Professional Documents
Culture Documents
Aa PDF
Aa PDF
Aa PDF
chapter I
of modern auditing
Introduction
Topic List
I Role of auditing
2 The audit process
3 Statutory audit requirement
4 Legal responsibilities
5 International standards on auditing
6 Quality control
7 Documentation
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
Role of auditing
In some instances this 'expectation gap' can lead to difficulties arising from the difference between what
shareholders expect an audit to achieve and what it is designed to achieve. The public increasingly expect
the following types of questions to be answered:
~ Is the company a going concern?
~ Is the company managed effectively?
~ Is there an adequate system of controls?
~ Is the company susceptible to fraud?
As Audit Quality states:
'A continuing challenge facing those with an interest in corporate governance and every auditor is
communicating the purpose, ambit and limitations of the audit.'
Definition
True: The information in the financial statements is not false and conforms to reality.
In practical terms this means that the information is presented in accordance with accounting standards
and law. The f1nancial statements have been correctly extracted from the underlying records and
those records reflect the actual transactions which took place.
Definition
Fair: The financial statements reflect the commercial substance of the company's underlying transactions
and the information is free from bias.
You will have come across examples of the application of substance over form in your financial reporting
studies e.g. the treatment of a finance lease.
The problem with making judgements such as these is that they can be called into question, particularly
where others have the benefit of hindsight. The major defence that the auditor has in this situation is to
show that the work was performed with due skill and care and that the judgements made about truth
and fairness were reasonable based on the evidence available at the time. We will look at quality control in
Section 6 of this chapter. Auditor liability is covered in Chapter I 0.
2.1 Overview
You will have covered the audit process in you earlier studies. The following diagram summarises the key
points you should be familiar with. Chapters 4 - 6 of this text cover the audit in more detail.
Point to note
BSA 200 requires that the audit should be planned and performed with an attitude of professional
scepticism.
4 Legal responsibilities
(c) the amount, if any, which the board recommends should be paid by way of dividend;
{d) material changes and commitments, if any, affecting the financial position of the company which
have occurred between the end to the financial year of the company of which the balance sheet
related and the date of the report:
(2) The board's report shall, so far as is material for the appreciation of the state of company's affairs
by its members, deal with any changes which have occurred during the financial year:-
{a) in the nature of the company's business;
(b) in the company's subsidiaries or in the nature of the business carried on by them; and
(c) generally in the classes of business in which the company has an interest.
{3) The board shall also be bound to give the fullest information and explanations in its report
aforesaid on every reservation, qualification or adverse remark contained in the auditor's report.
(4) The board's report and any addendum thereto shall be signed by its chairman if he is authorised in
that behalf by the board, and, where he is not so authorised, shall be signed by such number of
director as are required to sign the balance sheet and the profit and loss account or the income and
expenditure account of the company.
~ Directors' and officers' insurance
Generally a company cannot indemnify a director against a liability arising from an act of negligence,
'" default or breach of duty. However, this statutory provision does not prevent a company from buying
and maintaining insurance against such a liability.
~ Safeguarding the assets
Responsibilities to safeguard the assets of the company includes the prevention and detection of
fraud. One of the main ways in which this duty can be carried out is to implement an effective
system of controls.
The auditor also has a duty towards other information in documents containing audited financial statements
in accordance with BSA 720 Other Information in Documents Containing Audited Financial Statements (see
Chapter 6).
5.1 Introduction
You will have covered the regulatory framework affecting the issue of International Standards on Auditing
(ISAs) including the role of the International Auditing and Assurance Standards Board (IAASB) in your Audit
and Assurance studies at the professional level. This section therefore provides a brief summary of the key
points.
5.2 Overview
The system in Bangladesh currently works as follows:
IAASB
Issues
BSA as used by
Bangladesh
Auditors
ICAB
Adopts
6 Quality control
The firm is responsible for the ongoing excellence of its staff, through continuing professional
development, education, work experience and coaching by more experienced staff.
The assignment of engagement teams is an important matter in ensuring the quality of an
individual assignment.
This responsibility is given to the audit engagement partner. The firm should have policies and
procedures in place to ensure that
~ Key members of client staff and those charged with governance are aware of the identity of
the audit engagement partner
~ The engagement partner has appropriate capabilities, competence, authority and time to
perform the role
~ The engagement partner is aware of his/her responsibilities as engagement partner
The engagement partner should ensure that he assigns staff of sufficient capabilities, competence and
time to individual assignments so that he will be able to issue an appropriate report.
(6) Monitoring
The standard states that firms must have policies in place to ensure that their quality control
procedures are:
~ Relevant
~ Adequate
~ Operating effectively
~ Complied with
In other wqrds, they must monitor their system of quality control. Monitoring activity should be
reported on to the management of the firm on an annual basis.
There are two types of monitoring activity, an ongoing evaluation of the system of quality control
and period inspection of a selection of completed engagements. An ongoing evaluation might include
such questions as, 'has it kept up to date with regulatory requirements?'
A period inspection cycle would usually fall over a period such as three years, in which time, at least
one engagement per engagement partner would be reviewed.
The people monitoring the system are required to evaluate the effect of any deficiencies found. These
deficiencies might be one-offs. Monitors will be more concerned with systematic or repetitive
deficiencies that require corrective action. When evidence is gathered that an inappropriate report
might have been issued, the audit firm may want to take legal advice.
Corrective action
~ Remedial action with an individual
~ Communication of findings with the training department
~ Changes in the quality control policies and procedures
~ Disciplinary action, if necessary
Point to note
All quality control policies and procedures 'should be documented and communicated to the firm's
personnel'
~ Supervision
Supervision includes:
Tracking the process of the audit engagement
Considering the capabilities of individual members of the engagement team and that they
understand their instructions
Addressing issues that arise and modifying the audit approach if appropriate
Identifying matters for consultation or consideration by more senior members of the audit
engagement.
~ Review
Reviewing concerns the inspection of work by engagement members by more senior members of the
same engagement. This includes ensuring that:
The work has been carried out in accordance with professional and regulatory requirements
Significant matters are given further consideration
Appropriate consultations have taken place and have been documented
Where appropriate the planned audit work is revised
The work performed supports the conclusions
The evidence obtained supports the audit opinion
The objectives of the engagement have been achieved
~ Internal monitoring
This essentially represents an 'internal audit' performed by staff independent of the audit team.
~ External monitoring
External monitoring is to be carried out through the ICAB QAD visit. Reports from the QAD visit
provide independent feedback on a firm's quality review processes and provide an opportunity to
measure them against good practice elsewhere.
The former engagement partner to Wicker retired two months ago. As the audit manager had dealt with Wicker
for so many years, the other partners have decided to leave the audit of Wicker largely in his hands.
Requirement
7 Documentation
7 .I Audit documentation
Audit documentation is a key part of the overall quality control framework during the course of an audit.
All audit work must be documented: the working papers are the tangible evidence of all work done in
support of the audit opinion. BSA 230 Audit Documentation provides guidance on this issue.
In your previous studies, you have learnt the practical issues surrounding how audit papers should be
completed. The key general rule concerning what to include on a working paper to remember, is:
'What would be necessary to provide an experienced auditor, with no previous connection with the
audit, with an understanding of the nature, timing, and extent of the audit procedures performed to
comply with the ISAs and applicable legal and regulatory requirements and the results of the audit
procedures and the audit evidence obtained, and significant matters arising during the audit and the
conclusions reached thereon.'
The key reason for having audit papers therefore is that they provide evidence of work done. They may be
required in the event of litigation arising over the audit work and opinion given.
The BSA sets out certain requirements about what should be recorded, such as the identifying
characteristics of the specific items being tested.
It also sets out points an auditor should record in relation to significant matters. These include:
~ Discussions undertaken with directors and
~ How the auditor addressed information that appeared to be inconsistent with his conclusions in
relation to significant matters.
If an auditor felt it necessary to depart from customary audit work required by audit standards, he should
document why, and how the different test achieved audit objectives.
The BSA also contains details about how the audit file should be put together and actions in the event of
audit work being added after the date of the audit report (for example, if subsequent events results in
additional work being carried out}. You should be familiar with these points from your earlier studies.
7.2 R~view
We shall briefly revise here the review of working papers. Review of working papers is important, as it
allows a more senior auditor to evaluate the evidence obtained during the course of the audit for
sufficiency and reliability, so that more evidence can be obtained to support the audit opinion, if required. lt.
is an important quality control procedure.
Work performed by each assistant should be reviewed by personnel of appropriate experience to consider
whether:
~ The work has been performed in accordance with the audit programme.
~ The work performed and the results obtained have been adequately documented.
~ Any significant matters have been resolved or are reflected in audit conclusions.
~ The objectives of the audit procedures have been achieved.
~ The conclusions expressed are consistent with the results of the work performed and support the
audit opinion.
The following should be reviewed on a timely basis.
~ The overall audit strategy and the audit plan
~ The assessments of inherent and control risks
~ The results of control and substantive procedures and the conclusions drawn including the
results of consultations
~ The financial statements, proposed audit adjustments and the proposed auditors' report
In some cases, particularly in large complex audits, personnel not involved in the audit may be asked to
review some or all of the audit work, the auditors' report etc. This is sometimes called a peer review or
hot review.
Requirement
Explain to the junior why the evidence collected is insufficient, and detail the action necessary to complete
the audit procedures. Refer to your objectives in reviewing audit documentation as a format for your
answer.
Summary
Ethics
Introduction
Topic List
I Relevance of ethics
2 Ethical codes and standards
3 Making ethical judgements
Summary and Self-test
Answers to Self-test
Answers to Interactive questions
Appendix I
Relevance of ethics
1.1 Introduction
In general terms ethics is a set of moral principles and standards of correct behaviour. Far from
being noble ideals which have little impact on real life they are essential for any society to operate and
function effectively. Put simply, they help to differentiate between right and wrong, although their
application often involves complex issues, judgement and decisions. Whilst ethical principles can be
incorporated into law in many cases their application has to depend on the self-discipline of the individual.
This principle can be seen to apply to society as a whole, the business community and the accounting
profession.
are maintained but also provides protection for the professional providing a benchmark against which
any alleged failings can be measured.
~ The IFAC Code considers that there are two general categories of safeguard:
(I} Safeguards created by the profession, legislation or regulation
Education, training and experience requirements for entry into the profession
Continuing professional development requirements
Corporate governance regulations (see Chapter 3}
Professional standards (See Chapter I}
Professional or regulatory monitoring and disciplinary procedures
External review by legally empowered third party of the reports, returns, communications
or information produced by a professional accountant
(2} Safeguards within the work environment
These may be:
Firm wide e.g. leadership of the firm that stresses the importance of compliance with
fundamental principles
Engagement specific e.g. rotating senior assurance team personnel
~ Safeguards in the work environment may differ according to whether a professional accountant works
in public practice, in business or in insolvency.
~ When evaluating safeguards what a reasonable and informed third party, having knowledge of all
relevant information, including the significance of the threat and the safeguards applied, would
conclude to be unacceptable should be considered.
I
38 © The Institute of Chartered Accountants in England and Wales, March 2009
ETHICS
2.4 Confidentiality
~ Information received in confidence should not be disclosed except in the following circumstances:
Where disclosure is permitted by law and is This might include circumstances where an
authorised by the client or the employer. employee has committed a fraud and the
management are in agreement that the police
should be informed.
Where disclosure is required by law For example: .;.·.·
Where there is a professional duty or right In this instance disclosure can be made if it is in the
to disclose, when not prohibited by law. 'public interest' to do so.
~ Confidential information should not be used for personal advantage or the advantage of third parties
e.g. insider trading
~ Applying this guidance will involve difficult judgements, particularly in making the decision as to
whether disclosure is in the public interest. Other specific matters which may need to be
considered include:
BSA 240 The Auditor's Responsibility to Consider Fraud in an Audit of Financial Statements
(see Chapter I0)
BSA 250 Considerations of Laws and Regulations in an Audit of Financial Statements (see Chapter I0)
Procedures to prevent access to information e.g. physical separation of teams and audit evidence
Clear guidelines for members of the engagement team on issues of security and confidentiality
The use of confidentiality agreements signed by employees
Regular reviews of the application of safeguards by a senior individual not involved with the
relevant client engagement.
~ Where safeguards do not mitigate the risks sufficiently the professional accountant should not
accept the engagement or should cease to act for one of the parties.
The ICAB Code sets out a framework that accountants can follow when faced with these issues, which may
be set out as framework as follows, and you may find useful when considering ethical problems in the exam.
The ICAB Code suggests that the resolution process should consider the following:
-----------------------------------------------------------
Relevant facts This may involve:
~ Referring to the organisation's policy,
procedures, code of conduct and previous
history
~ Discussing the matter with trusted managers
and employees.
Relevant parties These may include those directly affected e.g.
shareholders, employees and employers but may
also include the community at large.
Ethical issues involved
----------------------
These include:
---------------
~ Professional ethical issues
~ Organisational ethical issues
~ Personal ethical issues
Fundamental principles related to the This will involve reference to the relevant ethical
matter in question guidance e.g. ICAB Code
Established internal procedures The professional accountant may find it useful to
discuss ethical conflict issues with:
~ Immediate superior
~ The next level of management
~ A corporate governance body
~ Other departments e.g. legal, audit, human
resources
Consideration should also be given to the point at
which help is sought from external sources e.g.
ICAB. Generally it would be preferable for the
conflict to be resolved without externa_l
consultation.
Alternative courses of action The following should be considered:
~ The organisation's policies, procedures and
guidelines
~ Applicable laws and regulations
~ Universal values and principles adopted by
society
~ Long and short-term consequences
~ Symbolic consequences
~ Private and public consequences
Where the conflict is significant and cannot be resolved the accountant would need to seek legal advice.
After exhausting all other possibilities and depending on the nature of the conflict, the individual may
conclude that withdrawal from the engagement team or resignation from the firm/employing organisation is
appropriate.
Point to note
Withdrawal/resignation would be seen very much as a last resort.
Summary
Governance
Introduction
Topic List
I Relevance of corporate governance
2 Corporate governance concepts
3 The Code of Corporate Governance
4 Role of the board
5 Associated guidance
6 OECD principles of corporate governance
7 Sarbanes-Oxley
8 Evaluation of corporate governance mechanisms
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
1.1 Introduction
Corporate governance potentially covers a wide range of issues and disciplines from company secretarial
and legal through business strategy, executive and non-executive management and investor relations to
accounting and information systems.
Corporate governance issues came to prominence in the business world from the late 1980s. The main
drivers associated with the increasing demand for developments in this area included the following:
~ Financial reporting
Issues concerning financial reporting were raised by many investors and were the focus of much
debate and litigation. Shareholder confidence in what was being reported in many instances was
eroded. Whilst corporate governance development is not just about better financial reporting
requirements, the regulation of creative accounting practices, such as off-balance sheet financing,
has led to greater transparency and a reduction in risks faced by investors.
Corporate scandals
The early 1990s saw an increasing number of high profile corporate scandals and collapses including
Polly Peck International, BCCI, and Maxwell Communications Corporation. This prompted the
development of governance codes in the early 1990s. However, the scandals since then, including
En ron, have raised questions about further measures that may be necessary.
~ Excessive directors' remuneration
Directors being paid excessive salaries and bonuses has been seen as one of the major corporate
issues for a number of years. Whilst CEOs have argued that their packages reflect the global market,
shareholders and employees are concerned that these are often out of step with the remuneration of
other employees and do not reflect the performance of the company.
Definition
Corporate governance: The system by which organisations are directed and controlled.
An alternative definition is:
Corporate governance: The set of processes, customs, policies, laws and institutions affecting the way in
which an entity is directed, administered or controlled. Corporate governance serves the needs of
shareholders, and other stakeholders, by directing and controlling management activities towards good
business practices, objectivity and integrity in order to satisfy the objectives of the entity.
One view of governance is that it is based on a series of underlying concepts. These are important as
good corporate governance depends on a willingness to apply the spirit of the guidance as well as the
letter ofthe law.
2.1 Fairness
The directors' deliberations and also the systems and values that underlie the company must be balanced
by taking into account everyone who has a legitimate interest in the company, and respecting their rights
and views. In many jurisdictions, corporate governance guidelines reinforce legal protection for certain
groups, for example minority shareholders.
2.2 Openness/transparency
In the context of corporate governance, transparency means corporate disclosure to stakeholders.
Disclosure in this context obviously includes information in the financial statements, not just the numbers
and notes to the accounts but also narrative statements such as the directors' report and the operating and
financial review. It also includes all voluntary disclosure, that is disclosure above the minimum required
by law or regulation. Voluntary corporate communications include:
~ Management forecasts
~ Analysts' presentations
~ Press releases
~ Information placed on websites
~ Other reports such as stand-alone environmental or social reports.
The main reason why transparency is so important relates to the agency problem, that is the potential
conflict between owners and managers. Without effective disclosure the position could be unfairly weighted
towards managers, since they normally have far more knowledge of the company's activities and financial
situation than owners/investors. Reducing this information asymmetry requires not only effective
disclosure rules, but strong internal controls that ensure that the information that is disclosed is reliable.
2.3 Independence
Independence is an important concept in relation to directors (as well as auditors). Corporate governance
reports have increasingly stressed the importance of independent non-executive directors; directors
who are not primarily employed by the company and who have very strictly controlled other links with it.
They should be free from conflicts of interest and in a better position to promote the interests of
shareholders and other stakeholders. Freed from pressures that could influence their activities,
independent non-executive directors should be able to carry out effective monitoring of the company in
conjunction with independent external auditors on behalf of shareholders and other stakeholders.
2.4 Probity/honesty
Hopefully this should be the most self-evident of the principles, relating not only to telling the truth, but
also not misleading shareholders and other stakeholders by presenting information in a biased way.
2.5 Responsibility
For management to be held properly responsible, there must be a system in place that allows for
corrective action and penalising mismanagement. Responsible management should do, when
necessary, whatever it takes to set the company on the right path.
The board of directors must act responsively to, and with responsibility towards, all stakeholders of the
company. However the responsibility of directors to other stakeholders, both in terms of to whom they
are responsible and the extent of their responsibility, remains a key point of contention in corporate
governance debates.
2.6 Accountability
Corporate accountability refers to whether an organisation (and its directors) are answerable in some
way for the consequences of their actions.
The UK Combined Code emphasises that boards of directors are accountable to shareholders. (See section
3). However, the Code stresses that making the accountability work is the responsibility of both parties.
Directors, as we have seen, do so through the quality of information that they provide whereas
shareholders do so through their willingness to exercise their responsibility as owners, which means
using the available mechanisms to query and assess the actions of the board.
As with responsibility one of the biggest debates in corporate governance is the extent of management's
accountability towards other stakeholders such as the community within which the organisation
operates.
2. 7 Reputation
In the same way directors' concern for an organisation's reputation will be demonstrated by the extent to
which they fulfil the other principles of corporate governance. There are purely commercial reasons for
promoting the organisation's reputation, that the price of publicly traded shares is often dependent on
reputation and hence reputation is often a very valuable asset of the organisation.
2.8 judgement
Judgement means the board making decisions that enhance the prosperity of the organisation. This
means that board members must acquire a broad enough knowledge of the business and its
environment to be able to provide meaningful direction to it. This has implications not only for the
attention directors have to give to the organisation's affairs, but also the way the directors are recruited
and trained.
The complexities of senior management mean that the directors have to bring multiple conceptual skills
to management that aim to maximise long-term returns. This means that corporate governance can involve
balancing many competing people and resource claims against each other.
2.9 Integrity
The UK Combined Code provides the following definition:
Definition
Integrity: Straightforward dealing and completeness. What is required of financial reporting is that it
should be honest and that it should present a balanced picture of the state of the company's affairs. The
integrity of reports depends on the integrity of those who prepare and present them.
Integrity can be taken as meaning someone of high moral character, who sticks to principles no matter
the pressure to do otherwise. In working life this means adhering to principles of professionalism and
probity. Straightforward dealing in relationships with the different people and constituencies whom
you meet is particularly important; trust is vital in relationships and belief in the integrity of those with
whom you are dealing underpins this.
The UK Combined Code definition highlights the need for personal honesty and integrity of preparers
of accounts. This implies qualities beyond a mechanical adherence to accounting or ethical regulations or
guidelines. At times accountants will have to use judgement or face financial situations which aren't covered
by regulations or guidance, and on these occasions integrity is particularly important.
Integrity is an essential principle of the corporate governance relationship, particularly in relation to
representing shareholder interests and exercising agency. As with financial reporting guidance, ethical codes
don't cover all situations and therefore depend for their effectiveness on the qualities of the accountant. In
addition we have seen that a key aim of corporate governance is to inspire confidence in participants in the
market and this significantly depends upon a public perception of competence and integrity.
Provided, however, that in the case of banks and non-bank financial institutions, insurance companies and
statutory bodies for which separate primary regulators like Bangladesh Bank, Department of Insurance etc.
exist, the Board of those companies should be constituted as may be prescribed by such primary regulators
in so far as those prescriptions are not inconsistent with the aforesaid condition.
(i) At least one tenth ( 1/1 0) of the total number of the company's board of directors, subject to a minimum
of one, should be independent directors.
Explanation: For the purpose of this clause "independent director" means a director who does not hold any
share in the company or who holds less than one percent (I%) shares of the total paid-up shares of the
company, who is not connected with the company's promoters or directors or shareholder who holds one
percent (I%) or more than one percent (I%) shares of the total paid-up shares of the company on the basis
of family relationship; who does not have any other relationship, whether pecuniary or otherwise, with the
company or its subsidiary/ associated companies, who is not a member, director or officer of any stock
exchange, and who is not a shareholder, director or officer of any member of stock exchange or an
intermediary of the capital market.
(a) The financial statements prepared by the management of the issuer company present fairly its state of
affairs, the result of its operations, cash flows and changes in equity.
(b) Proper books of account of the issuer company have been maintained.
(c) Appropriate accounting policies have been consistently applied in preparation of the financial statements
and that the accounting estimates are based on reasonable and prudent judgment.
(d) International Accounting Standards, as applicable in Bangladesh, have been followed in preparation of the
financial statements and any departure therefrom has been adequately
disclosed.
(e) The system of internal control is sound in design and has been effectively implemented and monitored.
(f) There are no significant doubts upon the issuer company's ability to continue as a going concern. If the
issuer company is not considered to be a going concern, the fact along with reasons thereof should be
disclosed.
(g) Significant deviations from last year in operating results of the issuer company should be highlighted and
reasons thereof should be explained. (h) Key operating and financial data of at least preceding three years
should be summarised.
(i) If the issuer company has not declared dividend (cash or stock) for the year, the reasons thereof should
be given.
(j} The number of Board meetings held during the year and attendance by each director should be
disclosed.
(k} The pattern of shareholding should be reported to disclose the aggregate number of shares (along with
name wise details where stated below) held by:-
(i} Parent/Subsidiary/Associated companies and other related parties (name wise details);
(ii} Directors, Chief Executive Officer, Company Secretary, Chief Financial Officer,
Head of Internal Audit and their spouses and minor children (name wise details);
(iii) Executives; and
(iv) Shareholders holding ten percent (I 0%) or more voting interest in the company (name wise details).
Explanation: For the purpose of this clause, the expression "executive" means top five salaried employees of
the company, other than the Directors, Chief Executive Officer, Company
Secretary, Chief Financial Officer and Head of Internal Audit.
3.1.2 Chief Financial Officer (CFO), Head Of Internal Audit And Company Secretary:
3.1.2.1 Appointment
The company should appoint a Chief Financial Officer (CFO), a Head of Internal Audit and a Company
Secretary. The Board of Directors should clearly define respective roles, responsibilities and duties of the
CFO, the Head of Internal Audit and the Company Secretary.
(ii) The Board of Directors should appoint members of the Audit Committee who should be directors of
the company and should include at least one independent director.
(iii) When the term of service of the Committee members expires or there is any circumstance causing any
Committee member to be unable to hold office until expiration of the term of service, thus making the
number of the Committee members to be lower than the prescribed number of 3 (three) persons, the
Board of Directors should appoint the new Committee member(s) to fill up the vacancy(ies) immediately or
not later than I (one) month from the date of vacancy(ies) in the Committee to ensure continuity of the
performance of work of the Audit Committee.
(i) The Board of Directors should select I (one) member of the Audit Committee to be Chairman of the
Audit Committee.
(ii) The Chairman of the audit committee should have a professional qualification or knowledge,
understanding and experience in accounting or finance.
(i) The Audit Committee should report on its activities to the Board of Directors.
(ii) The Audit Committee should immediately report to the Board of Directors on the following findings, if
any:-
If the Audit Committee has reported to the Board of Directors about anything which has material impact
on the financial condition and results of operation and has discussed with the
Board of Directors and the management that any rectification is necessary and if the Audit Committee finds
that such rectification has been unreasonably ignored, the Audit Committee should report such finding to
the Commission, upon reporting of such matters to the Board of Directors for three times or completion
of a period of 9 (nine) months from the date of first reporting to the Board of Directors, whichever is
earlier.
Report on activities carried out by the Audit Committee, including any report made to the Board of
Directors under condition 1.7.3.1 (ii) above during the year, should be signed by the Chairman of the Audit
Committee and disclosed in the annual report of the issuer company.
The issuer company should not engage its external/statutory auditors to perform the following services of
the company; namely:-
The directors of the company shall state, in accordance with the annexure attached, in the directors' report
whether the company has complied with these conditions.
Organisational structure
Integrity, dedication and opportunity to spare time for the committee will have to be considered while
giving nomination to a director to the committee
Each member should be capable of making valuable and effective contributions in the functioning of the
committee;
To perform his or her role effectively each committee member should have adequate understanding of the
detailed responsibilities of the committee membership as well as the bank's business, operations and its
risks.
Internal control
Evaluate whether management is setting the appropriate compliance culture by communicating the
importance of internal control and the management of risk and ensuring that all employees have,
understanding of their roles and responsibilities.
Review the arrangements made by the management for building a suitable management information system
(MIS) including computerisation system and its applications
Consider whether internal control strategies recommended by internal and external auditors have been
implemented by the management
Review the existing risk and management procedures for ensuring an effective internal check and control
system
Review the corrective measures taken by the management as regards the reports relating to fraud, forgery,
deficiencies in internal control or other similar issues detected by internal and external auditors and
inspectors of the regulatory authority and inform the board on a regular basis.
Financial reporting
Review the annual financial statements and determine whether they are complete and consistent with the
accounting standards set by the regulatory authority
Meet with management and the external auditors to review the financial statements before their finalisation.
Internal audit
Review the activities and organisational structure of the internal audit function and ensure that no
unjustified restrictions or limitations is made;
Review that findings and recommendations made by the internal auditors for removing the irregularities
detected and running the affairs of the bank are duly considered by the management.
External audit
Review the audit performance of the external auditors and their audit reports
Review that findings and recommendations made by the external auditors for removing the irregularities
detected and also running the affairs of the. bank are duly considered by the management
Make recommendations to the board regarding the appointment of the external auditors.
Review whether the laws and regulations framed by the regulatory authorities (central bank and other
bodies) and internal regulations approved by the board have been complied with.
Other responsibilities
Place compliance report before the board on quarterly basis regarding regularisation of the errors and
omissions fraud and forgeries and other irregularities as detected by the internal and external auditors and
inspectors of regulatory authorities/Bangladesh Bank.
Perform other oversight functions as requested by the board and evaluate the committee's own
performance on a regular basis.
3.2.2 Bangladesh Bank has also issued a guideline on the implementation of 'Money Laundering
Prevention Act 2002'.
3.2.3 Bangladesh Bank has issued guidelines for managing core risks in banking companies as
well as internal control implementation techniques for banking companies.
The main principles for companies themselves cover directors, remuneration, accountability/audit and
relations with shareholders. In summary they are as follows:
A. Directors:
B. Remuneration:
··-
Advanc~d Stage -Advanced Audit and Assurance
C. Accountability/audit:
I Rights of shareholders
I. The board should include a balance of executive and non-executive directors (including some
independent non-executive directors) such that no individual or small group of individuals can
dominate the board's decision taking.
A Composition of Board
B Executive and Non-executive Directors and Independent Directors
C. Independent Director
- Clear division of responsibilities of the Chairperson of the board and the Chief Executive;
- Recognizing and publishing respective roles of the board and management; and
- Establishing an effective ethics and compliance framework
3. Members of the Board and its Committees should not be over extended. All directors should
receive induction training upon joining the board and there should be an effective orientation
program for directors to regularly update and refresh their skills and knowledge. (A3)
4. Board should establish a process of performance evaluation in the company to ensure its sustained
success. (A4)
5. Levels of remuneration should be sufficient to attract, retain and motivate directors and members
of senior management of the quality required to run the company successfully, but the company
should avoid paying more than is necessary for this purpose. A reasonable proportion of executive
directors' remuneration should be structured so as to link rewards to corporate and individual
performance. (B I)
A Remuneration Committee
6. The board should ensure planned and progressive refreshing of the board. (B2)
A Nomination Committee
Powers, Functions and Responsibilities of Nomination Committee
7. The board should establish formal and transparent arrangements for considering how they should
apply the financial reporting and internal control principles and for maintaining an appropriate
relationship with the company's auditors. (C I)
A Audit Committee
B Internal Control and Internal Audit
C Appointment & Qualification of External Auditors
D Disclosure of interest by Auditors' holding company's shares
9. The board should present a balanced and understandable assessment of company's position and
prospects through periodic financial reporting which shall include certain other information together
with certain statements/declarations by the directors and the management of the company. (C3)
A Annual Report
B Report on Corporate Governance
I0. Board should respect the rights of shareholders and facilitate the effective exercise of those
rights. (D I)
Requirement
(a) Discuss the benefits of the Code to shareholders and other interested users of financial statements.
(b) Discuss the merits and drawbacks of having such provisions in the form of a voluntary code.
See Answer at the end of this chapter.
For the voluntary sector, the UK's Good Governance, A Code (or the Voluntary and Community Sector stresses
the board of trustees' role in ensuring compliance with the objects, purposes and values of the organisation
and with its governing document. The Code stresses that the Board must ensure that the organisation's
vision, mission, values and activities remain true to its objects.
The Code also lays more stress than the governance codes targeted at listed companies on trustees
focusing on the strategic direction of their organisation and not becoming involved in day-to-day activities.
The Chief Executive Officer should provide the link between the board and the staff team, and the means
by which board members hold staff to account. Where in smaller organisations trustees need to become
involved in operational matters, they should separate their strategic and operational roles.
~ Procedures should exist whereby non-executive directors may take independent advice, at the
company's expense if necessary.
Whenever a question scenario features non-executive directors, watch out for threats to, or questions
over, their independence.
S Associated guidance
--
5.1 The Turnbull Report
5.1.1 Introduction
The perception of what constitutes a corporate risk and how to measure and report such risks to investors
took a major step forward with the publication of the Turnbull Report. This was seen as a further piece of
the governance jigsaw following the Cadbury, Green bury and Hampel Reports.
