it fully meets the definition in the standard. Internally generated goodwill may not be recognised as an asset. The following procedures should be carried out by the auditor: • Prepare analysis of movements of cost and amortisation to test completeness. • Obtain confirmation of all patents and trademarks held by a patent agent and verify payment of annual renewal fees for testing rights and obligations. • For valuation testing, review specialist valuations of intangibles assets considering qualifications of valuer, scope of work and assumptions and methods used. • Confirm that balances brought forward represent continuing value. • Inspect purchase agreements and supporting documentation for intangible assets acquired in the period and confirm purchases have been authorised • Verify amounts capitalised of patents developed with supporting costing records • Review amortisation by checking computations and confirm that rates are reasonable. Income from intangibles Review sales returns and statistics to verify the reasonableness of income derived from patents, trademarks licences etc. and examine audited accounts of third party sales covered by patent, licence or trademark owned by the company. Goodwill Key tests are as follows: • Agree consideration to a sales agreement, • Confirm valuation of assets acquired is reasonable, • Check purchased goodwill is calculated correctly, • Check goodwill does not include non-purchased goodwill, Page 143 s • Ensure management have carried out an annual impairment review and assess whether their conclusions are reasonable, • Ensure valuation of goodwill is reasonable reviewing prior years accounts and discussion with the directors. Development costs These costs may be included in the balance sheet only in circumstances specified in IAS 38. It defines research and development as original and planned investigation undertaken with the prospect of gaining new scientific or technical knowledge and understanding. Development is the application of research findings or other knowledge to a plan or design for the production of a new or substantially, improved materials, devices, products, processes or systems prior to the commencement of commercial production or use. Expenditure in research is required to be written off in the year of the expenditure. IAS 38 states that development costs of a project should be recognised as an asset only when all of the following criteria are met: • Completion of the asset will be technically feasible, • The business intends to complete the asset, • The business will be able to use or sell the asset, • The business can demonstrate how future economic benefits will be generated, • Adequate technical and financial resources are available to complete the development, • Expenditure attributable to the development of the asset can be measured reliably. General overheads, costs of inefficiencies and expenditure on training staff to operate the asset should not be capitalised. Amortisation of development expenditure should not exceed 20 years and an appropriate method should be used. The development costs of a project should not exceed the amount that is likely to be recovered from related future economic benefits, after deducting further development costs, related production costs, and selling and administrative costs directly incurred in marketing the product. In all other circumstances development costs should be written off in the year of the expenditure. The key audit tests largely reflect the criteria laid down in IAS 38: • Check accounting records to confirm project are clearly defined (i.e. separate nominal ledger codes) and related expenditure can be separately identified and certified to invoices timesheets etc. • Confirm feasibility and viability by examining market research reports, feasibility studies, budgets and forecasts and consult client’s technical experts. • Review budgeted revenues and costs by examining results to date, production forecasts, advance orders and discussion with directors. • Review calculations of future cash flows to ensure resources exist for completion. • Review previously deferred expenditure to ensure IAS 38 criteria are still justified. • Check amortisation so as it starts with production and is charged on a systematic basis. Page 144 s Most companies have a policy of write off in the year. With regard to these circumstances, the auditor should consider whether the profit and loss charge for research and development is complete, accurate and valid. The key accounting issues with regard to brands is whether the asset is internally generated or not. IAS 38 forbids the capitalisation of internally generated assets. If a brand has been purchased separately, then the auditor should test the value of the brand according to the sales documentation. Investments When auditing investments, the auditor needs to consider the income and the asset. Investments can fall under the following headings: • Investments in companies whether listed or unlisted and their income, • Investment in subsidiary and associated companies, • Investment properties. There are a couple of key internal control considerations: • Authorisation over investment dealings, • Segregation of duties re the recording and custody roles should be kept separate. Stockbrokers should not normally be entrusted with the safe custody of share certificates on a continuing basis since they have ready access to the stock exchange. The auditor should not therefore rely on a certificate from a broker stating that he holds the company’s securities. The auditor should carry out the following tests: • Examine certificates of title and confirm that they are bona fide complete title documents in the client’s name and free from any charge or lien. • Examine confirmation from a third party investment custodian and check investments are in the client’s name and the investments are free from charge or lien. • Inspect certificates of title held by third parties who are not bona fide custodians. • Inspect blank transfers and letters of trust to confirm client owns nominee shares. • Review minutes and other statutory books for evidence of charging and pledging. • Verify purchases to agreements, contract notes and correspondence. • Confirm purchases were authorised. • Check with appropriate financial data suppliers that all reported capital changes, bonus or rights issues have been correctly accounted for during the year. • Verify disposal with contract notes and sales agreements. • Check whether investments disposals have been authorised. • Confirm that profit or loss on sale of investments have been correctly calculated taking into account, bonus issue of shares, consistent basis of identifying cost of investment, rights issues, accrued interest, taxation. • The auditor should establish that the company’s policy on valuing investments has been correctly applied and is consistent with previous years. • Confirm the value of listed investments by reference to stock exchange listings. Page 145 s • Review accounts of unlisted companies and assess the net assets value of the shares and the value of the investment and ensure that it is reasonable. • Check that no substantial fall in the value of the investments has taken place. • Check whether the current asset investments are included at the lower of cost or net realisable value. Investment income The basis of recognising investment income may vary from company to company particularly for dividends. Credit may be taken only when received, when declared or taken only after ratification of the dividend by the shareholders in general meeting. Whichever is the basis, a consistent one must be applied from year to year. The auditor will be concerned with completeness, occurrence and measurement. To address these issues he should: • Check that all income due has been received by reference to financial statements for unlisted companies and other available financial data. • Review investment income account for irregular or unusual entries. • Ensure that the basis of recognising income is consistent with previous years. • Compare investment income with prior years and explain any significant fluctuations. • Obtain a statement reconciling the book value of the listed and unlisted investments at the last balance sheet date and the current balance sheet date. • Ensure that the investments are properly categorised in the financial statements into listed and unlisted. Investment properties IAS 40 sets out the criteria for the validity of an investment property. It is property, whether land or buildings, held rather than for use in the ordinary course of business. There are different standards applicable depending on the type of the property: • Property held for sale in ordinary course of business – IAS 2 inventories • Property being constructed on behalf of third parties - IAS construction contracts • Owner occupied property - IAS 16 property plant and equipment • Property being constructed for future use as investment property - IAS 16 until construction or development is completed, then treat as an investment property. The auditor should do some substantive testing: • Verify rental agreements, ensuring that occupier is not a connected company and that the rent has been negotiated at arm’s length. • If the building has recently being built, check the architects certificate to ensure that the construction work has been completed. • IAS requires that investment properties either be held at cost or at fair value. The auditor should verify this to a valuer’s cert., as professional valuation is encouraged under the IAS. • The auditor should seek to verify the cost to appropriate evidence such as purchase invoice, or if self constructed, costing records, payroll etc. • The auditor should review the disclosures made in the financial statements in relation to investment properties to ensure that they have been made appropriately, in accordance with IAS 40. Page 146 s C. LIABILITIES The audit objectives for liabilities are completeness, rights and obligations and existence. Liabilities must always be tested for understatement. Leases The classification of a lease can have a material effect on the financial statements. There are two main types of leases, finance leases and operating leases. IAS 17 defines a lease as an agreement whereby the lessor conveys to the lessee in return for a payment or series of payments the right to use an asset for an agreed period of time. A finance lease is a lease that transfers all the risks and rewards of ownership of an asset. Title may or may not eventually be transferred. An operating lease is a lease other than a finance lease. The standard requires that a finance lease should be recorded in the balance sheet of a lessee as an asset and as an obligation to pay future lease payments. At the inception of the lease the sum to be recorded both as an asset and a liability should be the fair value of the leased property or if lower, the present value of the minimum lease payments. It also requires that the rentals under an operating lease should be written off as an expense on a straight-line basis over the term of the lease even if the payments are not made on such a basis, unless there is another rational basis that is justified in the circumstances. If the lease is a finance lease, the balance sheet will show substantial assets and liabilities. The overall net effect would be marginal but the balance sheet will be materially different if the lease was an operating lease. The following audit procedures are relevant; • Obtain a copy of the lease agreement and review it for the correct classification. • Obtain the client’s workings in relation to finance leases. • Check the additions and calculations of the workings • Ensure the interest has been accounted for in accordance with the standard. • Agree the opening the position to previous year’s audit file. • Verify the lease payments in the year to the bank statements. • The auditor should ensure the lease has been properly disclosed. Deferred taxation The auditor should review the movement on the deferred tax provision. Deferred tax is accounted for under IAS 12, income taxes, and is defined as: Deferred tax liabilities are the amounts of income taxes payable in future periods in respect of taxable temporary differences. Deferred tax assets are the amounts of the income taxes recoverable in future periods in respect of deductible temporary differences, unused tax losses and credits carried forward. Page 147 s Temporary differences are differences between the carrying amount of an asset or liability in the balance sheet and its tax written down value. All taxable temporary differences give rise to a deferred tax liability and all deductible temporary differences give rise to a deferred tax asset. Deferred tax is the tax attributable to timing differences. A company saving tax in the current period by having accelerated capital allowances should have a provision for the tax charge in the balance sheet. The provision is essential because over the life of the asset the tax allowances will reduce until the depreciation in the accounts is higher than the allowances. This will result in taxable profits being higher than reported profit and the company will suffer higher tax in this period. The provision may be material depending on the company’s future investment plans and therefore the extent to which the tax liability will crystallise. There is a degree of estimation involved in the deferred tax provision. Therefore the auditor should approach his work bearing in mind that this is an area that could be manipulated by the directors. A deferred tax charge appears on the profit and loss account before dividends even if it is not actually paid. The following audit procedures will be relevant: • Obtain the deferred tax workings and the corporation tax computations. • Check the accuracy of the workings on deferred tax. • Agree the source figures for timing differences to tax computations and financials. • Discuss the assumptions made about future events with the directors. • Consider the assumptions made in the light of your knowledge of the business and any other evidence gathered during the course of the audit to ensure reasonableness. • Agree the opening position of deferred tax to prior year financial statements. • Review the basis of the provision to ensure that it is in line with accounting practice is suitably comparable to practice in previous years and any changes in accounting policy have been disclosed. Provisions and contingencies A provision should be accounted for as a liability. Contingencies should be disclosed. The auditor needs to ensure there has been correct classification according to IAS 37: provisions, contingent liabilities and contingent gains. IAS 37 defines a provision as a liability of uncertain timing or amount. A liability is a present obligation of an enterprise arising from past events, the settlement of which is expected to result in an outflow from the enterprise. An obligation is an event that creates a legal or constructive obligation that results in an enterprise having no realistic alternative to settling that obligation. A legal obligation derives from a contract through its explicit or implicit terms, legislation or some other operation of law. Page 148 s A constructive obligation derives from established patterns of past practice or published policies through which a valid expectation is created on the part of another party. A contingent liability is a: • possible obligation that arises from past events and whose existence will be confirmed only by the occurrence or non-occurrence of one or more uncertain future events not wholly within the control of the enterprise or • a present obligation that arises from past events but is not recognised because it is not probable that an outflow of resources will be required to settle the obligation or the amount of the obligation cannot be measured with sufficient reliability. A contingent asset is a possible asset that arises from past events and whose existence will be confirmed only by the occurrence or non-occurrence of one or more uncertain future events not wholly within the control of the entity. Provisions and contingent liabilities: Under IAS 37, an entity should not recognise a contingent asset or a contingent liability. However, if it becomes probable that an outflow of future economic benefits will be required, then a provision should be recognised. A contingent asset should not be accounted for unless its realisation is virtually certain. If an inflow of economic benefits has become probable, the asset should be disclosed. • Where there is a present obligation that probably requires an outflow of resources, then a provision should be recognised and disclosed. • Where there is a possible or present obligation that may, but probably will not, require an outflow of resources then no provision should be recognised but disclosures are required for the contingent liability. • Where there is a possible or present obligation where the likelihood of an outflow of resources is remote, then no provision is recognised and no disclosure is required. A contingent liability also arises in the rare case where there is a liability that cannot be recognised because it cannot be measured reliably. Disclosures are required in this instance. Contingent assets • Where the inflow of economic benefits is virtually certain, the asset is not contingent. • Where the inflow of benefits is probable but not virtually certain, then no asset is recognised but disclosures are required. • Where the inflow is not probable, then no asset nor disclosures are recognised. Examples of contingencies disclosed by companies are guarantees for other group companies, staff pension schemes, completion of contracts, discounted bills of exchange, law-suits or claims pending and options to purchase assets. Obtaining audit evidence of contingencies The auditor should carry out audit procedures in order to become aware of any litigation and claims involving the entity, which may result in a material misstatement of the financial statements. Such procedures would include the following: Page 149 s • Make appropriate inquiries of management including obtaining representations. • Review minutes of management meetings and correspondence with the solicitorsExamine legal expense accounts. • Use any information obtained regarding the entity's business including information obtained from discussions with any in-house legal department. When the auditor assesses a risk of material misstatement regarding litigation or claims that have been identified or when the auditor believes they may exist, the auditor should seek direct communication with the entity's legal counsel. This will help to obtain sufficient appropriate audit evidence as to whether potential material litigation and claims are known and management’s estimates of the financial implications, including costs are reliable. The letter, which should be prepared by management and sent by the auditor, should request the entity's legal counsel to communicate directly with the auditor. When it is considered unlikely that the entity's legal counsel will respond to a general inquiry, the letter would ordinarily specify the following: • A list of litigation and claims • Management's assessment of the outcome of the litigation or claim and its estimate of the financial implications, including costs involved. • A request that the entity's legal counsel confirm the reasonableness of management's assessments and provide the auditor with further information if the list is considered by the entity's legal counsel to be incomplete or incorrect. The auditors must consider all matters up to the date of their audit report so further contact may be necessary with the solicitor. This can only take place with the permission of management and may be required where a disagreement/complex matter arises. If management refuses to give the auditor permission to communicate with the entity's legal counsel, this would be a scope limitation and could lead to a qualified/disclaimer of opinion. Where the entity's legal counsel refuses to respond in an appropriate manner and the auditor is unable to obtain sufficient appropriate audit evidence by applying alternative audit procedures, the auditor should consider whether there is a scope limitation that may lead to a qualified opinion or a disclaimer of opinion Other audit tests that should be carried out on provisions and contingencies are as follows: • Obtain details of all provisions that have been included in the accounts and all contingencies that have been disclosed. • Obtain a detailed analysis of all provisions showing the yearly movements. • Determine for each material provision whether the company has a present obligation as a result of past events by review of correspondence and discussion with directors. • Determine for each material provision whether it is probable that a transfer of benefits will be required to settle the obligation by checking whether any payments have been made in the post balance sheet period in respect of the item and review of correspondence with solicitors, banks, customers insurance company and suppliers. Page 150 s • Recalculate all provisions made and assess their reasonableness. • Compare the amount provided with post year-end payments and with any amount paid in the past for similar items. • In the event that it is not possible to estimate the amount of the provision, check that there is disclosure in the accounts. • Consider the nature of the client’s business; for example would you expect to see any other provisions such as warranties. • Consider the adequacy of disclosure of provisions and contingencies. D. INCOME Revenue recognition is an important issue and measurement is the key audit objective. IAS 18 covers revenue from specific transactions or events: • Sale of goods, • Rendering of services, • Interest, royalties, dividends. Revenue is the gross inflow of economic benefits during the period arising in the course of the ordinary activities of an enterprise when those inflows result in increases in equity other than increases relating to contributions from equity participants. Fair value is the amount for which an asset could be exchanged, or a liability settled, between willing parties in an arm’s length transaction. Accounting treatment of Income Income should be measured at the fair value of consideration received, net of trade discounts/volume rebates. It is the norm to identify income related items usually as a whole, but you may need to break the transaction down into its components parts or put separate transactions together to obtain commercial meaning. Sale of goods An enterprise should only recognise income in relation to the sale of goods when: • Significant risks and rewards of ownership of goods are transferred, • There is no continuing managerial involvement over goods, • Revenue can be measured reliably, • It is probable that economic benefit will flow to an enterprise, • Costs incurred can be measured reliably. Rendering of services An enterprise should recognise revenue of services depending on the stage of the completion of the transactions. The outcome can only be reliably estimated when: • Revenue can be measured reliably, • Probable economic benefits will flow to enterprise, • Stage of completion at balance sheet date can be measured reliably, • Costs incurred can be measured reliably. Reliable estimates will only be possible when each party’s enforceable rights and the terms of settlement have been agreed. Page 151 s Interest, royalties and dividends Interest is the charge for the use of cash/cash equivalents or amounts due to the enterprise. Royalties are charges for the use of long-term assets of the enterprise such as patents, computer software and trademarks. Dividends are distributions of profits to holders of equity investments, in proportion with their holdings, of each relevant class of capital. Revenue should be recognised when it is probable that economic benefits will flow to enterprise and the revenue can be measured reliably. Interest should be recognised on a time proportion basis, Royalties on an accruals basis or per agreement and Dividends when shareholders gain right to receive payment. Disclosure There should be disclosure of the accounting policy, the amount of each significant category of income and any contingent gains or losses. Revenue is normally audited by analytical review. This is because revenue is predictable and there are good sources on which to base analytical review such as last year’s accounts and the existence of logical relationships with items such as inventory and receivables. Revenue recognition can be influenced by whether you are acting as a principal or as an agent. In the latter, you will only recognise the commission. Government grants and assistance (IAS 20) These payments can take the form of grants relating to assets or income. Government assistance is action by government designed to provide an economic benefit specific to an enterprise or range of enterprises qualifying under certain criteria. They can be in the form of resources in return for past or future compliance with certain conditions relating to the operating activities of an enterprise. Grants related to assets are those whose primary condition is that an enterprise qualifying for them should purchase, construct or otherwise acquire long-term assets. Conditions may also be attached restricting the type, location, or periods acquired or held. Grants related to income are grants other than those related to assets. Forgivable loans are where repayment is waived under certain prescribed conditions. Accounting treatments: • Recognise grants/forgivable loans once conditions are complied with and receipt/waver is assured. • Recognise grants as income to match them with related costs. • Use a systematic basis of