In 1999 the Internal Control Working Party of the ICAEW, chaired by Nigel Turnbull (finance director of
Rank Group Ltd), issued guidance for directors of UK listed companies. The working party built on the
requirement contained in the Combined Code that boards must maintain "a sound system of internal
control to safeguard shareholders' investment and the company's assets". The detailed
provisions require annual review of all the company's internal controls, including financial, operational and
compliance controls and risk management. Potential threats to the company include environmental, ethical
and social risks. The original Turnbull Report also highlighted the role of internal audit. Internal audit is
referred to in Chapter 9 of this text.
In 2005 a revised Turnbull Report was published under the chairmanship of Douglas Flint, Group Finance
Director of HSBC Holdings. Although it did not make major amendments to the 1999 version of the report
it did emphasise the importance of companies reporting on their internal controls and risk management
procedures.
Points to note
These five headings are essentially the same as the five components of internal control identified in BSA 315
Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement
Many perceive the overall control environment as the key component of internal control. Its importance
can be seen in the following worked example.
Head office puts in controls to match this obsession. Each hotel is a separate company. Every manager has
his targets. The group has budgets and is measured by those budgets. But the key target by which the
business is run is occupancy rates.
The managers make sure that the hotels are full by reducing rates quite substantially. These low rates do
not filter through the system until a long time later. So their management system leads to a totally
ineffective system where expectations are high and the important controls are not there at all - because the
control environment is totally wrong.
The following extract is from the statement of corporate governance of JSainsbury Ltd.
Internal control
• regular reviews by management of the risks to
achieving objectives and actions being taken to
The Board has overall responsibility for the system of
mitigate them;
internal controls, including risk management, and has
delegated certain responsibilities to the Audit Committee. • regular reviews by the Board and Audit Committee
The Audit Committee has reviewed the effectiveness of of identified fraudulent activity and any
the system of internal control and ensured that any whistleblowing by colleagues or suppliers, and
required remedial action has or is being taken on any actions being taken to remedy any control
identified weaknesses. The system of internal controls is weaknesses;
designed to manage rather than eliminate the risk of
failure to achieve the Company's business objectives regular reviews by management and the Audit
and can only provide reasonable and not absolute Committee of the scope and results of internal
assurance against material misstatement or loss. It audit work across the Company and of the
includes all controls including financial, operational and implementation of recommendations. The scope of
compliance controls and risk management. The the work covers all key activities of the Group and
processes used to assess the effectiveness of the concentrates on higher risk areas;
internal control systems are ongoing, enabling a
cumulative assessment to be made, and include the
• reviews of the scope of the work of the external
auditors by the Audit Committee and any
following: significant issues arising;
• discussion and approval by the Board of the
• reviews by the Audit Committee of accounting
Company's strategic direction, plans and policies and levels of delegated authority; and
objectives and the risks to achieving them;
• consideration by the Board of the major risks
• review and approval by the Board of budgets and facing the Group and by the Audit Committee of
forecasts, including both revenue and capital the procedures to manage them. These include
expenditure; health and safety, legal compliance, litigation,
• regular operational and financial reviews of quality assurance, insurance and security and
performance against budgets and forecasts by social, ethical and environmental risks.
management and the Board; There is an ongoing process for identifying, evaluating
and managing the significant risks faced by the
Company. This process has been in place throughout
the year and up to the date of approval of the Annual
Report and Financial Statements and accords with the • reporting and review by the Board of each
Turnbull guidance. The effectiveness of the process is operating company of risk management activities
reviewed annually by the Audit Committee which then and actions taken to address non-compliance with
reports to the Board. The process consists of: controls or to improve their effectiveness;
fonnal identification by management at each level • assurance from specialist functions and
of the Company through a self assessment committees that legal and regulatory, health and
process of the key risks to achieving their business safety, and social, ethical and environmental risks
objectives and the controls in place to manage are appropriately identified and managed; and
them. The likelihood and potential impact of each
risk is evaluated and actions necessary to mitigate • independent assurance by Internal Audit as to the
them are identified and monitored; existence and effectiveness of the risk
management activities described by management.
• certification by management that they are
The system of internal control and risk management is
responsible for managing the risks to their
business objectives and that the internal controls embedded into the operations of the Company, and the
are such that they provide reasonable but not actions taken to mitigate any weaknesses are carefully
absolute assurance that the risks in their areas of monitored.
responsibility are appropriately identified, J Sainsbury Ltd - Annual Report 2006
evaluated and managed;
The Turnbull Report requires Boards to confirm in the annual report that necessary action has been, or is
being, taken to remedy any significant failings or weaknesses identified from their review of the
effectiveness of the internal control system. The Board should also include in the annual report such
information as is considered necessary to assist shareholders' understanding of the main features of the
company's risk management processes and system of internal control.
The Cadbury committee summed up the benefits that an audit committee can bring to an organisation.
'If they operate effectively, audit committees can bring significant benefits. In particular, they have the
potential to:
(a) improve the quality of financial reporting, by reviewing the financial statements on behalf of the Board;
(b) create a climate of discipline and control which will reduce the opportunity for fraud;
(c) enable the non-executive directors to contribute an independent judgement and play a positive role;
(d) help the finance director, by providing a forum in which he can raise issues of concern, and which he
can use to get things done which might otherwise be difficult;
(e) strengthen the position of the external auditor, by providing a channel of communication and forum
for issues of concern;
(f) provide a framework within which the external auditor can assert his independence in the event of a
dispute with management;
(g) strengthen the position of the internal audit function, by providing a greater degree of independence
from management;
(h) increase public confidence in the credibility and objectivity of financial statements.'
5.2.2 Recommendations
Following the major corporate failures in the US in 2002, an independent group, chaired by Sir Robert
Smith, was set up to clarify the role and responsibilities of audit committees and to develop the existing
Combined Code guidance. The report was issued in January 2003.
The key points, which are now reflected in the Combined Code and the detailed guidance, are set out
below.
7 Sarbanes-Oxley
~ Information asymmetry
That is the agency problem of the directors/managers knowing more than the investors. The investors
included Enron's employees. Many had their personal wealth tied up in Enron shares, which ended up
being worthless. They were actively discouraged from selling them. Many of En ron's directors,
however, sold the shares when they began to fall, potentially profiting from them. It is alleged that the
Chief Financial Officer, Andrew Fastow, concealed the gains he made from his involvement with
affiliated companies.
~ Executive compensation methods
These were meant to align the interests of shareholders and directors, but seemed to encourage the
overstatement of short-term profits. Particularly in the USA, where the tenure of Chief Executive
Officers is fairly short, the temptation is strong to inflate profits in the hope that share options will
have been cashed in by the time the problems are discovered.
~ Non-audit services
Auditors are expressly prohibited from carrying out a number of services including internal audit,
bookkeeping, systems design and implementation, appraisal or valuation services, actuarial services,
management functions and human resources, investment management, legal and expert services.
Provision of other non-audit services is only allowed with the prior approval of the audit
committee.
~ Quality control procedures
There should be rotation of lead or reviewing audit partners every five years and other procedures
such as independence requirements, consultation, supervision, professional development, internal
quality review and engagement acceptance and continuation.
~ Auditors and audit committee
Auditors should discuss critical accounting policies, possible alternative treatments, the
management letter and unadjusted differences with the audit committee.
~ Audit committees
Audit committees should be established by all listed companies.
All members of audit committees should be independent and should therefore not accept any
consulting or advisory fee from the company or be affiliated to it. At least one member should be a
financial expert. Audit committees should be responsible for the appointment, compensation and
oversight of auditors. Audit committees should establish mechanisms for dealing with complaints
about accounting, internal controls and audit.
~ Corporate responsibility
The chief executive officer and chief finance officer should certify the appropriateness of the financial
statements and that those financial statements fairly present the operations and financial condition of
the issuer. If the company has to prepare a restatement of accounts due to material non-compliance
with standards, the chief finance officer and chief executive officer should forfeit their bonuses.
~ Off balance sheet transactions
There should be appropriate disclosure of material off-balance sheet transactions and other
relationships (transactions that are not included in the accounts but that impact upon financial
conditions, results, liquidity or capital resources).
~ Internal control reporting
Annual reports should contain internal control reports that state the responsibility of management
for establishing and maintaining an adequate internal control structure and procedures for
financial reporting. Annual reports should also contain an assessment of the effectiveness of the
internal control structure and procedures for financial reporting. Auditors should report on
this assessment.
Companies should also report whether they have adopted a code of conduct for senior financial
officers and the content of that code.
~ Whistleblowing provisions
Employees of listed companies and auditors will be granted whistleblower protection against
their employers if they disclose private employer information to parties involved in a fraud claim.
For lawyers, the Act strengthens requirements on them to whistleblow internally on any wrongdoing they
uncover at client companies, right up to board level.
The auditors should concentrate on the review carried out by the board. The objective of the auditors'
work is to assess whether the company's summary of the process that the board has adopted in reviewing
the effectiveness of the system of internal control is supported by the documentation prepared by the
directors and reflects that process.
The auditors should make appropriate enquiries and review the statement made by the board in the
accounts and the supporting documentation.
Auditors will have gained some understanding of controls due to their work on the accounts; however what they
are required to do by auditing standards is narrower in scope than the review performed by the directors.
Auditors therefore are not expected to assess whether the directors' review covers all risks and
controls, and whether the risks are satisfactorily addressed by the internal controls. To avoid
misunderstanding on the scope of the auditors' role, the Bulletin recommends that the following wording be
used in the audit report.
'We are not required to consider whether the board's statements on internal control cover all risks
and controls, or form an opinion on the effectiveness of the company's corporate governance
procedures or its risk and control procedures.'
It is particularly important for auditors to communicate quickly to the directors any material weaknesses
they find, because of the requirements for the directors to make a statement on internal control.
The directors are required to consider the material internal control aspects of any significant problems
disclosed in the accounts. Auditors' work on this is the same as on other aspects of the statement; the
auditors are not required to consider whether the internal control processes will remedy the problem.
The auditors may report by exception if problems arise such as:
(a) The board's summary of the process of review of internal control effectiveness does not reflect
the auditors' understanding of that process.
(b) The processes that deal with material internal control aspects of significant problems do not
reflect the auditors' understanding of those processes.
(c) The board has not made an appropriate disclosure if it has failed to conduct an annual review, or
the disclosure made is not consistent with the auditors' understanding.
Summary
Introduction
Topic List
I Fraud
2 Law and regulation
3 Money laundering
4 Auditor liability
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 407
FRAUD AND AUDITOR LIABILITY
Fraud
·Itt :·~::~m::::~:~ud"?"
.,.
ti uOde"!"nd .;er,,~~¥1~ifitiOs fSr:"et&<r~g ~d'"d pia~ th~l' ~fidit
to maximi.se the chance ·.of detection and ultimately con~rol audit risk. : . .
• :" ', ,, ;: ;c. /V·' ··_;;;:,t>,}·.·:::~·/·:", >;,
. .. . . . ....· .
In this section. we. willlo~k at: . . . ' ·. C(
An int~oduction
as to is. a;w.~yJ.r;~,u.~ diffic.ulta~ea f9r J>.oi~:;·~;slnes.s
and· auditor
•Whatfr.iud means <,'' :..•:;.. ".~ ; ·~ ;., .. J'';~.::.;.;;~·· ·
. The eypesoffraudtnata'busin~ss'ca~s~ff~f·.· ,.,. 'ci:' :.,, ..•:c.•• •
The ~ypes of ri*'factorthat:~h~e'a~.~ito,rsh'ouia'!o9~·out f~~..wh~n.. plimning ~n a~dit
·.. · Ho'N tll~:audlt0 r~shou.rd.then ~oCI(~s.s(t.herfst<;of:(ri,u~;.§'~,~~rfih& · ·,. ·. : · .
Ho,;fra~~should~erepoj-(~~J'l(.a~:alt; :·t~.:·<.;:.::.~·.:.:·.:·:r . . . •· · .:" ·.. · ·. c
.The. ongoing ~ebate·.o(tll~ 'e~pe~tlon;gaJ);~n~ 'ifie ·fol~"dtJ@:~u.dit6r 'in ;t~e ·detection of. frau~ :
-;L,·-' .• ~··"··~ ,:~; .'."!:,::· t ··,""'"'· ~.::.:.-~.·!~.:· ·'"·•'· ·:'f~·'::;':~·"" ',":;;·"""·"' <·~·:.;~~~?!'-~-~}~ 0~0~~"';i"?"·:\'5"'"\·+
1
' j )''. .~., ·:··f
1.1 Introduction
As mentioned in Chapter 3, the OECD developed a set of principles for Corporate Governance in 1998
with a revised version being issued in 2004. The ultimate aim of these principles and any corporate
governance is to minimise business risk. Fraud is a contributing factor to business risk
The recently released Global Economic Crime Survey by PwC (PricewaterhouseCoopers) illustrated that
businesses have in fact failed to tackle fraud appropriately. In the UK the average cost of fraud to a business
was £0.8m in 2005 and this has risen to £ 1.75m in 2007.
Whilst one would hope that businesses were trying to address and minimise fraud, it is clear that the
opposite is happening. Businesses are, in fact in many cases complacent when it comes to fraud. The PwC
survey revealed that of the companies surveyed only 17% of them believed that they would be a victim of
fraud and yet 48% of the companies had been affected. In addition, 49% of the UK cases involved an
overseas party.
With this in mind it remains clear that fraud is still a risk to business and to the auditor. Whilst management
may still have a complacent attitude towards fraud the same cannot be said for the auditor. The risk is too
high.
Definition
Fraud: Fraud is an intentional act by one or more individuals among management, those charged with
governance (management fraud), employees (employee fraud) or third parties involving the use of deception
to obtain an unjust or illegal advantage. Fraud may be perpetrated by an individual, or colluded in with
people internal or external to the business.
The Fraud Act 2006 of UK came into force in january 2007. The Act defines three classes of fraud:
~ fraud by false representation
~ fraud by failing to disclose information
~ fraud by abuse of position
An offence has occurred in any of these classes if a person has acted dishonestly and with the intent of
making a gain for themselves or for someone else, or of inflicting a loss on someone else.
© The Institute of Chartered Accountants in England and Wales, March 2009 409
Advanced Stage- Advanced Audit and Assurance
It is the fact that fraud is a form of deceit that makes its prevention and detection difficult for both business
and the auditor. The perpetrator of the fraud does not want to be detected and will go out of their way to
be successful. Fraud should be distinguished from error where the latter arises from a genuine
mistake with no intention to deceive.
Whilst management may be concerned with different levels of fraud, it is only fraud that results in a material
misstatement in the financial statements that is a concern to the auditor. As you may recall, in Chapter 6
the audit report clearly states the following:
'We planned and performed our audit so as to obtain all the information and explanations which we
considered necessary in order to provide us with sufficient evidence to give reasonable assurance that the
financial statements are free from material misstatement, whether caused by fraud or other irregularity or
error. In forming our opinion we also evaluated the overall adequacy of the presentation of information in
the financial statements.'
Specifically, there are two types of fraud causing material misstatement in financial statements:
~ Fraudulent financial reporting
~ Misappropriation of assets
You will recall in the Parmalat example in Chapter 5 that the scenario also raises the question as to
whether auditors can simply rely on bank confirmations when they relate to substantial sums of assets. Do
these confirmations constitute sufficient and appropriate audit evidence?
There is also another form of fraudulent financial reporting known as AEM (Aggressive earnings
management). It is a topical issue and, at its most aggressive, may constitute fraudulent financial reporting.
AEM is an example of creative accounting. It occurs when management alter the financial reports in
order to mislead stakeholders about the financial position or performance of the business or to influence
the outcome of contracts. It usually involves the artificial enhancement of revenue and profit. Businesses are
likely to be at risk of this when:
~ There has been an adverse market reaction and so management may want to present a healthier
picture about the company than there is
4I0 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
~ Management bonuses are tied into targets and there may be a personal conflict between what
management want for themselves and what is good for the company.
~ The business wants to reduce its tax liabilities and in this case profits may be deliberately reduced
~ The business needs to remain within certain financial parameters (limits, ratios) in order to achieve
new funding or so as not to be in breach of loan covenants. The parameters will be set to try and
protect the lender and the incentive for the business will be to remain within the limits in order to
keep the funding. Profit overstatement could be an issue as well as understatement of liabilities and
overstatement of assets.
Auditors should be on the alert for issues such as unsuitable revenue recognition, unnecessary accruals,
reduced liabilities, overstatement of provisions, reserves accounting and large numbers of immaterial
breaches of financial reporting requirements to see whether together, they constitute fraud.
This requires that the auditor continue to question the sufficiency and appropriateness of the evidence
collected during the audit. As seen in Chapter 2 threats to auditor independence could impact on the
auditor's ability to maintain such scepticism (self review, familiarity, self interest, intimidation and advocacy).
BSA 240.27
Members of the engagement team should discuss the susceptibility of the entity's financial statements to
material misstatements due to fraud.
Interactive question 2: Finding out about suspected fraud (Difficulty level: Easy)
Requirement
Following on from Dupi Ltd (Interactive Question I), outline the information that the auditor would seek
from the client.
FRAUDULENT ..
FINANCIAL REPORT'ING
· OpPortunitieS ·Attitudes/rationalisations
IJ>o Financial stability/ profitability .Is IJ>o ·.Significant related-party IJ>o Ineffective communication or
threatened ··· transadions · enforcement of the entity's .
IJ>o Pressure for management to IJ>o Assets, liabilities, revenues or values or ethical standards by
meet the expectations of third expenses based on signlfleant · ·management
parties estimates · IJ>o Known history of violations of
IJ>o Personal financial situation of IJ>o Domination of management secuiitles laws or other . laws and
management threatened by the · by a single person. or small . regulations .
entity's financial performance group 1J>o A practice bY. management of
Incentives/pressures
IJ>o Personal financial obligations .,. Large.aniounu·of ~ho~ .,. Overriding existing controls
IJ>o Adverse relationships between . hand or p~essed.. • • •..• Falllni to. correct kn~ Internal
the entity and employees with ... lnV~ntory'kerfis #a... small control deficiencies
access to cash or other assets lri .size; en high Value, or in high IJ>o Behaviour Indicating displeasure
susceptible to theft demand~ ·. · or dissatisfaction with the entity
"' Easily cOnvertible assets. such IJ>o •· Changes In behaviour or lifeStyle
as bearer bonds, diamondS, or
compUter chips. . .
IJ>o lnad~uate Internal coittrol
.over assets
BSA 240.57
When identifying and assessing the risks of material misstatement at the financial statement level, and at the
assertion level for classes of transactions, account balances and disclosures, the auditor should identify and
assess the risks of material misstatement due to fraud. Those assessed risks that could result in a material
misstatement due to fraud are significant risks and accordingly, to the extent not already done so, the
auditor should evaluate the design of the entity's related controls, including relevant control
activities, and determine whether they have been implemented.
The auditor:
~ Identifies fraud risks
~ Relates this to what could go wrong at a financial statement level
~ Considers the likely magnitude of potential misstatement
6 Several shop properties owned by the company were sold under sale and leaseback arrangements.
414 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
Requirement
(a) Identify and explain any fraud risk factors that the audit team should consider when planning the audit
of Sellfones Ltd.
{b) Link the fraud risk to what could go wrong in the financial statements of Sellfones
(c) Consider the likely magnitude of any potential misstatement in the financial statements for Sellfones
for the year ended 30 September 20X7.
See Answer at the end of this chapter.
Following on from Questions I and 2, outline the steps that the auditor should now integrate into the audit
procedures for Dupi Ltd.
See Answer at the end of this chapter.
1.1 I Documentation
The auditor must document:
~ The significant decisions as a result of the team's discussion of fraud
~ The identified and assessed risks of material misstatement due to fraud
~ The overall responses to assessed risks
~ Results of specific audit tests
~ Any communications with management
I .I 2 Reporting
There are various reporting requirements in BSA 240.
BSA 240.93
If the auditor has identified a fraud or has obtained information that indicates a fraud may exist, the auditor
should communicate these matters as soon as practicable to the appropriate level of management.
BSA240.95
If the auditor has identified fraud involving:
(a) Management
(b) Employees who have significant roles in internal control, or
(c) Others, where the fraud results in a material misstatement in the financial statements the auditor
should communicate these matters to those charged with governance as soon as practicable.
The auditor should also make relevant parties within the entity aware of material weaknesses in the
design or implementation of controls to prevent and detect fraud which have come to the auditor's
attention, and consider whether there are any other relevant matters to bring to the attention of those
charged with governance with regard to fraud.
The auditor may have a statutory duty to report fraudulent behaviour to regulators outside the entity. If no
such legal duty arises, the auditor must consider whether to do so would breach their professional duty of
confidence. In either event, the auditor should take legal advice.
Under the Companies Act the auditor has the right to resign from office at any time. This is a way of
preserving independence and integrity as well as a way of addressing threats to independence.
Section overview ·
Environmental law
and regulation
An auditor must be aware of the effect that non-compliance with the laws and regulations would have on
the financial statements (e.g. asset impairment, penalties, rectification costs)
BSA 250 Consideration of Laws and Regulations in an Audit of Financial Statements provides guidance on the
auditor's responsibility to consider laws and regulations in an audit of financial statements.
BSA 250.2
When designing and performing audit procedures and in evaluating and reporting the results thereof, the
auditor should recognise that non-compliance by the entity with laws and regulations may materially affect
the financial statements.
An audit cannot detect non-compliance with all laws and regulations as not all of them impact in
the financial statements.
'Non-compliance' refers to acts of omission or commission by the entity being audited, either intentional or
unintentional, which are contrary to the prevailing laws or regulations. Such acts include transactions
entered into by the entity, or on its behalf by its management or employees. It does not include personal
misconduct.
Whether an act constitutes non-compliance is a legal matter that may be beyond the auditor's professional
competence, although the auditor may have a fair idea in many cases through his knowledge and training.
Ultimately such matters can only be decided by a court of law.
Laws ar.d regulations governing a business entity can vary enormously (financial disclosure rules, health and
safety, pollution, employment, etc). The further removed non-compliance is from the events and
transactions normally reflected in the financial statements, the less likely the auditor is to become aware of
it or recognise non-compliance.
Provide a list of controls that the management of Flowell Ltd could put in place to minimise the risk of non-
compliance. Detailed knowledge of Health and Safety Law is not required.
See Answer at the end of this chapter.
BSA 250.15
In order to plan the audit, the auditor should obtain a general understanding of the legal and
regulatory framework applicable to the entity and the industry arid how the entity is complying with that
framework.
In obtaining this general understanding the auditor should obtain an understanding of the procedures
followed by the entity to ensure compliance. He should recognise that some laws and regulations may have
a fundamental effect on the operations of the entity, i.e. they may cause the entity to cease operations or
call into question the entity's continuance as a going concern. For example, non-compliance with the
requirements of the entity's licence or other title to perform its operations could have such an impact (for
example, for a bank, non-compliance with capital or investment requirements).
420 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
Requirement
(a) Using the above scenario outline the possible compliance issues for the auditor
(b) Link the issues in (a) to the potential misstatements in the financial statements for Getfit Ltd.
See Answer at the end of this chapter.
When evaluating the possible effect on the financial statements, the auditor should consider the following:
~ The potential financial consequences, such as fines, penalties, damages, threat of expropriation of
assets, enforced discontinuation of operations and litigation
Whether the potential financial consequences require disclosure
Whether the potential financial consequences are so serious as to call into question the true and fair
view (fair presentation) given by the financial statements
BSA 250.28
When the auditor believes there may be non-compliance, the auditor should document the findings and
discuss them with management.
Such discussions are subject to the laws concerning 'tipping off. If information provided by management is
not satisfactory, the auditor should consult the entity's lawyer and, if necessary, his own lawyer on the
application of the laws and regulations to the particular circumstances.
BSA 250.30/31
When adequate information about the suspected non-compliance cannot be obtained the auditor should
consider the effect of the lack of audit evidence on the auditor's report.
The auditor should consider the implications of non-compliance in relating to other aspects of the audit
particularly the reliability of management representations.
On this last point, as with fraud and error, the auditor must reassess the risk assessment and the
validity of management representations.
2. 7 Reporting of non-compliance
To management
BSA 250.32/33/34
The auditor should, as soon as practicable, either communicate with the audit committee, the board of
directors and senior management, or obtain evidence that they are appropriately informed regarding non-
compliance that comes to the auditor's attention.
If, in the auditor's judgement, the non-compliance is believed to be intentional and material, the auditor
should communicate the finding without delay.
If the auditor suspects that members of senior management, including members of the board of directors,
are involved in non-compliance, the auditor should report the matter to the next higher level of authority
at the entity, if it exists, such as an audit committee or a supervisory board.
© The Institute of Chartered Accountants in England and Wales, March 2009 421
Advanced Stage- Advanced Audit and Assurance
In relation to the last point, where no higher authority exists, or if the auditor believes that the report may
not be acted upon or is unsure as to the person to whom to report, the auditor should consider seeking
legal advice.
422 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
You work for an audit firm which has a chemical factory as one of its clients. This factory has to produce
reports on its emissions.
This work is done in addition to the statutory audit and a separate report will be produced. The auditor
would review the company's systems for keeping emissions under control and would also review
correspondence with the environmental authority for evidence of breaches and the details of emissions
reported.
However, the auditors would not be expected to check the actual emissions. This demonstrates the
difference between checking systems of compliance and checking actual compliance. The auditor will reach
the required level of confidence by reviewing the system.
The auditor's competence in this area also needs to be considered, as the firm is unlikely to be expert in
measuring emissions. They may need to rely on the work of an expert in order to be satisfied that the
emissions are reasonable.
3 Money laundering
3.1 Introduction
Money Laundering is a form offraud. It received increased publicity after September 2001 when serious
issues were raised as to how terrorists were managing to finance their activities. It is essentially a process
where the perpetrator attempts to legitimise the proceeds of any crime (dirty money made good).
Proceeds of crime can include activities such as drug trafficking, terrorism, shoplifting, theft ,tax evasion and
other financial criminal activity. As a form of fraud, the emphasis is on concealing the illegal source of the
money which makes it difficult to detect especially given that the transactions are rarely linked to one
country.
© The Institute of Chartered Accountants in England and Wales, March 2009 423
Advanced Stage - Advanced Audit and Assurance
In line with accepted practice, some businesses may choose to require that such unusual or suspicious
transactions be drawn initially to the attention of supervisory management to ensure that there are no
known facts that will negate the suspicion before further reporting on to the Anti Money Laundering
Compliance Officer or an appointed deputy.
Accountants working in any financial institution have an obligation to report money laundering activities.
424 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
Repeated depositS or ··
withdrawals Just below.
the monitoring threshold
on the same day
~
Definition
Knowledge:
~ Actual knowledge
~ Shutting one's mind to the obvious
~ Deliberately deterring a person from making disclosures, the content of which one might not care to
have
~ Knowledge of circumstances which would indicate the facts to an honest and reasonable person
~ Knowledge of circumstances which would put an honest and reasonable person on inquiry and failing
to make the reasonable inquiries which such a person would have made.
© The Institute of Chartered Accountants in England and Wales, March 2009 425
Advanced Stage- Advanced Audit and Assurance
Definition
Suspicion: Suspicion is not defined in existing legislation. Case law and other sources indicate that
suspicion is more than speculation but it falls short of proof or knowledge. Suspicion is personal and
subjective but will generally be built on some objective foundation and so there should be some degree of
consistency in how a business's CAMLCO treats possible causes of suspicion.
4 Auditor liability
,; \,_,_._
4.2 Negligence
Negligence is a common law concept. It seeks to provide compensation to a person who has suffered
loss due to another person's wrongful neglect. To succeed in an action for negligence, an injured party must
prove three things:
(a) A duty of care which is enforceable at law existed.
(b) This duty of care was breached.
(c) The breach caused the injured party loss which can be measured reliably. In the case of negligence in
relation to financial advisers/auditors, this loss must be pecuniary (i.e. financial) loss.
426 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
The company has a contract with the audit firm. In the law of many countries, a contract for the supply of a
service such as an audit has a duty of reasonable care implied into it by statute.
In other words, whatever the express terms of any written contract between the company and the audit
firm, the law always implies a duty of care into it. Therefore, if the company (all the shareholders acting as a
body) want to bring a case for negligence, the situation would be as follows.
In order to prove whether a duty of care had been breached, the court has to give further consideration to
what the duty of 'reasonable' care means in practice.
© The Institute of Chartered Accountants in England and Wales, March 2009 427
Advanced Stage - Advanced Audit and Assurance
Lopes was careful to point out that what constitutes reasonable care depends very much upon the facts of
a particular case. Another criterion by which the courts will determine the adequacy of the auditors' work
is by assessing it in relation to the generally accepted auditing standards of the day.
The auditors have a responsibility to keep themselves abreast of professional developments. Auditing
Standards are likely to be taken into account when the adequacy of the work of auditors is being
considered in a court of law or in other contested situations.
When the auditors are exercising judgement they must act both honestly and carefully. Obviously, if
auditors are to be 'careful' in forming an opinion, they must give due consideration to all relevant matters.
Provided they do this and can be seen to have done so, then their opinion should be above criticism.
However if the opinion reached by the auditors is one that no reasonably competent auditor would have
been likely to reach then they would still possibly be held negligent. This is because however carefully the
auditors may appear to have approached their work, it clearly could not have been careful enough, if it
enabled them to reach a conclusion which would be generally regarded as unacceptable.
If the auditor's suspicions are aroused, they must conduct further investigations until such suspicions are
either confirmed or allayed. Over the years, there have been many occasions where the courts have had to
consider cases in which it has been held, on the facts of those cases, that the auditors ought to have been
put upon enquiry.
428 © The Institute of Chartered Accountants in England and Wales, March 2009
FRAUD AND AUDITOR LIABILITY
Traditionally the courts have been averse to attributing a duty of care to third parties to the auditor. We
can see this by looking at some past cases that have gone to court.
A very important case is Caparo Industries pic v Dickman and Others 1990, which is described here.
In its report The Financial Aspects of Corporate Governance, the Cad bury Committee gave an opinion on the
situation as reflected in the Caparo ruling. It felt that Caparo did not lessen auditors' duty to use skill and
care because auditors are still fully liable in negligence to the companies they audit and their shareholders
collectively. Given the number of different users of accounts, it was impossible for the House of Lords to
have broadened the boundaries of the auditors' legal duty of care.
The decision in Caparo v Dickman considerably narrowed the auditors' potential liability to third parties. The
judgement appears to imply that members of various such user groups, which could include creditors,
potential investors or others, will not be able to sue the auditors for negligence by virtue of their placing
reliance on audited annual accounts.
© The Institute of Chartered Accountants in England and Wales, March 2009 429
Advanced Stage -Advanced Audit and Assurance
A more recent court case produced a development in the subject of audit liability. In December 1995, a
High Court judge awarded electronic security group ADT CU65m plus interest and costs (CU40m) in
damages for negligence against the former BDO Binder Hamlyn (BBH) partnership.
A case in 1997 appeared to take a slightly different line, although this case related to some management
accounts on which no written report had been issued.
All this case law raised some problems. In spite of the judgement in Caparo, the commercial reality is
that creditors and investors (especially institutional ones) do use audited accounts. The Companies Act
requires a company to file accounts with the Registrar. Why is this a statutory requirement? It is surely
because the public, including creditors and potential investors, have a need for a credible and independent
view of the company's performance and position.
It would be unjust if auditors, who have secondary responsibility for financial statements being prepared
negligently, bore the full responsibility for losses arising from such negligence just because they are insured.
It would also be unjust if the auditors could be sued by all and sundry. While the profession has generally
welcomed Caparo, two obvious problems are raised by decision.
~ Is a restricted view of the usefulness of audited accounts in the profession's long-term interests?
~ For private companies there will probably be an increase in the incidence of personal guarantees and
warranties given by the directors to banks and suppliers.
Recent developments in the US appear to try and redress the balance of liability by highlighting the
responsibilities of management with regard to published financial statements. The Sarbanes-Oxley Act
requires chief executive officers and finance officers to certify that the accounts of listed companies are not
misleading and present the company's financial positional and results fairly. In addition, they are required to
confirm that they are responsible for internal controls ad have reported significant control weakness to the
auditors/audit committee.
The Companies Act requires directors not to make misleading statements to the auditors. However,
auditors retain liability to shareholders for negligence and breach of duty, therefore they need to
corroborate statements made to them and ensure they are not relying on representations recklessly.
This case did however establish the principle that auditors could exclude liability to third parties. See below.
Worked example: Galoo ltd v Bright Graham Murray ( 1994) BCC 319
Galoo Ltd had incurred losses of £25 million between 1986 and 1990, and had paid a dividend of £500,000
in 1988. It sued the auditor for breach of contractual duty to exercise reasonable care and skill, maintaining
that the trading losses were attributable to the continued existence of the company, which, in turn, was due
to reliance on the allegedly negligent audit opinions. The Court of Appeal held that there was no causal
connection between the alleged negligence and the losses incurred. The financial reports may have allowed
the company to continue trading, but the company's existence was not the cause of its losses. The claim
against the auditor was struck out.
4.1 0 Disclaimers
The cases above suggest that a duty of care to a third party may arise when an accountant does
not know that his work will be relied upon by a third party, but only knows that it is work of a kind
which is liable in the ordinary course of events to be relied upon by a third party.
Conversely, an accountant may sometimes be informed or be aware, before he carries out certain work,
that a third party will rely upon the results. An example is a report upon the business of a client which the
accountant has been instructed to prepare for the purpose of being shown to a potential purchaser or
potential creditor of that business. In such a case an accountant should assume that he will be held to owe
the same duty to the third party as to his client. The Bannermann case suggests this will also be
necessary for audit work.
There are areas of professional work where it is not possible for liability to be limited or excluded. There
are other areas of professional work (for example when preparing reports on a business for the purpose of
being submitted to a potential purchaser) where although such a limitation or exclusion may be included, its
effectiveness will depend on the view which a court may subsequently form of its reasonableness.
Definitions
Proportionate liability: Proportionate liability would allow claims arising from successful negligence
claims to be split between the auditors and the directors of the client company, the split being determined
by a judge on the basis of where the fault was seen to lie. This would require the approval of shareholders.
Capping liability: Capping liability would set a maximum limit on the amount that the auditor would have
to pay out under any claim.
© The Institute of Chartered Accountants in England and Wales, March 2009 433
chapter II
Auditing in an IT
environment
Introduction
Topic List
I Information technology and risk
2 Impact on controls
3 Electronic commerce
Summary and Self-test
Technical reference
Answers to Self-test
Answer to Interactive question
(A Section overview
~ ~ A huge number of organisations now use computer systems to run their businesses and to process
finanCial information.
~ The main risks associated with using computerised systems include infection by viruses and access by
unauthorised users. Both these risks could potentially have a very damaging effect on the business.
~ This means that a number of the. cootrols which the directors are required to put into place to
safeguard the assets of the shareholders must be ihcorporated into the computer systems.
. .
~ A~ditors have to assess the effectiveness of the controls in place within computer systems and cando
this by performing a systems audit as part of their initial assessment of risk during the planning stage
of the audit.
© The Institute of Chartered Accountants in England and Wales, March 2009 453
Advanced Stage -Advanced Audit and Assurance
I .3 Systems audit
As part of any audit, auditors are required to assess the quality and effectiveness of the accounting
system. Increasingly, this necessarily includes a consideration of the computer systems in place within the
organisation.
Auditors could accept an assurance engagement to undertake this task outside of the audit and to report
specifically on findings. The following are the key areas they are likely to concentrate on to establish how
reliable the systems are:
~ Management policy
~ Segregation of duties
~ Security
You should be aware that these are important control considerations in a computer environment. The
details that the reporting accountant will consider within each area are outlined below.
Management policy
Does management have a written statement of policy with regard to computer systems?
Is it compatible with management policy in other areas?
Is it adhered to?
~ Is it sufficient and effective?
~ Is it updated when the systems are updated?
~ Does it relate to the current system?
Segregation of duties
~ Is there adequate segregation of duties with regard to data input?
~ Are there adequate system controls (e.g. passwords) to enforce segregation of duties?
Security
~ Is there a security policy in place:
Physical security (locked doors/windows)
Access security (passwords
Data security (virus shields)
~ Is it adhered to?
~ Is it sufficient and effective?
I .4 Reporting
It is vital that management receive information on the effectiveness of their controls systems and systems
reliability generally. This is because, as stated earlier, the operations of the company are likely to rely heavily
if not completely on computer systems, and if problems arise, operations could be severely affected.
Problems could arise in terms of:
~ No production being possible
~ No invoicing being possible
~ Invoicing being duplicated or omitted
Other stakeholders, such as customers and suppliers, will also be interested in the reliability of the
company's systems, as they will not want to deal with a company which makes mistakes and cannot operate
properly.
It is because of the vital importance of this area to business that management may also want to obtain
assurance concerning the information it receives on systems reliability.
454 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING IN AN IT ENVIRONMENT
2 Impact on controls
Section overview
~ IT controls comprise general and applic:ation controls. General controls establish a framework of
overall control over the system's activities whereas application controls are specific controls over the
applications maintained by the.system.
~ Computer-assisted audit techniques (CMTs) can be used by the auditor to test application controls
within the client's computer systems.
2.1 Introduction
The internal control activities in a computerised environment fall within two categories: general controls
and application controls. We will discuss these in greater detail below.
© The Institute of Chartered Accountants in England and Wales, March 2009 455
Advanced Stage- Advanced Audit and Assurance
The auditors will wish to test some or all of the above general controls, having considered how they affect
the computer applications significant to the audit.
General IT controls that relate to some or all applications are usually interdependent controls, i.e. their
operation is often essential to the effectiveness of application controls. As application controls may be
useless when general controls are ineffective, it will be more efficient to review the design of general IT
controls first, before reviewing the application controls.
456 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING IN AN IT ENVIRONMENT
Controls over input: Programs to check data fields (for example value, reference number, date) on
accuracy input transactions for plausibility
Digit verification (e.g. reference numbers are as expected)
~ Reasonableness test (e.g. sales tax to total value)
~ Existence checks (e.g. customer name)
~ Character checks (no unexpected characters used in reference)
~ Necessary information (no transaction passed with gaps)
~ Permitted range (no transaction processed over a certain value)
Manual scrutiny of output and reconciliation to source
Agreement of control totals (manual/programmed)
Controls over input: Manual checks to ensure information input is
authorisation
~ Authorised
~ Input by authorised personnel
Controls over Similar controls to input must be in place when input is completed, for
processing example, batch reconciliations
Screen warnings can prevent people logging out before processing is
complete
Controls over master One-to-one checking
files and standing
Cyclical reviews of all master files and standing data
data
Record counts (number of documents processed) and hash totals (for
example, the total of all the payroll numbers) used when master files are
used to ensure no deletions
Controls over the deletion of accounts that have no current balance
Control over input, processing, data files and output may be carried out by IT personnel, users of the
system, a separate control group and may be programmed into application software.
audit software. However, this type of CMT can be expensive and time-consuming to develop and may
require a lot of modification if the client changes its accounting application programs.
Test data is used to test the application controls in the client's computer programs. Test data is
first created for processing and it included both valid and invalid data which is processed on the client's
computer and application programs. The invalid data should therefore be highlighted as errors. Test data
allows the auditor to check data validation controls and error detection routines, processing logic controls,
arithmetic calculations and the inclusion of transactions in records and files.
The main benefit of test data is that it provides direct evidence on the effectiveness of controls in the
client's application programs. However, its drawbacks include the fact that it is very time-consuming to
create the test data, the auditor cannot be certain that all relevant controls are tested and the auditor must
make sure that all valid test data is removed from the client's systems.
In the table below, we briefly examine ways of testing application controls, including the use of CMTs to
do so.
Manual controls If manual controls exercised by the user of the application system are
exercised by the user capable of providing reasonable assurance that the system's output is
complete, accurate and authorised, the auditors may decide to limit tests
of control to these manual controls.
Controls over system If, in addition to manual controls exercised by the user, the controls to be
output tested use information produced by the computer or are contained
within computer programs, such controls may be tested by examining the
system's output using either manual procedures or CMTs. Such output
may be in the form of magnetic media, microfilm or printouts.
Alternatively, the auditor may test the control by performing it with the
use ofCMTs.
Programmed control In the case of certain computer systems, the auditor may find that it is
procedures not possible or, in some cases, not practical to test controls by examining
only user controls or the system's output. The auditor may consider
performing tests of control by using CMTs, such as test data,
reprocessing transaction data or, in unusual situations, examining the
coding of the application program.
-~--------- "' ----
As we have already noted, general IT controls may have a pervasive effect on the processing of transactions
in application systems. If these general controls are not effective, there may be a risk that misstatements
occur and go undetected in the application systems. Although weaknesses in general IT controls may
preclude testing certain IT application controls, it is possible that manual procedures exercised by users
may provide effective control at the application level.
3 Electronic commerce
458 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING IN AN IT ENVIRONMENT
3.1 Introduction
Definitions
Internet: The Internet is a global network connecting millions of computers.
World Wide Web: The World Wide Web (www) is a system of Internet servers that supports specially
formatted documents. A group of documents accessed from the same base web site is known as a website.
Electronic data interchange: Electronic data interchange (EDI) is a form of computer to computer data
transfer. Information can be transferred in electronic form, avoiding the need for the information to be re-
inputted somewhere else.
Electronic mail: Electronic mail (e-mail) is a system of communicating with other connected computers
or via the Internet in written form.
Electronic commerce: Electronic commerce (e-commerce) involves individuals and companies carrying
out business transactions without paper documents, using computer and telecommunications links.
All of them are (or can be) used in e-commerce. As this is a very fast growing area of business, it is an
important area for everyone, including accountants, today.
A business can engage in e-commerce to a large or small extent. The greater the involvement a business has
with e-commerce, the more the risk associated with it. The extent of involvement is explored in the
following table.
Transactions with existing customers. Existing customers can be given the opportunity
to track current contracts or initiate others over the website.
Access to new customers. A website can be used as a place where new customers may
initiate transactions with the company.
New business model. A website can be used to diversify into specific web-based products,
for example, items that are 'downloadable'. HIGH
There are a variety of business risks specific to a company involved in e-commerce, which will exist to a
greater or lesser degree depending on the extent of involvement.
~ Risk of non-compliance with taxation, legal and other regulatory issues
~ Contractual issues arising: are legally binding agreements formed over the Internet?
~ Risk of technological failure (crashes) resulting in business interruption
~ Impact of technology on going concern assumption, extent of risk of business failure
~ Loss of transaction integrity, which may be compounded by the lack of sufficient audit trail
~ Security risks, such as virus attacks and the risk of frauds by customers and employees
© The Institute of Chartered Accountants in England and Wales, March 2009 459
Advanced Stage -Advanced Aud'1t and Assurance
~ Improper accounting policies in respect of capitalisation of costs such as website development costs,
misunderstanding of complex contractual arrangements, title transfer risks, translation of foreign
currency, allowances for warranties and returns, and revenue recognition issues
~ Over-reliance on e-commerce when placing significant business systems on the Internet
Many of these issues have implications for the statutory audit and these are discussed in detail in the
next section.
An entity that uses e-commerce must address the business risks arising as a result by implementing
appropriate security infrastructure and related controls to ensure that the identity of customers and
suppliers can be verified, the integrity of transactions can be ensured, agreement on terms of trade can be
obtained, as well as payment from customers is obtained and privacy and information protection protocols
are established.
460 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING IN AN IT ENVIRONMENT
462 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING IN AN IT ENVIRONMENT
Summary
Assurance
Security
- Availability
WebTrust and - Processing integrity
SysTrust Online privacy
- Confidentiality
© The Institute of Chartered Accountants in England and Wales, March 2009 463
chapter I I
Auditing in an IT
environment
Contents
Introduction
Topic List
Information technology and risk
2 Impact on controls
3 Electronic commerce
Summary and Self-test
Technical reference
Answers to Self-test
1 n~o
I I
... - ...... ·.o-
I 1114\.
........ _~..._ ..... 1,.,. .....,.... n,..
I I \.C\..IIIIV Vl:JT a. U
,....=c:k
_,,
Section overview
~ A huge number of organisations now use computer systems to run their businesses and to process
financial information .
._ The main risks associated with using computerised systems include infection by viruses and access by
unauthorised users. Both these risks could potentially have a very damaging effect on the business.
~ This means that a number of the controls which the directors are required to put into place to
safeguard the assets of the shareholders must be incorporated into the computer systems .
._ Auditors have to assess the effectiveness of the controls in place within computer systems and can do
this by performing a systems audit as part of their initial assessment of risk during the planning stage
of the audit.
However, the increasmg use of computer systems brings with it certain risks to the business which can
also have an 1m pact on the risk of the financial statements being misstated. These risks have
mcreased with the development of the Internet in the last few years and with It the facility for transactions
to be conducted electronically.
~ The system being put at risk by a virus or some other fault or breakdown which spreads across the
system
The client is likely to have contingency plans in the event of the system being affected by the nsks
outlined above. However, it is also important to know that the original system is as reliable as could be
expected, and whether it is the best system that the company could be using, at the given cost.
The company might seek such assurances from its serv1ce provider. However, the service provider has a
vested interest in the company believing that its system is reliable and the best available. because he 1s paid
to supply 1t.
This means that the directors might seek an assurance service from the auditors or another firm of
accountants, to undertake work to ascertain whether the assertions of the service prov1der are correct.
If a fwm of accountants considers taking on such an assurance engagement, it must ensure that it has staff of
sufficient skills and experience to undertake the procedures required to ascertain whether the assurances
are correct. It must ensure that it has an IT specialist on the team.
Introduction
Topic List
I Fair value
2 Financial instruments
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 471
AUDITING FAIR VALUES
Fair value
Section overview
~. Fair Value measurements of assets, liabilities and components of equity. may arise from both the initial
recording of transactions and .later changes in value · ·· · ·
~ Auditing fair value requires both the assessment of risk and evaluating the appropriateness of the fair
value
~ .·Fair value is a key issue to investment property, pension costs, share-based payments
1.1 Introduction
Fair value is the amount for which an asset or liability could be exchanged between knowledgeable, willing
parties in an arm's length transaction.
Fair value accounting is increasingly important and affects the audit of valuation for both assets and
liabilities. Many standards now allow valuation at fair value. The following table summarises some of the
main instances which you should be familiar with from your financial reporting studies.
BAS 16 Property, Plant and Under the revaluation model an item of property, plant and equipment
Equipment whose fair value can be measured reliably is carried at fair value less
any subsequent depreciation
BAS 19 Employee Benefrts When accounting for a defined benefit plan the fair value of plan
assets should be established
BAS 36 Impairment of Assets Recoverable amount is the higher of fair value less costs to sell and
value in use
BAS 39 Financial Instruments- Fair values may be used to measure certain financial assets and
Recognition and Measurement liabilities
BAS 40 Investment Property After initial recognition investment property may be measured at
fair value
BAS 41 Agriculture A biological asset should be measured at its fair value less
estimated point of sale costs
Agricultural produce should be measured at its fair value less
estimated point of sale costs at the point of harvest
BFRS 2 Share-based Payment Share-based payment transactions should be measured at fair
value
BFRS 3 Business Combinations Calculation of goodwill reflects the difference between the acquisition
date fair value of the consideration given plus the non-
controlling interest (which may be measured at fair value) and
the acquisition date fair value of the identifiable assets acquired
and liabilities assumed
As you can see above fair value measurements of assets, liabilities and components of equity may arise from
both the initial recording of transactions and later changes in value. Changes in fair value
measurements that occur over time may be treated in different ways under different circumstances. For
example, the revaluation of an item of owner occupied property would be recorded as other
comprehensive income and taken directly to equity, whilst the annual restatement of an investment
property will be reflected in profit or loss.
© The Institute of Chartered Accountants in England and Wales, March 2009 473
Advanced Stage- Advanced Audit and Assurance
For the auditor the use of fair values will raise a number of issues. The determination of fair value will
generally be more difficult than determining historical cost. It will be more difficult to establish whether
fair value is reasonable for complex assets and liabilities than for more straightforward assets or liabilities
which have an actively traded market and therefore a market value.
Generally speaking, the trend towards fair value accounting will increase audit work required, not only
because determining fair values is more difficult, but because fair values fluctuate in a way that historical
costs do not, and will need vouching each audit period. Fair value will, for the same reasons, increase
audit risk.
Fair value is the subject of an auditing standard, BSA 545 Auditing Fair Value Measurements and Disclosures.
This addresses audit considerations relating to the measurement, presentation and disclosure of material
assets, liabilities and specific components of equity presented or disclosed at fair value in financial
statements. The standard requires auditors to obtain sufficient appropriate audit evidence that fair
value measurements and disclosures are in accordance with the entity's applicable financial reporting
framework. This means that the auditor must have a sound knowledge of the accounting requirements
relevant to the entity and when fair value is allowed.
474 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
Where these measurements are based on assumptions about future conditions, transactions or events
resulting from management intentions to carry out certain actions the auditor should:
~ Consider management's past history of carrying out its stated intentions with respect to assets or
liabilities
~ Review written plans and other documentation, including where applicable, budgets minutes etc
~ Consider management's stated reasons for choosing a particular course of action
~ Consider management's ability to carry out a particular course of action given the entity's
economic circumstances, including the implications of its contractual commitments.
If there are alternative allowable methods for measuring fair value, or a particular model is not prescribed
by the relevant accounting standard, the auditor should consider whether the entity's method is
consistent with other fair value measurements in the financial statements and whether it is applied
consistently.
© The Institute of Chartered Accountants in England and Wales, March 2009 475
Advanced Stage- Advanced Audit and Assurance
This standard combines two former standards, ISA 540 Audit of Accounting Estimates and ISA 545 Auditing Fair
Value Measurements and Disclosures. The new ISA treats fair values as a type of accounting estimate and
therefore the requirements of the ISA listed in Chapter 5 (section 7.5) apply as they would to any other
type of accounting estimate.
1.3 Application
This section looks at the audit of a number of areas where fair value is a key issue. Note that whilst the
audit of fair value is important audit procedures also need to address other aspects too, for example
completeness, ownership, disclosure and so on.
Definition
Investment property: Property (land or a building- or part of a building- or both} held (by the owner
or by the lessee under a finance lease) to earn rentals or for capital appreciation or both, rather than for:
~ Use in the production or supply of goods or services or for administrative purposes; or
~ Sale in the ordinary course of business.
Propertyco Ltd wishes to adopt the fair value model in accordance with BAS 40. Currently all of the above
properties are recorded in the financial statements at fair value.
Based on the information above:
(a) Identify the audit issues which the auditor would need to consider
(b) List the audit procedures you would perform regarding fair values
See Answer at the end of this chapter.
© The Institute of Chartered Accountants in England and Wales, March 2009 477
Advanced Stage -Advanced Audit and Assurance
Actuarial assumptions should be used to make a reliable estimate of the amount of future benefits
employees have earned from service in relation to the current and prior years. Assumptions include, for
example, employee turnover, mortality rates, future increases in salaries (if these will affect the eventual
size of future benefits such as pension payments).
Step 2
These future benefits should be attributed to service performed by employees in the current period, and in
prior periods. This gives a total present value of future benefit obligations arising from past and current
periods of service.
3
The fair value of any plan assets should be established.
4
The size of any actuarial gains or losses should be determined, and the amount of these that will be
recognised.
5
If the benefits payable under the plan have been improved, the extra cost arising from past service should
be determined.
6
If the benefits payable under the plan have been reduced or cancelled, the resulting gain should be
determined
You should refer to your corporate reporting text if you require further revision of the accounting
treatment of pensions.
478 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
Audit evidence
Scheme assets (including ~ Ask directors to reconcile the scheme assets valuation at the
quoted and unquoted scheme year end date with the assets valuation at the reporting
securities, debt instruments, entity's date being used for BAS 19 purposes
properties) ~ Obtain direct confirmation of the scheme assets from the
investment custodian
~ Consider requiring scheme auditors to perform procedures
Scheme liabilities ~ Auditors must follow the principles of BSA 620 Using the Work
of an Expert to assess whether it is appropriate to rely on the
actuary's work
~ Specific matters would include
The source data used
The assumptions and methods used
The results of actuaries' work in the light of auditors'
knowledge of the business and results of other audit
procedures
Actuarial source data is likely to include:
~ Scheme member data (for example, classes of member and
contribution details)
~ Scheme asset information (for example, values and income and
expenditure items)
Actuarial assumptions (for Auditors will not have the same expertise as actuaries and are
example, mortality rates, unlikely to be able to challenge the appropriateness and
termination rates, retirement reasonableness of the assumptions. They should nevertheless
age and changes in salary and ascertain the qualifications and experience of the actuaries. Auditors
benefit levels) can, also, through discussion with directors and actuaries:
~ Obtain a generai understanding of the assumptions and review
the process used to develop them
~ Compare the assumptions with those which directors have used
in prior years
~ Consider whether, based on their knowledge of the reporting
entity and the scheme, and on the results of other audit
procedures, the assumptions appear to be reasonable and
compatible with those used elsewhere in the preparation of the
entity's financial statements
~ Obtain written representations from directors confirming
that the assumptions are consistent with their knowledge of the
business
Items charged to ~ Discuss with directors and actuaries the factors affecting current
operating profit (current service cost (for example, a scheme closed to new entrants may
service cost, past service cost, see an increase year on year as a percentage of pay with the
gains and losses on average age of the workforce increasing)
settlements and curtailments)
Where the results of auditors' work are inconsistent with the directors' and actuaries', additional
procedures, such as requesting directors to obtain evidence from another actuary, may assist in resolving
the inconsistency.
© The Institute of Chartered Accountants in England and Wales, March 2009 479
Advanced Stage -Advanced Audit and Assurance
(Also see Chapter 13 of this Study Manual for audit of remuneration packages).
480 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
You are the auditor of Russell Ltd. The draft financial statements for the year ending 31 December 20XS
show a profit before tax of CU400,000. Russell Ltd provided four of its directors each with 3,000 share
options on I January 20XS which vest on 31 December 20X7. The fair value of the options, determined by
use of the Black-Scholes model, is as follows:
CUIO At the grant date
CUll On I January 20X6
CUIS On I January 20X7
CUI3 On 31 December 20X7
The options are dependent on continued employment. All four directors are expected to remain. No entry
has been made in the financial statements of Russell Ltd in respect of the options on the basis that they do
not vest until 31 December 20X7.
Requirement
Identify the audit issues you would need to consider in respect of the share options.
See Answer at the end of this chapter.
2 Financial instruments
2.1 Introduction
In recent years there has been huge growth in the number and complexity of financial instruments available
for investment or issue by companies. This raises both accounting and auditing issues.
Definition
Financial instrument: Any contract that gives rise to a financial asset of one entity and a financial liability
or equity instrument of another entity.
This definition is very broad which means that many common balances fall within its scope including:
~ Cash
~ Trade payables and receivables
~ Loans payable and receivable
Financial assets at fair value through profit or loss Fair value (changes recognised in profit or loss)
482 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
~ Complexity of the accounting requirements of BAS 32 and 39. This increases the risk of error.
For example financial assets and liabilities must be classified as falling within one of four categories.
This categorisation determines their subsequent measurement (amortised cost or fair value). Incorrect
classification may have a significant impact on the financial statements
~ Determining fair values involves the use of valuation techniques including market estimates.
Judgements will need to be made to determine whether the valuation techniques and any estimates
made are reasonable. (See section I above)
~ Recognition of the costs associated with the instrument is not necessarily straightforward. For
example the discount on a discounted debenture should be treated as part of the overall cost of the
instrument and recognised over the life of the debenture.
Classification Review the terms of the financial instrument and confirm that they have been
classified in accordance with their substance. Where the company has designated
financial instruments to be treated at fair value through profit or loss there needs
to be evidence that the required conditions according to BAS 39 have been
satisfied at the date of designation. (e.g. that there is an accounting mismatch)
(see Financial and Corporate Reporting text for details of conditions for AFVTPL
designation)
Valuation: Confirm that all financial assets and liabilities have been valued at fair value
Initial fair Agree fair value to transaction price
value
Where part of the consideration has been given for something other than the
financial instrument assess valuation technique adopted, e.g. discounting of future
cash flows
Consider the impact of transaction costs where appropriate
Valuation: Verify the subsequent classification of financial instruments by enquiry of
management, as to their intention to sell in the short-term, or hold to maturity.
Subsequent
This information should be corroborated by a review of events after the end of
measurement the reporting period and of forecasts and projections.
Confirm that held to maturity investments and loans and receivables are
measured at amortised cost.
Check calculation of amortised cost complies with BAS 39:
~ The initial amount recognised for the financial asset
~ Less any repayments of the principal sum
~ Plus any amortisation
Confirm that the amount of amortisation has been calculated using the effective
interest method.
Confirm that financial assets and liabilities at fair value through profit or loss and
available-for-sale financial assets are remeasured at fair value
Where there is an active market agree fair value to quoted market price (current
bid price)
Where there is no active market assess the valuation technique adopted by
management and any assumptions made
(For further detail regarding the audit of fair values see section I above).
© The Institute of Chartered Accountants in England and Wales, March 2009 483
Advanced Stage- Advanced Audit and Assurance
3: Convertible debenture
On 1 January 20X8 Berriman Ltd issued a CUI 0 million debenture at par. The debenture has a nominal rate
of interest of 4% and is redeemable on I January 20Y3. On this date the holder has the option to convert
the debenture to 6 million CUI ordinary shares in Berriman Ltd. The fmancial statements currently show a
long-term liability which represents the net proceeds of the debenture. The first payment of interest on 31
December 20X8 has also been recorded.
Requirements
(i) Identify the issues surrounding this debenture
(ii) List the audit procedures you would perform
See Answer at the end of this chapter.
2.4 Derivatives
Definition
A derivative: is a financial instrument or other contract within the scope of BAS 39 with all three of the
following characteristics:
~ Its value changes in response to the change in a specified interest rate, financial instrument price,
commodity price, foreign exchange rate, index of prices or rates, credit rating or credit index, or
other variable, provided in the case of a non-financial variable that the variable is not specific to the
party to the contract (sometimes called the 'underlying')
~ It requires no initial net investment or an initial net investment that is smaller than would be required
for other types of contracts that would be expected to have a similar response to changes in market
factors; and
~ It is settled at a future date.
Derivatives include swaps, options, swaptions, forwards, and futures. BAS 39 requires that
derivatives be measured at fair value in the statement of financial position unless they are linked to, and
must be settled by, an investment in an unquoted equity instrument that cannot be reliably measured at fair
value. In such cases the derivative would be measured at cost instead, which, in many cases, would be close
to zero.
In general entities use derivatives to either speculate or offset risk (hedge). When changes in fair value
occur these can be recognised either in profit or loss, or in equity. As a general rule changes in fair value of
a derivative are recognised in profit or loss. However, when the derivative is used to offset risk and special
hedge accounting conditions are met, at least some changes in fair value may, optionally, be recognised as a
separate component of equity. This is hedge accounting under BAS 39.
Entities must properly identify derivatives per the criteria given in the definition above.
Derivatives are becoming a common way for companies to manage financial risk. For many entities, the use
of derivatives has reduced exposure to changes in exchange rates, interest rates and commodity prices as
well as other risks. However the inherent characteristics of derivatives may also result in increased business
risk in turn increasing audit risk and presenting new challenges to the auditor. For example values of
derivatives may be volatile. Large and sudden decreases in their value may increase the risk of a Joss arising
exceeding the amount, if any, recorded in the statement of financial position. In addition, because of the
complexity of derivative activities, management may not fully understand the risks of using derivatives.
While all financial instruments have certain risks as we have seen above, derivatives often have particular
features which leverage risk including the following:
484 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
© The Institute of Chartered Accountants in England and Wales, March 2009 485
Advanced Stage- Advanced Audit and Assurance
486 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
Authorised execution Derivative transactions are executed in accordance with the entity's
approved policies
C-omplete and accurate Information relatin-g to derivadves, including fair value information, is
information recorded on a timely basis, is complete and accurate when entered
into the accounting system, and has been properly classified,
described and disclosed
Prevention or detection of Misstatements in the processing of account-ing information-for
errors derivatives are prevented and detected in a timely manner
Ongoing monitoring Activities involving derivatives are monitored on an ongoing basis to
recognise and measure events affecting related financial statement
assertions
Valuation ··Changes in the value ofderivatives are appropriately accounted for
and disclosed to the right people from both an operational and a
control viewpoint. Valuation may be part of ongoing activities
In addition for derivatives designed as hedges, internal controls should assure that those derivatives
meet the criteria for hedge accounting, both at the inception of the hedge, and on an ongoing basis.
Control procedures
One of the most important control procedures identified by BAPS I0 12 is the reconciliation. It identifies
the following as being particularly relevant:
~ Reconciliation of dealers' records to records used for the ongoing monitoring process and the
position and profit or loss shown in the general ledger
~ Reconciliation of subsidiary ledgers, including those maintained on computerised databases to the
general ledger
~ Reconciliation of all clearing and bank accounts and broker statements to ensure all outstanding items
are promptly identified and cleared
~ Reconciliation of entity's accounting records to records maintained by service organisations, where
applicable
Tests of controls
Examples of tests of controls to consider include:
~ Reading minutes of meetings of those charged with governance for evidence that there is a periodic
review of derivative activities and hedging effectiveness
~ Test transactions to determine whether the entity has obtained required approvals for the
transactions and used only authorised brokers
~ Discuss with management whether derivatives and related transactions are being monitored and
reported on a timely basis and read any supporting documentation
~ Test recorded purchases of derivatives, including their classification and prices, and the entries used to
record related amounts
~ Test the reconciliation process. For example, organisations that have a large number of derivative
transactions may require reconciliation and review on a daily basis
~ Test the controls for unrecorded transactions e.g. examine third party confirmations
~ Test the controls over the adequate security and back-up of data to ensure adequate recovery in the
case of disaster.