matching over the relevant period. • Recognise grants for depreciable assets as income on same basis as asset is depreciated. • Where related costs are incurred the grant may be recognised as income immediately. • A grant in the form of a non-monetary asset may be valued at fair value. Page 152 s • Grants related to assets may be presented in the balance sheet either as a separate credit or deducted in arriving at the carrying value of the asset. • Grants related to income may be presented in the income statement either as a separate credit or deducted from the related expenses. Disclosure: There should be disclosure of the accounting policy, the nature and extent of government grants and other forms of assistance received. The auditor should carry out some of the following procedures: • Obtain grant documentation and ensure correct classification as either revenue or capital. • The value may be agreed to documentation such as a grant letter. • The receipt of the grant can be agreed to bank statements. • The auditor should consider whether the basis of accounting is comparable to the previous year, discuss the basis of accounting with the directors to ensure that the method used is the best method. • Ensure that any changes in accounting methods are disclosed. E. EXPENSES Borrowing costs may sometimes be capitalised as part of an asset. IAS 23 deals with the treatment of borrowing costs. It is often associated with the construction of or self constructed assets but can also be applied to an asset purchased that takes time to get ready for use and/or sale. Borrowing costs are interest and other costs incurred by an enterprise in connection with the borrowing of funds. A Qualifying asset is an asset that may take a substantial period of time to get ready for its intended use or sale. Accounting treatments: • Recognise borrowing costs as an expense in the period incurred or • Capitalise as part of the cost of an asset if they are directly attributable to acquisition/construction/production. Other borrowing costs must be expensed. • The amount of borrowing costs available for capitalisation are actual borrowing costs incurred less any investment income from temporary investment of those borrowings. • Capitalisation is suspended if active development is halted for extended periods. Temporary delays do not cause suspension. • Capitalisation ceases when physical construction of the asset is completed. Capitalisation should cease when each stage or part is completed. • Where the carrying amount of the asset falls below cost, it must be written down/off. Disclosure There should be disclosure of the accounting policy, the amount of borrowing costs capitalised during the period and the capitalisation rate used to determine borrowing. Page 153 s Audit procedures The interest can be audited by analytical review as it has a predictable relationship with loans such as bank loans or debentures. Alternatively, it can be verified to payment records, bank statements and loan agreement documentation. Where borrowing costs are capitalised the auditor should: • Agree interest payments made to statements from lenders and /or bank statements. • Ensure interest is directly attributable to construction. F. DISCLOSURES The auditor must ensure disclosures in the financial statements are fairly stated. Segment reporting IAS 14 defines a business segment as a distinguishable component of an enterprise that is engaged in providing an individual product or service or a group of related products or services and that is subject to risks and returns that are different from those of other business segments. Factors to be considered in determining whether products and services are related include: • The nature of the products or services or the production processes, • The type or class of customer for the products or services, • The methods used to distribute the products or provide the services, • The nature of the regulatory environment such as banking, insurance or public entities. Factors that should be considered in identifying a geographical segment include: • Similarity of economic and political conditions, • Relationships between operations in different geographical areas, • Proximity of operations, • Special risks associated with operations in a particular area, • Exchange controls regulations, • Currency risks. The following audit procedures are relevant: • Obtain a schedule of turnover workings, • Discuss with management the basis for the segmentation, • Verify a sample of items to source documentation to ensure disclosure is correct. Earnings per share Accounting for earnings per share is governed by IAS 33. It requires that companies of a certain size disclose their earnings per share for the year. This is the profit in Rwandan Franc attributable to each share. Page 154 s While the size of the figure is unlikely to be a material amount, it is a key investor figure and as a result will be material by its nature. The auditor must consider two issues: • Whether EPS has been disclosed on a comparable basis to the prior year and have any changes in accounting policy been disclosed and • Whether it has been correctly calculated. The audit procedures are as follows: • Obtain a copy of the client’s workings. If a simple calculation has been used this can be checked by doing a calculation on face of the profit and loss. • Compare the calculation with prior years to ensure that the basis is comparable. • Discuss the basis with the directors. If it has changed, assess whether it is the best basis for the accounts this year and that changes have been adequately disclosed Discontinued operations IFRS 5 requires that certain disclosures be made for discontinued operations on the face of the income statement or in the notes. This is likely to be material due to size and a possible shift in management policy or a major change in focus of operations. This information is of interest to shareholders. The auditor must be aware of the implications of IFRS 5 for the financial statement at all stages of the audit whether planning stage, during substantive testing or at the review stage, particularly in terms of the going concern assumption. To audit whether the disclosures have been made correctly, the auditor should: • Discuss the disclosure with management to ensure that IFRS have been correctly applied, • Review minutes and correspondence to ascertain details of discontinued operations, • Obtain a copy of the client’s workings to disclose the discontinued operations, • Review the workings to ensure figures are reasonable and agree to the financials, • Trace sample of items disclosed as discontinued items back to source documentation. Cash flow statements Cash flows are accounted for under the provisions of IAS 7. The cash flow statement is essentially a reconciliation exercise between items on the profit and loss account and the balance sheet. The cash flow statement is usually audited by the auditor reproducing it from the audited figures in the financial statements. This is facilitated by the use of computer systems. The cash flow statement may indicate going concern problems due to liquidity failings overtrading and over-gearing. As the statement is an historical document it is therefore unlikely to be the first indicator of such going concern issues. Page 155 s Question 10.1 The following is the draft balance sheet of EGN Ltd for the year ended 31 Jan 2010. 2010 RWF Non-current assets Development expenditure Property plant and equipment Investments Current assets Inventory Receivables Cash at bank and in hand Capital and reserves Share capital Share premium account Revaluation reserve Accumulated profit 70,000 100,000 80,000 250,000 75,000 105,000 180,000 55,000 190,000 5,000 250,000 500,000 60,000 150,000 90,000 300,000 480,000 80,000 12,000 20,000 38,000 150,000 80,000 12,000 10,000 78,000 180,000 Non-current liabilities Provision for liabilities and 60,000 charges Deferred tax 4,000 Current liabilities 2009 RWF 286,000 500,000 47,000 3,000 250,000 480,000 EGN Ltd produces garden furniture and has incurred expenditure during the year on the development of mouldings for a new range of plastic garden furniture. The directors wish to carry forward on the balance sheet the development expenditure indefinitely as they feel the company will benefit from the new mouldings for many years to come. The mouldings are being developed because the current range of garden furniture is no longer competitive. The company sold much of its non-current assets during the year and purchased new plant and equipment which will enable it to increase its productivity. The directors decided not to seek external finance for their development project. Instead, it was decided to generate the resources internally by taking extended credit from its suppliers and utilising its funds held at the bank. The company also sold some of its investments, including some shares of public limited companies. One of the reasons for financing the development expenditure internally was that the company already has an outstanding loan of RWF45k which has been included in the current liabilities. This loan is secured on the non-current assets of the company and is repayable over ten years. The sale of non-current assets and investments did not yield as much as was Page 156 s hoped for and a loss on sale of RWF1.2k has been included in the profit and loss as part of the amount shown for “other expenses”. A gain on the revaluation of non-current assets has been credited to the revaluation reserve after a professional valuer revalued the non-current assets. The directors increased the proposed dividend as they felt that the shareholders should share in the gain on the revaluation. The directors control over 90% of the shares. You are required to: 1. Detail the audit tests the auditor would carry out to verify the value attributed to development expenditure in the balance sheet. 2. List the audit procedures which should be carried out to verify the gain arising on the revaluation of non-current assets. 3. Explain why development expenditure should not be carried forward indefinitely in the balance sheet, and describe the circumstances in which costs can be deferred. 4. Describe the implications for the company and the auditors of the decision to generate internally the funds required for the development of the new mouldings. Question 10.2 ACE manufactures football kits. It has contracts with a number of premiership teams and it also produces unbranded football kit which it sells to a number of wholesalers. The profit before tax for the year ended 30 June 2010 is RWF1.5m (RWF4.0m 2009). You are the audit manager and today you have visited the client’s premises to review the work of the audit team. The audit senior has drafted the following points for your attention. ACE is seeking to enter the market in women’s leisure clothes and so during the year it purchased 35% of the share capital of Ladies LTD at a cost of RWF800k. During the year a major competitor emerged in the branded football kit market. Two of the contracts with premiership clubs which came up during the year have not been renewed. A number of key personnel within the company have also been headhunted by this competitor. Legislation was passed in Dec 2009 to adjust the seats at which operators sit. It required the seats to be adjusted by April 2010. The company has not yet carried out any of this work. Also in April 2010, the government increased the national minimum wage. It should be noted 5% of the company’s employees receive less than the minimum wage. As the audit manager comment on the matters you would consider and state the evidence you would like to see during your review of the working papers and the financial statements. Page 157 s BLANK Page 158 s Study Unit 11 Audit Related and Assurance Services Contents A. B. C. D. E. F. G. H. I. Audit Related Services Assurance Engagements Risk Assessments Performance Management Systems Reliability Electronic Commerce Forensic Audits Whistleblowing Sample Questions Page 159 s AUDIT RELATED AND ASSURANCE SERVICES A. AUDIT RELATED SERVICES Reviews The objective of a review is to enable an auditor to state whether (on the basis of procedures which do not provide all the evidence that would be required in an audit), anything has come to his attention that causes him to believe that the financial statements are not prepared, in all material respects, in accordance with an identified financial reporting framework. Two types of review assignments: • An attestation engagement where a given assertion is either correct or not e.g. a review of interim financial information. In such an engagement, the auditor is being asked to attest assertions made such as whether the accounting policies used are consistent with those used in prior years or whether there are material modifications necessary to the interim financial information. • A direct reporting engagement where an accountant reports on issues that have come to his attention during the course of his review e.g. due diligence engagement. This is a review of the accounts and systems of a target company in the event of a prospective business purchase. In a review engagement, the auditor relies more heavily on procedures such as enquiry and analytical review than on detailed substantive testing. • Lower level of assurance than for an audit so these tests are sufficient due to lower risk. • Such techniques provide indicators to direct work to risk areas and from which to draw conclusions and they are quick and therefore cost effective. Many of the requirements for reviews are similar to the requirements of an audit because a review is similar to an audit; such as the need to plan, obtain knowledge of the business, materiality requirements, using the work of others, document important matters, apply judgments and extend procedures if material misstatements are suspected. Negative assurance is given on review assignments. The auditor assesses the conclusions drawn from the evidence obtained as the basis for the expression. In effect, the auditor is saying that something is reasonable because there is no reason to believe otherwise. When no matters have come to the attention of the auditor, he should give a clear expression of negative assurance in his reports. If matters have come to his attention, he should describe those matters. They may be material. In this case the auditor should express a qualified opinion of negative assurance. If the matter is pervasive, he should express an adverse opinion that the financial statements do not give a true and fair view. Page 160 s If the auditor feels there is a limitation in the scope of the work he intended to carry out for the review, he should describe the limitation in his report. If it is material to one area, the auditor should express a qualified opinion of negative assurance due to amendments which might be required if the limitation did not exist. If it is pervasive, the auditor should not provide any assurance at all. Agreed upon procedures An agreed upon procedures engagement is where an auditor is engaged to carry out procedures of an audit nature and to report on factual findings. The procedures are agreed between the auditor and the entity and any appropriate third parties. The readers of the report must form their own conclusions, but it is restricted to those parties that have agreed to the procedures to be performed. Other readers unaware of the agreed procedures may draw incorrect conclusions from the results. Accepting appointment The auditor should ensure that those who will receive copies of the report of factual findings have a clear understanding of the agreed procedures and the conditions of the engagement. Carrying out procedure As in the case of reviews, the auditor should plan the assignment and should carry out the agreed procedures. He should document the process and all findings. Reporting The report of factual findings should contain: • Title and address, ordinarily the client who engaged the auditor, • Identification of specific information to which the agreed procedures have been applied, • A statement that procedures performed were those agreed upon with the recipient, • A statement that the engagement was performed in accordance with the international standards on auditing applicable to agreed procedures engagements, or with relevant national standards or practices, • Where relevant, a statement that the auditor is not independent of the entity, • Identification of the purpose for which the agreed upon procedures were performed, • A listing of the specific procedures performed, • A description of the factual findings including sufficient detail of errors and exceptions, • A Statement that the procedures performed do not constitute either an audit or a review and as such no assurance is expressed, • A statement that if the auditor performed additional procedures like an audit or a review other matters might have come to light that would have been reported, • A statement that the report is restricted to those parties that have agreed to the procedures to be performed, • Date of the report, auditors address and auditors signature. Compilations In a compilation engagement the accountant is engaged to use his accounting expertise rather than his auditing skill such as preparing accounts and tax returns. Page 161 s The contents of such a report are similar to those points listed above. B. ASSURANCE ENGAGEMENTS Elements of an assurance engagement An assurance engagement is one where an accountant evaluates a subject matter that is the responsibility of another party against suitable criteria and expresses an opinion that provides the intended user with a level of assurance about the subject matter. Assurance given Assurance engagements may give reasonable assurance or limited assurance. Accepting and continuing appointment Assurance engagements should only be accepted if the firm meets the requirements of the code of ethics and ISQC1. The standard requires that accountants ensure that they comply with the code of ethics and the quality control standard with regard to the assignment. Agreeing terms The accountant should agree on the terms of the engagement with the engaging party and should have this confirmed in writing. Planning and performing the engagement The accountant should plan the engagement so that it will be performed effectively. This involves developing an overall strategy and a detailed engagement plan. Matters to be considered will include the terms of the engagement, the characteristics of the subject matter and identified criteria, the engagement process and possible sources of evidence, understanding of the entity and its environment, risk of material misstatements, identification of intended users and their need, materiality, components of assurance engagement risk and personnel requirements including the potential use of experts. Materiality and engagement risk The accountant should consider materiality and assurance engagement risk when planning and performing an assurance engagement. He should reduce assurance engagement risk to an acceptably low level in the circumstances of the engagement such as the level of assurance that is anticipated that is reasonable assurance or limited assurance. Evidence The accountant should obtain sufficient appropriate evidence, including written management representations, on which to base the conclusion. Reporting The accountant should conclude whether sufficient appropriate evidence has been obtained to support the conclusion expressed in the assurance report. This report should be in writing and should have a clear expression of the accountant’s conclusion about the subject matter. Page 162 s For a reasonable assurance engagement, an accountant should give a positive expression of this conclusion. This does not mean that the report should not be modified, it means the accountant should be able to draw a conclusion on the basis of the evidence gained. This is in contrast to a negative opinion, given in a limited assurance engagement, where an auditor gives an opinion as no evidence has been received to the contrary. C. RISK ASSESSMENTS Risk assessment is important to investors and managers and therefore is an important area for assurance services. Business risks incorporate financial risk, operational risk and compliance risk. Need for assurance The risk that the company enters into has a direct impact on the risk of the investment that anyone purchasing shares in a company or lending money to a company is making. Interested stakeholders need assurance that the risk taken by the company is acceptable to them and that the returns that they receive are in accordance with that level of risk. This has led to corporate governance and internal control effectiveness issues. Other stakeholders, such as creditors and employees, will also be interested in the effectiveness of risk management in a company as the ultimate risk is that a business might fail and their livelihoods could be at risk. Possible assurance criteria The criteria by which risk assessment is evaluated will depend on the specific needs of the company and the user. There are no recognised criteria suitable for evaluation of the effectiveness of an entity’s risk evaluation. Assurance is likely to be limited to whether evaluation is carried out rather than the quality of that evaluation. Responsibility for risk assessment Directors/management, internal audit and external audit are involved in risk assessment. It is vital to distinguish between the risk assessment carried out by the auditors and the directors. The directors are responsible for assessing and then managing the risks arising to the business, whereas the auditors assess audit risks. Audit risk is the risk that the auditors make an inappropriate opinion on financial statements. The auditors will consider business risk as part of their audit risk assessment. They are not responsible for risk management. Assessing risk Methods can include SWOT analysis. In practice, risk identification is likely to be done in all departments of a business. The directors need to determine guidelines for assessing risk in terms of significance, likelihood of occurrence and capacity to be managed. Responses to risk There are several responses that management can take; • Accept risk, especially if it is low likelihood, low impact. • Reduce risk by setting up a system of internal control to prevent the risk arising. • Avoid risk by not entering a market or not accepting certain contracts. • Transfer risk by taking our appropriate insurance. Page 163 s If management choose to accept risk, they must set risk thresholds i.e. determine the level of risk where they will stop accepting risk and choose one of the other strategies. These thresholds are important because if the directors or management are reckless with regard to risk they may be breaching their fiduciary duties. D. Performance measurement Companies can gain assurance from performance measurement. It includes a series of measures within the company designed to ensure that employees are accountable to management for their performance. There are benefits to performance measurement: • It clarifies the objectives of the entity • It develops agreed measures of activity • It gives greater understanding of processes • It facilitates the comparison of performances in different organisations • It facilitates the setting of targets for the organisation and its managers • It promotes the accountability of the organisation to its shareholders. Traditional The traditional performance measures can be analysed over financial and operational areas: Financial The key financial ratios used to measure performance cover profitability, liquidity, gearing and investment. While relevant to shareholders, they are measures which investors would expect companies to calculate as a matter of course and also calculate them correctly. Financial performance could be assessed in further detail for example, by analysis of sales by product, region, division and assessing timeliness of information, comparisons between the performance of the company and its competitors or its budget. Operational Indicators of operational performance will vary with different businesses. Measures could include data such as sales per sales person and number of new products launched each year. Value for money audits Value for money audits have the following key characteristics: • Economy • Efficiency • Effectiveness The assessment of economy, efficiency and effectiveness should be part of the normal process of any organisation, whether public or private. Management should carry out performance reviews as a regular feature of their control responsibilities. The objectives of a particular programme or activity need to be specified and understood in order for a proper assessment of whether value for money has been achieved. Page 164 s In a profit seeking organisation, objectives can be expressed financially in terms of target profit or return. In non-profit seeking organisation, effectiveness cannot be measured this way as the organisation has non-financial objectives. The effectiveness of performance needs to be measured in terms of whether targeted non-financial objectives have been achieved. Public sector organisations are under considerable pressure to prove that they operate economically, efficiently and effectively and are encouraged to draw up action plans to achieve value for money as part of the continuing process of good management. Value for money is important whatever level of expenditure is being considered. Economy is concerned with the cost of inputs and it is achieved by obtaining those inputs at the lowest acceptable cost. It does not mean straightforward cost-cutting because resources must be acquired which are of a suitable quality to provide services to the desired standard. Cost cutting should not sacrifice quality to the extent that service standards fall to an unacceptable level. Economising by buying poor quality materials, labour or equipment is a false economy and doesn’t lend itself to value for money. Efficiency means maximising the output for a given input such as maximising the number of transactions handled per employee. It also can mean achieving the minimum input for a given output. For example, a department required to pay unemployment benefit will achieve efficiency by making these payments with the minimum labour and computer time. Effectiveness means ensuring that outputs of a service have the desired impacts. Economy, efficiency and effectiveness can be measured with reference to inputs, money and resources (labour, materials, time) and their cost. The key stakeholders, shareholders, are likely to be interested in financial information as they need to know the return they get from their investment. They would be interested in industry averages and percentages of historic performance. Shareholders would also be interested in operational ratios. However, customers would be very interested in such operational information as they demand a quality service. They would be interested in comparisons with competitors and industry averages. Company shareholders might be interested in value for money data whereas, in a non-profit targeted company value for money will be extremely important for interested parties such as trustees and donors. E. SYSTEMS RELIABILITY The reliability of systems of internal control is important for both financial statements and in general business operations. The requirement for assurance services in this regard is driven by a requirement for reliable information for presentation and decision making purposes. Page 165 s A fundamental stage of the traditional audit is the assessment of financial systems to ensure that they are capable of producing quality financial statements. Therefore anyone interested in information from a business will have an implied interest in assurance on all business systems and that this is an area which businesses are keen to engage accountants. Business systems fall into two categories mainly manual and computerised. In the modern era computerised systems are increasingly important. Internal control systems There is a clear distinction between assurance on the design of internal control systems, and assurance on the operation of the internal control system in accordance with the design. The process of internal control would include: • Identify business objectives, • Assess risks that will threaten those objectives, • Design internal controls to manage those risks, • Operate the internal controls in accordance with the design, • Providing assurance on the operation of the system. The report arising from such an assignment need not be extensive but it is likely to be narrative as the accountant would probably include issues such as: • Isolated control failures, • Observation about the abilities of staff involved in operating the system of control, • Potential weaknesses observed which were not contemplated within the design or relating to the operation of controls. In providing assurance on the design and operation of the system, the accountant should consider the design of the system in addressing a set of identified risks and the operation of the system. Such an engagement will involve significant discussion with management to establish the desired balance between prevention and detection controls, the balance between costs and benefits and the importance of specific control objectives. The level of assurance given by the accountant will depend on several factors including the nature of the entity, the knowledge of the business, and the scope of the engagement. Providing assurance on the applicable risks and the design and operation of a system would involve a high degree of judgement as there are no recognised criteria suitable for evaluating the effectiveness of an entity’s risk evaluation. This means that accountants are unlikely to be able to provide a high level of assurance. Any assessment will need to consider: • The completeness of the applicable identified risks, • The probability of a risk crystallising, • The materiality of the likely impact of the risk, • The time period over which crystallisation may occur. Page 166 s In their report the accountants should outline the business objectives of the entity, a description of the risk identification process and the applicable risks. Inherent limitations Internal control systems have inherent limitations such as the risk of staff collusion in fraud to override the system. Any assurance report on internal controls should include a mention of these limitations in order to reduce the risk of an expectations gap. Reports It is difficult to issue a standard report for assurance services that are dependent on the scope and nature of the individual assignment. Computer systems A vast number of businesses use computer systems to run their business and produce financial information. This means that controls that directors are required to put into place to safeguard the assets of a company are now generally incorporated into computer systems. A balance must be struck between the degree of control and the requirement for a user friendly system. Controls can be classified into: • Security controls • Integrity controls and • Contingency controls Integrity controls are subdivided into Data integrity and Security integrity. With data integrity the data is the same in the computer system as it is in source documents and has not been accidentally or intentionally altered, destroyed or disclosed. Systems integrity refers to systems operations conforming to the design specification despite deliberate or accidental attempts to cause it to do otherwise. Auditors focus on the general and application controls of the systems which relate to security and policies for data input when carrying out control assessment, whereas it is important to stakeholders in the company that the system used operates reliably and that risks are mitigated against. Key risks include the system being put at risk by a virus or some other fault which spreads across the system and the system being invaded by an unauthorised user who could affect the smooth operation of the system or obtain commercially sensitive information. The client should have contingency plans in the event of a system difficulty. Need for assurance It is important to know that the original system is as reliable as could be expected and whether it is the best system that the company could be using at the given cost. The company might seek such assurance from its service provider. However, the service provider may not be objective as they have a vested interest. They are paid to provide a solid system, they will hardly find fault with it. Page 167 s This means that the directors might seek an assurance from its auditors to undertake work to ascertain if the assertions of the service provider are accurate. In considering taking on such an assurance engagement, one should ensure that sufficient skills are available to undertake such procedures. Systems audit. Internal control effectiveness is generally assessed by undertaking a systems audit. An auditor could accept such an assurance engagement outside the audit and to report specifically on findings. The key areas to concentrate on to establish the reliability of systems are management policy, segregation of duties and security. Management policy • Is there a written policy for computer systems, • Is it compatible with policies in other areas, • Is it adhered to, • Is it sufficient and effective, • Is it updated when the systems are updated, • Does it relate to the current systems? Segregation of duties • Is there adequate segregation of duties for data input, • Are there adequate system controls e.g. passwords to enforce segregation? Security • Is there a physical security policy in place such as a locked room and password access, • Is there data security software such as virus shields? Reporting Management should receive information on the effectiveness of their controls systems and systems reliability. The operations are likely to rely heavily if not completely on computer systems and if problems arise, operations could be severely affected. Such problems could include no production, no invoicing or duplicate or omitted invoicing. Other stakeholders, customers and suppliers will be interested in the reliability of the company systems as they would not want to deal with ineffective operations. F. ELECTRONIC COMMERCE Engaging in e-commerce A business can engage in e-commerce to a greater or a lesser degree. The greater the involvement in e-commerce the more risk there is. • Information provision, • Transactions with existing customers, • Access to new customers, Page 168 s • New business model. Business risks • • • • • • Risk of non-compliance with law, Contractual issues, Risk of technology failure and business interruption, Determining accounting policies especially revenue may pose problems, Impact of technology on the going concern assumption, Security risks. Internal controls issues Controls over transactions integrity are important as the system will automatically process transactions that it has captured. It is vital that transactions are processed completely in the accounting system. The controls over the design and operation of the computer systems will be important. Security There is a more substantial risk of fraud being perpetrated against the company if transactions are carried out via a website rather than in person. Security is also relevant to the customer who is inputting sensitive personal data into the computer system. G. FORENSIC AUDITING “Forensic Auditing” in general terms is used to describe the wide range of investigative work which accountants in practice could be asked to perform. The work would normally involve an investigation into the financial affairs of an entity and is often associated with investigations into alleged fraudulent activity, including potentially acting as an expert witness if the fraud comes to trial. It is important to be aware that forensic accountants could be asked to look into non-fraud situations, such as the settling of monetary disputes in relation to a business closure or matrimonial disputes under insurance claims. The investigation is likely to be similar in many ways to an audit of financial information in that it will include:• A Planning Stage, • Gathering of Evidence, • Review Process, • Report to the Client, Audit evidence is gathered to prove:• How long the fraud had been carried out, • How it was conducted and concealed by the perpetrators, • The suspect’s motive, • Whether the fraud involved collusion between several suspects, • Any physical evidence at the scene of the crime or contained in documents, • Attempts to destroy evidence. Page 169 s H. WHISTLEBLOWING Definition: “An individual in an organization who makes disclosures in the public interest about dangerous or illegal activities, in order that the misconduct or perceived misconduct can be addressed, is a whistleblower”. Whistleblowing can either occur internally within the employing organization or externally, and should not be used as a method of resolving a personal complaint or grievance. Whistleblowing arrangements within an organization should act as a deterrent to:• Malpractice, • Encourage Openness, • Promote transparency, • Help protect the reputation of the company and senior management. Factors to consider about possible misconduct include:• Is the concern genuine or might there be an innocent explanation? • Who is affected? • Does the organization have a whistleblowing policy? • Is there legal protection for whistleblowing? Whistleblowing procedures are important in organisations as it informs those who need to know about dangerous or illegal activities that affect others and gives them an opportunity to address the issue. Setting up formal whistleblowing procedures within an organization strengthens corporate governance and ethics. Question 11.1 You are the partner in a firm where a major audit client is seeking finance from its bank to fund the development of a new factory. Market research conducted shows that the extra 30% production capacity will be sufficient to meet the increased demand for the company’s product. The financial director has contacted you to inform you that the bank is keen to obtain a reference from you. The bank is anxious to gain assurance on the company’s ability to repay the loan and whether their business plan is reasonable. The financial director said the bank just need the paperwork for their files and assures you that the bank knows that the company can repay and that they are one of the better clients. Your audit team is about to commence the audit for the year ended March 2010. Comment on the matters you would consider in relation to giving such a reference to the bank. Question 11.2 The finance director of one of your clients telephoned. He recently attended one of your firm’s training seminars on the importance of corporate governance. He has told the other directors in the company the issues discussed at the seminar and they now feel it might be a good idea to engage the firm to undertake an assurance engagement to assess the risk management and internal control systems of the company. Comment on the matters you would consider in relation to accepting and planning such an engagement. Page 170 s Study Unit 12 Internal Audit and Outsourcing Contents A. B. C. D. Internal Audit Outsourcing Impact of Outsourcing on an Audit Sample Questions Page 171 s INTERNAL AUDIT AND OUTSOURCING All businesses, where appropriate, should consider setting up an internal audit function. Internal audit plays a key role in good corporate governance. There are costs associated with setting up internal audit so having your own internal audit dept. may not be cost beneficial. One solution to this is outsourcing. A. INTERNAL AUDIT Internal audit provides objective assurance on risk management particularly control risk. An internal auditor is an employee of or engaged by the company. Therefore, under company law in certain jurisdictions, the internal auditor is precluded from acting as the external auditor of a company. External auditors are required by law to belong to a recognised body, which guarantees their appropriate qualification, adherence to technical standards and overall competence. The internal auditor on the other hand requires no formal training. Unlike the external auditors, who are appointed at the Annual Meeting by the shareholders of a company, the internal auditor is hired by the management of the company. In turn this means he can be dismissed by the directors or other senior managers, subject only to normal employment rights. The primary objective of the external auditor is laid down by the companies’ acts in the relevant jurisdiction, whereas the internal auditor’s objectives are dictated by the management of the company. As a result, management can place limitations on the scope of the internal auditor’s work. While some of his work may be similar to that of the external auditor, more of it could relate to areas such as value for money. Use by an external auditor of internal audit Before an external auditor uses the work of an internal auditor he should consider: • The technical training and proficiency of the internal auditor • The quality control procedures over the review and supervision of internal audit staff members and appropriate planning and direction • Whether the internal auditor has gathered sufficient appropriate evidence • The conclusions reached by the internal auditor based on evidence gathered • Whether exceptions noted are properly resolved by the internal auditor The role of internal audit in corporate governance The traditional role of internal audit was to review controls. For example, “The Turnbull Report” which was drawn up by the London Stock Exchange for listed companies required that all risk needed to be managed and this gave internal audit an extended role. Now internal audit monitors the integrated risk management within a company and reports to the Board. Key Turnbull guidelines: • Need for a formal review of the effectiveness of internal control • Regular review of internal control reports Page 172 s • • • • • Consider key risks and how they should be managed Follow up on the adequacy of remedial action taken Assess the monitoring systems Conduct an annual assessment of risks and internal control Make formal report in company annual report. Risk management The responsibility to manage risk in a company rests with the management. They must identify, control and monitor this risk. The internal auditor is ideally placed to monitor this risk. He can on a continual process: • Advise on the optimum design of systems and monitor their operation, • Advise on improvements required to existing systems, • Provide assurance on systems set up for various departments. Types of internal audits Internal audit can be described as an independent appraisal function established within an entity for the examination and evaluation of an entities own activities. In many ways it is an example of an assurance engagement, in that the internal auditor evaluates and measures specific aspects against set criteria. On the other hand, it can be also compared to an agreed procedures engagement as the work of the internal auditor is often set by management. Compliance audits determine whether employees operate in accordance with the company’s policies or within relevant laws and regulations. The internal auditor will have a good knowledge of the company’s policies. This type of audit falls within the definition of an assurance engagement. Operational audits look at the processes of the business and check compliance with controls and also their effectiveness as part of the overall risk management strategy. The scope of the work is more extensive than that of a compliance audit, although you could undertake a compliance audit as part of an operational audit. The internal auditor will draw his own conclusions from the work he does and as such this type of audit falls under the category of an agreed upon procedures engagement. Multi site operations Some organisations such as retail giants have operations in multiple locations. The objective of an internal audit on any of the sites would be the same but as results will vary from site to site a different audit approach may be necessary. Possible approaches include: • Compliance based audit approach The locations are checked for compliance with the set procedures and the results are compared across the locations. You can visit all the locations within a given timeframe (cyclical approach) or select locations based on the risk attaching to them (risk approach). Page 173 s • Process based audit approach Specific key business processes are selected and audited. For example in the case of retail giants, the auditor may look at the cash handling process. Again, the auditor could either audit all the processes within a given time frame or examine those business processes which have a higher risk attaching to them. Practical considerations for the internal auditor These include which sites to visit and how often. Should they be a surprise visit or a routine one or should there be a mix. When deciding on a site to visit, the internal auditor should consider: • The size of the operation, • Systems compliance past history, • Experience of staff at the site, • Test results past history, • Management interest in specific sites. Evaluation of risk • Probability of undetected material error or fraud occurring This is influenced by the assessment of the system of internal control (organisation, segregation, physical controls, authorisation & approval, arithmetic & accounting, personnel, supervision and management), experience derived from previous audits and the existence of high risk processes such as cash handling. • Potential size of error or fraud. This will be influenced by the relative size of each location in such terms as revenue, transactions, stock levels and internally generated statistics showing stock losses. B. OUTSOURCING This is the contracting out of certain functions within an organisation, the extensiveness of which will vary from organisation to organisation. Why do companies outsource: Financial efficiency Outsourcing can reduce costs. In addition, by considering outsourcing, you should assess the process and quantify the cost of your in-house operations. This can lead to better efficiency through budgeting and cost control over a function or may help to reduce the number of employees while still maintaining a quality service. Also, outsourcing can have an effect on the financial statements. For example, by outsourcing the IT function, high capital costs may be averted thus affecting the face of the balance sheet. Change management Change can have a huge impact on staff. Outsourcing helps to reduce the risk of disruption to work flows. Examples include outsourcing software provision where staff training is included in the service, and outsourcing the finance function during mergers where different accounting systems exist. Page 174 s Strategy Outsourcing can help an organisation focus on its core competency. It can also be that boost to a new technical change or a low risk approach to a new business venture. For example, outsourcing website development and maintenance when entering into an e-commerce venture. What can you outsource Companies only tend to outsource those functions which are not key competencies and the extent to how far you want to outsource will affect what you can actually outsource. Some functions which may not be considered core competencies include accounting, human resources, facilities management, asset management, IT and cleaning. Within the accounting function you could break this down to payroll, invoicing, credit control and management/financial accounts. Within human resources, it can be subdivided into welfare, health & safety and recruitment. IT can be split between maintenance, project management and the network management. The extent to how far you will outsource will depend on the risk involved and the control which you want to maintain. There are less risk and control issues in outsourcing cleaning that the entire accounting functions, unless you run a hospital!! Advantages and disadvantages of outsourcing Advantages • Cost savings and better cost control, • Availability of specialist services which may not exist in-house, • Indemnity in the event of problems, • Cash flow timing in that services are generally a flat fee. Disadvantages • Loss of control over the function, • Initial cost may be substantial especially in the case of closing a dept., • Potential employee problems where there may be redundancies, • Contracts need to be managed , • Problems with contract may lead to costs outweighing the benefits. Outsourcing Internal audit You might outsource internal audit as it is rarely seen as a core competency. In addition, there are problems in setting up an internal audit function: • Cost of recruiting staff with sufficient skill and qualification, • Managing a specialist group without the appropriate quality of management, • Time frame between set up and effective results can be wide, • Organisation may not warrant a complete division or persons with skills varieties. Advantages • No need to recruit, service provider will have appropriate staff with specialist skill. • Internal audit function up and running immediately. Page 175 s • Flexible with regard to duration of specific projects or team size. Disadvantages • Using the same firm as that of the external auditor may cause problems. • The cost may be high and could result in no internal audit function at all. Outsourcing finance functions Advantages • Specialist skills and expertise in the pensions, IT, due diligence and taxation areas. • Quality service with redress to legal compensation. • IT can keep pace with on-going technological advances. • Can provide a safety net for the IT function in the event of a disaster. Disadvantages • Logistical difficulties for data processing of large volumes • Loss of control of key accounting documentation and records although responsibility remains with management • Sharing of sensitive personal data such as pensions and payroll. C. IMPACT OF OUTSOURCING ON AN AUDIT The impact of outsourcing is dealt with in ISA 402, audit considerations relating to entities using service organisations. Some outsourced activities are directly relevant to an audit such as the keeping of accounting records. Therefore, the auditor should consider his approach to work that is done by the service organisation. When a service organisation executes a company’s transactions and maintains accountability, the company may need to rely on policies and procedures at the service organisation unlike a situation where a service organisation is limited to recording and processing transactions and the company retains authorisation and accountability. In obtaining an understanding of an entity and its environment the auditor should determine the significance of a service organisation’s activities to the client company and its relevance to the audit. The auditor needs to consider: • The nature of the services provided, • The terms of contract and relationship between the client and the service organisation, • Client’s controls applied to the transactions processed by the service organisation, • Client’s controls over identifying and managing risk relating to the service organisation, • The service organisation’s financial stability and the possible effect of failure of the service organisation on the client company, • Third party reports from service organisations auditors, internal auditors or regulatory agencies providing information