© The Institute of Chartered Accountants in England and Wales, March 2009 487
Advanced Stage- Advanced Audit and Assurance
Substantive procedures
BAPS I 012 states that substantive procedures should be performed in accordance with the principles of
BSA 315. Specific examples of procedures in respect of key assertions are given as follows:
Existence and occurrence .. -·~··. -· .. ~~Confirmation wTtti.theholcler oficounterparty to the-derivative
Management representations
The extent to which representations will be sought will depend on the volume and complexity of derivative
activities.
488 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
© The Institute of Chartered Accountants in England and Wales, March 2009 489
Advanced Stage- Advanced Audit and Assurance
Solution
Capture of information: the primary source document is the trader's deal sheet. This document should
contain the date, time, the oil index, quantity traded, the position (Long or Short), nature of trade (Hedge
or Speculation) and the rationale for the trade.
Processing of information: the back office report should contain the same information as in the deal
sheet.
Confirmation of information: There should be a statement from the clearing agents (since these are
Futures) confirming the details. [Note that Swaps transactions would be confirmed differently, via
Counterparty and Broker confirmations and that Options are confirmed in the same way that futures are].
Depositing of margin money: There should be evidence that margin money had been deposited with
the exchange as required (in case the Mark to Market crosses the exchange's threshold limits).
Settlement: There will be clearing statements from clearing agents. These should be used in collaboration
with internally generated information to confirm that the appropriate settlement amounts exchanged hands.
Accounting: The deals have been accounted for correctly.
In all these processes controls will have been implemented and the auditor should identify these and assess
their utility.
4: level: Exam
You are the auditor in charge of the audit of Johannes Ltd.
On I January 20X7, johannes Ltd ("j"), entered into a forward contract to purchase on I January 20X9,
40,000 barrels of crude oil at $70 per barrel. J is not using this as a hedging instrument and is speculating
that the price of oil will rise and plans to net settle the contract if the price rises. J does not pay anything to
enter into this forward contract. At 31 December 20X7 the fair value of the forward contract has increased
to CU500,000. At the end of 20X8, the fair value of the forward contract has declined to CU400,000.
Requirement
(a) Identify the accounting entries you would expect to see at the inception of the contract, at 31
December 20X7, and at 31 December 20X8
(b) Identify the risks you would expect to find in this arrangement, and the audit procedures that you
would carry out
(c) Outline the steps that you would take to ensure compliance with BFRS 7 Financial Instruments:
Disclosures
See Answer at the end of this chapter.
490 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDITING FAIR VALUES
Summary
Risk
assessment
Evaluation of appropriateness
of fair value
Evaluation of whether:
Audit Assumptions are reasonable
procedures Appropriate modei!Jsed
- Relevant information used
Application
.Examples
Investment property
Pension costs ·
.Financial instruments
..,. Share based payments
Financial instruments
© The Institute of Chartered Accountants in England and Wales, March 2009 491
chapter 13
Introduction
Topic List
I Management choice in forming companies
2 Risk
3 Assurance
4 Obtaining new finance
5 Reward packages
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
Section overview
~ Companies arenormally formed for tax or legal reasons
~ Small company dynamics are key to understanding risk
1.1 Introduction
Small businesses can be run as a sole trade or partnership. Businesses often incorporate after they have
been running successfully as unincorporated for a few years. This could be due to legal or tax
considerations.
For the two examples below, do you think the courts would lift the veil of incorporation, thereby making
shareholders and/or directors personally liable for the debts of the company without limit?
Scenario I Karpaul Ltd
You are in the process of the audit for 31 December 20X7 and you discover a number of large credit notes
throughout the year addressed to group companies.
The sales director has informed you that the sales invoices to which the credit notes related were
incorrect. The original invoices did not relate to goods dispatched as claimed, but were used to receive an
advance from a debt factoring company in order to relieve cash flow difficulties to pay wages. Credit notes
were then issued and the advance repaid to the debt factors with interest.
Many of the company's creditors on average are more that 90 days old when normal credit terms are 40
days. Karen, the sales director owns the company jointly with her husband Paul, the finance director.
Scenario 2 Quality Training Ltd
Sarah Smith has been a successful tutor with a market leading accountancy training company for many years.
Sarah would like to start her own business, but is aware that her employment contract contains a valid
competition clause preventing her from becoming self employed within a certain radius of her former
employer in a certain time period.
Sarah decides to resign, as her husband already has a training company called Quality Training Ltd, which is
currently dormant. Sarah will become a shareholder and employee, and all contracts with customers will be
with Quality Training Ltd, not Sarah herself.
See Answer at the end of this chapter.
2 Risk
Section overview
• In Bangladesh, all registered ioint stock companies ar!') required by law to have an audit. Many EU
countries have a small compaQy exemption from audit. The exemption is based on the turnover of
the companies. The maximum turnover of a companywhich.qualifies as exempt under EU rules is
£6.5m (but additional conditions apply to total assets and the number of employees}.
Definition
Small entity: A small entity is any enterprise in which:
(a) There is concentration of ownership and management in a small number of individuals (often a single
individual), and
(b) One or more of the following are also found:
(i) Few sources of income and uncomplicated activities
(ii) Unsophisticated record-keeping
(iii) Limited internal controls together with potential for management override of internal controls
There has long been a debate over the benefits of audit to small companies. Where small companies are
owned by the same people that manage them, there is significantly less value in an independent review of
the stewardship of the managers than where management and ownership are separate.
The case for small companies to have an audit rests on the value of the statutory audit to those who have
an interest in audited accounts, that is, the users of the accounts. The users of the accounts will have
different ideas as follows.
Shareholders
Trade creditors
Tax authorities
Employees
Management
2 Risk
Section overview
~ In Bangladesh, all registered joint stock companies are required by law to have an audit. Many EU
countries hav:e a S1'!1alf company e.xe111pti.on from audit. The exemption is based on the turnover of
the companies. The maximum turnover 'of a company which. qualifies as exempt under EU rules is
£6.Sm (but additional conditions apply to total assets and the number of employees).
Definition
Small entity: A small entity is any enterprise in which:
(a) There is concentration of ownership and management in a small number of individuals (often a single
individual), and
(b) One or more of the following are also found:
(i) Few sources of income and uncomplicated activities
(ii) Unsophisticated record-keeping
(iii) Limited internal controls together with potential for management override of internal controls
There has long been a debate over the benefits of audit to small companies. Where small companies are
owned by the same people that manage them, there is significantly less value in an independent review of
the stewardship of the managers than where management and ownership are separate.
The case for small companies to have an audit rests on the value of the statutory audit to those who have
an interest in audited accounts, that is, the users of the accounts. The users of the accounts will have
different ideas as follows.
© The Institute of Chartered Accountants in England and Wales, March 2009 5I5
Advanced Stage- Advanced Audit and Assurance
Interactive
For each set of stakeholders, set out the arguments for and against making audits compulsory for small
companies.
Shareholders
Trade creditors
Tax authorities
Employees
Management
© The Institute of Chartered Accountants in England and Wales, March 2009 517
Advanced Stage- Advanced Audit and Assurance
5I8 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
Goods outwards ~ Are pre-numbered dispatch notes prepared for all goods leaving the
premises?
(Dispatches are
recorded, invoiced and ~ Are all dispatch notes:
accounted for) Accounted for?
- Cross-referenced with invoices and credit notes?
~ Is the proprietor satisfied that all goods leaving the premises have been
accounted for?
Inventory Does the proprietor scrutinise inventory regularly to:
(Inventory is kept ~ Keep abreast of what is in inventory?
secure and valued
~ Discover obsolete items?
properly)
~ Discover damaged articles?
~ Ensure that inventory levels are kept under control?
Although the above types of control are desirable and feasible, they are nevertheless relatively informal.
Consequently evidence of their performance tends to be lacking and they may indeed be overridden as
there is no check on the proprietor himself.
© The Institute of Chartered Accountants in England and Wales, March 2009 5I9
Advanced Stage- Advanced Audit and Assurance
3 Assurance
~ An audit provides assurance to the shareholders and otherstakeholders of a company on the financial
statements because it is independent and impartial ,
of assurance
Vera decides to set up a business selling flowers. She gets up early in the morning, visits the market, and
then sets up a stall by the side of the road. For the first year, all goes well. She sells all the flowers she is
able to buy and she derives some income from the business.
However, Vera feels that she could sell more flowers if she was able to transport more to the place where
she sells them, and she also knows that there are several other roads nearby where she could sell flowers,
if she could be in two places at once. She could achieve these two things by buying a van and by employing
other people to sell flowers on the other roads.
Vera needs more money to achieve this expansion of her business. She decides to ask her rich friend Peter
to invest in the business.
Peter can see the potential of Vera's business and wants to invest, but he doesn't want to be involved in the
management of the business. He also does not want to have ultimate liability for the debts of the business if
the business fails. He therefore suggests that they set up a limited company. He will own the majority of the
shares and be entitled to dividends. Vera will be managing director and be paid a salary for her work.
At the end of the first year of trading as a limited company, Peter receives a copy of the financial
statements. Profits are lower than expected, so his dividend will not be as large as he had hoped. He knows
that Vera is paid a salary so she does not care as much as him that profits are low.
Peter is concerned by the level of profits and feels that he wants further assurance on the accounts. He
doesn't know whether they give a true reflection on the last year's trading, particularly as the profits do not
seem as high as those Vera had predicted when he agreed to invest.
Requirement
How will an audit address Peter's concerns, and what other benefits might accrue?
Solution
The assurance Peter is seeking can be given by an independent audit or review of the financial statements.
An auditor can provide the two things that Peter requires:
~ A knowledgeable review of the company's business and of the accounts
~ An impartial view, since Vera's view might be biased
Other people will also view the company's accounts with interest, for example:
~ Creditors of the company
~ Taxation authorities
The various parties interested in the accounts of a company are sometimes referred to as stakeholders.
Although they will each judge the accounts by different criteria, they will all gain assurance from learning
that the accounts they are reading have been subject to an independent report.
520 © The Institute of Chartered Accountants in England and Wales, March 2009
Advanced Stage- Advanced Audit and Assurance
3.2.4 BSA 240 The Auditor's Responsibility to Consider Fraud in an Audit of Financial
Statements
Within small companies, the lack of control procedures can contribute to a higher risk of employee
fraud and error. This can be overcome, to a degree, by the presence of a dominant owner-manager, which
then becomes an important factor in the overall control environment. This can however be a potential
weakness, due to the opportunity for management to override controls.
BSA 240 requires discussion amongst the audit team of the susceptibility of the entity to material
frauds or errors. This discussion is still required for a small entity but is often overlooked due to the size
of the audit team.
In addition, BSA 240 requires auditors to ask management about their assessment of risk of fraud and error.
Even if management do not have a system of assessing risk, the enquiry should still be made as it provides
valuable information about the control environment.
Two management representations are required in this area: firstly, that management acknowledges its
responsibility for the implementation and operation of accounting and internal control systems that are
designed to prevent and detect fraud and error; and secondly, that management has disclosed to the
auditor the results of its assessment of the risk that the financial statements may be materially misstated as
a result of fraud. Management may be unwilling to provide these representations as these formal
procedures are unlikely to exist. It must be remembered that failure to provide the representations is a
limitation of scope.
(Para 34-38 BAPS I005)
522 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
3.2.2 BSA 220 Quality Control for Audits of Historical Financial Information
The audit of a smaller entity must still be compliant with BSAs. Most of these audits are conducted using
one audit partner, one manager and one audit senior, so although assignment and delegation are taking
place, it may be difficult to form an objective view on the judgements made in the audit.
If any of these issues are complex or unusual, the view of another audit partner should be sought. A
positive point of small entity audits is that due to the increased involvement of the audit partner, they
will already be aware of the material issues in the audit.
(Para 24-28 BAPS I005)
© The Institute of Chartered Accountants in England and Wales, March 2009 521
SMALL COMPANY AUDITS
© The Institute of Chartered Accountants in England and Wales, March 2009 523
Advanced Stage- Advanced Audit and Assurance
attention that causes the auditor to believe that the financial statements are not prepared, in all material
respects, in accordance with an identified financial reporting framework (limited assurance).
The major result for recipients of a review engagement is that the level of assurance they gain from it is not
as high as from an audit, although the procedures carried out in a review engagement are similar to an
audit.
;\~i~!~i~~~~~;~~
~·~.· ·~'?:c:m1~pf·th~s~ jltoble. , ...
.of ob~i~.iog'Ni'ai!9~ .';.: ·,
524 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
Medium sized companies often find that finance is available from a wider range of sources, for example
venture capitalists or private equity firms.
The difference in funding sources between small and medium sized companies is often known as the
funding gap.
It is legal and acceptable for a director to lend money to a company. The loan is
likely to be unsecured.
If a director wishes to secure the loan as a fixed or floating charge on assets,
Companies House must be notified within 21 days or the loan becomes unsecured.
Secured finance takes preference on a winding up as it ranks higher than an
unsecured loan (other than the prescribed part). It is likely that a bank will not allow
a director to have a secured loan if the bank is also providing a loan or even an
overdraft.
See section 3.2.9, the director may have to agree to subordinate the loan if the
company is in difficulty.
Another point to consider is the rate of interest paid to the director by the
company. If the interest rate is considered to be anything other than commercial,
this may cause a tax problem.
If the interest rate is excessively high, the director would be considered to have
received remuneration which will have to be declared on the directors personal tax
example: Assodated
Mr Joseph and Mr Mclean jointly own Silvership Entertainment Ltd and work as comedians. They each own
SO% of the shares and neither director has lent the company money.
Mr Joseph also jointly owns another company, Mickie Ltd with Mr Marshall, another comedian.
Mickie Ltd and Silvership Ltd are not associated companies for tax purposes, as they are not under the
common control of the same persons. The same persons do not control either one of them, the definition
of control being a >SO% interest.
However, if Mr joseph loans both companies money, he would be entitled to more assets on a winding up,
so would then be in control for tax purposes as his control of assets on a winding up would exceed SO%.
This would then mean that the companies would be associated due to common control by Mr Joseph, and
© The Institute of Chartered Accountants in England and Wales, March 2009 525
Advanced Stage- Advanced Audit and Assurance
the tax limits would need to be reduced to reflect this, potentially pushing each company into a higher tax
rate.
This treatment would apply even if the other directors loaned the companies the same amount, unless all of
the loans were made on the same day.
Audit of tax
If the companies were associated for tax purposes, the small and large tax limits for companies of
CU300,000 and CU 1,500,000 would need to be divided by the number of associated companies.
If Mickie Ltd and Silvership Ltd had profits of CU200,000 each, they would currently be paying tax at the
21% small companies' rate as they are below the CU300,000 limit. If these companies became associated,
the small company limit would be:
cu 300,000
- - - - = CU150,000
2 Companies
The companies would then pay tax at the full rate less marginal relief.
Although the scenario deals with tax rules, they will affect the verification of the tax charge in the accounts
so are important for audit staff.
Audit exemption
If Mickie Ltd and Silvership Ltd were previously audit exempt, it could be argued that due to their
association, they now form a group of companies. This is an example of substance over form but is also
explored in BFRS 3 Business Combinations, which states the many different ways a company can be
controlled, not restricted to shareholdings.
S Reward packages
526 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
Worked
In July 2007, the House of Lords gave their decision on one of the most important tax cases for small
companies in the past 25 years.
In the case Jones Vs Garnett (Artie Systems), the husband earned the revenue for the company and the wife
did some administration work.
The decision was that it is allowed for a wife to receive a reasonable wage for work done and to be taxed
on that wage as normal.
A future assurance issue would be the need to verify the wife's input to the business, by focusing on how
much work the wife did for the company and whether her wages were reasonable. This could be achieved
by assessing her level of work through observation or enquiry, or inspecting timesheets, if any.
© The Institute of Chartered Accountants in England and Wales, March 2009 527
Advanced Stage -Advanced Audit and Assurance
5.4.2 Reporting
Small company directors may not be aware that dividends no longer appear in the statement of
comprehensive income and that proposed dividends are not allowed to be a liability, so the auditor will
need to request adjustments to the accounts in these areas.
BAS I0 Events after the Reporting Period requires this treatment.
Another problem for auditors where dividends are paid is if the audit report is modified. When the
auditor modifies a report, there needs to be a statement in the report regarding the legality of any
dividends.
If a disagreement has led to the modification it is straightforward to decide whether any dividends are still
legal, as the disagreed figure can easily be quantified and used to assess the real distributable profits.
If a limitation on scope has taken place, for example no records for cash sales were available, the auditor is
unsure of the size of the potential error, so it is more difficult to comment on the legality of the dividend.
The auditors must therefore extrapolate the maximum possible error to comment on the dividend.
528 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
© The Institute of Chartered Accountants in England and Wales, March 2009 529
Advanced Stage -Advanced Audit and Assurance
Sales
Six sales staff are offered share options with a total value of CU I00,000 for each employee, dependent on
the company reaching sales growth targets in future. The options will vest if average growth is 13% or if
growth is IS% in any one year.
In year I, growth is 14% so the options do not vest. It is forecast that sales will be sufficient to meet target
next year.
cu 100,000
The expense in the accounts is therefore spread over two years, being 6 x = CU300,000.
2 yrs
In year 2, sales are only up by I0% so the options do not vest. It is anticipated that targets will be met in
year 3.
In year 2. the total expense will be
530 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
Requirement
Using the information provided, list the audit tests you would perform on the disclosure for Blackberry Ltd.
The average volatility for most quoted shares is 25-40% for their BFRS 2 expense. A more appropriate
figure for smaller entities would be lower, perhaps I 0-15% over three years.
532 © The Institute of Chartered Accountants in England and Wales, March 2009
SMALL COMPANY AUDITS
Summary
Risk Incorporation
Lack of internal
controls+
management Statutory audit is required
override /
Rewards
Choice of remuneration Financing gap
- scope for management
override of controls + Difficult to obtain
creative accounting finance - inherent risk
- audit problems with -liquidity issues
valuation of share based -funding
payments
© The Institute of Chartered Accountants in England and Wales, March 2009 533
Advanced Stage- Advanced Audit and Assurance
an increase in the fees may be justified by improved services not least because the two firms of accountants
are likely to work as efficiently as possible from a sense of professional pride.
Both firms must sign the audit report and both are responsible for the whole audit whether or not they
carried out a particular area of the audit programme. It follows that both firms will be jointly liable in the
event of litigation.
4 Global enterprises
Section overview
~ Global enterprises are particularly affected by the follo~ing risks:
Financial risks
,Political risks ..
Regulatory risks ·
·~ ·.··Internal C:6ntrdt w1.11. h'a~e l:o 'fiaV~r;;&~r4 'i6'a'~~~(~tX~f ~~~~~ re~~ir~illentr'
·~ . Compliance ~ill be ke~Jeat~ie Jfi~t~~ri~tio~~~bJ~ines~\trate&i .~•..
a
, ' '"':, -~- ··. · ·::<. ~:<,<,:f;){f:~n:::;}~~,>-~--~;~:~1. ·/·~':.:~?;·j:t>;,:,_.·<·::>.~-~-·~·-.:··-·.· .·!..;:~·-: . ;:"_--.,:~.'~""' :· ..__ ~ .·
~ ···.·.In response .to the tre.nd towards:globalis'ation.t~e ForUilJ of ~i~ms has ~eem founded
·: ; , · . ·
~:\"·-~ \:~. {.\~:;:::,·~:.:·:· ::~t:~~,::~.:ei· :·~,-~:/· '~( L~.-:·t+;·~~-t:S:f;:.:~:zt~,;:,~;~ ;. · ··" ··~;·~,\·;,.:~:·, ·"::f <
4.1 Introduction
Large businesses are increasingly becoming global organisations. This has implications for the business itself
and the way in which the audit is conducted. In the remainder of this section we will look at a number of
key issues affecting global organisations.
570 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
© The Institute of Chartered Accountants in England and Wales, March 2009 571
Advanced Stage- Advanced Audit and Assurance
572 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
Risk management
The management of a global enterprise will need to have regard to the corporate governance
requirements (see Chapter 3) as follows:
Control environment This sets the tone from the top of the organisation and will need
to be applicable at both a local and global level. Factors to
consider include:
~ Organisational structure of the group
~ Level of involvement of the parent company in components
~ Degree of autonomy of management of components
~ Supervision of components' management by parent company
~ Information systems, and information received centrally on a
regular basis
·····~··-·········
© The Institute of Chartered Accountants in England and Wales, March 2009 573
Advanced Stage- Advanced Audit and Assurance
where they involve transactions between companies which are resident in different countries), which might
be seen to offer some assurance that the practice has limitations.
One particular problem associated with transfer prices is in valuing a company or division as an independent
unit. Historical data may be virtually meaningless if major revenues come from inter-division or inter-
company recharges. Similarly, a division of a major company is likely to find major costs (e.g. rent) to be
much higher without the economic support of a parent.
Transfer pricing systems have four primary aims.
(I) To enable the realistic measurement of divisional profit.
(2) To provide producer and receiver with realistic income and cost.
(3) To avoid taking too much autonomy from managers.
(4) To ensure goal congruence and profit maximisation for the company as a whole.
A company could elect to avoid setting transfer prices, allowing managers to negotiate with each other
towards a mutually agreeable figure. However, if either party (or both) can buy/sell outside of the company
as well, there is a danger that the company under-utilises its own resources, while incurring unnecessary
expense because the two parties failed to agree on a price.
Where the product or service has a readily available outside market, internal transfers are unlikely to occur
unless the transfer price is similar to the market price. The transfer price may be slightly below the market
price to recognise the reduction in risk (e.g. no cash changes hands so no risk of bad debts) and likely
savings in packing and delivery.
Another method used to set transfer prices is 'cost plus'. The transferring division should be able to
recover its variable costs and any contribution lost because it diverted resources in order to fulfil the
internal transfer. The costs involved should be standard rather than actual, otherwise inefficiencies in the
selling division will be passed on to the buying division.
Of course, the selling division will need to recover its fixed costs in the long run and may demand some
contribution from the buying department. As a result of this issue, a company's transfer pricing system may
need to be more complex, with the two divisions recording different figures for a transfer (two-part
transfer pricing) which are reconciled at a later date.
Divisional manager autonomy may have to be partially sacrificed in order to achieve the other aims of
transfer pricing. This may involve divisions being set a transfer price (or range within which the price must
be) but being required to justify any external transactions before authority is given. An alternative solution
is to remove all internal transactions from divisional performance when managers are assessed but, where a
division relies solely/mostly on internal sales, this may be impossible without relegating the division to cost
centre status.
Company C is organised into two divisions, Division A and Division B. Division A can sell its product
outside the company at CU20 per unit or transfer internally to Division B at CU20 per unit. Division B's
usual selling price for its finished product is CU70. Division A's variable costs are CUI 0 per unit and its
fixed costs are CUS per unit. Division B's variable costs are CU IS per unit and its fixed costs are CUI 0 per
unit.
If Division B received an offer from a customer of CU30 per unit for its final product, with the transfer
price of CU20 it would not accept the offer as its books would show a negative contribution per unit of (30
- 20 - IS) CUS.
However, assuming that Division A has surplus capacity, this would not be the right decision from the point
of view of Company C as a whole as contribution would be (30 - I0- IS) CUS per unit.
If Division A is already operating at full capacity then there would be a lost external sales contribution in A
of (20 - I0) CUI 0. Therefore, in this situation, the company as a whole should also reject the offer because
the deal would represent a loss in potential contribution of CUS per unit.
4.5 Compliance
A key feature of any international business strategy is that it is likely to involve compliance with overseas
accounting and auditing regulations of the host countries in which an entity does business. The most
important piece of recent legislation in this respect has been The Sarbanes-Oxley Act. This is covered in
detail in Chapter 3 of this text.
Definition
Transnational audit: means an audit of financial statements which are or may be relied upon outside the
audited entity's home jurisdiction for purposes of significant lending, investment or regulatory decisions; this
will include audits of all financial statements of companies with listed equity or debt and other public
interest entities which attract particular public attention because of their size, products or services
provided.
Guidance: Other public interest entities shall include those entities in either the public or the private
sectors which have significant transactions across national borders, whether or not having either listed
equity or debt. These would include, for example, large charitable organisations or trusts, major
monopolies or duopolies, providers of financial or other borrowing facilities to commercial or private
customers, deposit-taking organisations and those holding funds belonging to third parties in connection
with investment or savings activities.
Significant transactions across national borders - shall include transactions such that there is a reasonable
expectation that the financial statements of the entity may be relied upon by a user outside the entity's
home jurisdiction for purposes of significant lending, investment or regulatory decisions. Significant in this
context does not include use of financial statements to establish normal trade terms with vendors or to
open accounts with financial institutions (i.e. accounts for purposes of collecting customer receipts or
making vendor payments). For the avoidance of doubt, an office required solely for the purpose of legal
formation and continuing legal existence in a particular jurisdiction does not constitute a significant
transaction across national borders.
In principle, the definition of transnational audit should be applied to the consolidated entity as a whole
including the individual entities comprising the consolidated entity.
Private company in US raising debt This would qualify as a transnational audit as it is reasonable
finance in Canada to expect that the financial statements of the company
would be used across national borders in obtaining the debt
financing.
Private Savings and Loans Although it could be considered a public interest entity,
operating entirely in the US (i.e. this would not qualify as a transnational audit assuming it
only US depositors and US can be demonstrated that there are no transnational users.
investments)
In applying the definition of transnational audit, there
should be a rebuttable presumption that all banks and
financial institutions are included, unless it can be clearly
demonstrated that there is no transnational element from
the perspective of a financial statement user and that there
are no operations across national borders. Potential
transnational users would include investors, lenders,
governments, customers, regulators, etc.
International charity taking This entity can clearly be considered a pubic interest entity
donations through various national and operating across borders. Further, the international
branches and making grants structure would create a reasonable expectation that the
around the world financial statements could be used across national borders
by donors in other countries if not by others for purposes
of significant lending, investment or regulatory decisions.
© The Institute of Chartered Accountants in England and Wales, March 2009 577
Advanced Stage- Advanced Audit and Assurance
5 Audit of banks
Section overview
~ The auditor of a bank may seek confirmation of certain balances from other. banks
~ Bank supervisors are concerned with maintaining the integrity of the banking system
~ The auditor is responsible for reporting to shareholders
5.1 Introduction
Banking is one example of a global industry which also affects all large companies. It is a regulated industry
which highlights issues faced by many large groups.
The details relating to bank auditing are complex and the key message to extract from the following is how
banking risk is managed and to determine how audits may be planned. Key sources of guidance include:
BAPS I 000 Inter-bank Confirmation Procedures
BAPS I 004 The Relationship Between Banking Supervisors and Banks' External Auditors
BAPS I006 Audits of the Financial Statements of Banks
578 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
© The Institute of Chartered Accountants in England and Wales, March 2009 579
Advanced Stage -Advanced Audit and Assurance
~ Replacement risk: failure of a customer to perform the terms of a contract. The contract will need
to be replaced, potentially at a loss
~ Reputational risk
~ Solvency risk: not having sufficient funds to meet obligations
The risks relating to a bank's business may be determined by:
~ The holding of large cash and negotiable instruments
~ Cross-jurisdiction transactions leading to complex management and recording of transactions
~ Very high leverage (the ratio of capital to total assets is low)
~ Being subject to rapid changes in value of assets and liabilities
~ The taking of short term deposits subject to potentially rapid withdrawals
~ Operations are geographically dispersed leading to decentralisation of authority and dispersal of
accounting and control functions
~ Transactions can often be directly initiated and completed by the customer without any intervention
by the bank
~ They are regulated by governmental authorities. Non-compliance with regulatory requirements could
have implications for the bank's financial statements
~ They are likely to be involved in complex financial instruments requiring carefully implemented control
procedures.
Point to not<O
The relevance of banking risk has been highlighted by the collapse of Lehman Brothers and the takeover of
HBOS by LloydsTSB in September 2008. Both banks were affected by their exposure to bad debts in the
mortgage sector.
Analytical procedures
From a performance management perspective, audit of banks may be conducted by review of key ratios to
highlight potential problem areas. The ratios that might be relevant under such circumstances are:
~ Asset quality ratios: e.g. Loan losses to total loans
~ Earnings ratios: e.g. cash and liquidity securities (for example, those due within 30 days) to total assets
~ Capital adequacy ratios: e.g. Equity as a percentage of total assets
~ Market risk: e.g. Effect of changes in interest rates on the bank's earnings or own funds
~ Funding risk: e.g. Average borrowing rate
580 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
Summary
- Acquisitions Issues:
- Bangladesh Risk
- Financial
-Overseas
-joint Ventures - Political
- Regulatory
-MBOs
- Internal control
-Disposals - Compliance
Continued Continued
below below
© The Institute of Chartered Accountants in England and Wales, March 2009 581
Advanced Stage -Advanced Audit and Assurance
l
J. 1
Principal auditors
(PAs) l Other auditors
I
Consider ~ ~
Materia lity of /'
Co-operate with
Determine how Responsible
portion of FS which
do not audit work of other
auditors affects
for opinion
on S's FS
and assist PAs 1
Degree of
knowle dge of their audit
\..
business of ~
compo nents
Acceptance
Nature of ISA 600
as PAs
relation ship with
firms acti ng as other ~
auditors Bring to attention
- Ability (where of PAs any matters
necessa ry) to relevant to PA's work
perform additional
procedu res to I
enable act as , ~ 1
principa I auditors
PA's duty to obtain Direct Refer in
Riskofmate rial
Info and explanation or auditors'
misstate ments in FS Communication
required by auditors report
of comp onents
audited by other .from overseas subs
auditors ~
/ Permission to """'
Reporting communicate
responsibilities refused. OAs notify
PAs ~ PAs agree
action with Parent's
~ 1 directors
I
As Parent's
Sole responsibility
auditors duty . for opinion on
to report on group ales
P's own FS
\.. \..
582 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
~
l
Obtain sufficient, appropriate
evidence that work of other
auditors (OAs) is adequate
~
Advise OAs of use to
be made of their work
and arrange to co-ordinate
I
l l
[Inform OAs [Advise OAs l
1 I
~ --r ~ ~ ~
Procedures Accounting,
Areas for auditing and
to identify Audit Independence
special reporting
intra-entity timetable requirements
consideration requirements
transactions
© The Institute of Chartered Accountants in England and Wales, March 2009 583
chapter 14
Introduction
Topic List
I Business structures
2 Group audits
3 Joint audits
4 Global enterprises
5 Audit of banks
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 547
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
Business structures
Section overview
~ The structure of a business has both accounting and auditing implications
~ The nature of the business structure will give rise to specific risks.