about accounting and internal control systems of the service organisation and its operations and effectiveness. Page 176 s If the auditor concludes that the activities of the service organisation are significant to the entity and relevant to the audit, the auditor should obtain a sufficient understanding of the entity and its environment to identify and assess the risk of material misstatements and design further audit procedures in response to the assessed risk. Service organisation auditor’s reports If the client auditor uses the report of a service organisation auditor, he should consider making inquiries concerning the auditor’s professional competence in the context of the specific assignment undertaken. When making use of the report, the auditor should consider the nature and content of that report. He also needs to consider the scope of the work performed by the service organisation auditor and should assess the usefulness and appropriateness of reports issued by the service organisation auditor. The report may be a report on the suitability of design or a more extensive report on suitability of design and operating effectiveness. The former report will give the auditor some basic understanding of controls but it would not reduce his assessment of control risk. The latter report may support a lower risk assessment but the auditor would need to consider whether the controls tested by the service organisation auditor are relevant to the client’s transactions and whether the tests of controls and the results are adequate. The service organisation auditor may be engaged to perform substantive procedures that are of use to the client auditor. This engagement may take the form of an ‘agreed upon procedures’ engagement. When the client auditor uses such a report, no references should be made in the audit report to the service organisation’s auditor’s report. Impact on internal audit The external auditor will be affected by outsourced functions in relation to the financial statements whereas the internal auditor will be affected by any outsourced function. Question 12.1 Audit practitioners have recently begun to initiate changes in the audit approach. The strategy seems to be moving away from the traditional audit of financial statements and more to the provision of assurances on financial data, systems and related controls. Auditors are reviewing the business processes utilising benchmarking, performance measurements such as value for money and best control practices. The audit is moving toward the analysis of business risk and of being seen to be more of a benefit for management. Risk assessment services are now part of the audit service of which clients can avail themselves. The provision of internal audit is becoming a larger part of the business assurance service offered by auditing firms. The audit is becoming a management consultancy exercise with internal audit, external audit and consultancy assignments being seen as complimentary services. Discuss the implications of the external auditor providing an internal audit service to a client, explaining the current ethical guidance on the provision of other services to clients. Explain Page 177 s the principal effects of the external auditor providing wider assurance to the client. In addition, critically evaluate the move by large auditing firms to providing business risk and assurance services rather than the traditional audit assurance for investors and creditors. Page 178 s Study Unit 13 Prospective Financial Information Contents A. B. C. D. E. Reporting on Prospective Financial Information Accepting an Engagement Procedures Expressing an Opinion Sample Question Page 179 s PROSPECTIVE FINANCIAL INFORMATION Forecasts may be of interest to users more so than historical information. Auditors may carry out a review or an assurance engagement on these forecasts. Prospective financial information is based on assumptions about events that may occur in the future and possible actions by an organisation. A. REPORTING ON PROSPECTIVE FINANCIAL INFORMATION It is difficult to give assurance on such information as it is considered highly subjective. Projections generally relate to capital expenditure, profits and cash flows. B. ACCEPTING AN ENGAGEMENT The auditor needs to agree the terms of the engagement with the directors of the company. He should withdraw from the engagement if the assumptions used are clearly unrealistic. Before accepting an engagement he should also consider: • The intended use of the information, • Will it be general or limited distribution, • The nature of the assumptions, whether best estimate or hypothetical, • The elements to be included in the information, • The period covered by the information, • Practical matters such as time available and staff experience. C. PROCEDURES The procedures adopted by the auditor will include analytical review and verification of projected expenditure to quotes or estimates. In carrying out the review attention should be given to: • The nature and background of the entities business such as recent history, activities, main products, markets, customers, suppliers, divisions and locations, • The accounting policies used and whether they have been consistently applied in the preparation of the projections, • The assumptions on which the projections are based, • Whether the projections are based on forecasts regularly prepared for the purposes of management or specifically for this assignment, • The degree of accuracy and reliability of previous forecasts and the frequency with which they are revised, • Whether the projections represent the best estimate or a desired target, • How the projections take account of any material extraordinary items, • How the projection allows for factors which may have a high degree of risk, • The arithmetical accuracy of all calculations. Page 180 s When determining the nature, timing and extent of review procedures, the auditor should consider: • The likelihood of a material misstatement occurring, • His knowledge obtained during previous engagements, • The competency of management in preparing the projections, • Any extent to which figures may be effected by management’s judgment, • The adequacy and the reliability of the underlying data. The above can be considered general matters. The following considerations will be specific to the type of assignment that is carried out. Profit forecasts • Verify income to suitable evidence such as comparison of projected income on similar projects or current relevant market prices. • Verify projected expenditure to suitable evidence such quotations or estimates, current relevant bills, market rate prices and interest rate assumptions. Capital expenditure • Auditor should review for reasonableness and should verify to estimates and quotations. • Auditor should compare with other projects as to market values etc. Cash forecasts • Auditor needs to pay attention to the timing of cash flows. • He should review the cash flows for consistency with any profit forecasts. D. EXPRESSING AN OPINION The same level of assurance cannot be given for prospective information as can for say a set of historical financial statements. It is suggested by ISAE 3 3400 (the examination of prospective financial information) that an auditor should express an opinion to include: • A statement of negative assurance as to whether the assumptions are reasonable, • An opinion whether the information is properly prepared having regard to the assumptions and is presented in accordance with relevant financial reporting, • Appropriate caveats as to the achievability of the forecasts. The report itself should also contain • Title and address, • Identification of the prospective information, • A reference to relevant national standards or practices applicable, • A statement of management responsibility for information and assumptions, • Date of report, auditor’s address and signature. 3 International Standards on Assurance Engagements Page 181 s When the auditor believes that the presentation and disclosure of the prospective financial information is not adequate, the auditor should express a qualified or adverse opinion or withdraw from the engagement as appropriate. When the auditor believes that; • one or more significant assumptions do not provide a reasonable basis for the prospective financial information prepared on the basis of best estimate assumption or • that one or more of the significant assumptions do not provide a reasonable basis for the prospective financial information given the hypothetical assumptions, the auditor should either express an adverse opinion in the report or withdraw from the engagement. Question 13.1 You are auditing the accounts of an engineering firm which is experiencing going concern problems. The company prepares detailed monthly accounts, and you have been given forecasts to enable you to assess whether the company will be able to continue as a going concern. The monthly forecasts have been prepared for a 12 month period after the audit year-end. They include Capital expenditure/disposal forecasts, Profit forecasts and Cash flow forecasts. Required: • Briefly explain the term going concern and what is the minimum period you would expect the engineering company to continue in business for it to be considered a going concern. • List the factors which may indicate going concern issues. Describe the work you would perform to verify the value of items in the forecasts are reasonable Page 182 s Study Unit 14 Assurance and the Audit Function Contents A. B. C. D. E. F. Implications for the Company Implications for the Management Measuring Social and Environmental Performance Implications for the Statutory Audit Implications of Assurance Services Sample Question Page 183 s SOCIAL AND ENVIRONMENT AUDITS In recent years there has been new legislation which has been implemented to deal with environmental issues. This has placed additional burdens on companies to comply with the new legislation. The danger of non-compliance brings the risk of fines and bad publicity. These are examples of environmental risks now facing companies today. A. IMPLICATIONS FOR THE COMPANY We are all aware of the stakeholders in a company such as shareholders, banks, suppliers, customers, directors and employees. We tend to forget that the environment and society are also stakeholders in companies. Society encompasses that at international, national and local levels. Traditionally, the auditor is only concerned with the shareholders as it is the latter he reports to on a set of financial statements. In modern times, employees, the environment and society are linked. The environment There are primary and secondary impacts on the environment caused by a company’s activities. Primary impacts are the processes of a company which are regulated by environmental legislation. The secondary impacts relate to products of the company and they are governed by both legislation and consumer influence. The company can cause harm to the environment in a number of ways such as exhausting our natural resources and emitting harmful toxins. Society Society includes consumers and it is they who will have opinions about environmental products and will purchase accordingly. Society is concerned with harm to our natural resources and pollution and waste issues. The company needs society to buy its products in order that it can stay in business. Employees They have a relationship with the company in terms of their own livelihoods and their safety when at work. They are also a small portion of consumers who will purchase products, possibly the company’s. The company needs employees to make their products as well as natural resources. It will be important for companies to have policies in place in order to satisfy all stakeholders and to communicate these policies to them. B. IMPLICATIONS FOR THE MANAGEMENT Management are responsible for a risk management system. Social and environmental issues now form part of that risk. Page 184 s The specific risks and implications that might arise are: • Bad publicity arising from customers or legislation issues, resulting in lost sales and reduced market share. This could lead to future going concern issues. • Failure to comply with product standards, whether legal or perceived, may lead to lost sales and fines and/or compensation. • Health and safety issues that may impact on employee safety, resulting in business interruption and/or fines/compensation. • Failure to comply with other employment legislation and company legislation could lead to fines, compensation or disqualification of directors. Management controls Management should put in place controls to mitigate the risks to the business. This will vary from company to company. Specific controls may include: • The wearing of protective clothing and waste disposal procedures in order to comply with environmental legislation • Human resources dept. policies and procedures to comply with employment legislation • Adding social and environmental values to the corporate culture, whether through implementing a corporate code of setting specific targets for social and environmental performance. C. MEASURING SOCIAL AND ENVIRONMENTAL PERFORMANCE Auditors may provide assurance on whether the management’s assertions about performance in these areas are fair. Measuring social and environmental performance can be very difficult though. It is unlikely that there are any useful ratios to use and there is rarely any profit from social or environmental activities. One way to measure performance is to set targets and sustainability indicators. You can then check whether the targets have been met or whether any of the indicators exist. For example, take an oil production and retailing operation. environmental issues. • Using natural resources • Operating in a heavily environmental legislative area • Huge number of employees • Some employees working in risky environments • Possible human right issues. The company could set the following targets: Environmental • Reduce emissions and spills • Develop cleaner fuels Page 185 s It will have Social and Social • Reduce work related incidents • Stop exploiting children • Pursue equal opportunities for both men and women The sustainability indicators could include: • Respect and safeguard all persons, • Engage and work with all stakeholders, • Minimise the impact of the company on the environment, • Use all resources efficiently, • Maximise profitability, • Maximise benefits to the whole community. Some of the targets and indicators can be measured in mathematical terms. However, others are not specific enough to be measured in that way. It is also difficult to measure the effect of general principles which a company has attempted to incorporate into its corporate culture. The company should then report on all these issues to the shareholders. Where possible the facts included in these reports should be independently verified. Social audits Social audits establish whether a company has a rationale for engaging in a socially responsible activity. It involves identifying that all current environmental programmes are in line with the company’s goals. It will assess the objectives and priorities relating to these programmes and will evaluate the company’s involvement in such programmes past, present and future. A cultural awareness must exist within a company in order to implement environmental policies as they require both management and staff support. Social audits have increased in the United States since the Exxon Valdez incident in Alaska. Environmental audits These seek to assess how well a company performs in safeguarding the environment in which it operates and whether the company complies with its own environmental policies. The auditor will apply the following procedures: • Obtain a copy of the company’s environment policies, • Assess whether such policies are likely to achieve legal standards and satisfy key customer and/or suppliers criteria, • Test the implementation and compliance to the policies through discussion with management, observation of procedures and controls and carrying out walk through tests where appropriate. D. IMPLICATIONS FOR THE STATUTORY AUDIT Social and environmental issues can affect the statutory audit. Risks need to be considered at the planning stage, impairments and provisions may be required during substantive Page 186 s procedures and going concern issues may arise during the review. Social and environmental issues are important to the audit as they can potentially impact on the financial statements. As part of planning the audit, the auditor should be aware of any environmental regulations the entity may be subject to and any key social issues arising during the course of their operations. The auditor should review the company’s quality control documentation and the results of any environmental audits carried out. Examples of the impact of social and environmental matters on the financial statements: • Provisions re site restoration, fines etc, • Contingent liabilities, • Asset values adjusted re impairment or purchased goodwill, • Capital/revenue expenditure, • Development costs, • Going concern issues. A key risk that arises with regard to valuation is that an asset might be impaired. IAS 36 notes that a significant change in the technological, market, legal or economic environment of the business in which the assets are employed should trigger an impairment review. It is possible that a significant adverse change could take place in the legal environment. The auditor should carry out the following audit procedures to establish whether an impairment review is necessary: • Review board minutes for any indications of changes in environmental regulations • Review relevant trade magazines • Discuss with management especially those responsible for environmental issues. Some environmental issues may result in provisions being required such as the clean-up of a contamination or a potential fine where environmental legislation is broken. Environmental obligations would be core in some businesses such as the oil and chemical industries while in others it would not. ISA 250, Consideration of law and regulations in the audit of financial statements, talks of laws that are central to the company’s ability to carry on a business. In the case of a business that stands to lose its licence to carry on business in the event of non-compliance, environmental legislation is central to the business. E. IMPLICATIONS FOR ASSURANCE SERVICES Auditors can provide a variety of services in respect of environmental and social issues: • Internal audit services, • Review of internal controls and procedures, • Management letter concerning controls, • Assurance services. If directors issue an environmental and social report, it may contain figures and statements that are verifiable. In addition, the auditor can obtain details of the strategy and ascertain Page 187 s how fully it has been implemented by making enquiries of the staff who should be implementing the strategy. Question 14.1 Storm is a wind farm company situated on an island along the east coast of Africa. The company was set up a number of years ago by a millionaire energy fanatic, who is the majority shareholder and he continues to loan Storm money despite its history of loss making. The company owns and operates 15 windmills which are situated on the island. The windmills are connected to a generator, which mainly supply the major shareholder’s dwelling on the mainland. A small element is sold to a number of power companies. One of these companies, Mini power, has a small equity stake in Storm. Storm has had problems during the year. One windmill has fallen into the sea due to coastal erosion and three more are not far off suffering a similar fate. In addition, the generator lies close to a cliff. Furthermore, during the year Storm invested in a small stake in an oil pipeline which runs near the island. The co-owners of the pipeline have just advised Storm that they have discovered a crack in the pipeline. Required: • Outline reasons why social and environmental issues are of interest to an external auditor. • Comment on the financial implications of the above on the audit of Storm. Page 188 s Study Unit 15 Group Audits Contents A. B. C. D. E. F. G. Group Accounting and the Holding Company Auditors Principal Auditors and Other Auditors The Consolidation Process Joint Audits Auditing Foreign Subsidiaries Recent Developments Sample Question Page 189 s GROUP AUDITS A. GROUP ACCOUNTING AUDITORS AND THE HOLDING COMPANY The duty of the principal auditor is to report on the group accounts, which include balances and transactions of all the components of the group. "Principal auditor" means the auditor with responsibility for reporting on the financial statements of an entity whose financial statements include financial information from one or more components audited by another auditor. "Other auditor" means an auditor, other than the principal auditor, with responsibility for reporting on the financial information of a component that is included in the financial statements audited by the principal auditor. Other auditors include affiliated firms, whether using the same name or not, and correspondents, as well as unrelated auditors. "Component" means a division, branch, subsidiary, joint venture, associated company or other entity whose financial information is included in financial statements audited by the principal auditor. The principal auditor has sole responsibility for reporting on group financial statements even where they include amounts derived from accounts that have not been audited by him. Therefore, he cannot discharge his responsibilities by an unquestioning acceptance of component company’s financial statements, whether audited or not. Principal auditors have the right: • To require from auditors of subsidiaries the information and explanations they require and • To require from the principal company the necessary information and explanations from subsidiaries that they deem necessary. The principal auditors have all the statutory rights and powers in respect of their audit of the holding company similar to individual companies. B. PRINCIPAL AUDITORS AND OTHER AUDITORS ISA 600, using the work of another auditor, sets out the relevant guidelines to be considered. When the principal auditor uses the work of another auditor, the principal auditor should determine how the work of the other auditor will affect the audit. The auditor should consider whether his own participation is sufficient to be able to act as the principal auditor. For this purpose the principal auditor should consider: • The materiality of the portion of the financial statements which he audits, • His degree of knowledge regarding the business of the components, Page 190 s • The risk of material misstatements in the financial statements of the components audited by the other auditor, • The performance of additional procedures on the components audited by the other auditor resulting in the principal auditor having significant participation in such audit, • The nature of his relationship with the firm acting as other auditor. Principal auditor’s procedures When planning to use the work of another auditor, the principal auditor's consideration of the professional competence of the other auditor should include consideration of the professional qualifications, experience and resources of the other auditor in the context of the specific assignment. The principal auditor should consider the standing of any firm with which the other auditor is affiliated and also should consider making reference to the other auditor's professional organisation. The principal auditor's assessment may be influenced by the review of the previous work of the other auditor. The principal auditor should perform procedures to obtain sufficient appropriate audit evidence, that the work of the other auditor is adequate for the principal auditor's purposes, in the context of the specific assignment. The principal auditor would advise the other auditor of: • The independence requirements regarding both the entity and the component and obtain written representation as to compliance with them; • The use that is to be made of the other auditor's work and audit report and make sufficient arrangements for the coordination of their efforts at the initial planning stage of the audit. He would inform the other auditor of matters such as areas requiring special consideration, procedures for the identification of inter-company transactions and the timetable for completion of the audit; • The accounting, auditing and reporting requirements and obtain written representation as to compliance with them. The principal auditor might carry out some of the following procedures: • Discuss with the other auditor the audit procedures applied, • Review a written summary of the other auditor's procedures which could be in the form of a questionnaire or checklist or • Review the working papers of the other auditor. The principal auditor may wish to perform these procedures during a visit to the other auditor. The nature, timing and extent of procedures will depend on the circumstances of the engagement and the principal auditor’s knowledge of the professional competence of the other auditor. This knowledge may have been enhanced from the review of previous audit work of the other auditor. The principal auditor should consider the significant findings of the other auditor. Page 191 s He may consider it appropriate to discuss with the other auditor and the management of the component, the audit findings or other matters affecting the financial information of the component and may also decide that supplementary tests of the records or the financial information of the component are necessary. Such tests may be performed by the principal auditor or the other auditor. Co-operation between auditors The other auditor, knowing the context in which the principal auditor will use the other auditor's work, should co-operate with the principal auditor. For example, the other auditor would bring to the principal auditor's attention any aspect of the other auditor's work that cannot be carried out as requested. Similarly, subject to legal and professional considerations, the other auditor will need to be advised of any matters that come to the attention of the principal auditor that may have an important bearing on the other auditor's work. Where the component is a subsidiary, the other auditors may be under a statutory obligation to co-operate. Where there is no statutory duty but the principal auditor declares his intention to use the other auditor’s work, then the other auditor may need to obtain permission from his client to communicate with the principal auditor. Where such permission is refused, the other auditor should inform the principal auditor so that the latter can discuss with management what action to take. It is also possible that the principal auditor may need to communicate matters to the other auditor but this is subject to the normal rules of confidentiality. Reporting considerations When the principal auditor concludes that the work of the other auditor cannot be used and he has not been able to perform sufficient additional procedures regarding the financial information of the component audited by the other auditor, the principal auditor should express a qualified opinion or disclaimer of opinion because there is a limitation in the scope of the audit. If the other auditor intends to issue a qualified auditor's report, the principal auditor should consider whether the subject of the qualification is of such a nature and significance, in relation to the financial statements of the entity on which the principal auditor reports, that a qualification of the principal auditor's report is required. When the principal auditor is satisfied that the work of the other auditors is adequate for the purposes of the audit, no reference to the other auditors is made in the principal auditor's report. The local regulations of some countries permit a principal auditor to base the audit opinion on the financial statements taken as a whole solely upon the report of another auditor regarding the audit of one or more components. When the principal auditor does so, his report should state this fact clearly and should indicate the magnitude of the portion of the financial statements audited by the other auditor. Page 192 s Other aspects Supporting letters may be necessary from a parent company to a principal auditor in cases where the subsidiary does not appear to be a going concern. This letter states the intention of the parent to continue to support the subsidiary, making it a going concern. Developing countries Consolidating accounts from a developing country may pose some problems. The basis of the preparation of the accounts may not be in line with generally accepted accounting practices and as a result, the principal auditor may not be able to conclude that the accounts show a true and fair view. This is of particular importance where the differences caused by the basis of preparation are material to the group. This problem can be averted by the auditors requesting the directors to restate the accounts. In addition, the increased convergence of standards worldwide will greatly reduce the risk of this problem arising. Control environment and systems Assessment of the control environment and systems will include the assessment of the overall group environment. Factors to consider include: • Organisational structure of the group, • Level of involvement of the parent company in subsidiaries, • Degree of autonomy of management of subsidiaries, • Supervision of subsidiary management by parent company, • Information systems and information received centrally on a regular basis. Management representations When the auditors have responsibility for reporting on group financial statements they should obtain written confirmation of representations relating to specific matters regarding both the group financial statement and the financial statements of the parent undertaking. Examples of specific work carried out by principal auditors in reviewing other auditor’s work: Sending a questionnaire to all other auditors requesting detailed information such as: • An explanation of their general approach, • Details of the accounting policies of major subsidiaries, • Their opinion of the subsidiaries overall level of internal control and the reliability of their accounting records, • Any limitations placed on the scope of the auditors work, • Any qualifications and the reasons for them. Carry out detailed review of the other auditor’s working papers on each subsidiary whose results materially affect the view given by the group’s financial statements. This review will enable the principal auditors ascertain whether: Page 193 s • An up to date file exists with details of the nature of the subsidiaries business, its staff organization, its accounting records, previous year’s financial statements and copies of important legal documents; • A systems examination has been properly completed, documented and reported to management after discussion; • Tests of controls and substantive procedures have been properly and appropriately carried out and audit programmes properly completed and signed off; • All other working papers are comprehensive and explicit; • The overall review of the financial statements has been adequately carried out and adequate use of analytical procedures have been undertaken throughout the audit; • The financial statements agree in all respects with the accounting records and comply with all relevant legal requirements and accounting standards; • Minutes of board meetings have been scrutinised and important matters noted; • The audit work has been carried out in accordance with approved auditing standards; • The financial statements agree in all respects with the accounting records and comply with all relevant legal and professional requirements; • The audit work has been properly reviewed within the firm of auditors and any laid down quality control procedures adhered to; • Any points requiring discussion with the holding company’s management has been noted and brought to the principal auditor’s attention; • Adequate audit evidence has been obtained to form a basis for the audit opinion on both the subsidiaries financial statements and those of the group. C. THE CONSOLIDATION PROCESS After receiving the subsidiaries’ accounts, the principal auditor can audit the consolidated accounts. An important part of this work will be reviewing the consolidation adjustments that fall into two categories: • Permanent adjustments • Adjustments for the current year The following audit steps are involved in the consolidation process: 1. Check the transfer of data from the audited accounts to the consolidated schedules; 2. Check the adjustments are appropriate and comparable with the previous year; 3. Record the dates and costs of acquiring subsidiaries and the assets taken over; 4. Calculate goodwill and pre-acquisition reserves arising on consolidation; 5. Check combinations are appropriately treated (acquisition or uniting of interests); 6. If acquisition accounting is used, check that the fair value of acquired assets and liabilities is reasonable; 7. Check the appropriateness of the date used as the date of combination; 8. Check the treatment of results of investments acquired during the year; 9. Check that the amortisation of goodwill is reasonable; 10. Check for disposals and the appropriateness of the date used as the date for disposal; 11. Consider whether previous treatment of existing subsidiaries is still correct; 12. Review the consolidated accounts for compliance with the legislation, accounting standards and other relevant regulations; Page 194 s 13. Review for group companies that do not have coterminous accounting periods or where subsidiaries are not consolidated or where accounting policies of group members differ because foreign subsidiaries operate under different rules; 14. Review treatment of participating interests and associates; 15. Review the treatment of intangible assets and foreign currency translations; 16. Review the treatment of loss making subsidiaries; 17. Review the consolidated accounts to confirm they give a true and fair view. The principal auditors are often requested to carry out the consolidation. In these circumstances the auditor is acting as an accountant and auditor and care must be taken to ensure that the audit function is carried out and evidenced as appropriate. D. JOINT AUDITS A joint audit is one where two or more auditors are responsible for an audit engagement and jointly produce an audit report to the client. The relationship between principal and other auditors is not the same as that between the auditors involved in a joint audit. Two or more firms may act as joint auditors for a variety of reasons: • The holding company may insist that their auditors act jointly with those of the new subsidiary after a takeover. • A company operating from dispersed areas may find it easier to have joint auditors to get around locational problems. • Political problems of overseas subsidiaries may necessitate the need to employ local auditors to satisfy the laws of the country. • Some companies prefer to use local accountants while at the same time having a wider range of services provided by a large national firm. Accepting a joint audit Some points must be borne in mind before accepting a joint audit. It will be necessary to assess the experience and standards of the other firm. This can be done by reviewing the audit techniques used, scrutinising their working papers and establishing whether they have had any experience in similar type jobs. The auditors should agree whether a joint or separate letters should be sent to the client. Separate letters would need to be sent to the client where other services are provided. Once a joint position has been accepted, it will be necessary to discuss the audit plan and the detailed work programme. A major criticism of joint audits is that they can be costly. This can be reduced if the two firms have organised the work between them properly. In addition, an increase in the fees can be justified by improved services due to more efficient work and a sense of professional pride. Both firms must sign the audit report as both are responsible for the whole audit irrespective of what particular area they carried out the work. Therefore, both firms will be jointly liable in the event of legal action. Page 195 s E. AUDITING FOREIGN SUBSIDIARIES The auditing of a foreign subsidiary can pose problems for auditors. It is vital that one would have an appreciation of the features of doing business in the foreign country. When an auditing firm has a client that owns overseas subsidiaries the client may choose to have the foreign subsidiary audited by local firms or request that its own auditors undertake the audit of the foreign subsidiary. Where local offices audit the foreign subsidiaries, the principal auditor may often undertake an audit visit to a major foreign subsidiary each year. Some audit firms have an international network and may be able to use an affiliated partnership to audit the foreign subsidiary. Some difficulties and possible solutions in auditing foreign subsidiaries would include: • Difficulties with languages might be overcome by using a member of the office who speaks the language or the use of a translator. • Cultural differences can be tackled by the auditors learning about the country. • Differences in local accounting, auditing conventions and legislation can be overcome through learning before the audit begins. • Some countries might have very specific problems such as high inflation or currency restrictions. • The subsidiary’s country may have different company laws from the ones the auditor is familiar with. • The auditors may face difficulties obtaining the necessary work permit to work within the country. The auditors should seek help from the client company. F. RECENT DEVELOPMENTS A new exposure draft of ISA 600 contains two new definitions referring to a related and unrelated auditor. A related auditor is an auditor from the group auditor’s firm or from a network firm who operates under, and complies with, common monitoring policies and procedures under ISQC1 and performs work on one or more components for the purpose of group financial statements. An unrelated auditor is an auditor other than the group or the related auditor who performs work on one or more components for the purpose of the group audit of financial statements. A key requirement is the group auditor must perform work on the significant components of the group or be involved with the work of other auditors. Another key issue is what constitutes a significant component. This is a matter of judgment for the auditor. The ISA suggests a general benchmark of 20% of key value items such as the group’s assets, liabilities, cash flows, profits or turnover. Page 196 s The group auditor must: • Consider the ethics, professionalism and quality control of the other auditors, • Ensure the other auditors understand the relevant frameworks, • Assess the risks of material misstatement at group level, • Determine materiality levels for the other auditors to use, • Determine what type of tests other auditors will carry out in response to assessed risks, • Set out the required work in relation to subsequent events, • Evaluate the adequacy of the other auditors work, • Communicate various matters to management of the group. Question 15.1 ABC has been an audit client of your firm for many years. It is a business which manufactures soft furnishings. It also has a shop from which it sells its own soft furnishings and other manufacturers soft furnishings and small items of furniture. On the first day of the year ending 30 June 2010, ABC Ltd undertook a major reconstruction of its operations. It set up two subsidiary companies. A Ltd and B Ltd. It then transferred its trade to those companies. A Ltd took the manufacturing trade and B Ltd took the retail trade. On the same day, A Ltd entered into a joint venture with its former chief designer. The joint venture AC designs will provide designs for the soft furnishings manufactured by A Ltd and will also operate an interior design service, which will be advertised strongly by B Ltd. ABC Ltd is 100% owned by John Browne, ABC Ltd will charge A Ltd, B Ltd and AC designs management charges. The former chief designer, now a 50% shareholder in AC designs is Jackie Browne, John’s only daughter. They make decisions about AC designs jointly and have agreed that the audit of AC designs shall be carried out by David Beckham and co. David Beckham is a friend of Jackie Browne. Required: 1. Outline the audit planning issues raised by your firm in the above scenario. 2. Briefly state the steps you would carry out to audit a consolidations. Page 197 s BLANK Page 198 s SOLUTIONS Solution 1.1 • • • • • • Every item is not checked. In fact, only test checks are carried out by auditors. It would be impractical to examine all items within a class of transactions or account balance. Hence, it is not really possible to give absolute assurance. Auditors depend on representations from management and staff. Collusion can mitigate some good controls such as division of duties. There is always the possibility of collusion or misrepresentation for fraudulent purposes. Evidence gathered is persuasive rather than conclusive. It often indicates what is probable rather than what is certain. Auditing is not purely an objective exercise. Judgements have to be made in a number of areas. The view of financial statements is itself based on a combination of fact and judgement. The timing of an audit. An unqualified audit opinion is not a guarantee of a company’s future viability, the effectiveness and efficiency of management or that fraud has not occurred. Solution 1.2 (a) The advantages of having an audit can include the following: • Shareholders not involved in the management of the company can gain reassurance from a set of audited accounts about management’s handling of the business. • Audited accounts are a good reliable source for a valuation of shares in an unquoted company. • Banks may review a set of accounts for the purposes of making a loan and assessing the value of the security on offer. • Suppliers can use audited accounts to assess the potential strength of a company. • An audit provides a useful independent check on the accuracy of the accounting systems and the auditors may also recommend improvements in those systems. (b) The audit of Mr J Butera’s company is still an exercise designed to express an opinion on the truth and fairness of the accounts. So the method of undertaking the audit will be the same as that of Bank of Kigali’s and the same auditing standards will be applied. However, the auditor must be aware of the different inherent risk in the audit of a small company and in applying auditing standards. He should consider all the relevant risks. The audit of a small company is often affected by certain factors namely the concentration of ownership and management in one person, the professional relationship between the auditor and the business and the fact that small audit teams are involved. (c) The alternative to an audit for a small company is to have a review. Although it is similar to an audit, a review is designed to give a lower level of assurance. As a result, the procedures undertaken to express an opinion are less detailed and generally comprise enquiry and analytical review procedures. Mr J Butera needs to decide what level of assurance he needs. He needs to assess the advantages of having an audit which will give a higher degree of assurance and decide Page 199 s whether his business actually needs this. Bear in mind that some of the advantages to an audit will also be given by a review. Solution 2.1 (1) There is a threat of self-interest. John has an indirect financial interest in the client. However, the interest is immaterial to the client or to John. It is a pool of general investments. John is a junior member of the team and does not have a significant role in terms of drawing audit conclusions or highlighting audit risk areas. The risk to independence is insignificant. To eliminate all elements of the risk, John could be asked to divest his interest but this seems inappropriate. Other than that, he could be removed from the audit team. However, such a step is not vital in this situation. (2) Firstly, there appears to be multiple provisions of services leading to a self-interest threat. However, there is insufficient information to draw a conclusion as regards the significance of the threat. Need more information in relation to the nature of the services supplied, fee income and the various team members assigned. To eliminate the risk, different teams could be assigned to the various assignments. The risk is likely to be significant only if audit is one of the services provided. Secondly, a manager on the team wants to engage in a personal relationship with a person connected to the subject of the assignment. This could give rise to the threat of familiarity or intimidation. Paul has a significant role in the team and his love interest is closely connected to key staff at the target company. The timing of all this is a key issue as it is a one off review. Presently, Paul has no relationship to threaten the independence of the work. Therefore, you should request that he hold off his romantic intentions until the assignment is complete. If he declines the request, then he should be immediately removed from the team. (3) Long associations and personal relationships may lead to a risk of familiarity, not to mention the acceptance of significant hospitality. The risk here is significant. The assignment is audit but the company is not listed. In order to mitigate against the risks, invite a second partner to do a review of the audit files or consider rotating off the audit for a period and let a different partner handle the engagement for a while. Page 200 s Solution 2.2 Independence It is vital that auditors are, and are seen to be, independent. Independence is the key to the auditors’ claim to give an impartial, objective opinion on the truth and fairness of a set of accounts. Objectivity A family relationship can substantially affect the objectivity of the audit, so auditors are advised not to build up close personal relationships with audit clients and should not audit a company where family members are employed in sensitive roles. In this case, the partner was not the audit engagement partner and so in line with generally accepted ethical practice, the firm appeared to be independent as long as the partner had nothing to do with the audit. Resolution Given the existence of computer networks and modern communications capabilities, it seems unlikely that any auditor would not be able to have similar access and influence over a single audit carried out by a firm as a partner in the locality. Be seen to be independent It would appear that the body seems to be concerned about the “seen to be..” section of the independence requirement. It also seems that they have concerns over whether the public can make the distinction between an engagement partner and any other partner in the same firm. Arguably, it is only in publicising the problem that the public are likely to have a perception at all. In addition, if the public do perceive a problem with independence, moving 400 miles in this day and age of modern communications is unlikely to convince them otherwise. Split of firm The split could enhance the public perception of independence, although there is likely to be some cynicism such as a marketing ploy or shifting the profile of the non-audit divisions for capital raising purposes. Page 201 s Solution 2.3 (a) The problems with an audit partner becoming FD of the firm’s client are: • He will have detailed knowledge of the audit approach and this gives him the opportunity to conceal matters from the auditors. The auditors will need to bear this in mind when planning the audit. • If a significant connection, such as the receipt of benefits, remains between the expartner and the firm, then the firm’s objectivity may be threatened. • Public perception may involve a view that the two parties are no longer independent, even where there may be no actual threat to objectivity. The ex-partner may be perceived to have some influence over the new audit team members. • There is a risk that the audit team may place greater reliance on representations from the ex-partner. To ensure objectivity, they should not place any undue reliance on the evidence. They should evaluate risk as they would with any other client. • If the partner takes part in the audit knowing that he is about to join the client shortly, then there is a threat to objectivity. Public perception is unlikely to view the two parties as been independent of each other. (b) The following advantages exist for a client if their auditor becomes a senior executive: • He will have a good understanding of the environment in which the client operates. He should find it easier to integrate with the rest of management. • No recruitment costs and no risk that a recruitment company would recruit the wrong person. • Ex-auditor will be familiar with a number of accounting systems and is likely to be up to date with current accounting techniques and current thinking. (c) Current rules do not specifically prohibit an audit firm from continuing to act as auditors to a client if an ex-partner or employee now works in a senior position for that client. A member’s objectivity must be beyond question. This objectivity can only be assured if the member is and is seen to be independent. A member’s objectivity may be threatened or appear to be threatened as a consequence of a family or other close personal or business relationship. Where a relationship exists between an officer of the client and a partner or member of staff of the audit firm, safeguards should be set up to ensure objectivity. Objectivity may be threatened by undue dependence on an audit client. It is suggested that the public perception of an auditor’s objectivity is likely to be impaired where the fees for the audit and other recurring work for a client exceed 15% of gross practice income. Where a senior member of staff has joined a client, the safeguards are suggested: • Consider modifying the audit plan for the engagement. • Assign the engagement to an individual of sufficient experience in relation to the exmember of staff. • Involve some new experienced staff not previously involved with the audit. • Conduct a thorough quality control review of the engagement. Page 202 s One final point is that the ex-member must not receive benefits from the firm unless they are made in accordance with fixed, predetermined rates, and he must not participate in the affairs of the firm, otherwise the whole question of objectivity and independence comes into question. Solution 3.1 (1) A B Ltd is a high risk client. The property development business is a high risk activity and the weakness of the company’s internal control system and the lack of integrity of the founder Mr Narang also give risk to additional risk. The auditors must ensure that no independence or other ethical issues exist that are likely to cause conflict with the ethical code before accepting the appointment. The procedures which an audit firm should carry out before accepting an appointment are: • Request permission to communicate with the previous auditors. If permission is declined, the auditor should decline the appointment. If permission is granted, the auditors should request in writing of the