1.1 Introduction
Most quoted companies and many private companies are not single companies but groups of companies.
You will be familiar with this concept from your financial reporting studies. In the preparation of group
accounts the following accounting standards in particular must be complied with:
~ BFRS 3 Business Combinations
~ BAS 21 The Effects of Changes in Foreign Exchange Rates
~ BAS 27 Consolidated and Separate Financial Statements
~ BAS 28 Investments in Associates
~ BAS 31 Interests in joint Ventures
Many of the basic principles applied in the audit of a group are much the same as the audit of a single
company, however, there are a number of significant additional considerations. One of the key issues
will be the impact of the group structure on the risk assessment, including the process by which the
existing structure has been achieved, e.g. acquisition, MBO etc and/or changes to that structure. In many
cases the risk issues will be related to the accounting treatments adopted.
1.2.2 Costs
The change process will incur additional costs; these will need to be financed and accounted for.
Initially, costs may outweigh revenues achieved. The company will need to ensure that it can withstand this
potential loss-making situation.
Unfamiliarity of a market can result in costs being higher than necessary due to inexperience of pricing
policies or additional costs incurred to rectify mistakes or replace wastage.
© The Institute of Chartered Accountants in England and Wales, March 2009 549
Advanced Stage -Advanced Audit and Assurance
I .2.3 Accounting
Each type of change will result in accounting implications for the company; it may for example mean that the
company has to
~ Prepare group accounts for the first time
~ Satisfy the requirements of BFRS 5 Non-current Assets Held for Sale and Discontinued Operations in
relation to any disposals of material business segments
~ Consider provisions under BAS 37 Provisions, Contingent Uabi/ities and Contingent Assets
~ Provide disclosure of significant investments and financing
~ Account for new assets and liabilities being brought into the financial statements
~ Account for disposal of surplus assets
~ Account for purchase consideration, including related disclosures, whether cash, issue of shares or
other capital instrument.
1.2.4 Markets
Any movement into a new market has its risks. Again, inexperience of the new customers' needs or of a
new product make it easy for mistakes to be made.
1.2.5 People
People
Staff retained
~
Staff disposed of
I \
Staff coming from different Changes in systems or working If staff are to be disposed of, costs
organisations will now have to practices mean that staff will be such as redundancy need to be
work together. Problems arising inexperienced in their new roles. considered.
could include Examples include
~ Resentment from staff ~ Dealing with unusual Remaining staff may feel
who feel their company has transactions threatened by disposal of staff,
been taken over any cut backs encouraging them
to seek other employment.
~ Change in working ~ Dealing with unusual Remaining staff may feel burdened
conditions, wage rates, accounting systems. taking on disposed staffs
overtime working, benefits workload.
and other policies
~ Reorganisation of Staff may also face pressure from
hierarchical structure a change in the volume of their
work, especially if a company is
growing.
550 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
If staff have not bought in to the changes they are less likely to work effectively for the company resulting in
lower production, more mistakes and potentially even deliberate malicious action. All of these will increase
the business risk of the company.
1.2.6 Systems
All companies should have established systems and procedures; any major change undergone by the
company should cause a review of these systems to take place.
An expansion of the company into similar areas may not cause the existing system to change much beyond
an assessment of its ability to cope with an increased volume of transactions.
Movement into new areas will cause the most changes to the systems. Staff will need to be trained, or new
staff recruited. Inexperienced staff or poor quality systems will result in errors and a loss to the business.
1.3 Acquisitions
A company may choose to grow by buying another company; therefore this type of change will usually
involve the acquiring company buying an existing company. The acquiring company will obtain control of the
acquiree's assets and liabilities and be able to direct the future operations of that company.
Valuation of assets and liabilities These should be valued at fair value at the date of
acquisition. Valuations may also be required for
certain intangibles even where the intangibles were
not previously recognised in the individual financial
statements of the acquiree.
Valuation of consideration This should be at fair value and will include any
contingent consideration. Any deferred
consideration should be discounted.
Goodwill This must be calculated and accounted for in
accordance with BFRS 3.
Date of control The results of any subsidiary should only be
accounted for from the date of acquisition.
Level of control This will determine the nature of the investment and
its subsequent treatment in the group financial
statements e.g. subsidiary, associate.
Accounting policies I year end Accounting policies and year ends must be
consistent across the group.
------------·
Consolidation adjustments The group must have systems which enable the
identification of intra-group balances and
accounts.
--------·-···~----
Adequacy of provisions in the target company Whilst the acquirer is likely to know its plans, other
provisions may be necessary within the acquired
entity.
If such provisions are currently unrecognised and
have never been recorded (e.g. in board minutes),
there is a clear risk that the acquiring entity will
overpay.
© The Institute of Chartered Accountants in England and Wales, March 2009 551
Advanced Stage- Advanced Audit and Assurance
Use of provisions to manipulate post acquisition Provisions may be recognised at the point of
profits acquisition and then released at some point in
the future in order to make post change results
appear impressive. This may imply that change was a
correct business decision. The use of such
provisions has been reduced by BAS 37.
ventures
The Royal Bank of Edinburgh entered into several joint ventures:
(I) 'Ecost Personal Finance has made excellent progress since it was launched 18 months ago. To date, the
joint venture has acquired over 700,000 customers.
In a relatively short time, in partnership with Ecost, we have established a significant and innovative
new force in UK banking. We remain very optimistic about the prospects for Ecost Personal Finance
and our expectations remain that this business will move into profit in the near future.
(2) We have also received an encouraging response to the Branson One Account through our joint
venture with Branson Dlrect Personal Financial Services.'
Requirement
Using the CAMPS framework (see section 1.2.1) examine the risk factors associated with the Royal Bank of
Edinburgh joint ventures.
Solution
Costs
The set up costs of the two ventures will need financing. Will this be done from the existing funds within
the companies, or will external finance be needed?
As RBE is a financial institution, is it providing the bulk of the finance with loan amount outstanding to the
other parties?
How will the infrastructure be established? Who will pay for the Web site to be constructed and
maintained. What is the split of these costs?
What is the profit forecast for the first periods? Initial expenses are likely to exceed revenues, therefore
losses may be expected in the initial periods.
Accounting
RBE is already established in this market and is therefore likely to be providing the asset base to support to
activities. How are the assets valued in the joint venture accounts?
Is there any payment to be made to RBE for the knowledge and experience that it brings to the JV?
What is the type of venture?
What is the agreement on profit sharing? The underlying elements will need to be audited and the profit
share recalculated.
552 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
How long is the JV agreement for? To ascertain the correct write off period of assets.
Markets
The products are likely to be launched through the Internet; this may expand the customer base of the
companies. E-business has its own specific set of risks, these are covered in the Business Strategy section of
Business Environment.
People
It is likely that there will be a combination of staff involved from each of the parties, plus some additional
staff new to both organisations. The cultural and operational impacts (as explained in the main text) need to
be considered.
Systems
As these will effectively be new entities a complete new set of systems will need to be established. Risk will
be increased due to the unfamiliarity of the staff with these systems.
Responsibility for control. If the entity is a limited company then the directors will be responsible for
ensuring proper controls.
Obsolete inventory
Inventory which is no longer required will need to be written down. When carrying out the inventory
count, the auditor will need to ensure that all inventory relating to the discontinued activity is identified.
The following procedures should take place.
~ Discussions with management concerning net realisable value of inventory.
~ Investigation offuture costs relating to any modifications needed for the inventory.
~ Review of after date sales to assess likelihood of sale and sale proceeds.
Obsolete non current assets
Tangible non current assets- operational
If an operation has been withdrawn from, rather than sold as a business segment, it is likely that some non
current assets such as plant and machinery and property will remain with the company. The following will
need to be considered.
~ Net realisable value of non current assets (review of post year end sales invoices/review of trade
magazines).
~ Write down of non current assets to recoverable amount, surplus property to the market value.
~ Impairment reviews will need to be performed. This is likely to consider the remaining assets as
one cash generating unit; lack of future revenue from this unit is likely to result in the assets being
valued at their net realisable value (i.e. fair value less costs to sell) rather than their value in use.
Disposal of investments
Disposal of a subsidiary, or other investment, will need to be accounted for in the group and parent
company financial statements.
The auditor will need to ascertain the date of disposal, through inspection of sale agreements, to identify
the correct period of allocation to the accounts.
~ Parent company- The auditor will need to compare the sale proceeds (inspection of sale
agreements/bank receipts) with the carrying amount of the investment in the statement of financial
position to ensure that the correct profit or loss on disposal is accounted for.
~ Group accounts- The auditor would need to ensure that the investment is not included in the year-
end statement of financial position (unless some share holding remains). Amounts in the income
statement should be pro-rated for the number of months held.
554 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
2 Group audits
Section overview
~ The principal auditor has sole responsibility for the audit opinion in the group financial statements
~ The other auditors should cooperate with the principal auditors. In some cases this will be a legal
duty
~ The princip;~.l auditor will need to assess the extent to which the work of the other auditors can be
relied on
~ Specific audit procedures will be performed on the consolidation process
~ Where a group includes a foreign subsidiary compliance with. relevant accounting standards will need
to be considered
Risk assessment
© The Institute of Chartered Accountants in England and Wales, March 2009 555
Advanced Stage- Advanced Audit and Assurance
2.2.1 Acquisition
If the group audit includes a newly acquired subsidiary or a subsidiary which is disposed of compliance
with BFRS 3 will be relevant. The auditor will need to consider the following issues in particular:
556 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISF.S
Valuation of assets and liabilities at fair value A review will need to be taken of the fair value of
assets and liabilities at the date of acquisition,
adjusted to the year end. Review of trade journals
or specialist valuations may be required. Where
specialist valuers have been used (e.g. to value
brands) an assessment will need to be made on the
reliability of these valuations. Where intangibles
have been recognised on consolidation which
were not previously recognised in the individual
financial statements of the acquiree the auditor will
need to give careful consideration as to the
justification of this and whether the treatment is in
accordance with BFRS 3.
Estimates for provisions existing at the date of
acquisition will need to be assessed for reliability.
Valuation of consideration Contingent consideration should be included as
part of the consideration transferred. The discount
rate used to discount deferred consideration
should be validated and an assessment of the
likelihood of payment should be performed.
Goodwill The auditor will need to consider whether the initial
calculation is correct in accordance with BFRS 3.
Performance of the subsidiary company will need to
be reviewed to identify whether any impairment is
necessary.
Prior year audit of subsidiary As first year of inclusion of subsidiary, review last
year's audit report for any qualification and
consider implications for this year's audit if
necessary.
Planning issues Adjust audit plan to ensure visit to subsidiary is
included. If audited by another auditor contact
secondary auditor to discuss
~ Audit deadline
~ Type and quality of audit papers
~ Review of audit
Identification of consolidation adjustments.
Using the work of another auditor is discussed
further in section 2.3 below.
2.2.2 Disposal
Where the group includes a subsidiary which has been disposed of during the year the following issues will
be relevant:
~ Identification of the date of the change in stake
~ Assessment of the remaining stake to determine the appropriate accounting treatment post
disposal
~ Whether the profit or loss on disposal has been calculated in accordance with BFRS
~ Whether amounts have been appropriately time apportioned e.g. income and expense items
558 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
2.2.4 Materiality
Where a subsidiary is immaterial it can normally be ignored. However care should be taken with respect to
the following.
~ Apparently immaterial subsidiaries may be materially understated.
~ Several small subsidiaries may cumulatively be material.
·~ Subsidiaries with a small asset base may engage in transactions of significant value and which may be
relevant to understanding the group.
Definitions
Principal auditor: The auditor with responsibility for reporting on the financial statements of an entity
when those financial statements include financial information of one or more components audited by
another auditor.
Other auditor: An auditor, other than the principal auditor, with responsibility for reporting on the
financial information of a component which is included in the financial statements audited by the principal
auditor. Other auditors include affiliated firms, whether using the same name or not, and correspondents,
as well as unrelated auditors.
Component: A division, branch, subsidiary, joint venture, associated company or other entity whose
financial information is included in financial statements audited by the principal auditors.
The duty of the principal auditors is to report on the group accounts, which includes balances and
transactions of all the components of the group.
Principal auditors have sole responsibility for this opinion even where the group financial statements
include amounts derived from accounts which have not been audited by them. As a result, they cannot
discharge their responsibility to report on the group financial statements by an unquestioning acceptance of
component companies' financial statements, whether audited or not.
© The Institute of Chartered Accountants in England and Wales, March 2009 SS9
Advanced Stage- Advanced Audit and Assurance
560 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
© The Institute of Chartered Accountants in England and Wales, March 2009 561
Advanced Stage- Advanced Audit and Assurance
562 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
Compare the audited accounts of each subsidiary/associate to the consolidation schedules to ensure figures
have been transposed correctly.
Review the adjustments made on consolidation to ensure they are appropriate and comparable with the
previous year. This will involve:
~ Recording the dates and costs of acquisitions of subsidiaries and the assets acquired
~ Calculating goodwill and pre-acquisition reserves arising on consolidation
~ Preparing an overall reconciliation of movements on reserves and non-controlling interests
~ Adjust the individual subsidiary financial statements for differences in accounting policies compared to
the parent. This may include compliance with the accounting regulations of a different jurisdiction (e.g.
where the individual subsidiary is UK GAAP compliant and the group reports under BFRS)
3
For business combinations determine:
~ Whether combination has been appropriately treated as an acquisition
~ The appropriateness of the date used as the date of combination
~ The treatment of the results of investments acquired during the year
~ If acquisition accounting has been used, that the fair value or acquired assets and liabilities is
reasonable (to ascertainable market value by use of an expert)
~ Goodwill has been calculated correctly and if amortised, period of amortisation is reasonable
4
For disposals:
Agree the date used as the date for disposal to sales documentation
~ Review management accounts to ascertain whether the results of the investment have been included
up to the date of disposal, and whether figures used are reasonable
Step 5
Consider whether previous treatment of existing subsidiaries or associates is still correct
(consider level of influence, degree of support)
6
Verify the arithmetical accuracy of the consolidation workings by recalculating them
7
Review the consolidated accounts for compliance with the legislation, accounting standards and other
relevant regulations. Care will need to be taken where:
~ Group companies do not have coterminous accounting periods
~ Subsidiaries are not consolidated
~ Accounting policies of group members differ because foreign subsidiaries operate under different rules,
especially those located in developing countries
~ Elimination of intra-group balances, transactions and profits
Other important areas include:
~ Treatment of associates
~ Treatment of goodwill and intangible assets
~ Foreign currency translation
~ Taxation and deferred tax
~ Treatment of loss-making subsidiaries
~ Treatment of restrictions on distribution of profits of a subsidiary
~ Share options
© The Institute of Chartered Accountants in England and Wales, March 2009 563
Advanced Stage- Advanced Audit and Assurance
Review the consolidated accounts to confirm that they give a true and fair view in the circumstances
(including subsequent event reviews from all subsidiaries updated to date of audit report on consolidated
accounts)
level;
Your firm is the auditor of Varma Industries, a limited company, which has a number of subsidiaries in your
country (and no overseas subsidiaries), some of which are audited by other firms of professional
accountants. You have been asked to consider the work which should be carried out to ensure that intra-
group transactions and balances are correctly treated in the group accounts.
Requirement
(a) Describe the audit work you would perform to check that intra-group balances agree, and to state
why intra-group balances should agree, and the consequences of them not agreeing.
(b) Describe the audit work you would perform to verify that intra-group profit in inventory has been
correctly accounted for in the group accounts.
See Answer at the end of this chapter.
564 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
Saturn Ltd trades in Bangladesh preparing accounts to 31 March annually. Several years ago Saturn Ltd
acquired 80% ofthe issued ordinary share capital of Venus Inc which trades in Zorgistan. This country is
experiencing hyperinflation and severe political instability as a result. The local currency is the zorg but
Venus Inc has adopted the US$ as its functional currency. The presentation currency of the group is Taka.
Venus Ltd is audited by a reputable local firm of auditors.
Requirement
Identify the issues the auditor would need to consider in respect of the audit of the Saturn group financial
statements for the year ended 31 March 20X7.
See Answer at the end of this chapter.
© The Institute of Chartered Accountants in England and Wales, March 2009 S6S
Advanced Stage -Advanced Audit and Assurance
566 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
~ Known factors affecting the group that may provide the incentive or
pressure for group or component management or others to commit
fraud or indicate a culture or environment that enables those people to
rationalise committing fraud
~ The risk that group or component management may override controls
Understand internal Request details of material weaknesses in internal controls identified by
control across the group other auditors
Communicate material weaknesses in group-wide controls and significant
weaknesses in internal controls of components to group management
Ensure staff understand Plan early any specialist involvement, for example the use of a tax expert to
the technical deal with international issues or a valuation expert for share options
complexities of group
audits and know when to
bring in specialist help
Review other auditors' Group and other auditors should co-operate unless prohibited by law
working papers
Get group management to obtain the consent of subsidiary management to
communicate with the group auditor to deal with concerns about client
confidentiality and sensitivity
Consider whether holding discussions with or visiting other auditors could
deal with secrecy and data-protection issues
Review and update Provide formal training on group audits to supplement on-the-job
procedures and training experience
Review standard questionnaires for effectiveness
2.8.2 Objective
The stated objective of the ISA is to enable auditors to determine whether they can accept an
engagement as group auditor, to communicate clearly with component auditors about the scope and
timing of their work and obtain sufficient appropriate evidence to reduce the audit risk for the group
financial statements to an acceptably low level. This will be achieved by:
~ Determining what work should be carried out on the consolidation process
~ Determining what work should be carried out on the components
~ Establishing appropriate communication with other auditors
~ Evaluating audit evidence about the consolidation process and the components
Definition
Component. An entity or business activity for which group or component management prepares financial
information that should be included in the group financial statements.
Significant component. A component identified by the group engagement team (i) that is of individual
financial significance to the group, or (ii) that, due to its specific nature or circumstances, is likely to include
significant risks of material misstatement of the group financial statements.
The group auditor should be involved in the assessment of risk in relation to significant components.
If a component is financially significant to the group financial statements then the group auditor will require the
other auditors to carry out a full audit of that component, based on the materiality level the other auditors
have calculated for that component.
If a component is otherwise significant because it is likely to include significant risks of material
misstatement due to its nature or circumstances, the group auditors will require one of the following:
~ A full audit (using component materiality)
~ An audit of specified account balances relating to identified significant risks
~ Specif1ed audit procedures relating to identified significant risks.
Components not subject to these requirements will be subject to analytical review at a group level.
If audit work on:
~ Significant components
~ Group wide controls and the consolidation process
~ Analytical procedures performed at group level
does not give the group auditor sufficient appropriate audit evidence about the group financial statements,
the group auditor would request one of the three procedures outlined above (a full audit, an audit of
;specified account balances or specified audit procedures) or a review of other individually insignificant
components of group fmancial statements.
2.8.4 Consolidation
The group auditor will:
~ Obtain an understanding of group-wide controls and the consolidation process
~ Design and perform further audit procedures on the consolidation process to respond to the
assessed risks of material misstatement
~ Evaluate the appropriateness, completeness and accuracy of the adjustments and
reclassifications involved in the consolidation process.
568 © The Institute of Chartered Accountants in England and Wales, March 2009
BUSINESS STRUCTURES AND GLOBAL ENTERPRISES
3 Joint audits
Section overview
~ Both parties to a joint audit are responsible for the audit opinion
~ Both parties will have to assess the extent to which the other party can be relied on
~ Both parties are jointly liable in the event of litigation
Definition
joint audit: One where two or more auditors are responsible for an audit engagement and jointly produce
an audit report to the client.
Two or more firms of accountants could act as joint auditors for a number of reasons.
(a) Takeover. The holding company may insist that their auditors act jointly with those of the new
subsidiary.
(b) Locational problems. A company operating from widely dispersed locations may find it convenient
to have joint auditors.
(c) Political problems. Overseas subsidiaries may need to employ local auditors to satisfy the Jaws of
the country in which they operate. It is sometimes found that these local auditors act jointly with
those of the holding company.
(d) Companies preferring to use local accountants, while at the same time enjoying the wider range of
services provided by a large national firm.
© The Institute of Chartered Accountants in England and Wales, March 2009 569
chapter IS
Insolvency
Contents
Introduction
Topic List
I Insolvency
2 The role of assurance
3 Role and liability of auditors and directors in winding up
4 Insolvency legislation
Summary and Self-test
Technical reference
Answers to Self-test
Answer to Interactive question
© The Institute of Chartered Accountants in England and Wales, March 2009 599
INSOLVENCY
Insolvency
Section overview
~ A company is insolvent when it cannot pay its debts as they fall due
. Section overview
~ The insolvency issue ~ffects the pr6iesslonal ~ccountant
' ' ' - > >' ~ : ' ·: '' '', '
irl the r~le of:
• -' ~<:' '-
· ··Auditor
602 © The Institute of Chartered Accountants in England and Wales, March 2009
INSOLVENCY
Gunthorpe Plumbing Supplies ('Gunthorpe') is a wholly owned subsidiary of Lucknow Builders Merchants
('Lucknow') and has been trading at a loss for a number of years. The recent bleak economic climate has led
the directors of Lucknow to decide to put Gunthorpe into liquidation and make all the employees
redundant, including its three directors.
The three directors of Gunthorpe have decided to form a new company, Gunthorpe Plumbing Supplies
(200 I) ('Gunthorpe (200 I)'), and use their redundancy pay and personal savings to purchase all the shares in
the company.
The board of directors of Lucknow have agreed to sell the following assets and liabilities of Gunthorpe to
the new company.
(a) All the non-current assets except for one warehouse (see below)
(b) Trading inventory, and
(c) Trade receivables and payables
The price for the non-current assets has been agreed and the value of the trading inventories, receivables
and payables, will be confirmed at the date of transfer by an independent valuer.
The directors of Gunthorpe (200 I) propose to obtain additional finance in the form of a long term loan
from a merchant bank and working capital will be financed by a bank overdraft from their existing bankers.
The directors have asked you to assist-them in preparing a profit forecast and cash flow forecast for
submission to the two banks. They have provided you with copies of the detailed accounts of Gunthorpe
for the past five years, and they point out the following changes which, in their opinion, will enable the new
company to trade at a profit.
(a) The substantial management charge imposed by Lucknow will disappear. However, additional costs will
have to be incurred for services which were provided by the parent company, such as maintaining the
accounting records and servicing the company's vehicles
(b) Initially fewer staff will be employed
(c) Only one of the company's two premises is being taken over- the premises which are not being taken
over will be sold by Lucknow on the open market.
The directors have provided you with the following brief details of Gunthorpe's trade. It currently has a
revenue of about CUI million and is a wholesaler of plumbing equipment (copper pipes, pipe connections,
water taps etc) which are sold mainly on credit to plumbers and builders. Trade discount is given to larger
customers. There are some cash sales to smaller customers, but these represent no more than I0% of total
sales.
© The Institute of Chartered Accountants in England and Wales, March 2009 603
Advanced Stage- Advanced Audit and Assurance
Requirements
Describe the work you would perform to:
(a) Verify that the value of items included in the profit forecast are reasonable
(b) Verify that the value of items included in the cash flow forecast are reasonable.
See Answer at the end of this chapter.
· SeCtion· oye,.,.iew>.. .. . .· •.·. ·. ,•....:C\ ...... • . •''•:•''n : ... j,,o,:~<.· : ..•. , •,' l'F'"'' .
In real life, alidito~s· are 9fter1 blarrj¢d,.for.i~:~.a~e~61<;1!!r l~~ses,· .· ..·.• ·• ·• ..
The members of the .company;.t:.fi~ creditcn's o~l:he'Court.~iU n?r:ma[lyappoint anJn.solvency . ;
practitior1er Who wiHs~~ervise·'th~ 1~ttli.6g.of'creditclrs:~ln sprhe.situ~tion~ flle~dir~et6rs .can alsc;: .,., .
'll)<tke thi(aep?i nti1i!!r1t·, ,;: ;.~\::~?it"'.. I ~··,·'1'·it~:~·;:~:,:~;j;Itr;~·:=:;.:;('·.~.. . :. E· i ....r.··. ;;~·~· / ... ,.
I) The Court may, by order, nullify the transfer of any property of the debtor, whether made by the
debtor himself or by his legal representative or his heirs or administrator of other authorised
person within fifteen years immediately preceding the date of the order of adjudication, if the
604 © The Institute of Chartered Accountants in England and Wales, March 2009
INSOLVENCY
Court is satisfied that the transfer was made to defeat any debt owned by the debtor. but the
nullification shall not be applicable to the following transfers, namely:-
a. A transfer in favour of a purchaser or encumbrance for a proper value consisting of
goods;
b. A transfer of a property acquired by way of inheritance.
c. A transfer made, at any time within six years immediately preceding the date of the order
of adjudication, in favour of a person who proves that at the time of transfer the debtor
was able to pay , without the aid of the transferred property all the claims made in the
bankruptcy proceeding.
2) Where an order under subsection (I) is made nullifying a transfer, the property shall form part of
Estate and shall stand vested in the Receiver or as the case may be in the court and accordingly
possession thereof shall be taken over immediately.
I) Where-
a) A debtor transfers in any manner any of his property or makes any payment or incurs any obligation
in relation to his property, or allows himself to be affected by a judicial proceedings in favour of a
creditor at a time when he is unable to pay his debts as they become due, and
b) Such transfer or payment or obligation or the proceeding has the effect of giving any preference to
that creditor or surety or guarantor in relation to the debt due to that creditor; and
c) The debtor is adjudged bankrupt, or a reorganisation order is made, on a plaint presented within
one year after the date of such transfer or payment or obligation or initiation of the judicial
proceeding, the transfer or payment made or obligation incurred of the result of the proceeding
shall be deemed to be fraudulent and void as against the Receiver; and the Court shall nullify the
transfer, payment, obligation or the results of proceedings; and thereupon the Receiver shall
recover the property transferred or the payment made.
2) Provided that the Court shall not nullify any payment made to a creditor in the ordinary course of
business or to the extent that the creditor, being a regular supplier of goods or services to the
debtor provides additional goods or services on credit to the debtor after receipt of such payment.
This section shall not affect the rights of any person who, in good faith and for valuable consideration, has
acquired title through or under a creditor of the bankrupt.
© The Institute of Chartered Accountants in England and Wales, March 2009 605
Advanced Stage -Advanced Audit and Assurance
The auditors will keep their working papers as evidence of their review and as evidence that professional
standards were followed.
If the auditors are found to be negligent, this in itself would not be sufficient grounds for a lawsuit against
them.
The claimant needs to also prove that they suffered a loss as a direct consequence of the alleged negligence.
This means that a creditor or shareholder must have suffered a loss.
Finally, it has to be proven that sufficient proximity existed ·between the auditor, and the claimant. This
means that the auditor must have known the third party would place reliance on the audit report for a
specific purpose. Previous case law has shown that the auditor is responsible to shareholders as a whole,
but not individual or groups of shareholders. For this reason it is rare that auditors are sued for
negligence following insolvency of a company.
Following the collapse of Enron, the audit firm of En ron, Arthur Andersen, collapsed. Senior management of
En ron have been since imprisoned for fraud. Allegations of fraud have also extended to the bankers of the
company, and many connected people were given long prison sentences.
4 Insolvency legislation
. .
Section ·~verview
~ lrisolv~ncyprocedures in Baf1glades~~re.~bverf1edby tne <;oinparii.e~.Act 1994 arid thE;ll~sbJven~
Act 1986, whiCh ~~t ou~ all theaetaile4 rules andproceCiures thatmustbeJollbwe'd by insolvency '
practitioners in the course of administering an insolvency;.
',>; <' ' ,· • • '
.. .
4.1 Introduction
A company in difficulty or in crisis (an insolvent company) basically has a choice of two alternatives:
(I) To carry on with the business, using statutory methods to help remedy the situation
(2) To stop
A company which is heading towards insolvency can often be saved, using a variety of legal protections
from creditors until the problem is sorted out. The directors of a company can get into a lot of trouble if
they carry on trading through a company in serious financial difficulties, and their actions result in
creditors being defrauded.
However, alternative I does not have to mean carrying on as if everything is normal. It can mean seeking
help from the court or a qualified insolvency practitioner to put a plan together to save the
company and get it out of its poor financial position.
Unfortunately, many companies cannot be saved, and the members and directors are forced to take
alternative 2, to stop operating the business through the company. Liquidation, sometimes called 'winding
up', is when a company is formally dissolved and ceases to exist.
606 © The Institute of Chartered Accountants in England and Wales, March 2009
INSOLVENCY
4.2 Liquidation
Definition
Liquidation means that the company must be dissolved and its affairs 'wound up', or brought to an end.
The assets are realised, debts are paid out of the proceeds, and any surplus amounts are returned to
members. Liquidation leads on to dissolution of the company. It is sometimes referred to as winding up.
© The Institute of Chartered Accountants in England and Wales, March 2009 607
Advanced Stage- Advanced Audit and Assurance
608 © The Institute of Chartered Accountants in England and Wales, March 2009
INSOLVENCY
it is the liquidator's duty to continue it with a view only to realisation, for instance by sale as a going
concern.
Within 21 days of the making of the order for winding up (or of the appointment of a provisional liquidator)
a statement of affairs must be delivered to the liquidator (official receiver) verified by one or more
directors and by the secretary (and possibly by other persons). The statement shows the assets and
liabilities of the company and includes a list of creditors with particulars of any security.
The liquidator may require that any officers or employees concerned in the recent management of the
company shall join in submitting the statement of affairs.
4. 7 Chapter I I in the US
In the United States, the most common procedure for an ailing company is Chapter I I Bankruptcy, similar
to administration in the UK. This gives the company an opportunity to reorganise and emerge from
bankruptcy. Management are able to stay in charge while negotiating an outcome with creditors. At the
time of writing the fall out from the sub-prime lending problem in the US is causing a number of financial
services companies in the US to file under Chapter II, the most notable being Lehman Brothers Bank.
© The Institute of Chartered Accountants in England and Wales, March 2009 609
Advanced Stage -Advanced Audit and Assurance
4) If after the retention of the sums necessary for the administration expense and the Receiver's fee, all
the debts and claims specified in subsection (I) shall be paid forthwith in consideration of the
sufficiency of the Estate.
5) Where the debtor is a partnership firm, the partnership property shall be applicable in the first
instance in payment of the debts of the firm and if the Estate derived from such property is not
sufficient for such payment, the personal property of each partner shall be applicable in payment of his
debts and liabilities in relation to the firm.