previous auditors all information which should be made available to them to enable to them to decide whether they should accept the appointment. • Ensure that the firm’s existing resources are adequate to service the needs of the new client. Specifically, expertise may be needed as the new clients are property developers. • Seek references in respect of the new client company. If the directors are not known to the audit firm, independent enquiries should be made concerning the status of the company and its directors, for example company searches, which may uncover qualified audit reports. • A preliminary assessment of audit risk should be made. This will involve discussions with management and assessing the internal control structure, which in the client company’s case is very poor. • The costs and benefits of accepting the appointment should be estimated. The cost may be considered to be too costly in terms of potential liability, or raised insurance premiums and bad publicity. (2) Ethical guidelines for auditors require that an auditor be independent and objective. It is an auditor’s integrity that gives weight to his audit opinion. The maintenance of the secret fund is a definite lack of integrity on behalf of the audit partner. His objectivity is also impaired by his lack of independence. He has also contravened ethical guidelines by carrying out the preparation of accounting records for a quoted company. He has also colluded with the managing director of the company to conceal questionable transactions from fellow directors and shareholders. This could be viewed as a fraud and also there could be breaches of tax laws. His position as auditor is untenable and his audit opinion is valueless. Page 203 s (3) The measures that might be introduced to try and minimise the practice of opinion shopping by prospective audit clients are as follows: • Establish why the question is been asked in the first place. • No opinion should be given until the present auditors have been informed. This is not just a matter of courtesy but it may highlight additional information with which the client was not forthcoming. • If the audit firm decides to give an opinion, they should do so in writing giving the facts of the problem as it has been presented to them. Legislation exists to protect auditors, allowing them to present their case to the shareholders of a company. When they resign, they have a right to make a statement regarding the resignation which should, as “best practice”, be sent to the Office of Registrar General and anyone who is entitled to receive the financial statements. Auditors often do not do so because of the bad publicity involved. (4) Audit firms can reduce the risk of litigation and its effects by ensuring: • Audit standards are applied at all times. • Adequate quality control procedures are in place and are enforced. • Adequate review procedures are in place before a new client is accepted. • Adequate professional indemnity insurance is in place. It does not reduce the risk of litigation but it will limit the damage it causes. Solution 3.2 Auditors might not seek re-election for ethical reasons such as fees, perhaps a disagreement with client over accounting policies or there could be a conflict of interest with another client. When submitting a tender, the auditor should consider: • Are specialist staff with specialist skills required, • Where is the work to be performed and are suitable staff available, • Does the planned work fit in the firm’s current work timetable, • Will current staff require further training. Solution 3.3 Under normal circumstances, accountants should not advertise fees. Any advertisement is unlikely to be sufficiently detailed to allow a comprehensive understanding of fee structures and any facts given about such fees could mislead potential clients. Solution 4.1 Auditor responsibility It must be acknowledged that the primary responsibility for the prevention and detection of fraud lies with the management of the company. It is they who should safeguard the assets of Page 204 s the company while the auditor’s primary responsibility is to express an opinion on the financial statements. It should be noted however, that the auditor has a duty to plan his audit to consider the risk that a material misstatement could occur in the financial statements as a result of fraud. Extend responsibility The Public, the shareholder’s and even the government’s expectations of the auditor are changing and they are increasingly calling on the auditor to widen his responsibility. Some of the problems that may arise are the difficulty in defining fraud and determining an appropriate level materiality. Currently, the auditor assesses materiality in relation to the true and fair view shown by the financial statements. This may no longer be valid if all or most frauds have to be detected by the auditor. Fraud covers many types of activities at all levels within a company. Should the auditor be expected to detect a petty theft committed by a junior employee and who determines what falls as significant or insignificant frauds?. The guidelines simply define fraud as involving the use of deception to obtain an unjust illegal financial advantage. Changing the auditor’s responsibilities in relation to fraud needs to be considered in the light of different types of organisations and the different interested parties that exist. It would be reasonable for the auditor of a financial institution, where deposit holder’s savings are at risk, to have a greater responsibility for the detection of fraud than the auditor of a small private company run by the owner/managers themselves. Similarly, the auditors of public limited companies and probably other public companies, such as high profile charities, should have a greater responsibility than those of private companies. This would reflect the public’s perception of the role of the modern auditor and legislation should then react to these expectations. Since fraud has an impact on the financial statements, it is generally accepted that the auditors need to plan their audits so that they have a reasonable expectation of detecting material misstatements caused by fraud. While few people disagree that the auditor should have some responsibility for the detection of fraud, the widening of the auditor role would mean additional audit costs would be incurred by all organisations to detect fraud. Perhaps the auditor should advise management as to how to prevent and detect fraud and penalties for it under company law could be increased so that there is a greater deterrent. If companies and other organisations could prevent fraud more effectively there would be no should need for auditors to try and detect it during an audit. Fraud can be difficult to detect where internal control systems are very weak or non-existent at all. Some types of fraud require special expertise to be brought in so that the fraud can be detected. All auditors should already be detecting frauds which give rise to material errors in the financial statements. The procedures used to detect immaterial frauds would just be an Page 205 s extension of the usual audit procedures applied but the time taken to extend the level of testing would probably be considerable. The auditor needs to judge the amount of work that is necessary to obtain sufficient, reliable evidence on which to form an opinion on the financial statements. If his objective was changed the amount of work necessary to be carried out would increase substantially, although the methods and procedures used would probably be the same. The auditor would probably not accept a greater responsibility for the detection of fraud without a substantial hike in the audit fee. It is questionable whether this would be considered value for money for most organisations. There is also the question of to whom the auditor should report a fraud. If senior management are involved and the auditor has no real concrete proof and there is no material effect on the financial statements, then the auditor will need to seek legal advice on what action should be taken next. The auditor has a duty of confidentiality from disclosing information to third parties without the client’s permission. However, this duty of confidence is not absolute, and the auditor may disclose certain matters to a proper authority such as where it is in the public interest. Another problem which might arise is a possible deterioration in the relationship between the auditor and the client. If the auditor had to report directly to the authorities, the client may be reluctant to provide vital information. Conclusion Auditors have the skill necessary to detect most types of fraud but there is the possibility that the cost of so doing would exceed the likely benefits. The recommended solution is for the auditor to make recommendations to management about how they could reduce the likelihood of fraud or irregularities and increase the possibility of detection. Solution 4.2 In order for an action to succeed, a duty of care must exist, negligence must have occurred and one must have suffered a loss as a result of the negligence. Solution 4.3 In order to avoid litigation, an auditor can: • Implement and apply client acceptance procedures • Perform all work in line with accepted auditing standards • Implement and perform adequate quality control procedures • Use disclaimers. Page 206 s Solution 5.1 (1) The reasons for a merger include: • The desire to increase their market share and operate on the global markets • A wish to serve multinational clients who demand an international presence and who require the use of large amounts of resources • Increased expertise in all fields • Increasing funds available for investment such as infrastructure or IT • A desire to compete with banks and other who are expanding into the consultancy business • To resist liability claims which could close smaller audit firms • To reduce the ability of major clients to exert fee pressures and thus improve financial independence • To increase the range of opportunities available to staff within the organisation. • To take advantage of cost savings (b) Possible problems could include: • A reduction in the choice of clients available to the firm, • Possible conflicts of interest, • A reduction in the auditors independence, particularly with the increase of consultancy services, • The emergence of audit giants which weakens the argument for limiting auditor’s liability. • Domination of the profession by large firms , • Increase in the influence of large firms on the standard setting process, • Redundancies in offices caused by the elimination of overlapping departments, • Scrutiny of the mergers by outside agencies. , • Disputes emerging between partners in firms as to the management style leading to resignation of disaffected partners and loss of experience, • A loss of the personal touch which is a feature of smaller firms and which many clients crave. Solution 5.2 The following factors could cause an audit business to fail: • Litigation against the firm • Bad publicity • Loss of key personnel • Loss of clients • Disciplinary action by regulatory body. Solution 5.3 An audit can be lost due to size where the client becomes too large for the audit firm to be able to manage. This could be for example due to insufficient staff or insufficient technical expertise. Imagine a 2 partner size practice trying to do the audit of a major bank. Page 207 s In addition, the audit may be lost where the company no longer requires an audit. For example, with the influence of new legislation among jurisdictions with revised thresholds being applied a number of small companies may now no longer require a statutory audit. Solution 5.4 To: The Board of Directors of Read Ltd From: A. Accountant Re: Directors’ responsibilities This memorandum addresses some of the issues raised previously by members of the board. 1. Statement of Directors’ Responsibilities This statement is part of the response of the accountancy profession and the regulatory authorities to the difference between what the auditors and directors of a company are responsible for compared to what the public perception of these responsibilities and duties actually are. In the UK, the Cadbury report on corporate governance recommended that the financial statements should contain statements laying out clearly what the directors and auditors responsibilities. The public concern about the responsibilities of both directors and auditors was brought to the fore with the unexpected collapse of large groups of companies in the UK for example, such as Maxwell, Polly Peck and BCCI. When investors, shareholders and account holders looked for people to blame for these disasters, it was invariably the auditors. Very few people knew which of the auditors, directors and regulatory authorities were responsible for what in respect of reporting on a company. 2. True and Fair The accounts of a company are required by law to show a true and fair view of the financial position as at the balance sheet date and of its profit and loss for the year. The auditors are required to state in their report whether, in their opinion, the accounts satisfy that requirement. Legislation contains many requirements as to the form and content of company financial statements, but it does not actually define what is meant by true and fair. The meaning can be best understood by referring to case law. The courts will treat real compliance with accepted accounting principles as prima facie evidence that the accounts are true and fair. On the contrary, where there is non compliance with the principles, this will be seen as prima facie evidence that they are not true and fair. The true and fair view is a legal concept and the question of whether company accounts comply with the company’s acts can only be decided by a court. The concept of true and fair is very subjective in nature, in spite of the connection between accounting standards and true and fair discussed above. Page 208 s As directors of Read, in deciding whether the accounts are true and fair, you should bring your collective business knowledge to bear. The first question must be whether accounting standards have been followed and if in some cases they have not, then you must consider whether this override was justified on the grounds that it was necessary in order to show a true and fair view and that this explanation is properly disclosed. In making your decision, you should consider whether the accounting policies and principles used are appropriate to Read’s business and whether the accounts reflect the substance of transactions which have actually occurred. In summary, the directors should be satisfied that the financial statements reflect the true situation of the company and are not misleading in any way. 3. Detecting fraud and safeguarding assets Directors can try to prevent fraud and safeguard assets by instituting a strong system of internal controls. Physical controls over tangible assets are important such as locking up cash, tagging computers etc., but fraud is most often prevented by good segregation of duties. Controls of this nature mean that staff collusion in order to steal should be frustrated Supervision is an important control for directors. The Cadbury report suggested that directors should make a comment in the financial statements stating whether an adequate system of control was in operation during the period under question. Guidance has been produced on what directors should consider when assessing their internal control systems, but it is still not possible to say exactly what a good control is. In the financial statements, directors must state their responsibility for the system of internal control, but they do not have to comment on its effectiveness. I hope this memorandum has cleared up these issues. Please contact me with any further queries. Signed, A. Accountant Solution 6.1 1. Consideration of the materiality level The traditional value indicators of materiality levels include turnover (0.5% to 1%), profit before tax (5%), total assets (1% to 2%) and net assets (2% to 5%). The percentages would derive the following figures: Turnover 12,670-25,340 Profit before tax 3,050 Total assets 10,090-20,180 Net assets 7,380-18,400 A simple average of these gives RWF13,870. This is a useful indicator but you should consider some qualitative factors such as: Page 209 s • Interest is an important figure due to the terms of the covenant with the bank. It might be wise therefore to include profit before tax and interest in the calculations. This would raise the above figure to RWF13,970. • Net assets are also important as a result of the bank agreement. The current ratio is required to be 1.5. This would require current assets to be RWF586k which they are well above at the moment. When considering materiality, the auditor should look at cumulative matters. However, the ratio is material to the balance sheet, so any issues relevant to that ratio may be material, regardless of value. I would set planning materiality at RWF14,000. However, I would treat issues arising in relation to net current assets as potentially material and consider the cumulative impact that any issues had. 2. Audit risks Inherent risks The key issue relating to the balance sheet is the factoring of debts. This raises a number of questions. The first question is why factoring. Presumably, this is to insure that the interest cover will be maintained by keeping bad debts in check. It will also be important to check whether the factoring is as a result of poor cash flow. The year end cash figure is down on the previous year. Cash flow problems can also indicate going concern issues Secondly, in relation to debtors, it raises issues over the accounting for the factored debts. Have they been accounted for in the balance sheet and properly disclosed according to their substance. When there is a high transfer of all significant risks and rewards to the factor the substance may be that the debtors are no longer assets of the company but that any cash advances made by the factor to the company are assets. As the entire sales ledger function has been outsourced to the factor, this need investigating. Adjusting the debtors figure would clearly be material to the balance sheet and could have an impact on the covenant with the bank. However, there would also likely to be a major influx of cash so the net effect on the ratios would be negligible. If, on the other hand, the factoring has been accounted for, then cash appears to be very low given that there should have been a major cash inflow and this would have implications for going concern. However, as there remains a large debtor balance it seems to appear that the factoring has not yet been accounted for. The relationship with the bank is clearly important. The whole issue must be considered particularly as there appears to be a worsening cash position and there is a question mark over the factoring of debts. Going concern is a risk for this audit, especially if accounting issues radically change the balance sheet and have an impact on the covenant to the bank. As part of the restructuring and the factoring of debts, the sales clerk has been dismissed. She is bringing a number of claims against the company. It is unclear whether she has grounds for such action. There may be a cap on damages for unfair dismissal but unlikely to be so for discrimination cases. Hence there is a potentially material contingent liability. It will be important to investigate this on the audit and to establish if she has a case it may be necessary to seek an expert legal opinion. Page 210 s There appears to be a problem with stock, a possible stock obsolescence. It is unclear whether this is material or not. However, given that the current assets are material by their nature (details of covenants) and the possible effects of accounting for substance on debtors, this matter of stock obsolescence may be material by its very nature. Control risks As part of the control risk evaluation the auditor must consider the effect of factoring on the systems of the business and the fact that the sales ledger is now outsourced and may have been for a portion of the year been audited. The related controls must be assessed. There is the risk that the controls over the transfer may not have been good and errors could have been made. Detection risks An expert may be required to obtain evidence about the contingent liability. The auditor must ensure that he has all the information he requires from the service provider. 3. Administrative planning matters The engagement partner must organise a planning meeting to discuss the audit with the team. The supervisor should obtain key dates relating to the audit, such as the dates of the manager and partner reviews, and client related dates such as when the final accounts will be ready and when the accounts need to be signed by. The supervisor needs to obtain client permission to contact the company’s lawyer and the debt factor and he needs to organise when the audit team will be able to liaise with them. 4. Conflict of interest The audit firm is in possession of sensitive information relating to the company’s new customer. However, the company could have obtained a lot of this information themselves through a credit rating agency which they really should have done anyway as part of good control procedures over opening new accounts. It would be in the interests of the new customer that the auditors would not share this information with M Ltd Whether a conflict exists depends on the size of the audit firm and the procedures put in place in the audit dept. to maintain the independence of the two audits. In a small dept. it is likely that it will be difficult in practice to keep matters completely confidential. In this situation, it is probably best that the auditor make both parties aware that they are auditors for both and restate their duty of confidentiality to both. It may be wise to revisit the engagement letter for both clients to ensure that the duties and procedures in relation to this potential conflict are set out. Page 211 s Solution 6.2 1. Business risks relating to e-commerce operations set up Technological issues It is likely that in operating through the internet, the company has changed from a moderately low tech company to one that is now high tech. This raises a number of significant business risks: • It is now possible that current customers are not equipped to continue to be customers over the internet in terms of skill and opportunity. • The greater degree of technology will come at a cost. The cost of setting up a website will have been incurred already, but there are likely to be further future costs involved in maintaining the website, such as the need for upgrades to ensure that the technology continues to run smoothly and as effectively as possible. • The company is now open to greater security risks than it was previously. It is now exposed to greater risks of credit card fraud and may also be at risk of computer hacking. Customers Problems relating to customers are not entirely technology based. Firstly, the company has changed from dealing with customers face to face to one that is considered very impersonal. Customers may complete a deal with the company without ever speaking to an individual. Customers may have appreciated the personal touch in the past in receiving help in selecting gifts and may not be keen to purchase on-line on the internet. Secondly, the company operates largely to the tourist trade. Many of the customers would have been holiday makers eager to snap up gifts of their trip. The company may now find that it will lose a lot of this “feel good factor” sales and that in the general gifts market, the competition is much more intense. Delivery issues The company has opened up new distribution issues for itself which it did not have previously in that sales made over the internet require delivery and that this delivery is now available from all the stores. The company is therefore now exposed to potential customer dissatisfaction over delivery. Given that the company proposes to use the current postal system, any problems arising may largely be out of their control. There is also a risk of liability for breakages and spoilt goods, and given that many of the products outlined are fragile, this could be a significant cost. A customer might be happy to pay a little extra to have fragile goods delivered, rather than face the risk of breaking it on the way home, but that risk is now transferred to the company. 2. Audit risks arising Inherent There are a number of issues which may represent inherent audit risks: • The company has closed a substantial part of its retail operation and has changed the focus of the business to e-commerce. The shop business may be considered to be a Page 212 s • • discontinued operation and consideration will need to be given to the accounting treatment and disclosure in the financial statements. There is likely to be a substantial investment in technology in terms of computer equipment for the warehouse and branches and for setting up the website. The expenditure in the year will need to be scrutinised to ensure that this expenditure is properly capitalised where this is required and also that appropriate depreciation policies are implemented and operated. The company may face liabilities for items broken in transit. Some provisions may be required and this should be investigated to ensure that all such provisions necessary are created and are valued appropriately. Control The restructuring will have resulted in a number of new systems particularly in the warehouse. All controls will need identifying, assessing and recording. Detection The e-commerce element will almost be like a new audit. There is unlikely to be any useful analytical evidence as it is the first half year of such activity. Also, there may be a requirement to use some CAATs to investigate the ordering system. This may require a higher use of substantive testing than might have been the case in previous audits to ensure that transactions are fairly stated. 