6) Where, after application of the personal property or, as the case may be, of the partnership property
in pursuance of sub-section (i), there remains a surplus, it shall be dealt with as part of the partnership
property and shall be divisible among the partners in proportion to the rights and interests of each
partner in the partnership.
7) Subject to the foregoing provisions of this section, all debts entered in the schedule shall be paid
rateably according to the amounts of such debts respectively and without any preference.
8) Where there is any surplus after payment of all expenses, fees, debts and claims, it shall be applied in
payment of interest, calculating from the date on which the debtor is adjudged bankrupt, at a rate of
not exceeding six per cent per annum on all debts include in the schedule.
4. 9 Sec.-66: Fees of Receiver etc.-
I) Subject to the approval of the Court and the provision of section 64(3) (b), the Receiver shall be
entitled to take from the sale proceeds of the assets realised out of the Estate a fee of-
a. an amount not exceeding I0% of the first Tk I0, I0,000 or part thereof;
b. 5% of the amount in excess of Tk I0, I0,000 but not exceeding Tk2,00,00,000; and
c. I % of any amount in excess of Tk2, 00, 00,000.
2) A Receiver shall also be entitled to the reimbursement of all expenses actually incurred by him in
realizing and distributing the assets of the Estate or any part thereof, including the expense for giving
reward under section 71 (4).
Where the Receiver, pursuant to section 55, sells a property for the benefit of the secured creditor or
jointly for the benefit of the secured creditor and the Estate, he shall ordinarily be entitled to a fee, subject
to the approval of the Court and the provisions of sections 54(3) (b), of not more than 4% of the value of
such property sold, and the remaining portion of the sale proceeds, after deducting the amount spent on
the expense of the sale, shall be included in the Estate.
6I0 © The Institute of Chartered Accountants in England and Wales, March 2009
INSOLVENCY
Directors Responsibility
Auditor Responsibility
• Consider going concern basis
-Use financial and operating
indicators as required
• Consider disclosure of material
uncertainty about going concern
Introduction
Topic List
I The modern audit process
2 Process of planning
3 Understanding the entity
4 Business risk model
5 Audit risk model
6 Creative accounting
7 Analytical procedures
8 Materiality
9 Responding to assessed risks
10 Other audit methodologies
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 III
PLANNING AND RISK ASSESSMENT
1.1 Overview
Whilst there may be variations between specific procedures adopted by individual firms the modern audit
process is a well-defined methodology designed to enable the auditor to obtain sufficient, appropriate
evidence.
This process can be summarised in a number of key stages:
In this chapter we will consider stages 1-4. In Chapter 5 we will consider stage 5, and in Chapter 6, stages 6
and 7. However it is important not to view the audit as a series of discrete stages and individual pieces of
audit work. For example, it can be argued that all audit procedures which provide evidence are risk
assessment procedures whether they are conducted during planning, control evaluation, substantive testing
or completion. The modern audit process will adopt a strategy where complimentary evidence is acquired
and evaluated from a range of sources. The process is repeated until the auditor has obtained sufficient,
appropriate audit evidence which is adequate to form an opinion.
2 Process of planning
2.1 Introduction
Auditors are required to plan their work to ensure that attention is paid to the correct areas of the audit,
and the work is carried out in an effective manner.
In order to produce this plan the auditor must:
~ Understand the business, its control environment, its control procedures and its accounting system
~ Assess the risk of material misstatement
~ Determine materiality
~ Develop an audit strategy setting out in general terms how the audit is to be carried out and the type
of approach to be adopted.
~ Produce an audit plan which details specific procedures to be carried out to implement the strategy
taking into account all the evidence and information collected to date.
You have already covered planning and risk assessment issues in your earlier studies and the relevant BSAs
which include:
BSA 21 0 Terms of Audit Engagements
BSA 300 Planning an Audit of Financial Statements
BSA 315 Obtaining an understanding of the Entity and Its Environment and Assessing the Risks of Material
Misstatement
BSA 320 Audit Materiality
BSA 330 The Auditor's Procedures in Response to Assessed Risks
A number of issues are developed in the remainder of this chapter, however it is assumed that you are
already familiar with the basic requirements of the above BSAs. A summary of these and other related BSAs
can be found in the technical reference section at the end of the chapter for revision purposes.
3.1 Procedures
BSA 315 states that 'the auditor should obtain an understanding of the entity and its environment, including
its internal control, sufficient to identify and assess the risks of material misstatement of the financial
statements whether due to fraud or error, and sufficient to design and perform further audit procedures'.
Step I
Identify risks throughout the process of obtaining an understanding of the entity
Step 2
Relate the risks to what can go wrong at the assertion level
Step 3
Consider whether the risks are of a magnitude that could result in a material misstatement
Step 4
Consider the likelihood of the risks causing a material misstatement
Notice therefore that the stages of the planning process often take place simultaneously rather being
performed in sequence. For example, as the auditor learns more about the business certain risks will come
to light as a result. So the auditor is both gaining an understanding of the business and identifying risk by
adopting the same procedures. We will look at risk specifically in sections 4 and 5 of this chapter.
~ Risk of fraud
~ Its relationship with recent developments
~ The d~gree of subjectivity in the financial information
The fact that it is an unusual transaction
~ It is a significant transaction with a related party
~ The complexity of the transaction
Routine, non-complex transactions are less likely to give rise to significant risk than unusual transactions or
matters of director judgement because the latter are likely to have more management intervention,
complex accounting principles or calculations, greater manual intervention or there is a lower opportunity
for control procedures to be followed.
When auditors identify a significant risk, if they have not done so already, they should evaluate the design
and implementation of the entity's controls in that area.
3.2.1 Industry
The type of entity being audited will also have a significant impact on the audit plan. For example:
An understanding and appreciation of these differences will assist the auditor in identifying risk areas and in
developing an appropriate audit approach.
From the auditor's point-of-view, the different entities will result in a different audit approach for each
entity. For example, the lack of inventory in service industries will obviously mean h~ss time will be devoted
to that area. Conversely, the use of complicated costing systems will require use of specialist computer-
auditors to identify, record and test various computerised systems.
Financing ·Purchasing
Obtaining capital by borrowing Acquiring goods to support
or third parti~s i~vesting in the ·prod!Jcti~n and sales.of
company company's own products
Revenue
Generating revenue through .
sales of goods and obtaining ·
cash from debtors
Inventory management
Process of accu111ulating and
illocating costs to Inventory
··and work-in~progress
An understanding of each process focuses the auditor's attention on specific parts of the business.
Financing Verification of new share issues I confirming current account and loan balances
·-
and where necessary bank support for the business.
Purchasing Audit of the purchases transaction cycle and payables balance.
Human resources Audit of wages and salaries including bonuses linked to production or
commission on sales.
Inventory Audit of work-in-progress systems including year-end inventory valuation and
management identification of inventory below cost price.
Revenue Audit of sales transaction cycle and receivables balance.
The actual audit approach will depend partly on the audit methodology used which we will look at later in
this chapter.
Definitions
Financial Risks- are those risks arising from the company's financial activities (e.g. investment risks) or
the financial consequences of operations (e.g.-receivables risks).
Examples: going concern, market risk, overtrading, credit risk, interest rate risk, currency risk, cost of
capital, treasury risks. · ·
Operating Risks -are those risks arising from the operations of the business.
Examples: loss of orders; loss of key personnel; physical damage to assets; poor brand management;
technological change; stock-outs; business processes unaligned to objectives.
Compliance Risks- are those risks arising from non-compliance with: laws, regulations, policies
procedures and contracts.
Examples: breach of company law, non compliance with accounting standards; listing rules; taxation; health
and safety; environmental regulations; litigation risk against client.
Business risk may be caused by many factors, or combination of factors including the following:
~ Complex environment
~ Dynamic environment
~ Competitors' actions
~ Inappropriate strategic decision making
~ Operating gearing
~ Financial gearing
~ Lack of diversification
~ Susceptibility to currency fluctuations
~ Inadequate actual or contingent financial resources
~ Dependence on one or few customers
~ Regulatory change or violation
~ Adequacy and reliability of suppliers
~ Over-trading
~ Developing inappropriate technology
~ Macro-economic instability
~ Poor management
Clearly different risks will impact upon businesses in different ways. Moreover, even within one company,
different stakeholders may be affected differently. For example:
~ Few risks may affect debt-holders who have good security
~ One company may not be diversified but shareholders, who hold diversified portfolios, my be- they
would therefore view risk differently from other stakeholders
~ Directors who determine business strategy may take decisions more in line with their own risk
preferences, rather than those of other stakeholders to whom they are accountable
In practice each of these stages is complex. These are covered in the Business Analysis text so we will not
cover them in detail here. However, you should note the following as being particularly relevant to the
auditor:
Low . (cost/beciefit)
Periodic review . ·
This method of risk assessment can be used by both the business and the auditor alike.
., Objectives
., Business strategy
., Risk management procedures
., Industry environment
., Economic environment
This approach to the audit has been called a 'top-down' approach, because it starts with the business and
its objectives and works back down to the financial statements, rather than working up from the financial
statements which has historically been the approach to audit involving detailed tests of transactions and
balances. The BRM therefore looks at the 'big risks' that may significantly threaten the valuation, profitability
or even the going concern of the business. Those who support this approach argue that the key audit risks
are more likely to relate to the failure of the company's strategy than the misstatement of a transaction.
The BRM does not, however, seek to replace the more traditional audit risk model (see section 5). Rather,
it seeks to expand it by taking a different perspective of risk. Instead of viewing risk from the perspective of
the financial statements, it views it from the client's penpective in terms of its objectives and business
environment. In this way the context and underlying economic events which financial statements record are
taken into account.
In particular, the BRM focuses on a company's critical business processes, which are those processes that
are key to the way a business operates and determines its success. (For example the process of
development of new vehicles may be key to the success of a car manufacturer). We looked at business
processes in section 3.2.2. Supporters of the BRM argue that it is only by understanding how the entity
conducts its business and the underlying strategy that one can understand the risks associated with
how those activities are recorded in the financial statements.
A key element in the application of the BRM is that, having identified relevant business risks, they need to
be specifically linked to control risks and ultimately to the risk of financial reporting misstatement.
The following table demonstrates the way in which business risks can have implications for the financial
statements and therefore the audit.
Economic pressures causing reduced unit sales and Inventory values (BAS 2)
eroding margins.
Going concern
Economic pressures resulting in demands for Receivables recoverability
extended credit
Product quality issues related to inadequate Inventory values - net realisable value and
control over supply chain and transportation inventory returns
damage.
Customer dissatisfaction related to inability to Going concern
meet order requirements.
Customer dissatisfaction related to invoicing Receivables valuation
errors and transportation damage.
Unacceptable service response call rate related to Going concern
poor product quality
Litigation - provisions and contingencies
Inventories - net realisable value
Out of date IT systems affecting management's Anywhere
ability to make informed decisions.
Extensive use of freelance and contract labour Employees' Nl (May be understated if
resulting in issues regarding their employment freelancers/contract workers are deemed to be
status employees)
Fines - provisions and contingencies
4.3.2 Application
There is no auditing standard covering the BRM, so its application may vary significantly from audit firm to
audit firm. The following are, however, some common themes relevant to its application
Identifying business risks
The techniques and models used by the auditor to identify key business risks are likely to parallel those
used by management. These models are included in the brought forward material from Professional Stage
Business Management and may briefly be summarised as set out below.
~ Porter's five forces model - Examines the forces affecting an industry's competitive environment
(customers, suppliers, competitors, new entrants, substitutes).
~ Porter's value chain- Relates a company's resource profile to its strategic performance in obtaining
competitive advantage.
~ PEST (or PESTEL) analysis- Considers the impact of external forces upon the company. (PEST is
Political, Economic, Social, Technological. PESTEL adds Environmental and Legal.)
~ SWOT analysis - Considers the internal and external factors affecting the position of the business
(strengths, weaknesses, opportunities, threats}.
Evaluating risk management procedures
An entity should have a system of monitoring risk management procedures to ensure that they are working
effectively. Auditors need to place a reliance not only on the risk management procedures themselves but
the manner in which such procedures are monitored and controlled.
The system of monitoring is likely to vary from company to company depending upon the risk management
procedures in place and the nature and scale of the risks being faced. Typical risk monitoring procedures
may, however, included.
~ Formalised reporting from line management
~ Internal audit reviews
~ External audit/assurance/consulting reviews
~ Embedded risk management procedures
~ Appropriate planning procedures
~ Control risk self assessment (CRSA) (allocate responsibility to department manager for risk control)
A key point is that controls for mitigating risk should be embedded into the processes and culture
which are used to achieve an organisation's objectives. A series of occasional or one-off exercises are
unlikely to be effective. As such it should be a part of normal and regular internal reporting procedures.
Impact on audit procedures
This can be summarised as follows:
Tests of controls As the auditor pays greater attention to the high level controls used by
directors to manage business risks, controls testing will be focused on items
such as the control environment and corporate governance than the detailed
procedural controls tested under traditional approaches.
Analytical Analytical procedures are used more heavily in a business risk approach as
procedures they are consistent with the auditor's desire to understand the entity's
business rather than to prove the figures in the financial statements.
Detailed testing The combination of the above two factors, particularly the higher use of
analytical procedures will result in a lower requirement for detailed testing,
substantive testing will not be eliminated completely.
124 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND R!SK ASSESSMENT
Joseph feels that the decline is due in part to the competitiveness of the market and the trend towards
computer games. KidsStuff Ltd does not have a strong market presence in this area but this is currently
being addressed by Joseph's son, Neil, who is confident that performance has improved.
You have received the following e-mail from the engagement partner.
From Allan Partner
To Audrey Senior
Subject KidsStuff Ltd
I know you are about to start work on your planning of this audit. Can you make sure that you specifically
identify the business risks faced by KidsStuff Ltd and set out the effect of those on the audit. Can you also
make a list of the further information you need in order to plan the audit so that I can request it from the
directors.
Requirement
Respond to the engagement partner's e-mail.
Definition
Audit risk: is the risk that auditors may give an inappropriate opinion on the financial statements. Audit
risk has two key components; risk of material misstatement in financial statements (financial statement risk)
and the risk of the auditor not detecting the material misstatements in financial statements (detection risk).
Financial statement risk breaks down into inherent risk and control risk.
Inherent risk: is the susceptibility of an account balance or class of transactions to material misstatement,
either individually or when aggregated with misstatements in other balances or classes, irrespective of
related internal controls.
© The Institute of Chartered Accountants in England and Wales, March 2009 125
Advanced Stage- Advanced Audit and Assurance
Point to note
The terms 'inherent risk', 'control risk' and 'detection risk' are key to understanding the audit risk model.
This model will then assist in the determination of the extent and type of procedures to be performed. For
example, the higher the assessment of inherent and control risk, the lower the assessment of detection risk
resulting in more evidence being obtained from the performance of substantive procedures.
Point to note
~ One of the criticisms of the ARM is the 'compensatory' approach it takes. In the table above, high
inherent and control risk is compensated for by low detection risk. Arguments have been put forward
(for example in the KPMG publication 'The 21" Century Public Company Audit') that evidence should
be complementary rather than compensatory.
~ Inherent risk and control risk are either 'high' or 'low' in the above table. This 'all or nothing'
approach is adopted by some audit firms. Thus, for instance, where there is a significant risk event
with respect to an audit area, then the inherent risk would always be deemed to be high. Other audit
firms may see risk as a spectrum with, for instance, an intermediate rating of 'moderate risk' where
there would be some reliance gained from inherent assurance, despite there being some measure of
risk observed.
126 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
· EValuate'tlle"ehtlty's fesf)()ns~s t6 •
.thi:J$e busrness riskS and obtain
.evidence oftherr Jmpleme~tatlol'l·
Computer viruses could lead to significant loss of Uncertainties over going concern may not be fully
sales disclosed
Breaches of data protection law and other Provisions relating to breaches of regulations may
regulations could result in the company suffering be omitted or understated
financial penalties
The business may suffer losses from credit card Losses arising from frauds may not be recognised
fraud in the financial statements
© The Institute of Chartered Accountants in England and Wales, March 200,9 127
Advanced Stage- Advanced Audit and Assurance
Inherent risk is the risk that items will be misstated due to characteristics of those items, such as the fact
they are estimates or that they are important items in the accounts. The auditors must use their
professional judgement and the understanding of the entity they have gained to assess inherent risk. If no
such information or knowledge is available then the inherent risk is high.
Integrity and attitude to risk of directors and Domination by a single individual can cause problems
management
Management experience and knowledge Changes in management and quality of financial
management
-··· --·-·-··-· --·-·- ---·---········-·-·-····-··-··-··-
© The Institute of Chartered Accountants in England and Wales, March 2009 129
Advanced Stage -Advanced Audit and Assurance
Points to note
I. There will not be one strategy for the entire audit. Each business process or specific audit assertion
will be allocated its own strategy. Similarly, each audit assertion may be allocated a different "mix" of
reliance and substantive strategy.
2. Auditing Standards do require some substantive testing for each material class of transactions, account
balances and disclosure, so the audit strategy for any one assertion will never be completely a reliance strategy.
3. It is possible, however (but unusual) that substantive testing may comprise entirely of analytical
procedures, without any tests of details being carried out.
An auditor is more likely to follow a reliance strategy where:
~ An entity uses electronic data interchange to initiate orders; there will be no paper
documentation to verify.
~ An entity provides electronic services to its customers e.g. an Internet Service Provider or telephone
company. No physical goods are produced with all information being collected and billing carried out
electronically.
The test is for understatement
An auditor is more likely to follow a substantive strategy where:
~ There are no controls available for a specific audit assertion
~ The controls are assessed as ineffective
~ It is inefficient to test the effectiveness of the controls
~ The test is for overstatement
Whichever strategy is chosen, the auditor will document the reasons for choosing that strategy and then
perform detailed auditing procedures in accordance with that strategy.
Control environment
Within an entity, the control system works within the control environment. A poor control
environment implies that the control system itself will also be poor, because the entity does not place
sufficient emphasis on having a good control environment.
So, the control environment sets the philosophy of an entity effectively influencing the "control
consciousness" of directors and employees.
Factors affecting the control environment include:
Communication and An organisation should try to maintain the integrity and ethical standing
enforcement of integrity of the employees. Membership of a professional body helps enforce
and ethical values ethical standards for professional staff. Ethics in other areas are maintained
by ensuring rules do not encourage unethical conduct (e.g. unrealistically
high sales targets to earn commissions).
Commitment to Each job should have a job description showing the standards expected in
competence that job. Employees should then be hired with the competences to carry
out the job without compromising on the quality of work produced.
Involvement of those Those charged with governance should take an active role in ensuring
charged with governance ethical standards are maintained. For example, the audit committee should
ensure that directors carry out their duties correctly in the context of the
audit. Similarly, those charged with governance must ensure appropriate
independence from the company they are governing.
Management philosophy Management should set the example of following ethical and quality
standards. Where management establish a risk management system and
regularly discuss the effect of risks on an organisation then the auditor will
gain confidence that the overall control environment is effective.
130 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
Structure of the The structure of the organisation should ensure authority is delegated
organisation appropriately so that lower management levels can implement appropriate
risk management procedures. However, responsibility for risk management
overall is maintained by the board.
Reporting hierarchy Within the organisation's hierarchy, each level of management has
responsibilities for risk included in their job description. There should also
be a clear reporting system so that objectives for risk management are
communicated down the hierarchy, while identified risks are communicated
back up the hierarchy for action.
HR policies and HR policies should have appropriate policies for ensuring the integrity of
procedures staff, both for new employees and for continued training and development.
From a review of these factors, the auditor will form an opinion on the effectiveness of the control
environment. The auditor will also consider the means by which the entity monitors controls e.g. by the
internal audit department (see Chapter 9). This then in turn affects the opinion on how well the internal
control systems will be implemented and operated.
Control risk will also increase where specific events occur within an organisation. Events that tend to
increase control risk include:
• Use of new technology
• New or substantially amended information systems
• Hiring of new personnel, especially into key management roles
• Changes to the regulatory or operating environment
• Significant growth in the organisation
• Restructuring of the company or group
• Expansion of overseas operations
commitment, which was not the case in Xerox. The case also identifies that control systems are susceptible
to management override - so if management decide to amend the financial statements, there may be little
that employees can do - possibly apart from Whistle-blowing with the potential adverse consequences of
that decision. Note that the audit partner was replaced in this case.
Control activities
Having assessed the control environment, the auditor will then identify and assess the control activities
carried out by management. Control activities in this context are the policies and procedures that help
ensure management's directives are carried out.
Control activities that the auditor will investigate include:
Physical Controls to ensure the security of assets including data files and computer programs
controls (e.g. not simply tangible assets such as company motor vehicles).
Segregation Segregation of the authorisation of transactions, recording of transactions and custody
of duties of any related assets. For example, employees receiving cash should not be responsible
for recording that cash in the receivables' ledger- teeming and lading could occur.
Performance Reviews to check the performance of individuals are carried out on a regular basis. The
reviews review includes comparing actual performance against agreed standards and budgets
and accounting/obtaining reasons for any variances.
Information These are controls to check the completeness, accuracy and authorisation of the
processing processing of transactions. Two types of controls are generally recognised:
controls
~ General controls - over the information processing environment as a whole, for
example to ensure the security of data processing operations and maintenance of
adequate backup facilities.
~ Application controls - over the processing of individual transactions again ensuring
the completeness and accuracy of recording.
-----------·-·---------------------------
Where the auditor is satisfied regarding the ability of the control environment to process transactions
correctly and control activities to identify weaknesses in that processing, then control risk can be set to a
low figure. Obviously, where the control environment is weak, and control activities are missing, then
control risk will be set to a higher level.
Control activities for transaction assertions
Within each class of transactions, the auditor will ensure that specific audit assertions have been achieved
(see Chapter 5 for a revision of audit assertions). Remember that for each assertion, a different "mix" of
control and substantive procedures may be used.
For each of the audit assertions relevant to transaction testing, specific control activities are normally
available. The assertions and control activities are summarised below:
~-
,:
recorded in the correct accounting of transactions
period
~ Internal verification of cut-off at year
end _,~ ,,
Classification Transactions and events have been ~ Agreeing transactions against chart of
recorded in the proper accounts accounts
~ Internal verification of the accuracy of
posting
Monitoring controls
The auditor should also assess the means by which management monitors internal control over financial
reporting. In many entities internal auditors fulfil this function. You have studied BSA 61 0 Considering the
Work of Internal Audit in your earlier studies. A brief revision of BSA 610 can be found in Chapter 9.
© The lnstiwte of Chartered Accountants in England and Wales, March 2009 133
Advanced Stage- Advanced Audit and Assurance
6 Creative accounting
134 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
6.1 Introduction
One of the factors affecting the overall level of financial statement risk is the potential for creative
accounting.
Directors have choices and they may exercise those choices to recognise values that do not reflect
economic reality. A prime example is the choice of the cost model when an asset's fair value is significantly
higher than cost. (note: if an asset's fair value and value in use were lower than cost, then an impairment
would be required under BAS 36 and directors would not have the discretion to disclose at cost}.
Directors are more likely to make use of their discretion to mislead financial statement users if they have
the opportunity (e.g. imprecise accounting regulations, weak auditors) and incentives (e.g. approaching
the breach of a debt covenant, an impending take-over, profit-based bonus) to do so.
Definition
Creative accounting: The active manipulation of accounting results for the purpose of creating an altered
impression of the underlying financial position or performance of an enterprise by using accounting rules
and guidance in a spirit other than that which was intended when the rules were written.
This well-documented practice is a potential problem for auditors in assessing the underlying performance
and position of a company and recent evidence suggest that it is one of the major issues facing financial
reporting.
Accounting measures involve a degree of subjectivity, choice and judgement and it would be wrong to
describe all such activity as creative accounting. Moreover, creative accounting normally falls within
permitted regulation and is not therefore illegal. It is thus ofte'l a question of fine judgement as to when
creative accounting is of such an extent that it becomes misleading.
The spectrum of creative accounting practices may include the following (commencing with the most
legitimate}:
~ Exercise of normal accounting policy choice within the rules permitted by regulation·(e.g. FIFO or
average cost for inventory valuation).
~ Exercise of a degree of estimation, judgement or prediction by a company within reasonable
bounds (e.g. non-current asset lives).
~ Judgement concerning the nature or classification of a cost (e.g. expensing or capitalising costs).
~ Systematic selection of legitimate policy choices and estimations to alter the perception of the
position or performance of the business in a uniform direction.
~ Systematic selection of policy choice and estimations that fall on the margin of permitted
regulation (or are not subject to regulation) in order to alter materially the perception of the
performance or position of the business.
~ Setting up of artificial transactions to create circumstances where material accounting
misrepresentation can take place.
~ Fraudulent activities.
It can thus be a matter of fine judgement for an auditor as to where within this spectrum creative
accounting becomes unacceptable.
Companies may also seek to manipulate the perception of their performance and position by altering
underlying transactions, rather than just the way they are recorded. Accounting regulation seeks to limit the
effects of this behaviour in a number of ways as previously discussed. Nevertheless, while it may seek to
report faithfully transactions that actually take place, it cannot regulate for transactions which do not take
© The Institute of Chartered Accountants in England and Wales, March 2009 135
Advanced Stage- Advanced Audit and Assurance
place, or which are delayed in order to manipulate the perception of performance or position. These might
include:
~ Deferring discretionary expenditure (e.g. maintenance costs, R&D)
~ Changing the timing of the sale of investments or other assets
~ Delaying investment or financing decisions.
~ Accounting based contracts- where accounting based contracts exist (e.g. loan covenants, profit
related pay) then any accounting policy that falls within the terms of the contract may significantly
impact upon the consequences of that contract. For example, the breach of a gearing based debt
covenant may be avoided by the use of off-balance sheet financing.
~ Incentives for directors- there may be personal incentives for directors to enhance profit in order
to enhance their remuneration. Examples might include: bonuses based upon EPS, or share incentive
schemes and share option schemes that require a given EPS before they become operative. Directors
may also benefit more indirectly from creative accounting by increasing the security of their position.
~ Taxation- where accounting practices coincide with taxation regulations there may be an incentive
to reduce profit in order to reduce taxation. In these circumstances, however, it may necessary to
convince not only the auditor, but also NBR..
~ Regulated industries -where an industry is currently, or potentially, regulated then there may an
incentive to engage in creative accounting to reduce profit in order to influence the decisions of the
regulator. This may include utilities where regulators may curtail prices if it is perceived that excessive
profits are being earned. It may also be relevant to avoid a reference to the Competition Commission.
~ Internal accounting- a company as a whole may have reason to move profits from division to
division (or subsidiary to subsidiary) in order to affect tax calculations or justify the closure/expansion
of a particular department.
~ losses - companies making losses may be under greater pressure to enhance reported performance.
~ Commercial pressures- where companies have particular commercial pressures to enhance the
perception of the company there is increased risk of creative accounting. For example, a take-over bid,
or the raising of new finance.
Thus, a range of stakeholders may have incentives to engage in creative accounting. In particular, however,
an appropriate degree of professional scepticism should be applied where benefits arise for directors, as
they are also the group responsible for implementing creative accounting practices.
As a result, such covert practices are not readily identifiable by outside users, who are thus unable, in some
cases, to distinguish increases in reported earnings arising as a result of accounting manipulation, from those
arising from improvements in substantive underlying transactions. The potential consequences of covert
creative accounting (e.g. for share prices movements) are therefore likely to be more substantial than for
overt creative accounting.
6.6 Sustainability
Some creative accounting practices are sustainable in the long term while others may only serve to enhance
the current year's profit, but only with the effect that future profits are correspondingly reduced.
Sustainable practices may include:
~ Income smoothing- assuming it is smoothed at a normal level of profitability it may be sustained
indefinitely.
~ Off-balance-sheet financing
Unsustainable practices include:
~ Capitalisation of expenses -if, for instance, annual development costs are inappropriately
capitalised and amortised over ten years then, after that period, assuming constant expenditure, the
profit will be equivalent for either write off or amortisation policies (though not the statement of
financial position) as there will be I 0 amounts of I0% amortisation recognised in profit or loss.
~ Revenue recognition- bringing forward the recognition of revenues may initially enhance profit,
but at the cost of reducing future profits.
I38 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
© The Institute of Chartered Accountants in England and Wales, March 2009 139
Advanced Stage- Advanced Audit and Assurance
140 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
.,...,
7 Analytical procedures
© The Institute of Chartered Accountants in England and Wales, March 2009 141
Advanced Stage- Advanced Audit and Assurance
8 Materiality
Definition
Materiality: 'Information is material if its omission or misstatement could influence the economic decisions
of users taken on the basis of the financial statements. Materiality depends on the size of the item or error
judged in the particular circumstances of its omission or misstatement. Thus, materiality provides a
threshold or cut-off point rather than being a primary qualitative characteristic which information must have
if it is to be useful.' (BSA 320)
Materiality criteria
An item might be material due to its
Nature Given the definition of materiality that an item would affect the readers of the
financial statements, some items might by their nature affect readers. Examples
include transactions related to directors, such as remuneration or contracts with
the company.
Value Some items will be significant in the financial statements by virtue of their size, for
example, if the company had bought a piece of land with a value which comprised
three-quarters of the asset value of the company, that would be material. That is why
materiality is often expressed in terms of percentages (of assets, of profits).
Impact Some items may by chance have a significant impact on financial statements,
for example, a proposed journal which is not material in itself could convert a profit
into a loss. The difference between a small profit and a small loss could be material to
some readers.
Although there are general guidelines on how materiality might be calculated in practice, the calculation
involves the application of judgement. It should also be reassessed throughout the course of the audit as
more information becomes available.
142 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
Step 2
Steps I and 2 would normally be performed as part of the planning process. Step 3 is normally performed
as part of the review stage of the audit when the auditor evaluates the audit evidence.
Total revenue
Gross profit
Profit before tax 5.0%
Total assets 0.5%
Equity 1.0%
The resulting balance would then be adjusted for any relevant qualitative factors including:
~ Whether it is a first-year engagement
~ Weaknesses in controls
~ Material misstatements in prior years
~ Risk of fraud
~ Significant management turnover
~ Unusually high market pressures
~ Sensitivity of covenants in loan agreements to changes in the financial statements
~ Affect of changes in results to earnings trends.
© The Institute of Chartered Accountants in England and Wales, March 2009 143
Advanced Stage -Advanced Audit and Assurance
144 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
© The Institute of Chartered Accountants in England and Wales, March 2009 145
Advanced Stage - Advanced Audit and Assurance
(c) Materiality and audit risk. The link between materiality and audit risk is emphasised.
(d) Percentage benchmarks. The ED provides more guidance on the use of percentage benchmarks
for calculating materiality.
•••:;l,f}"lif,~~~~~~~~;r~r
As a result of the auditor's risk assessment and assessment of materiality an audit strategy will be
developed in response. BSA 330 makes the following points in this context which you should be familiar
with.
9 .I Overall responses
The auditor should determine overall responses to address the risks of material misstatement at the
financial statement level. This may include:
~ Emphasising to the audit team the need to maintain professional scepticism in gathering and
evaluating audit evidence
~ Assigning more experienced staff, those with special skills or using experts
~ Providing more supervision
~ Incorporating additional elements of unpredictability in the selection of further audit procedures
The auditor may also make general changes to the nature, timing or extent of audit procedures, for
example, by performing substantive procedures at the period end instead of at an interim date. These
decisions will take into account the auditor's assessment and understanding of the control environment.
146 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
~ The nature of the specific controls used by the entity and in particular whether they are manual or
automated
~ Whether the auditor expects to obtain audit evidence to determine if the entity's controls are
effective in preventing, or detecting and correcting, material misstatements.
The auditor will then determine the nature, timing and extent of further audit procedures. We will
look at this aspect of the audit in detail in Chapter 5.
9.4 Documentation
The BSA emphasises the need to document the link between the audit procedures and the assessed risks.
These matters should be recorded in accordance with BSA 230 Audit Documentation with which you should
be familiar from your earlier studies.
I0.1 Introduction
In this chapter we have looked in detail at the business risk model and the audit risk model. However there
are a number of other audit approaches which may be adopted.
© The Institute of Chartered Accountants in England and Wales, March 2009 147
Advanced Stage- Advanced Audit and Assurance
An auditor may choose predominantly to carry out substantive tests on the transactions and balances of the
business in the relevant period, but if internal control systems are particularly weak then no amount of
substantive testing may give adequate assurance (e.g. if point of sales controls over cash receipts are
inadequate, then substantive testing may never detect material understatement of revenues).
Two approaches to substantive testing are:
~ The transaction cycle approach
~ The balance sheet approach
~Take
omern~
Receive
payment Document
order
Make
order
148 © The Institute of Chartered Accountants in England and Wales, March 2009
PLANNING AND RISK ASSESSMENT
Purchases cycle
/ '"""'''"0~ .
Supplier will Purchasmg
extend credit in department
pl:~toffi
0
Send rnl" \
Rec/•lv•z eany on
production
\ Raise goods
Record and received note
account for invoice /
"
~partment
Accounts /
match
You should be aware of controls GRN to invoice
over accounting and recording
The auditor should be able to find an audit trail for each transaction, for example in the purchases cycle:
~ Requisition
~ Invoice
~ Order
~ Ledger and daybook entries
~ GRN
~ Payment in cashbook/cheque stub
The statement of financial position (balance sheet) shows a snapshot of the financial position of the business
at a point in time. It follows that if it is fairly stated and the previous snapshot was fairly stated then it is
reasonable to undertake lower level testing on the transactions which connect the two snapshots, for
example, analytical procedures.
Under this approach, therefore, the auditors seek to concentrate efforts on substantiating the closing
position in the year, shown in the statement of financial position, having determined that the closing position
from the previous year (also substantiated) has been correctly transferred to be the opening position in the
current year.
You should be aware of the financial statement assertions and the substantive tests in relation to the major
items on the statement of financial position from your previous studies. We will also review these in more
detail in Chapter 5.
© The Institute of Chartered Accountants in England and Wales, March 2009 149
Advanced Stage- Advanced Audit and Assurance
Summary
Financial. :rtsk ·. ·
·operating nsk ·
Compliance risk
Audit evidence
Introduction
Topic list
I Risk and assertions
2 Sufficient appropriate audit evidence
3 Sources of audit confidence
4 Audit procedures
5 Analytical procedures
6 Provisions and contingencies
7 Audit of accounting estimates
8 Related parties
9 Management representations
I0 Opening balances
II Service organisations
Appendix I
Appendix 2
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 179
AUDIT EVIDENCE
·Seci;iQn ovetview
.• •· Exidente is
"
obtafn~ io re~pe~;tof'~a,ch ;tSsertio~
' ~ ~' -
~~-
,~~~4 ~y th~ atiditor
' ', ' ' '/
1.1 Introduction
As we have seen audit work is about reducing risk- the risk that the financial statements will include
material misstatements. At the most basic level, the financial statements simply consist of information
about the:
~ Revenues
~ Costs
•
~
Assets
Liabilities and
~ Capital
of the entity. These items will have certain attributes if they are included correctly in the financial
statements. These attributes are referred to as financial statement assertions.
Definition
Financial statement assertions: are the representations of the directors that are embodied in the
financial statements. By approving the financial statements, the directors are making representations about
the information therein. These representations or assertions may be described in general terms in a
number of ways.
For example, if the statement of financial position includes a figure for freehold land and buildings the
directors are asserting that:
• The property concerned exists
~ It is either owned by the company outright or else the company has suitable rights over it
~ Its value is correctly calculated
~ There are no other items, of a similar nature, which ought to be included but which have been
omitted
• It is disclosed in the financial statements in a way which is not misleading and is in accordance with the
relevant 'reporting framework' e.g. international accounting standards
BSA 500 Audit Evidence states that 'the auditor should use assertions for classes of transactions, account
balances, and presentation and disclosures in sufficient detail to form the basis for the assessment of
risks of material misstatement and the design and performance of further audit procedures'. It gives
examples of assertions in these areas. Depending on the nature of the balance, certain assertions will be
more relevant than others.
Assertions about Occurrence: transactions and events that have been recorded have occurred and
classes of pertain to the entity.
transactions and Completeness: all transactions and events that should have been recorded have
events for the been recorded.
period under audit
Accuracy: amounts and other data relating to recorded transactions and events
have been recorded appropriately.
Cut-off: transactions and events have been recorded in the correct accounting
period.
Classification: transactions and events have been recorded in the proper accounts.
Assertions about Existence: assets, liabilities and equity interests exist.
account balances Rights and obligations: the entity holds or controls the rights to assets, and
at the period end liabilities are the obligations of the entity.
Completeness: all assets, liabilities and equity interests that should have been
recorded have been recorded.
Valuation and allocation: assets, liabilities, and equity interests are included in the
financial statements at appropriate amounts and any resulting valuation or allocation
adjustments are appropriately recorded.
Assertions about Occurrence and rights and obligations: disclosed events, transactions and other
presentation and matters have occurred and pertain to the entity.
disclosure Completeness: all disclosures that should have been included in the financial
statements have been included.
Classification and understandability: financial information is appropriately
presented and described, and disclosures are clearly expressed.
Accuracy and valuation: financial and other information are disclosed fairly and at
appropriate amounts.
1.2.1 A summary
We have seen that there are 13 assertions applying in different ways to different items in the financial
statements.
You can summarise them in the following four questions:
~ Should it be in the accounts at all?
~ Is it included at the right amount?
~ Are there any more?
~ Has it been properly disclosed and presented?
The following table shows how the assertions fit with these questions:
182 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
1
assets accounts at all?
Should it be in the
accounts at all1
Inventory
© The Institute of Chartered Accountants in England and Wales, March 2009 183
Advanced Stage -Advanced Audit and Assurance
(2) Wigwam Ltd has purchased goods worth CU750,000 from Teepee Ltd on an arm's length basis.
Wigwam owns 40% of the ordinary share capital in Teepee.
(3) Deakin Ltd issued I0,000 6% convertible bonds at par value of CUI 0 on I January 20X7. On this date
the market interest rate for similar debt without the option to convert was I0%. Each bond is
convertible into 4 ordinary shares on 31 December 20X9.
See Answer at the end of this chapter.
2.1 Importance
, __
BSA 500 states that the auditor should obtain sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base the audit opinion.
The importance of obtaining sufficient, appropriate audit evidence can be demonstrated in the Arthur
Andersen audit of Mattei Inc.
184 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
that the goods had been shipped. However, the auditors did not question the term 'bill and hold' even
though it was clearly stamped on the documents and did not appear to notice that the same individual had
signed as both representatives of Mattei Inc and the shipping company. A number of entries were
questioned and the audit senior who reviewed the working papers noted that additional explanations were
required but no further investigation actually took place.
Source: Principles of Auditing: An Introduction to International Standards on Auditing by Rick Hayes, Roger Dassen,
Arnold Schilder, Phillip Wallage Second Edition published by Pearson Education Umited 2005
'The auditor should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions
on which to base the audit opinion.' (BSA 500.2)
Discuss the extent to which each of the following sources of audit evidence is sufficient and appropriate.
(a) Oral representation by management in respect of the completeness of sales where the majority of
transactions are conducted on a cash basis
(b) Flowcharts of the accounting and control system prepared by a company's internal audit department
© The Institute of Chartered Accountants in England and Wales, March 2009 185
Advanced Stage -Advanced Audit and Assurance
2.3 Triangulation
Forming an audit opinion is a question of using professional judgement at all times and judgements have
to be made about the nature, the quality and the mix of evidence gathered. It is also essential that individual
items of evidence are not simply viewed in isolation but instead support other evidence and are supported
by other evidence. This approach views evidence from different sources as predominantly complementary,
rather than compensatory. This strategy of acquiring and evaluating complementary evidence from a
range of sources is referred to as triangulation in The 2/'1 Century Public Company Audit: Conceptual
Bements of KPMG's Global Audit Methodology. This approach is an application of the general principle that
evidence obtained from different sources, that presents a consistent picture, is mutually strengthening and
gives greater reliance than merely increasing the amount of evidence from a single source. The consequence
of over-reliance on one specific type and source of evidence can be seen in the case of the collapse of
Parmalat.
186 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
© The Institute of Chartered Accountants in England and Wales, March 2009 187
Advanced Stage- Advanced Audit and Assurance
assessment procedures may provide persuasive evidence on the operation of controls. For example,
management review of budgets and investigation of variances on a regular basis, is indicative that controls
over sales and pu[chases are operating effectively.
4 Audit procedures
The procedures used are selected according to the nature of the balance being audited and the assertion
being considered.
4.1.1 Inquiry
Definition
Inquiry: means gathering information from knowledgeable persons both within and external to the entity
being audited.
188 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
Examples
Inquiry includes obtaining responses to formal written questions through to asking informal questions in
relation to specific audit assertions. The response to inquiries provides the auditor with information that
was not previously possessed or may corroborate information obtained from other sources. The strength
of the evidence depends on the knowledge and integrity of the source. Where the result of inquiry is
different from other evidence obtained, then reasons for that difference must be sought and the
information reconciled.
Business focus
Common uses of inquiry are:
~ Management representations -where management have information not available from any other
source
~ Asking employees about the internal control systems and effectiveness of the controls they are
operating
Remember it is not normally sufficient to accept inquiry evidence by itself- some corroboration will be
sought. The USA court case of Escott et al. v Bar Chris Corporation ( 1968) ruled that the auditor was
negligent in not following up answers to management inquiries. The judge indicated that the auditor was too
easily satisfied with glib answers and that these should have been checked with additional investigation.
4.1.2 Observation
Definition
Observation: involves looking at a procedure or process being performed by others.
Examples
Observation is not normally a procedure to be relied on by itself. For example, the auditor may observe a
non-current asset, such as a motor vehicle. However, this will only proof the vehicle exists; other
assertions such as rights and obligations will rely on other evidence such as invoices and valuation possibly
on the use of specialist valuers or documentation.
Business focus
Observation is commonly used in the business processes of inventory management. After inventory has
been purchased, an organisation holds raw materials, work-in-progress and finished goods in its warehouses
and factories. Observation is used to determine that the inventory exists, it is valued correctly (looking for
old and slow moving inventory) and that inventory is complete in the organisation's books. Note the link to
audit assertions here.
Additionally, the auditor will be observing the internal control systems over inventory, particularly in
respect to perpetual inventory checking and any specific procedures for year-end inventory counting. You
should be familiar with the audit procedures in respect of attendance at an inventory count from your
assurance studies.
Observation may also be used in the human resource business process. The auditor will observe employees
operating specific controls with the internal control system to determine the effectiveness of application of
those controls, as well as the ability of the employee to operate the control. However, the act of observing
the employee limits the effectiveness of the evidence obtained; many employees will amend their work
practices when they identify the auditor observing them.
© The Institute of Chartered Accountants in England and Wales, March 2009 189
Advanced Stage -Advanced Audit and Assurance
4.1.3 Inspection
Definition
Inspection: means the examination of records, documents or tangible assets.
Examples
By carrying out inspection procedures, the auditor is substantiating information that is, or should be, in the
financial statements. For example, inspection of a bank statement confirms the bank balance for the bank
reconciliation which in turn confirms the cash book figure for the financial statements.
Business focus
Inspection assists with the audit of most business processes. For example:
~ Financing: inspection of loan agreements to confirm the term and repayment details (part of the
completeness of disclosure in the financial statements)
~ Purchasing: Inspection of purchase orders to ensure that the order is valid and belongs to the
company (occurrence assertion amongst others)
~ Human resources: Inspection of pay and overtime schedules as part of wages audit
~ Inventory management: Inspection of the work-in-progress ledger confirming cost allocation to specific
items of work-in-progress (valuation assertion)
~ Revenue: Inspection of sales invoices to ensure that the correct customer has been invoiced with the
correct amount of sales (completeness and accuracy assertions)
Inspection of assets that are recorded in the accounting records confirms existence, gives evidence of
valuation, but does not confirm rights and obligations
Confirmation that assets seen are recorded in accounting records gives evidence of completeness
Confirmation to documentation of items recorded in accounting records confirms that an asset exists or a
transaction occurred. Confirmation that items recorded in supporting documentation are recorded in
accounting records tests completeness
Cut-off can be verified by inspecting the reverse population, that is, checking transactions recorded after
the end of the reporting period to supporting documentation to confirm that they occurred after the end
of the reporting period
Inspection also provides evidence of valuation/measurement, rights and obligations and the nature of
items (presentation and disclosure). It can also be used to compare documents (and hence test
consistency of audit evidence) and confirm authorisation
4.1.4 Recalculation
Definition
Recalculation: means checking the arithmetical accuracy of source documents and accounting records.
Examples
Recalculation obviously relates to financial information. It is deemed to be a reliable source of audit
evidence because it is carried out by the auditor.
190 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
Business focus
Recalculation relates to most business processes. For example:
~ Financing: calculation of interest payments
~ Purchasing: accuracy of purchase orders and invoices
~ Inventory management: valuation of work-in-progress
~ Revenue: re-calculation of sales invoices
Recalculation is particularly effective when carried out using computer assisted audit techniques
(CAATs) as the computer can perform the whole of the inventory calculation (for example) in a short time
period.
4.1.5 Confirmation
Definition
Confirmation: is the response to an inquiry from a third party to corroborate information in the
accounting records of an audit client.
Examples
A typical example of confirmation evidence is obtaining a response from a debtors' circularisation (see
below for revision on this area). The evidence obtained is highly persuasive as it comes from an
independent external source.
© The Institute of Chartered Accountants in England and Wales, March 2009 I9I
Advanced Stage- Advanced Audit and Assurance
At Charge At
I january for 31 December
20X6 year Disposals 20X6
Depreciation cu cu cu cu
Freehold property 8,000 1,600 9,600
Plant and machinery 139,500 47,000 (3,000) 183,500
Motor vehicles 20,000 10,200 30,200
167,500 58,800 (3,000) 223,300
Requirements
(a) Explain the factors that should be considered in determining an approach to the audit of property,
plant and equipment of Xantippe Ltd.
(b) State the procedures you would perform in order to reach a conclusion on property, plant and
equipment in the financial statements of Xantippe Ltd for the year ended 31 December 20X6
See Answer at the end of this chapter.
192 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
If an impairment review has been carried out, then the auditors should audit that impairment review.
Management will have estimated whether the recoverable amount of the asset/cash generating unit is lower
than the carrying amount.
For auditors, the key issue is that recoverable amount requires estimation. As estimation is
subjective, this makes it a risky area for auditors.
Management have to determine if recoverable amount is higher than carrying amount. It may not have been
necessary for them to estimate both fair value and value in use, because if one is higher than carrying
amount, then the asset is not impaired. If it is not possible to make a reliable estimate of net realisable
value, then it is necessary to calculate value in use. Net realisable value is only calculable if there is a
active market for the goods, and would therefore be audited in the same way as fair value (the audit of
fair values is dealt with in detail in Chapter 12). Costs to sell such as taxes can be recalculated by applying
the appropriate tax rate to the fair value itself. Delivery costs can be verified by comparing costs to
published rates by delivery companies, for example, on the internet.
If management have calculated the value in use of an asset or cash-generating unit, then the auditors will
have to audit that calculation. The following procedures will be relevant.
Value in use
~ Obtain management's calculation of value in use
; Reperform calculation to ensure that it is mathematically correct
Compare the cash flow projects to recent budgets and projections approved by the board to ensure
that they are realistic
~ Calculate/obtain from analysts the long term average growth rate for the products and ensure that the
growth rates assumed in the calculation of value in use do not exceed it
~ Refer to competitors' published information to compare how much similar assets are valued at by
companies trading in similar conditions
~ Compare to previous calculations of value in use to ensure that all relevant costs of maintaining the
asset have been included
~ Ensure that the cost/income from disposal of the asset at the end of its life has been included
~ Review calculation to ensure cash flows from financing activities and income tax have been excluded
~ Compare discount rate used to published market rates to ensure that it correctly reflects the return
expected by the market
If the asset is impaired and has been written down to recoverable amount, the auditors should review the
financial statements to ensure that the write down has been carried out correctly and that the BAS 36
disclosures have been made correctly.
Held for sale assets
BFRS 5 Non-current Assets Held for Sale and Discontinued Operations requires that assets which meet the
criteria 'held for sale' are shown at the lower of carrying amount and fair value less costs to sell,
and that held for sale assets are classified separately on the statement of financial position and the results
of discontinued operations are presented separately on the statement of comprehensive income.
The criteria for held for sale assets are:
(a) The asset must be available for immediate sale in the present condition
(b) The sale must be highly probable. This is indicated by:
(i) Management being committed to a plan to sell the asset
(ii) An active programme to locate a buyer initiated
(iii) Sale price reasonable in comparison with current fair value
(iv) Expectation that sale will be completed within a year
© The Institute of Chartered Accountants in England and Wales, March 2009 193
Advanced Stage- Advanced Audit and Assurance
194 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
Completeness
~ Prepare analysis of movements on cost and amortisation accounts
Rights and obligations
~ Obtain confirmation of all patents and trademarks held by a patent agent
~ Verify payment of annual renewal fees
Valuation
~ Review specialist valuations of intangible assets, considering:
Qualifications of valuer
Scope of work
Assumptions and methods used
~ Confirm carried down balances represent continuing value, which are proper charges to future
operations
Additions (rights and obligations, valuation and completeness)
~ Inspect purchase agreements, assignments and supporting documentation for intangible assets acquired
in period
~ Confirm purchases have been authorised
\ .. ~ Verify amounts capitalised of patents developed by the company with supporting costing records
Amortisation
~ Review amortisation
Check computation
Confirm that rates used are reasonable
Income from intangibles
~ Review sales returns and statistics to verify the reasonableness of income derived from patents,
trademarks, licences etc
~ '
Examine audited accounts of third party sales covered by a patent, licence or trademark owned by
the company
5 Analytical procedures
ri~:~,l~1t~~t~"';i1;''~~~~~;1f2:
·.,-- , · : . ·~ •. - . :·~il~r~i~~~ pr?c¢<f~i-~~;:~ay .
"''"' ' ,~, :','1~/:>::,·· :,~~-~·,7:
Nevertheless, some tests of detail are required in areas where significant risks have been identified at the
planning stage.
Important
accounting ratios
Gross profit margins, in total and by product, area and months/quarter (if
possible)
I
Receivables ratio (average collection period)
I
Inventory turnover ratio (inventory divided into cost of sales)
Current ratio (current assets to current liabilities)
Quick or acid test ratio (liquid assets to current liabilities) I
Gearing ratio (debt capital to equity capital) 1
I
Return on capital employed (profit before tax to total assets less current jl
I liabilities)
~--------------------~-------------------------------------------------------~
I Related items Payables and purchases /
Inventory and cost of sales
Non current assets and depreciation, repairs and maintenance expense
Intangible assets and amortisation
Loans and interest expense
Investments and investment income
Receivables and bad debt expense
Receivables and sales
I
Ratios mean very little when used in isolation. They should be calculated for previous periods and for
comparable companies. The permanent file should contain a section with summarised accounts and the
chosen ratios for prior years.
In addition to looking at the more usual ratios the auditors should consider examining other ratios that
may be relevant to the particular client's business, such as revenue per passenger mile for an airline
operator client, or fees per partner for a professional office.
196 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
Example
Sales
Months
Line (I) in the diagram shows the actual sales made by a business. There is a clear seasonal fluctuation
before Christmas. Line (2) shows a level of sales with 'expected seasonal fluctuations' having been stripped
out.
© The Institute of Chartered Accountants in England and Wales, March 2009 197
Advanced Stage- Advanced Audit and Assurance
In this analysis the seasonal fluctuations have been estimated. This analysis is useful however, because the
estimate is likely to be based on past performance, so that the conclusion from this is that there might be a
problem:
~ Sales are below the levels of previous years
~ Sales are below expectation
5.3.1 Technique
Although we are specifically considering analytical procedures as risk assessment procedures the basic
techniques adopted throughout the audit are very similar. The key stages in the process are as follows:
~ Interpretation
~ Investigation
~ Corroboration
When potential problem areas have been identified one of the key questions to ask is 'why'?
The statement of comprehensive income
To apply this in more detail think about the client's statement of comprehensive income.
The key question must be:
Why did the client make more (or less) money this year?
Profit before tax
Overheads
~ Changes in revenue;
~ Changes in margins;
~ Changes in overheads.
198 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
200 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
The plausibility and predictability The strong relationship between certain selling expenses and
of the relationships identified for revenue in many businesses where the sales force is paid by
comparison and evaluation commission
The objectives of the analytical Where there are common relationships between items such
procedures and the extent to which as gross profit and revenue, where there are constant or
their results are reliable known profit margins and limited changes in the mix of goods
sold.
One-off large transactions may be less appropriate to
analytical procedures than large numbers of small, similar
transactions
The detail to which information can Analytical procedures may be more effective when applied to
be analysed financial information or individual sections of an operation
such as individual factories or shops
The availability of information Financial: budgets or forecasts
Non-financial: e.g. the number of units produced or sold
The relevance of the information Whether the budgets are established as results to be
available expected rather than as tough targets {which may well not be
achieved}
The comparability of the Comparisons with average performance in an industry may
information available be of little value if a large number of companies differ
significantly from the average
The knowledge gained during The effectiveness of the accounting and internal controls
previous audits
The types of problems giving rise to accounting adjustments
in prior periods
Factors which should also be considered when determining the reliance that the auditors should place on
the results of substantive analytical procedures are:
Other audit procedures directed Other procedures auditors undertake in reviewing the
towards the same financial statements collectability of receivables, such as the review of subsequent
assertions cash receipts, may confirm or dispel questions arising from
the application of analytical procedures to a profit of
customers' accounts which lists for how long monies have
been owed
The accuracy with which the Auditors normally expect greater consistency in comparing
expected results of analytical the relationship of gross profit to sales from one period to
procedures can be predicted another than in comparing expenditure which may or may
not be made within a period, such as research or advertising
The frequency with which a A pattern repeated monthly as opposed to annually
relationship is observed
Reliance on the results of analytical procedures depends on the auditor's assessment of the risk that the
procedures may identify relationships (between data) do exist, whereas a material misstatement exists (that
is, the relationships, in fact, do not exist). It depends also on the results of investigations that auditors have
made if substantive analytical procedures have highlighted significant fluctuations or unexpected
relationships.
202 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
© The Institute of Chartered Accountants in England and Wales, March 2009 203
Advanced Stage- Advanced Audit and Assurance
Revenue CU2.0m
Purchases CUI.2m
Cost of sales CUI.5m
cu
Non-current assets 550,000
Inventory 300,000
Receivables 150,000
Cash 100,000
Payables (100,000)
1,000,000
cu
Ordinary shares of 25p each 250,000
Reserves 350,000
7% preference shares of CUI each 250,000
15% unsecured loan stock 150,000
Payables 1,000,000
The ordinary shares are currently quoted at 125p each, the loan stock is trading at CUSS per CUI 00
nominal, and the preference shares at 65p each.
Requirement
Advise the company.
204 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
~ Determine for each material provision whether it is probable that a transfer of economic
benefits will be required to settle the obligation by:
Checking whether any payments have been made after the end of the reporting period in
respect of the item
Review of correspondence with solicitors, banks, customers, insurance company and suppliers
both pre and post year end
Sending a letter to the solicitor to obtain their views (where relevant)
Discussing the position of similar past provisions with the directors. Were these provisions
eventually settled1
Considering the likelihood of reimbursement
~ Recalculate all provisions made
~ Compare the amount provided with any post year end payments and with any amount paid in the
past for similar items
~ In the event that it is not possible to estimate the amount of the provision, check that this
contingent liability is disclosed in the accounts
~ Consider the nature of the client's business. Would you expect to see any other provisions, for
example, warranties1
Consider whether disclosures of provisions, contingent liabilities and contingent assets are
correct and sufficient
© The Institute of Chartered Accountants in England and Wales, March 2009 205
Advanced Stage- Advanced Audit and Assurance
Requirements
(a) State how contingent liabilities should be disclosed in financial statements according to BAS 37
Provisions, Contingent Uabilities and Contingent Assets.
(b) Describe the audit work you will carry out to determine whether the company will have to pay
damages to the director for unfair dismissal, and the amount of damages and costs which should be
included in the financial statements.
Note. Assume the amounts you are auditing are material.
206 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
BSA 540 Audit of Accounting Estimates provides guidance on the audit of accounting estimates contained in
financial statements and requires auditors to obtain sufficient, appropriate audit evidence regarding
accounting estimates.
Definition
An accounting estimate: is an approximation of the amount of an item in the absence of a precise means
of measurement.
If there is no objective data to assess the item, or if it is surrounded by uncertainty, the auditors should
consider the implications for their report.
7 .I Audit procedures
Auditors should gain an understanding of the procedures and methods used by management to make
accounting estimates to gain evidence of whether estimates are reasonable given the circumstances and
appropriately disclosed if necessary. It will also aid the auditors' planning of their own procedures.
© The Institute of Chartered Accountants in England and Wales, March 2009 207
Advanced Stage- Advanced Audit and Assurance
This BSA says that the auditor should adopt one or a combination of the following approaches in the audit
of an accounting estimate:
(a) Review and test the process used by management or the directors to develop the estimate
(b) Use an independent estimate for comparison with that prepared by management or the
directors or
(c) Review subsequent events which confirm the estimate made
208 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
Definition
Construction contract: A contract specifically negotiated for the construction of an asset or a
combination of assets that are closely interrelated or interdependent in terms of their design, technology
and function or their ultimate purpose or use.
© The Institute of Chartered Accountants in England and Wales, March 2009 209
Advanced Stage- Advanced Audit and Assurance
At the end of 20X6 the contract was assessed as being 30% complete and at the end of 20X7 60%
complete. Draft financial statements show that the following amounts have been recognised:
lOX? 20X6
cuooo cuooo
Revenue 192 192
Profit 42 51
Requirement
For the year ended 31 December 20X7:
(I) Identify the audit issues you would need to consider
(2) List the audit procedures you would perform
~ The auditor shall obtain an understanding of the following as part of the process of understanding the
business:
The means by which the management identifies transactions, events and conditions that may give
rise to the accounting estimates.
~ The auditor should evaluate the degree of estimation uncertainty associated with the accounting
estimate and assess whether this gives rise to significant risks.
~ Based on the assessed risks the auditor will determine whether the financial reporting framework has
been properly applied and whether methods for making estimates are appropriate and have been
applied consistently.
Determine whether events occurring up to the date of the audit report provide evidence
regarding the accounting estimate
Test the operating effectiveness of controls together with appropriate substantive procedures
~ For accounting estimates which give rise to significant risks the auditor should also evaluate the
following:
Management intent to carry out specific courses of action and its ability to do so, where these
affect the accounting estimate
~ Written representations will be obtained from management as to whether management believes that
significant assumptions used in making accounting estimates are reasonable.
8 Related parties
8.1 Introduction
The need for enhanced reporting on related party transactions was highlighted by many DTI investigations
into company failures. Transactions with related parties may have been concealed from auditors or
inaccurate information given. Hence the financial statements and audit report may have failed to disclose
relevant information. Thus, in line with the continued importance of reporting all information to
stakeholders, BAS 24 Related Pany Disclosures and BSA 550 Related Parties were developed.
8.3.2 Responsibilities
Management is responsible for the identification of related parties and the disclosure of transactions with
such parties. Management should set up appropriate internal controls to ensure that related parties are
identified and disclosed along with any related party transactions.
The auditor needs to obtain appropriate audit evidence regarding the assertions by management in respect
of related parties. This involves an understanding of the entity and its environment to identify events,
transactions and practices with respect to related parties.
8.3.3 Risks
' ---
The following audit risks may arise from a failure to discover a related party.
~ Failure to comply with BAS 24
~ There may be a misstatement in the financial statements - transactions may be on a non-arm's length
basis and thus may result in assets, liabilities, profit or loss being overstated or understated.
~ The reliance on a source of audit evidence may be misjudged. An auditor may rely on what is
perceived to be third party evidence when in fact it is from a related party. More generally, reliance on
management assurances may be affected if the auditor were made aware of non-disclosure of a related
party.
~ The motivations of related parties may be outside normal business motivations and thus may be
misunderstood by the auditor if there is non-disclosure. In the extreme this may amount to fraud.
The risk of failure to detect a related party transaction (RPT) may depend upon the following.
~ Whether there has been no charge made for a RPT (i.e. a zero cost transaction)
~ Where disclosure would be sensitive for directors or have adverse consequences for the company
~ Where the company has no systematic system for detecting RPTs
~ Where RPTs are not with a party that the auditor could reasonably expect to know is a related party
RPTs from an earlier period have remained as an unsettled balance
~ Management have concealed, or failed to disclose fully, related parties or transactions with such
parties
this is complete. The whole audit team should be aware of the list. For example, an entry in the cash-book
may give an indication of a related party, so it needs to be picked up by the person auditing cash and bank.
Where related party transactions are discovered then the auditor should check that the appropriate
disclosures are made in the financial statements. Any disclosures should include information that is needed
for a proper understanding of the transaction and this would include whether the transaction was or was
not at a market rate.
The review stage
Written representations should always be requested from directors. The auditor should consider the
completeness of these representations having reviewed the accounting records, together with other audit
evidence available, in order to reach a conclusion on the adequacy of related party disclosures.