3. Audit strategy There is a lack of analytical evidence about half of the business year due to the shift to ecommerce. This makes certain approaches, such as the business risk approach, to the audit unacceptable, as it relies on a high level of analytical procedures. An audit risk approach should still be taken so that the audit is cost and time effective and it would seem wise to take a combination of other approaches to the audit. A balance sheet approach may be appropriate in these circumstances, as it is highly substantive and is cost effective because it results in a small number of high value balances being tested. In addition, there is often good availability for evidence of a balance sheet nature. However, when the balance sheet approach is used, the profit and loss transactions, are usually audited by analytical review. Given that a number of transactions are on new systems, a better approach for this year might be a transactions approach looking at the various cycles such as sales and purchases. This means that the balances which lead up to the balance sheet are substantiated, rather than the closing position itself. The balance sheet is then audited by analytical review. A transaction approach is more time consuming than a balance sheet approach. This should be discussed with the client so that they are aware that as a one off exercise, due to circumstances in the year of the introduction of the e-commerce operation, the audit will cost more in this year. Page 213 s 4. Control issues There are a number of control procedures adjustments that should be made: Confirmations An email should be sent to all customers to confirm their order. At present this is only done when there is a problem. Segregation of duties There is a potential problem in that there is no segregation of duties between orders and payments as the two clerks often help each other out when it is busy. It is vitally important that there is segregation of duties. If just the one person deals with orders and payments there is a greater risk of fictitious orders raised and false payments taken. Other people should be drafted in as back up for both roles as the need arises. Stock check facility There is scope to integrate a stock check facility into the ordering system so that a customer cannot send an order which cannot be met from current stock. At present there has to be a manual check. This would eliminate the delay between an order being made and the customer being told that it cannot be met and allow for possible alterations rather than a lost customer. Solution 7.1 1. Letter of representation Newworld properties Kigali Rwanda Auditors & Co Old Street Kigali Rwanda 30 June 2010 Dear Sirs, We confirm to the best of our knowledge and belief, and having made appropriate enquiries of other directors and officials of the company, the following representations be given to you in connection with your audit of the company’s financial statements for the year ended 30 April 2010. General Page 214 s We acknowledge as directors our responsibility for preparing financial statements which give a true and fair view and for making accurate representations to you. All the accounting records have been made available to you for the purpose of your audit and all the transactions undertaken by the company have been properly reflected and recorded in the accounting records. All other records and related information, including minutes of all management and shareholders’ meetings, have been made available to you. Financial support Oldworld properties, a subsidiary of the company, is experiencing going concern problems. We confirm that the company will continue to make financial support available to Oldworld properties for the foreseeable future. Claim Trouble Manufacturing has made a claim against the company for RWF5m arising from alleged negligent construction. This represents RWF3m for repairs and RWF2m for the cost of business disruption. Following discussions with the company’s professional advisors we consider that Trouble Manufacturing has no claim on the company and therefore no provision is required in the accounts for the year ended 30 April 2010, although the contingency is fully explained in a note to the financial statements. Transactions with directors The company has had at no time during the year any arrangement, transaction or agreement to provide credit facilities (including loans, quasi-loans or credit transactions) for directors nor to guarantee or provide security for such matters, except as disclosed in note 20 to the financial statements. Post balance sheet events There have been no events since the balance sheet date which necessitates revision of the figures included in the financial statements or inclusion of a note thereto. Should further material events occur, which may necessitate revision of the figures to be included in the financial statements or inclusion of a note thereto, we will advise accordingly. Yours faithfully, Signed on behalf of the Board of Directors ……………..Director 2. Reliability of letter of representation The letter of representation is a record of statements, in writing, made by management to auditors during the course of the audit. Being a written record, it is much stronger evidence than oral representations would be. Page 215 s However, representations coming from management do not come from an independent source and as such should not therefore be relied on when other evidence is available or would reasonably be expected to be available. Nevertheless they may be the only available evidence especially when facts are confined to management or the matter is one of judgment or management opinion. Independent, external confirmation will not be available in these circumstances. Reliance on letter On receipt of the letter the auditor will need to ensure that there is no other evidence that he has discovered during the audit which conflicts with the written representation received from management. He will then have to review the representations and decide, given the test results of the audit and his risk assessment, whether he is able to rely on the representations in order to issue an unqualified opinion upon the financial statements. 3. Work to be performed • Obtain and review all correspondence relating to the claim • Review written advice obtained from the company’s lawyers and the surveyor • Review the original contract with the customer to assess the extent of the company’s responsibilities for repairs and any time period limitations that may have been put in place. • Ascertain whether the company’s insurance covers this claim should it be payable • Examine minutes of meetings of the board and management to see how they dealt with this matter. • Review the disclosure and/or the provision to comply with IAS provisions, if appropriate. 4. Refusal to sign Where the directors refuse to sign the letter, the following procedures should be considered: • A meeting between the auditors and directors should be convened to discuss a revision of the wording of the letter, so as to allow the directors to sign the letter. • Alternatively, a letter of representation excluding the paragraph relating to the claim should be obtained. • Where management refuse to sign the letter, the auditors should prepare a statement setting out their understanding of the principle representation and ask management to confirm in writing that their understanding of the situation is correct. Where satisfactory representations are not obtained, such as the original letter is amended to exclude the claim or that the directors refuse to confirm the auditor’s explanatory statement, then the auditors will need to consider the implications of this especially with regard to a limitation on the scope of their audit. Given the refusal by the management to give satisfactory representations concerning the claim, raises uncertainty about the eventual outcome of the claim, the auditors should probably decide to qualify their audit report on the grounds of uncertainty. Page 216 s Solution 7.2 The audit objectives are: • Existence • Occurrence • Validity • Completeness • Valuation • Rights and obligations • Presentation and disclosure Page 217 s Solution 8.1 (a) (1) Auditors perform procedures designed to obtain audit evidence that all material subsequent events up to the date of their audit report have been identified and properly reflected such as by an adjustment in the figures or by appropriate disclosure in the notes. These procedures should be applied to any matters which may be prone to change after the year-end. These are in addition to normal tests on specific transactions after the year-end that are carried out during the normal course of an audit e.g. cut off tests. Non-adjusting subsequent events are disclosed in the notes to the accounts, whereas all adjusting events should be reflected in the accounts. (2) The directors are responsible for the accounts, therefore they would be expected to inform the auditors of any material subsequent events between the date of the audit report and the date the financial statements are issued by the directors. The auditors do not have any obligation to perform any additional audit procedures after the date of their report. Where the auditors become aware of any material subsequent events they should: • Establish whether there is a need to amend the financial statements • Discuss the material matters with the directors • Consider the implications for their report, taking additional appropriate actions. Where the accounts are amended, the auditors should extend their procedures to the date of their new audit report and issue a new audit report dated the day it is signed. (3) Auditors have no obligations regarding the financial statements after they have been issued by the directors. Where they have been issued but not yet laid before the shareholders and the auditors become aware of subsequent material events which might have caused them to issue a different audit report, they should carry out additional procedures such as in (2) above. Where the directors do not amend the financial statements (although the auditor feels there should be an amendment) and they have been issued but not yet laid before the shareholders, or if the directors do not intend to make an appropriate statement at the Annual Meeting, then the auditors should consider to take timely steps in order to prevent reliance on the report. The auditors have no right to communicate directly in writing to the members. (b) The audit work in relation to post balance sheet events will be largely focused on the balance sheet at the year-end. The following audit procedures should be carried out. Non current assets • Check for any disposals after the year-end which may require a write down to reflect the net realisable value of the asset at the year-end. Page 218 s • Review non current assets for obsolescence such as plant that is no longer in use and would have little residual value if disposed of. Stock • Review the selling price of major items of stock after the year-end to see if prices at the year-end still hold true. Consider writing down any stock items where prices are falling. • Review the year-end stock for obsolete, damaged or slow moving stock and consider writing down such stock to its net realisable value. Debtors • Review post year-end receipts to ensure that no write downs are necessary to the yearend debtors’ figures. • Review press and any other relevant correspondence with a view to highlighting any potential issues with major customers. • Review post year-end credit notes and returns of goods after the year-end to determine whether adjustments are required in the accounts. Cash at bank • Review the reconciled items on the bank reconciliation to ensure that they have cleared promptly after the year-end. • Write back any old outstanding cheques. • Review all material payments and receipts around the year-end to check the completeness of both the accruals and prepayments figures. Trade creditors • Review reconciling items on the supplier’s statements reconciliations to check the completeness of both the accruals and prepayments figures. Going concern problems and other matters The following procedures should be carried out as a post balance sheet review is essential in respect of going concern issues: • Review cash flow forecasts preferably at least 12 months from end of balance sheet date. • Review management accounts after the year-end. • Inspect board minutes and notes from senior management meetings after the year-end. • Seek a letter of representation from the directors stating that they have given all such information as was requested and was necessary. Non-adjusting events Review for any issues which are considered to be non-adjusting events. These should be disclosed in the accounts such as major disposals of non-current assets, accidental losses and issues of equity shares and/or debentures. Page 219 s (c) Review for instances where there have been any material post balance sheet events in this specific period, especially if there has been a undue delay. Carry out such enquiries as detailed in (b) above. In addition: • Request the directors to disclose if any further material events have occurred which might affect their opinion on the accounts being audited. • Review the latest board minutes, reports and management accounts issued since the date of the audit report. • Any uncertain matters should be reviewed again to ascertain whether there will be any effect on the accounts. • Consider any matters which may have arisen in the industry or the general economy which might affect the company and its results. Solution 8.2 Enquiries which may be made of management: • Any new commitments • Issues of shares • New developments in risk areas • Areas which involve subjective judgements • Sales of assets • Any unusual accounting adjustments • Major events affecting the business. Solution 8.3 Analytical review would generally focus on issues such as: • Accounting ratios • Related items such as turnover and commission • Changes in customers and products • Changes price and product mix • Wage variations • Trends and variations in sales and production • Variations in labour and material elements in production costs • Major spends in profit and loss account • Variations in industry and economy factors. Solution 9.1 The availability of the financial statements on the website is likely to make the audit report more available to the general public than would normally be expected when issuing a hardcopy audit report. This increases the risk for the auditor. Firstly, there is a risk that readers will misunderstand the report. The financial statements need to be read in their entirety in order to draw valid conclusions. What if the website does not have all the statements made available. Page 220 s Secondly, the general public may feel that the audit report covers all information up on the website and that they can rely on it because the auditor says it is ok. The audit report only relates to the financial statements themselves and not any other data that the company may choose to put up on the website. Finally, there is a risk that someone may alter the financial statements or even the audit report on the website. These risks only serve to expand the expectations gap between what the auditor is actually responsible for and what the general public perceives the auditor is responsible for. Furthermore, there is the possibility that the auditor’s liability may be affected by a perceived increase in his duty of care. Solution 9.2 The audit evidence in relation to the website that you will seek will relate to its existence and valuation. You could review the website online and seek advice (possible externally or internally through the company) on, whether due to its complexity or whatever, the cost to develop the site is actually borne out. Next, you could examine the related invoices and backup documentation from the supplier to ascertain whether the costs are reasonably disclosed. You should seek to examine any agreements in relation to the advertising to assess whether there is a net benefit or cost to the arrangement which may need to be disclosed and physically inspect all the sites involved to verify what is in the agreement. There are a number of implications for your audit report. In the first instance, the website would ordinarily fall within the definition of an asset and as such should be capitalised in the balance sheet and not written off in the profit and loss. The amount would be material and if the directors did not agree to an adjustment in the accounts, it is likely that an audit qualification due to disagreement would result. It is also possible that the advertising on other websites could be treated as an intangible asset. IAS 38 allows for assets to be recognised where they can be reliably measured. If there is a market for this style of advertising, then it is possible to put a value on it. However, being on someone else’s website would mean that you would have little or no control over the asset. The audit partner would have to take a view on this and it may differ from that of the company. An audit qualification could arise. Solution 9.3 There are implications in three areas of this question. Tangible fixed assets, stocks and provisions. The first area with regard to the tangible fixed assets is whether the company’s revaluation policy is correct and whether the company should capitalise the refit costs. Page 221 s IAS 16 allows assets to be held at cost or valuation. Where there are revaluations done, they should be done on a regular basis and the carrying amount must not be materially different from the value applied using a fair value at the balance sheet date. Also, the revaluation must be carried out to all assets within the same class of asset. HSF revalues it stores annually and it can be argued that the manufacturing facility is a different class of asset to the stores by its very nature and use. The refits are likely to fall within the definition of an asset especially where potential future economic benefits are expected to arise. You could argue that perhaps it should be classified as fixtures and fittings but as long as the policy is applied consistently from year to year it would appear to be reasonable. The amounts involved are material. However, there would be appear to be no issues on which there would be a disagreement nor limitations to the scope of the audit, so a unqualified report would be issued. The second area concerns the valuation of stocks. IAS 2 requires that stock is valued at the lower of cost and net realisable value. Cost being that cost of purchase, conversion or other costs incurred in bringing the stock to its present location and condition. The use of calculating cost based on selling price less a margin is permissible as long as it gives a reasonable valuation of the cost. 50% of the company’s stock is manufactured so the method of applying a margin to the selling price to derive the cost is a reasonable basis. You might suggest by way of a management letter that costing systems should be considered for the future but as long as the current policy is applied consistently and this policy gives a reasonable approximation of cost, then it is unlikely that there would be any adverse effect on the audit report. Any difference due to the approximation of costs is unlikely to be material and the auditor will only be considering material issues. The final area concerns provisions. HSF should not recognise profits on the sales which are refunded but it is reasonable to recognise profits on the exchanges (so long as the returning garments do not require a write down in value) If the refunds policy was for say 28 days, then it would be prudent for the company to have a provision which could approximate to about 1/12th of their annual margin on such sales. This amount would be considered material. Only the last month of the trading year would require a review and it would be possible to assess the levels of returns around the year end to assess whether a suitable provision is required. The audit report would only be modified where the auditors felt a provision was required and the company refused to accrue for one in the accounts. Solution 9.4 The types of audit opinions can be: • Unqualified • Qualified due to a disagreement with the company • Qualified due to a limitation in the scope of the audit. Page 222 s Solution 10.1 (1) The relevant audit tests in verifying the value attributed to development expenditure are: • Obtain a breakdown which allows tracing amounts spent to the nominal ledger and the financial statements. • Individual items should be vouched to supporting documentation. The relevant documentation will vary according to the type of expenditure, and might include requisitions, orders, goods received notes, invoices and bank statements. Labour costs should be agreed to the payroll and to other supporting evidence, such as the time sheets or job cards. Where overheads have been included in the figure, ensure that they have been calculated on a consistent basis with that used normally by the company and that the calculation appears reasonable. • The arithmetical accuracy of the schedule of the expenditure should be checked and confirmed. • Ensure that there has been no double counting. Development items capitalised should not also be charged as an expense in the profit and loss account. • Carry out a review of the development figure in order to be satisfied that it is reasonable and consistent with your knowledge of the company and its business. (2) The following audit procedures should be performed to verify the gain arising on the revaluation of non-current assets. • First, ensure that the valuer is appropriately qualified and independent of the company. If these conditions do not exist, the auditor will need to consider their possible impact on the results of the valuation. • Ensure that the valuation has been performed on a reasonable basis and is consistent with previous years. • Check that profits or losses on individual non current assets have been correctly calculated by reference to the non-current asset register and the detailed analysis of the revaluation. • Check the arithmetical accuracy of the compilation of the revaluation schedule. (3) IAS 38 lays down the basis on which development costs can be carried forward. They may be carried forward only to the extent that they represent an asset which is likely to generate future economic benefits for the company. It would not be prudent to carry forward expenditure which is not reasonably expected to generate benefits in the future. According to IAS 38, development expenditure should be written off in the year it is incurred, unless the following can be demonstrated: • The project is technical feasible • There is an intention to complete the asset and use or sell it • Details on how the asset will generate future economic benefits • There exists the availability of resources to complete the development and use or sell the asset • The expenditure attributable to the development can be measured reliably. Page 223 s (4) The decision to finance development internally has resulted in an increase in current liabilities and a decrease in cash and bank balances. This may lead to liquidity problems in the future, especially since the company will still need funds to complete the new project. These funds will have to be generated either by the sale of further investments, the raising of directors loans or outside investor or by the issue of shares. If funding is not available, the development expenditure should be written off on the basis that it will not be possible to complete the development project. This would eliminate the accumulated profit reserve and could create doubts about the company’s status as a going concern. The auditor should discuss with the directors their plans for obtaining additional finance and request that they produce cash flow forecasts to support these. If the auditor does not obtain satisfactory evidence of the company’s ability to obtain funding, it may be necessary to qualify the audit report on the grounds of going concern problems. Solution 10.2 1. Investment in Ladies Ltd The following matters need to be considered: (a) Inclusion in Ace’s accounts The investment may meet the criteria under IAS 28 for the investment to be accounted for as an associate. The main issue is the existence of significant influence. A company holding 20% or more of the voting rights in a company is presumed to exercise a significant influence. If the entity meets the criteria for an associate, it should be included in Ace’s accounts as a fixed asset investment at cost or less where costs overstate the value of the asset. (b) Requirement for group accounts Both companies may represent a group for which group financial statements are required, notwithstanding the fact that there is no subsidiary involved and consolidated financial statements are not required. If group accounts are required, a further set of accounts with Ladies Ltd equity accounted is required or alternatively, Ace’s accounts could contain additional disclosure notes. The Ace group might be exempted from group accounts if the group is small or medium sized. Pre-tax profits of RWF1.5m and the cost of the investment to of RWF800k give some indication that the group cannot be considered small. If group accounts are required, as auditors of Ace, our firm would be the principal auditors and we would need to liaise with the auditors of Ladies Ltd. (c) Related parties There may exist related party transactions to be disclosed under IAS24. In addition, Ace may have dividend income from Ladies Ltd that will require disclosure in the accounts. The audit evidence required will include: Page 224 s • The investment should be verified to a share cert and the auditor should review the register of members of Ladies Ltd to check whether the shares are voting or not. • The cost of the investment should be vouched to purchase documentation and the payment should be traced through the bank statements. • The auditor should review the most up to date financial information available to ensure that the cost figure still reasonable and that all dividends have been correctly accounted for. • The various ledgers and bank statements should be scrutinised to assess whether there are any related party transactions in the normal course of business and these need to be discussed with the directors. 2. Competitor The following matters need to be considered: (a) Going concern The new major competitor, the non-renewal of some contracts and the loss of personnel to the competitor may raise doubts relating to the area of going concern. The auditor must consider whether the directors assessed the impact of the new competitor on their business and whether the non-renewal of contracts was anticipated. In addition, what plans are there in place to replace the lost staff. The large drop in profit also gives rise to a going concern problem. However, there appears to have been sufficient funds available to make a substantial investment which may indicate that going concern is not an issue. These issues need to be looked into. (b) Receivables If no additional contracts are in place, both revenue and receivables will have fallen on last year and this would need to be reviewed. (c) Non-current asset impairment Significant changes such as the new competitor and the new investment have taken place which could indicate non-current asset impairment needs to be given consideration. The audit evidence required would include: • Gaining evidence about the going concern issues. Review the cash flow statement and the financial statements and assess the cash position of the company. Vouch how the investment has been financed. Review arrangements with the bank and ensure that there are sufficient funds to operate. • Discussing and documenting the loss of the contracts and the new competitor with the directors. Review budgets and sales projections and vouch against the current order book for signs that the budgets are unrealistic. • Documentary evidence of the directors’ reasons for the new investment plans. • Evidence on file that the auditor has satisfied himself that the entity will continue as a going concern or that the directors have made sufficient disclosures in the financial statements. • Reviewing the level of receivables in the light of known facts about customer contracts especially where there are discussions in the press about the financial liability of any football clubs that are customers. Page 225 s • Identifying whether the directors have carried out an impairment review and if so was it reasonable. If no impairment review was carried out, the auditors should consider whether one is required and discuss this with the directors. They should obtain written representation from the directors that no impairment review is required. 3. Legal requirements The matters to be considered include: (a) IAS37 Provisions must be considered in relation to the legal requirements to amend machinists working conditions and the increase in the national minimum wage. A provision is required if: • an enterprise has a present obligation as a result of a past event • it is probable that an outflow of resources will be required to settle the obligation and • a reliable estimate can be made of the amount of the obligation Cost of adjustment As the adjustments to the seats have not yet been made, there is no present obligation to pay for them. A financial obligation to pay for the adjustments does not exist until a contract has been formed for the adjustment. No provision is therefore required for the cost of the adjustments. Possibility of fine As the company has not made the adjustments before the required date, it is possible that there may be a fine under the legislation. However, it appears that no order has yet been made, so no provision for a fine is required. However, the matter should be disclosed as a contingent liability, were it material. Liability to employees Some of the employees are not being paid the national minimum wage. The shortfall is for 5% of employees and only a couple of months of the year, so it is extremely unlikely that this matter is material. However, the auditor must consider whether any employees are taking legal action over the health and safety issue of the seats. (b) ISA250 Both issues indicate that the company is not complying with the laws and regulations concerning health and safety and the national minimum wage. Firstly, the auditor must consider whether there is a material effect on the financial statements. Given the considerations above, it would appear that the accounts are not materially affected. Secondly, the auditor must consider whether there is a need to report non-compliance to regulatory authorities. This must be discussed with management. In this case, it is unlikely that there is such a requirement. Page 226 s The audit evidence required would include: • Identifying whether a contract has been entered into to make the adjustments to the seats. Review the board minutes and carry out discussions with the directors. • Reviewing the minutes to establish whether any fines have been levied. Review the legislation requirements and correspondence from the company lawyer. • Reviewing the payroll to assess the extent of the minimum wage issue. • Establishing from the company lawyer whether any legal action has been threatened by any of the employees over either the health and safety issues or the wage issues. Solution 11.1 You, as the audit engagement partner, would have to consider the following before issuing a reference on behalf of a client: • Is there any additional work required to give such a reference to the bank? • Should there be a separate engagement between the auditor and the bank? There may be a need for written clarification of the status of the reference such as an explanation that there has been no engagement between the parties, that no fee has been paid and that it is given to the best of knowledge at the time. • There is high risk associated with giving such an opinion due to the inherent uncertainty of future income and expenditure. In addition, the auditors are about to start the audit for the past year. As it is historical information, it may have little or no bearing on current developments giving rise to a difficulty of issuing an opinion on the current position, or for that matter periods into the future, which would be more relevant to the bank. • The risk to the auditor is greater given that a duty of care to the bank is likely to arise if such a reference is given. • Is there a need for disclaimers of liability. Legal advice should be sought as any such disclaimers will need to be reasonable in order to have legal force. Also, is there any need to negotiate a liability cap. • The form that the reference may take. It may be inappropriate to sign a bank’s preprinted document. The audit firm may have a standard reference document of its own, or may choose to draft one according to the facts. Solution 11.2 The following matters will be relevant where the directors of the company have expressed an interest in engaging the audit firm to undertake an assurance engagement in relation to their risk management and controls: 1. Acceptance You need to consider the issue of independence. It is vital that the provision of other services do not impair your objectivity towards the audit. You should obtain the client’s acknowledgement of responsibility for work done by your firm. How audit independence could be affected will depend on the exact nature of the Page 227 s service provided. It is should be noted that testing the operation of controls could be seen to be complimentary to the audit. The firm should not accept the engagement as it is currently presented. An assurance engagement needs certain elements, such as subject matter and suitable criteria. It is very difficult to give assurance on the effectiveness of risk management, as there are no recognised criteria by which to judge it. However, the firm could provide an assurance that controls are designed according to management policy and that they operate according to that policy. 2. Planning The following matters would be relevant: • Are you sufficiently independent of the client? • Are all the elements of an assurance engagement present? • Have you agreed terms with the client? • Is the criteria for assessing the subject matter suitable? In this case, the detailed management policy would be a suitable criterion for evaluating the operation of systems. • Have you assessed the materiality and risk of the engagement? These will be incorporated into the fee and will influence the detailed procedures planned and designed for the engagement. • What form will the report take? As there is no standard report, it is important for you and the client to agree the format of the report. Solution 12.1 (a) Implications of external auditors providing internal audit service International guidance suggests that external auditors can act as internal auditors as long as these services do not interfere with the exercise of managerial functions and independence of the auditor. Specifically, care must be taken not to give executive advice or to become part of the client’s executive management. There are specific problems which could occur where the external auditor provides an internal audit service: • Reporting weaknesses in internal controls in systems designed by auditor acting as internal auditors of the client • Objectively testing work carried out by internal auditors who are colleagues of the external auditors • Internal audit programmes designed to reduce the work of external auditors • Risk of breaking rules of conduct where deemed to be part of the executive management • Fee pressures arising from fees for providing internal audit service leading to breaking fee guidelines as laid down in the ethics Page 228 s (b) Effects of providing wider assurance • There is an increased risk of liability claims as the exposure has increased. • There will be additional costs to the auditor in employing suitably qualified staff to provide wider assurance such as engineering consultants, IT experts etc. • Fees charged to clients likely to increase. • Potential increased expectations of audit clients. • Wording an appropriate audit report. There is unlikely to be any standard report. (c) Evaluation of move toward business risk assurance Basic audit work is perceived as adding very little to any business so this new approach could be seen as a repackaging of existing services where auditors concentrate upon providing services which add value in the eyes of the client. The problem with this is that auditors are increasingly faced with litigation claims and should therefore provide more basic assurance. There is a risk assuming that external audit is a consultancy exercise aimed at adding value because then the traditional audit assurance will be lost and overall levels of audit risk will rise. Solution 13.1 Going Concern The concept makes the assumption that the business will continue to exist as a viable commercial entity for the foreseeable future, without the need for any significant curtailment to its present level of activity. What constitutes foreseeable future is a judgement call but the auditor should normally expect the directors to have considered information which relates to a minimum of 12 months following the date of approval of the financial statements. Issues The most common indicators suggesting going concern problems are as follows: • • • • • • • • • • • • Recurring operating losses, Dependence on overdue suppliers and other creditors to provide finance, Dependence on short term finance such as above for long term purposes, Consistent working capital deficiencies, Poor liquidity rates, High or increasing debt to equity ratios, Defaulting on loan agreements, Dividends in arrears, Restrictions placed on normal trade terms, Excessive or obsolete inventories, Long overdue receivables accounts, Deterioration of relationship with bankers, Page 229 s • The content of the order book. There are other non-financial factors that should also be considered: • • • • • • • • • • Loss of key management or staff, Significantly increasing stock levels, Work stoppages, Excessive dependence upon the success of a particular project, asset or new product, Legal issues that may affect a company’s ability to continue in business, Loss of a key franchise or patent, Loss of a principal supplier or customer, Undue influence of a market dominant competitor, Political risks, New technical developments which may render a key product obsolete. The significance of the indicators may be diminished by mitigating factors. For example, indications of a business selling fixed assets to meet cash flow demands may be mitigated by the possibility of obtaining new sources of finance. Verification of forecasts For items on the capital/disposals forecast the auditor should check that the quoted costs of proposed capital expenditures are reasonable. Items can be checked against price lists, quotes or compared with similar assets purchased in recent years. In relation to disposals the auditors should check whether the proceeds appear to be reasonable. You could relate the proceeds to the book value of the assets on the assets register. You should also assess the reasonableness of the timing of the sale. In relation to the profit forecast: • Assess whether the level of projected sales is reasonable, having regard to previous years and your knowledge of present market conditions and the state of the orders book. • Consider whether the gross profit margin appears reasonable in relation to the current and past experiences. • Compare the profit and loss items to previous years, examining any areas of significant change. Projected savings in expenditure should be justified and ensure proper provisions have been made where appropriate. The cash flow forecast should be checked as follows: • The opening balance should be checked to the draft financial statements and the cash book. • All receipts and payments should be checked against supporting documentation. • The reasonableness of the timing of future receipts and payments should be considered in the light of what is considered normal activity. • The consistency of items in the cash flow forecast should be checked against the other forecasts as well as consistency and accuracy of all forecasts in previous years. • Check all arithmetic figures. Page 230 s Solution 14.1 Importance of social and environmental issues Social and environmental issues are important to the external auditor. These matters are important to companies on whom the auditor is reporting as social and environmental matters form a necessary part of knowledge of the business. Also companies are increasingly reporting to their shareholders on matters of corporate responsibility. The external auditors report to the shareholders and have a duty to review other information presented with the audited financial statements. Impact on the financial statements Social and environmental issues can have financial implications which impact on the financial statements. • ISA 250 When planning the audit and gaining an understanding of the business, the auditors must ensure that they are aware of any relevant regulation relating to energy provision and/or piping oil which may impact on the financial statements. • Non current assets Storm appears to have accidentally disposed of a windmill in the year and three others show signs of being impaired. The auditors must ensure that the disposal has been correctly accounted for and appropriate disclosures made. The auditors must also ascertain whether Storm has conducted an impairment review and if so, whether it is appropriate and reasonable. • Going concern The loss of the windmills is likely to affect operations in the foreseeable future. However, as the vast majority of the power is for private consumption, it is likely that the other customers will still be serviced. More importantly, the auditors must assess whether the generator is in danger of being affected by the erosion as this will have a severe impact on the going concern assumption. It should be noted that the millionaire appears happy to finance the loss making business but without a generator, the business would cease. • Cracked pipe line The auditors need to assess whether this cracked pipe line gives rise to any obligation to provide a provision for repair costs. It is uncertain whether the crack will result in an oil spill and resulting environmental costs and the auditors may need to obtain the opinion of an expert engineer as to the likelihood of that happening. If contamination is possible or probable, there may be a contingent liability arising in respect of fines, compensation or clean up costs. The impact of any such provisions could have a serious effect on the company’s ability to continue as a going concern. Page 231 s • Investment Storm is a co owner of the pipeline. The auditors need to examine the details of this investment to determine whether the pipeline is a non current or current assets or whether it would constitute a joint venture. Solution 15.1 1. Planning issues Engagement letters The audit firm needs to ensure that every entity that it audits is covered in an engagement letter so there is no confusion over the audit that is undertaken. ABC Ltd requires a new engagement letter itself because of the radical overhaul of its business and the impact that it will have on its own audit. Impact on ABC Ltd individual accounts • Accounting for the investments in subsidiaries. The auditors need to establish what the credit accounting entries were in ABC Ltd’s financial statements. If the trade and assets have been transferred, ABC Ltd’s balance sheet is likely to be substantially different from the previous year. As the firm were probably involved in the reconstruction and may have advised the journals, this information should be available at the firm. • Profit on sale. The auditors need to establish whether a profit or sale was made on the transfer of assets to the subsidiaries, as this may require special disclosure under IAS 8. • Other items requiring special disclosure. The auditors should consider whether any costs of reconstruction e.g. legal fees or accountancy fees represent exceptional costs under the requirements of IAS 8. If this were the case, these would also require special disclosure. • Discontinued operations. Disclosures should be made in the previous year’s accounts for discontinued operations under IAS 35. This should be checked in the comparatives for this year. • Accounting for the investments in a joint venture. In the individual financial statements of ABC Ltd, this should be accounted at cost. The auditors will need to check that the joint ventures qualify as a joint venture accounting purposes under the requirements of IAS 31. New subsidiaries The audit firm will have to ensure that financial statements are being drafted for the new subsidiaries and that these are to be audited. They will have to determine an audit approach for these new audits. It is likely that they will be able to make use of analytical evidence Page 232 s from the previous business of ABC Ltd, so while these will be the first year audits in many ways they will not be as risky as first year audits can be. Related party transactions In the individual company accounts there may be some related party transactions, which require disclosure under IAS 24. Some subsidiaries are not required to make disclosures. If ABC Ltd’s parent accounts are published with the group accounts the parent does not have to make disclosures either. The relationships between the companies and directors and the ultimate controlling party will all require disclosure in the accounts. When the accounts are consolidated, inter-company trading will drop out, but the controlling party will still require disclosure. Consolidation • Required? The audit firm must determine whether the group will be required to publish group accounts. This will depend upon its size. If it qualifies as a small group, it may be exempt. • Audited. If the company is required to produce group accounts then the consolidated accounts must be audited. • Other auditors. See below. • Accounting. The subsidiaries will require consolidating into the results of the group. The joint investment should be included in the group accounts using the equity method. Inter-company transactions will have to be stripped out. • Drafting. The audit firm should determine who is to draft any required group accounts, in case the client would like them to. This would have to be included in the engagement letter and would also impact upon new fee quotes for the group. Arrangements with the other auditors • Evaluation. The firm is the principal auditor for the group, so it will need to evaluate the second audit firm (David Beckham and co) to assess to what degree it is happy to rely on the audit of AC designs. It will need to satisfy itself particularly that the audit is going to be objective and independent, due to the personal relationship between the audit partner and director of the firm. The firm may feel that the relationship is far too close, the audit will not be objective, in which case they would have to discuss this matter with the directors of AC designs. • Procedures. If the auditors are happy that the audit will be objective and they are satisfied with the qualifications, resources and reputation of the other auditors, they will then have to discuss the procedures and audit approach with the other auditors. • Timing. The principal auditors will also need to outline the deadlines that they are working to so the time requirement for the audit of AC designs to be completed. Costs and time budgets As the group is new, it is difficult to determine the time that will be taken to complete the audit of the group and this may impact upon the fee. The engagement partner should discuss Page 233 s the fee level with the directors and possible arrange a margin by which it might rise, as it becomes apparent how long the audit will be. The auditors will require good time budgets upon which to base future audits and billings. The audit plan should require that very detailed time records are maintained in particular, outlining time spent in the main because the audit of the group was new and on the restructuring. 2. Audit of a consolidation • Check the transposition from the audited accounts of each subsidiary/associate to the consolidation schedules. • Check that the adjustments made on consolidation are appropriate and comparable with the previous year. This will involve recording the dates and costs of acquisitions of subsidiaries and the assets required. Calculate goodwill and pre-acquisition reserves on consolidation. Prepare an overall reconciliation of movement on reserves and minority interests. • Check for acquisitions. Check whether acquisitions or merger accounting has been appropriately used, the appropriateness of the date used as the date of acquisition, and the treatment of the results of investments acquired during the year. If acquisition accounting has been used, check that the fair value of acquired assets and liabilities is reasonable to ascertainable market value by use of an expert. Check goodwill has been calculated correctly and if amortised period of amortisation is reasonable. • Check for disposals. Check the appropriateness of the date used as the date for disposal. This can be agreed to sales documentation. • Check whether the results of the investment have been included up to the date of disposal and whether figures used are reasonable. Audited figures may not be available and management accounts may have to be to be used. • Consider whether previous treatment of existing subsidiaries or associates is still correct considering influence and degree of control. • Verify the arithmetical accuracy of the consolidation workings. • Review the consolidated accounts for compliance with the law and standards and other relevant regulations. Care will need to be taken where: - Group companies do not have coterminous accounting periods - Subsidiaries are not consolidated - Accounting policies of group members differ because foreign subsidiaries operate under different rules • Other important areas include: - Treatment of participating interests and associates - Treatment of goodwill and intangible assets - Foreign currency translation - Treatment of loss making subsidiaries - Treatment of restrictions on distribution of profits of a subsidiary - Review the consolidated accounts to confirm they give a true and fair view. Page 234 s
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : Yes Encryption : Standard V4.4 (128-bit) User Access : Print, Print high-res Author : DAVID O'DOWD Company : Hewlett-Packard Create Date : 2012:09:19 11:52:44+01:00 Modify Date : 2012:09:19 11:54:06+01:00 Source Modified : D:20120911124348 Subject : Tagged PDF : Yes XMP Toolkit : Adobe XMP Core 5.2-c001 63.139439, 2010/09/27-13:37:26 Metadata Date : 2012:09:19 11:54:06+01:00 Creator Tool : Acrobat PDFMaker 10.1 for Word Document ID : uuid:bae8abc3-71b8-4d78-ae0e-2a16279aef18 Instance ID : uuid:8fa18209-b9f2-4d98-af13-0a04c692d2cc Format : application/pdf Title : AUDIT PRACTICE Description : Creator : DAVID O'DOWD Producer : Adobe PDF Library 10.0 Keywords : Page Layout : OneColumn Page Count : 236EXIF Metadata provided by EXIF.tools