The following diagram provides a summary of some key audit considerations and procedures with respect
to related parties:
I
-------- ------ I
Related parties
I Steps
1 1
Practical procedures
I
Plan/perform audit to obtain
l
To identify material RPTs review
sufficient evidence re disclosure minutes, accounting records (esp
of RPTs large/unusual transactions near
year end), bank/loan
Assess risk, that undisclosed
confirmations, investment
RPTs may exist
transactions
Review info re material RPTs
Substantive procedures to
from directors for completeness
identify RPs
Be alert for evidence of other
- Ask management whether
RPTs
could be undisclosed RPTs
Obtain sufficient appropriate
- Review previous year work
evidence that
papers for known RPs
- RPTs are properly recorded
Review shareholder records
and disclosed in financial
statements Enquire of other/previous
auditors
Disclosure re control are
properly stated Review invoices and
correspondence from
Obtain directors'
solicitors
representations
Features of transactions which
Consider implications for report
may indicate previously
where
unidentified RPs
insufficient evidence
Abnormal terms of trade
inadequate disclosure
No logical business reason
Substance over form
Non-routine
approval/processing
Unusual transactions
Point to note
The law regarding transactions with directors was covered in Chapter I of this Study Manual.
~ Clearer distinction between the work performed by the auditor to identify the risks of material
misstatement from related party transactions and the procedures taken to address those risks
~ It provides a definition of a related party which is to be used as a minimum level for audit purposes
where the applicable financial reporting framework establishes minimal or no related party
requirements
Definition
Related party: A party that is either:
(a) A related party as defined in the applicable financial reporting framework; or
(b) Where the applicable financial reporting framework establishes minimal or no related party
requirements:
(i) A person or other entity that has control or significant influence, directly or indirectly through
one or more intermediaries, over the reporting entity
(ii) Another entity over which the reporting entity has control or significant influence, directly or
indirectly through one or more intermediaries; or
(iii) Another entity that is under common control with the reporting entity through having:
~ Common controlling ownership;
~ Owners who are close family members; or
~ Common key management.
However, entities that are under common control by a state (i.e. a national, regional or local
government) are not considered related unless they engage in significant transactions or share
resources to a significant extent with one another.
© The Institute of Chartered Accountants in England and Wales, March 2009 2I5
Advanced Stage - Advanced Audit and Assurance
9 Management representations
9 .I Representations
The auditors receive many representations during the audit, both unsolicited and in response to specific
questions. Some of these representations may be critical to obtaining sufficient appropriate audit evidence.
Representations may also be required for general matters, e.g. full availability of accounting records.
BSA 580 Management Representations covers this area.
The auditor should obtain appropriate representations from management. Written confirmation of
appropriate representations from management, should be obtained before the audit report is issued.
Definition
Management: comprises officers and those who also perform senior managerial functions.
216 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
The auditor should obtain written representations from management on matters material to the
financial statements when other sufficient appropriate audit evidence cannot be reasonably
expected to exist.
Written confirmation of oral representations avoids confusion and disagreement. Such matters should
be discussed with those responsible for giving the written confirmation, to ensure that they understand
what they are confirming. Written confirmations are normally required of appropriately senior
management. Only matters which are material to the financial statements should be included.
When the auditors receive such representations they should:
~ Seek corroborative audit evidence from sources inside or outside the entity
~ Evaluate whether the representations made by management appear reasonable and are consistent
with other audit evidence obtained, including other representations
~ Consider whether the individuals making the representations can be expected to be well-
informed on the particular matters
The BSA then makes a very important point.
'Representations by management cannot be a substitute for other audit evidence. If the auditor
is unable to obtain sufficient appropriate audit evidence regarding a matter which has, or may have, a
material effect on the financial statements and such audit evidence is expected to be available, this will
constitute a limitation in the scope of the audit, even if a representation from management has been
received on the matter.'
There are instances where management representations may be the only audit evidence available.
~ Knowledge of the facts is confined to management, for example, the facts are a matter of
management intention.
~ The matter is principally one of judgement or opinion, for example, the trading position of a
particular customer.
There may be occasions when the representations received do not agree with other audit evidence obtained.
If a representation by management is contradicted by other audit evidence, the auditor should investigate
the circumstances and, when necessary, consider whether it casts doubt on the reliability of other
representations made by management.
Investigations of such situations will normally begin with further enquires of management; the
representations may have been misunderstood or, alternatively, the other evidence misinterpreted. If
explanations are insufficient or unforthcoming, then further audit procedures may be required.
218 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
I 0 Opening balances
© The Institute of Chartered Accountants in England and Wales, March 2009 219
Advanced Stage - Advanced Audit and Assurance
(c) appropriate accounting policies are consistently applied or changes in accounting policies have
been properly accounted for and adequately disclosed.
In addition, the auditor should carry out the above on continuing engagements. Appropriate and sufficient
audit evidence is required on opening balances and this depends on matters such as the following.
~ The accounting policies followed by the entity
~ Whether the prior period's financial statements were audited and, if so, whether the auditors'
report was modified
~ The nature of the accounts and the risk of their misstatement in the current period's financial
statements
~ The materiality of the opening balances relative to the current period's financial statements
The auditor must consider whether opening balances reflect the application of appropriate
accounting policies and that those policies are consistently applied in the current period's financial
statements. When there are any changes in the accounting policies or application thereof, the auditor
should consider whether they are appropriate and properly accounted for and adequately disclosed.
220 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT EVIDENCE
For non-current assets and liabilities, the audit will ordinarily examine the records underlying the
opening balances. In certain cases, the auditor may be able to obtain confirmation of opening balances with
third parties, for example, for long-term debt and investments. In other cases, the auditor may need to
carry out additional audit procedures.
II Service organisations
Definition
A service organisation is an organisation that provides services to another organisation.
BSA 402 Audit Considerations Relating to Entities Using Service Organisations provides guidance to auditors
whose client uses such an organisation. It describes the auditor reports from the service organisation's
auditors which the client's auditors may obtain. It states that 'the auditor should consider how an entity's
© The Institute of Chartered Accountants in England and Wales, March 2009 221
Advanced Stage - Advanced Audit and Assurance
use of a service organisation affects the entity's internal control so as to assess the risk of material
misstatement and to design and perform further audit procedures.'
A client may use a service organisation such as one that executes transactions and maintains related
accountability or records transactions and processes related data (e.g. a computer systems service
organisation).
222 © The Institute of Chartered Accountants in England and Wales, March 2009
~UDIT EVIDENCE
© The Institute of Chartered Accountants in England and Wales, March 2009 223
Advanced Stage- Advanced Audit and Assurance
224 © The Institute of Chartered Accountants in England and Wales, March 2009
chapter 6
•
Audit completion rev1ew
and reporting
Introduction
Topic list
I Review and audit completion
2 Subsequent events
3 Going concern
4 Comparatives
5 Internal reporting
6 External reporting- the audit report
7 Other reporting responsibilities
Appendix
Summary and Self-test
Technical reference
Answers to Self-test
Answers to Interactive questions
© The Institute of Chartered Accountants in England and Wales, March 2009 269
AUDIT COMPLETION- REVIEW AND REPORTING
1.1 Introduction
Auditing initially may be carried out in components, with opinions being formed on elements of the financial
statements in isolation. However, it is essential that auditors step back from the detail and assess the
financial statements as a whole, based on knowledge accumulated during the audit process. In particular the
following procedures will need to be performed at the review and completion stage of the audit
~ Consider governance issues
~ Review the financial statements
~ Perform completion procedures
~ Report to the board
~ Prepare the audit report
Review and reporting issues have been covered in the Assurance and Audit and Assurance Study Manuals at
the Professional level. Therefore you should be familiar with the following BSAs which are relevant to this
stage of the audit:
BSA 260 Communication of Audit Matters with Those Charged with Governance
BSA 520 Analytical Procedures
BSA 560 Subsequent E.vents
BSA 570 Going Concern
BSA 700 The Auditor's Report on Financial Statements
BSA 71 0 Comparatives
BSA 720 Other Information in Documents Containing Audited Financial Statements
In the remainder of this chapter we will look at a number of key aspects of these BSAs in more detail. A
summary is also provided in the technical reference at the end of the chapter.
© The Institute of Chartered Accountants in England and Wales, March 2009 271
Advanced Stage - Advanced Audit and Assurance
In addition under Sarbanes-Oxley a concurring or second partner review should be performed by another
partner not associated with the audit or by an independent reviewer (see Chapter 3 for more details of the
Sarbanes-Oxley Act).
272 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION- REVIEW AND REPORTING
(c) Whether analytical procedures applied when completing the audit, such as comparing the information
in the financial statements with other pertinent data, produce results which assist in arriving at the
overall conclusion as to whether the financial statements as a whole are consistent with their
knowledge of the entity's business.
(d) Whether the presentation adopted in the financial statements may have been unduly influenced by
the directors' desire to present matters in a favourable or unfavourable light.
(e) The potential impact on the financial statements of the aggregate of uncorrected misstatements
(including those arising from bias in making accounting estimates) identified during the course of the
audit.
© The Institute of Chartered Accountants in England and Wales, March 2009 273
Advanced Stage - Advanced Audit and Assurance
The summary of errors will not only list errors from the current year (adjustments (c) and (e)), but also
those in the previous year(s). This will allow errors to be highlighted which are reversals of errors in the
previous year. For example in this instance last year's closing inventory was undervalued by CU21,540
(adjustment (b)). Inventory in the prior year statement of financial position should be increased (DR) and
profits increased (CR). At the start of the current accounting period the closing inventory adjustment is
reversed out so that the net effect on the cumulative position is zero. This also applies to the adjustment to
last year's accrued expenses (adjustment (d)).Cumulative errors may also be shown, which have increased
from year to year for example adjustments (a) and (f). It is normal to show both the statement of financial
position and the income statement effect, as in the example given here. This may also be extended to the
entire statement of comprehensive income.
If the aggregate of the uncorrected misstatements that the auditors have identified approaches the
materiality level, the auditors should consider whether it is likely that undetected misstatements, when
taken with aggregated uncorrected misstatements, could exceed the materiality level. Thus, as aggregate
uncorrected misstatements approach the materiality level the auditors should consider reducing the risk by:
~ Performing additional audit procedures or
~ By requesting management to adjust the financial statements for identified misstatements
The schedule will be used by the audit manager and partner to decide whether the client should be
requested to make adjustments to the financial statements to correct the errors.
2 Subsequent events
© The Institute of Chartered Accountants in England and Wales, March 2009 275
Advanced Stage- Advanced Audit and Assurance
Reviews and updates of these procedures may be required, depending on the length of the time between
the procedures and the signing of the auditor's report and the susceptibility of the items to change over
time.
When the auditor becomes aware of events which materially affect the financial statements, the auditor
should consider whether such events are properly accounted for and adequately disclosed in the
financial statements.
2.3 Facts discovered after the date of the auditor's report but before
the financial statements are issued
The financial statements are the management's responsibility. They should therefore inform the
auditors of any material subsequent events between the date of the auditor's report and the date
the financial statements are issued. The auditors do not have any obligation to perform procedures,
or make enquires regarding the financial statements after the date of their report.
When, after the date of the auditor's report but before the financial statements are issued, the auditor
becomes aware of a fact which may materially affect the financial statements, the auditor should:
~ Consider whether the financial statements need amendment
~ Discuss the matter with the management
~ Take action appropriate in the circumstances.
When the financial statements are amended, the auditors should:
~ Extend the procedures discussed above to the date of their new report
~ Carry out any other appropriate procedures
~ Issue a new audit report dated the day it is signed.
The situation may arise where the statements are not amended but the auditors feel that they should be.
If the auditor's report has not been released to the entity, the auditor should express a qualified
opinion or an adverse opinion.
If the auditor's report has already been issued to the entity then the auditor should notify those who '-..-
are ultimately responsible for the entity (the management or possibly a holding company in a group), not to
issue the financial statements or auditor's reports to third parties. If they have already been so issued, the
auditor must take steps to prevent the reliance on the auditor's report. The action taken will depend
on the auditor's legal rights and obligations and the advice of the auditor's lawyer.
2.4 Facts discovered after the financial statements have been issued
Auditors have no obligations to perform procedures or make enquiries regarding the financial statements
after they have been issued. In Bangladesh, this includes the period up until the financial statements are
laid before members at the AGM.
When, after the financial statements have been issued, the auditor becomes aware of a fact which existed at
the date of the auditor's report and which, if known at that date, may have caused the auditor to modify the
auditor's report, the auditor should consider whether the financial statements need revision, should discuss
the matter with management, and should take the action as appropriate in the circumstances.
The BSA gives the appropriate procedures which the auditors should undertake when management revises
the financial statements.
(a) Carry out the audit procedures necessary in the circumstances
(b) Review the steps taken by management to ensure that anyone in receipt of the previously issued
financial statements together with the auditor's report thereon is informed of the situation
(c) Issue a new report on the revised financial statements
The new auditor's report should include an emphasis of a matter paragraph referring to a note to the
financial statements that more extensively discusses the reason for the revision of the previously issued
financial statements and to the earlier report issued by the auditor.
In our opinion, the revised financial statements give a true and fair view (or 'present fairly, in all material
respects'), as at the date the original financial statements were approved, of the financial position of the
company as of December 31, 20X I , and of the results of its operations and its cash flows for the year then
ended in accordance with [relevant national legislation].
In our opinion the original financial statements for the year to December 31, 20X I, failed to comply with
[relevant national standards or legislation].
Date AUDITOR
Address
Where local regulations allow the auditor to restrict the audit procedures on the financial statements to
the effects of the subsequent event which caused the revision, the new auditor's report should contain a
statement to that effect.
Where the management does not revise the financial statements but the auditors feel they should be
revised, or if the management does not intend to take steps to ensure anyone in receipt of the previously
issued financial statements is informed of the situation, then the auditors should consider steps to take, on a
timely basis, to prevent reliance on their report. The actions taken will depend on the auditor's legal rights
and obligations (for example, to contact the shareholders directly) and legal advice received.
© The Institute of Chartered Accountants in England and Wales, March 2009 277
Advanced Stage- Advanced Audit and Assurance
3 Going concern
278 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION -REVIEW AND REPORTING
~ Inability to obtain financing for essential new product development or other essential investments
~ Substantial sales of non-current assets not intended to be replaced
(b) Operating indications
Loss of key management without replacement
~ Loss of key staff without replacement
~ Loss of a major market, franchises, license, or principal supplier
Labour difficulties or shortages of important supplies
~ Fundamental changes in the market or technology to which the entity is unable to adapt
adequately
~ Excessive dependence on a few product lines where the market is depressed
~ Technical developments which render a key product obsolete
(c) Other indications
~ Non-compliance with capital or other statutory requirements
~ Pending legal proceedings against the entity that may, if successful, result in judgements that could
not be met
~ Changes in legislation or government policy
~ Issues which involve a range of possible outcomes so wide that an unfavourable result could
affect the appropriateness of the going concern basis
The significance of such indications can often be mitigated by other factors.
(a) The effect of an entity being unable to make its normal debt repayments may be counterbalanced by
management's plans to maintain adequate cash flows by alternative means, such as by disposal of
assets, rescheduling of loan repayments, or obtaining additional capital.
(b) The loss of a principal supplier may be mitigated by the availability of a suitable alternative source of
supply.
© The Institute of Chartered Accountants in England and Wales, March 2009 279
Advanced Stage - Advanced Audit and Assurance
~ Confirmation in the form of management representations would be sought as to the going concern
status of the company. The directors' plans for resolving any matters giving rise to the going concern
issue would be discussed and analysed
~ Budget or forecast information would be obtained and tested for reasonableness of assumptions and
accuracy of calculations
~ Further calculations would be undertaken on the sensitivity of the budget/forecast information
Alternatively, a business risk audit approach could be adopted. In approaching business and financial
risks emphasis is placed on understanding the going concern risk to which the entity is subject to in its
environment, operation and control processes. We have considered the business risk audit approach in
detail in Chapter 4 of this text.
(Going concern is also relevant in the context of insolvency which is covered in Chapter 15 of this text.)
280 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION -REVIEW AND REPORTING
~ The auditor should evaluate management's assessment of the entity's ability to continue as a going
concern. The auditors should consider:
The process management used
The assumptions on which management's assessment is based
Management's plans for future action
~ If management's assessment covers a period of less than twelve months from the end of the
reporting period, the auditor should ask management to extend its assessment period to twelve
months from the end of the reporting period.
~ The auditor will examine the borrowing facilities available to the company. They will confirm the
existence and terms of bank facilities and make an assessment of the bankers' intentions towards the
company.
~ Management should not need to make a detailed assessment, and auditors carry out detailed
procedures, if the entity has a history of profitable operations and ready access to financial
resources.
~ The auditor should inquire of management as to its knowledge of events or conditions and related
business risks beyond the period of assessment used by management that may cast significant doubt on
the entity's ability to continue as a going concern.
Additional audit procedures
When events or conditions have been identified which may cast significant doubt on the entity's ability
to continue as a going concern, the auditor should:
Review management's plans for future actions based on its going concern assessment;
Gather sufficient appropriate audit evidence to confirm or dispel whether or not a material
uncertainty exists through carrying out procedures considered necessary, including considering
the effects of any plans of management and other mitigating factors; and
Seek written representations from management regarding its plans for future action.
~ When questions arise on the appropriateness of the going concern assumption, some of the normal
audit procedures carried out by the auditors may take on an additional significance. Auditors may
also have to carry out additional procedures or to update information obtained earlier. The BSA
lists various procedures which the auditors should carry out in this context.
Analyse and discuss cash flow, profit and other relevant forecasts with management
Analyse and discuss the entity's latest available interim financial statements
Review the terms of debentures and loan agreements and determine whether they have
been breached
Read minutes of the meetings of shareholders, the board of directors and important
committees for reference to financing difficulties
Enquire of the entity's lawyer regarding litigation and claims
Confirm the existence, legality and enforceability of arrangements to provide or maintain
financial support with related and third parties
Assess the financial ability of such parties to provide additional funds
Consider the entity's position concerning unfulfilled customer orders
Review events after the period end for items affecting the entity's ability to continue as a
going concern
~ Based on the audit evidence obtained, the auditor should determine if, in the auditor's judgement, a
material uncertainty exists related to events or conditions that alone or in aggregate, may cast
significant doubt on the entity's ability to continue as a going concern. The auditor should document
the extent of the auditor's concern (if any) about the entity's ability to continue as a going concern.
Auditor's report
._ If adequate disclosure is made in the financial statements, the auditor should express an unqualified
opinion but modify the auditor's report by adding an emphasis of a matter paragraph that highlights the
existence of a material uncertainty relating to an event or condition that may cast significant doubt on
the entity's ability to continue as a going concern and draws attention to the note in the financial
statements that discloses the matters.
._ The auditors may express a disclaimer of opinion if for example there are multiple material
uncertainties .
._ If adequate disclosure is not made in the financial statements, the auditor should express a qualified or
adverse opinion, as appropriate. The report should include explicit reference to the fact that there is a
material uncertainty which may cast significant doubt about the company's ability to continue as a
going concern .
._ If management is unwilling to make or extend its assessment when requested to do so by the auditor,
the auditor should consider the need to modify the auditor's report as a result of the limitation on the
scope of the auditor's work.
You have been informed by the managing director that the fall in revenue is due to:
(I) The loss, in july, of a long-standing customer to a competitor, and
(2) A decline in trade in the repair of commercial vehicles.
282 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION - REVIEW AND REPORTING
Due to the reduction in the repairs business, the company has decided to close the workshop and sell the
equipment and spares inventory. No entries resulting from this decision are reflected in the draft accounts.
During the year, the company replaced a number of vehicles funding them by a combination of leasing and
an increased overdraft facility. The facility is to be reviewed in january 20X6 after the audited accounts are
available.
The draft accounts show a loss for 20X5 but the forecasts indicate a return to profitability in 20X6 as the
managing director is optimistic about generating additional turnover from new contracts.
Requirements
(a) State the circumstances particular to Truckers Ltd which may indicate that the company is not a going
concern. Explain why these circumstances given cause for concern.
(b) Describe the audit work to be performed in respect of going concern at Truckers Ltd.
See Answer at the end of this chapter.
4 Comparatives
© The Institute of Chartered Accountants in England and Wales, March 2009 283
Advanced Stage- Advanced Audit and Assurance
Comparatives are presented in compliance with the relevant financial reporting framework. The essential
audit reporting differences are that:
~ For corresponding figures, the auditor's report only refers to the financial statements of the
current period.
~ For comparative financial statements, the auditor's report refers to each period that financial
statements are presented.
BSA 71 0 provides guidance on the auditor's responsibilities for comparatives and for reporting on them
under the two frameworks in separate sections. We will consider the guidance on corresponding figures
as this is the approach usually adopted in Bangladesh.
4.3 Reporting
When the comparatives are presented as corresponding figures, the auditor should issue an audit report in
which the comparatives are not specifically identified because the auditor's opinion is on the current
period financial statements as a whole, including the corresponding figures.
The auditor's report will only make any specific reference to corresponding figures in the circumstances
described below.
284 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION- REVIEW AND REPORTING
~ When the auditor's report on the prior period, as previously issued, included a qualified opinion,
disclaimer of opinion, or adverse opinion and the matter which gave rise to the modification is:
(a) Unresolved, and results in a modification of the auditor's report regarding the current period
figures, the auditor's report should also be modified regarding the corresponding figures; or
(b) Unresolved, but does not result in a modification of the auditor's report regarding the current
period figures, the auditor's report should be modified regarding the corresponding figures
~ If a modified report was issued, but the matter which gave rise to it is resolved and properly dealt with
in the financial statements, the current report will not usually refer to the previous modification. If the
matter is material to the current period, however, the auditors may include an emphasis of
matter paragraph to deal with it.
~ In performing the audit of the current period financial statements, the auditors, in certain unusual
circumstances, may become aware of a material misstatement that affects the prior period
financial statements on which an unmodified report has been previously issued.
In such circumstances, the auditor should consider the guidance in BSA 560 and:
(a) If the prior period financial statements have been revised and reissued with a new auditor's
report, the auditor should be satisfied that the corresponding figures agree with the revised
financial statements; or
(b) If the prior period financial statements have not been revised and reissued, and the
corresponding figures have not been properly restated and/or appropriate disclosures have not
been made, the auditor should issue a modified report on the current period financial statement
modified with respect to the corresponding figures included therein.
In these circumstances, if the prior period financial statements have not been revised and an auditor's
report has not been reissued, but the corresponding figures have been properly restated and/or
appropriate disclosures have been made in the current period financial statements, the auditors may include
an emphasis of matter paragraph describing the circumstances and referencing to the appropriate
disclosures.
© The Institute of Chartered Accountants in England and Wales, March 2009 285
Advanced Stage- Advanced Audit and Assurance
5 Internal reporting
Definition
Governance: is the term used to describe the role of persons entrusted with the supervision, control and
direction of the entity. Those charged with governance ordinarily are accountable for ensuring that the
entity achieves its objectives, financial reporting and reporting to interested parties. Those charged with
governance include management only when it performs such functions.
The auditor should communicate audit matters of governance interest arising from the audit of financial
statements with those charged with governance of an entity. The scope of the BSA is limited to matters
that come to the auditor's attention as a result of the audit; the auditors are not required to design
procedures to identify matters of governance interest.
The auditor should determine the relevant persons who are charged with governance and with whom audit
matters of governance interest are communicated.
The auditors may communicate with the whole board, the supervisory board or the audit committee
depending on the governance structure of the organisation. To avoid misunderstandings, the engagement
letter should explain that auditors will only communicate matters that come to their attention as a result of
the performance of the audit. It should state that the auditors are not required to design procedures for
the purpose of identifying matters of governance interest.
The letter may also:
Describe the form which any communications on governance matters will take
Identify the relevant persons with whom such communications will be made
Identify any specific matters of governance interest which it has agreed are to be communicated
286 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION - REVIEW AND REPORTING
Other matters
The auditor should communicate to those charged with governance an outline of the nature and scope,
including, where relevant, any limitations thereon, of the work the auditor proposes to undertake and the
form of the reports the auditor expects to make including the following:
(a) The auditor's views about the qualitative aspects of the entity's accounting practices and financial
reporting
(b) The final draft of the representation letter that the auditor is requesting management and those
charged with governance to sign. The communication should specifically refer to any matters where
management is reluctant to make the representations requested by the auditor
(c) Uncorrected misstatements
(d) Expected modifications to the auditor's report
(e) Material weaknesses in internal control identified during the audit
(f) Matters specifically required by other BSAs to be communicated to those charged with governance,
and
(g) Any other audit matters of governance interest
Written representation should be sought from those charged with governance that explains their reasons
for not correcting misstatements brought to their attention by the auditor.
Requirement
In each of the cases listed below identify to whom the auditor would initially report:
(I) The auditor has obtained evidence that the operations manager has committed a fraud against the
company
(2) The auditor has obtained evidence that the finance director has committed a fraud against the
company
(3) Disagreement with an accounting policy
See Answer at the end of this chapter.
© The Institute of Chartered Accountants in England and Wales, March 2009 287
Advanced Stage - Advanced Audit and Assurance
We have audited the accompanying financial statements of ABC Company, which comprise the balance
sheet as at December 31, 20X I, and the income statement, statement of changes in equity and cash flow
statement for the year then ended, and a summary of significant accounting policies and other explanatory
information.
288 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION -REVIEW AND REPORTING
Management is responsible for the preparation and fair presentation of these financial statements in
accordance with Bangladesh Financial Reporting Standards, and for such internal control as management
determines is necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error.
Auditor's Responsibility
Our responsibility is to express an opinion on these financial statements based on our audit. We conducted
our audit in accordance with Bangladesh Standards on Auditing. Those standards require that we comply
with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether the
financial statements are free from material misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the
consolidated financial statements. The procedures selected depend on the auditor's judgment, including the
assessment of the risks of material misstatement of the consolidated financial statements, whether due to
fraud or error. In making those risk assessments, the auditor considers internal control relevant to the
entity's preparation and fair presentation of the consolidated financial statements in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on
the effectiveness of the entity's internal control. An audit also includes evaluating the appropriateness of
accounting policies used and the reasonableness of accounting estimates made by management, as well as
evaluating the overall presentation of the consolidated financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our
audit opinion.
Opinion
In our opinion, the financial statements present fairly, in all material respects, (or give a true and fair view
of) the financial position of ABC Company as at December 31, 20X I, and (of) its financial performance and
its cash flows for the year then ended in accordance with Bangladesh Financial Reporting Standards. ',
[Form and content of this section of the auditor's report will vary depending on the nature of the auditor's
other reporting responsibilities.]
[Auditor's signature]
[Auditor's address]
© The Institute of Chartered Accountants in England and Wales, March 2009 289
Advanced Stage- Advanced Audit and Assurance
Definition
An uncertainty: is a matter whose outcome depends on future actions or events not under the direct
control of the entity but that may affect the financial statements.
Examples of emphasis of matter paragraphs are contained in the Appendix to this chapter. See
Illustrations I and 2.
290 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION- REVIEW AND REPORTING
is not so material and pervasive as to require an adverse opinion or a disclaimer of opinion. A qualified
opinion should be expressed as being 'except for the effects of the matter to which the qualification
relates'.
~ A disclaimer of opinion should be expressed when the possible effect of a limitation on scope is so
material and pervasive that the auditor has not been able to obtain sufficient, appropriate audit
evidence and accordingly is unable to express an opinion on the financial statements.
~ An adverse opinion should be expressed when the effect of a disagreement is so material and
pervasive to the financial statements that the auditor concludes that a qualification of the report is not
adequate to disclose the misleading or incomplete nature of the financial statements.'
Limitation on scope
There are two circumstances identified by the standard where there might be a limitation on scope.
(I) A limitation on the scope of the auditor's work may sometimes be imposed by the entity (for
example, when the terms of the engagement specify that the auditor will not carry out an audit
procedure that the auditor believes is necessary).
However, when the limitation in the terms of a proposed engagement is such that the auditor believes
the need to express a disclaimer of opinion exists; the auditor would usually not accept such a limited
audit engagement, unless required by statute. Also, a statutory auditor would not accept such an audit
engagement when the limitation infringes on the auditor's statutory duties.
(2) A scope limitation may be imposed by circumstances (for example, when the timing of the
auditor's appointment is such that the auditor is unable to observe the counting of physical inventory).
It may also arise when, in the opinion of the auditor, the entity's accounting records are inadequate or
when the auditor is unable to carry out an audit procedure believed to be desirable. In these
circumstances, the auditor would attempt to carry out reasonable alternative procedures to obtain
sufficient, appropriate audit evidence to support an unqualified opinion.
Where there is a limitation on the scope of the auditor's work that requires expression of a qualified
opinion or a disclaimer of opinion, the auditor's report should describe the limitation and indicate the
possible adjustments to the financial statements that might have been determined to be necessary had the
limitation not existed.
See Appendix Illustrations 3 and 5.
Disagreement
The auditor may disagree with management about matters such as the acceptability of accounting policies
selected, the method of their application, or the adequacy of disclosures in the financial statements. The
BSA states that if such disagreements are material to the financial statements, the auditor should express a
qualified or an adverse opinion.
See Appendix Illustrations 4 and 6.
© The Institute of Chartered Accountants in England and Wales, March 2009 291
Advanced Stage- Advanced Audit and Assurance
6.3.2 Understandability
Although the essence of the auditor's role is simple, in practice it is surrounded by auditing standards and
guidance as it is a technical art. It also involves relevant language, or 'jargon' that non-auditors may not
understand.
Communicating the audit opinion in a way that people can understand it is a challenge. In the Audit and
Assurance faculty document, Audit Quality Fundamentals- Auditor Reporting the following suggestions are
made that would improve readability:
~ The current audit report could be re-arranged so that the most relevant information i.e. the opinion is
shown first
~ The opinion should be expanded to include a positive statement that adequate accounting records
have been kept by the company and that there are no matters within the annual accounts to which the
auditors wish to draw attention by way of emphasis
Standardised information e.g. the inherent limitations and the scope of the audit could be shown
elsewhere in the report or as an appendix to the main report. Alternatively they could be placed on a
website or in a place that is publicly accessible and cross-referenced in the audit report
~ The inclusion of more company specific information
6.3.3 Responsibility
Connected with the problem of what the audit is and what the audit opinion means is a problem of what
the auditors are responsible for. As far as the law is concerned, auditors have a restricted number of
duties. Professional standards and other bodies, such as the Financial Services Authority, put other
duties on auditors.
Users of financial statements, and the public, may not have a very clear perception of what the auditors are
responsible for and what the audit opinion relates to, or what context it is in.
The issue of auditor's liability ties in here. Audit reports are addressed to shareholders, to whom
auditors have their primary and legal responsibility. However, audited accounts are used by significantly
more people than that. Should this fact be addressed in the audit report1
6.3.4 Availability
The availability of audit reports has been increased by the trend to publish financial statements on
companies' websites. Auditors should consider the risks of this.
The fact that a significant number of people use audited accounts has just been mentioned. Audit reports
are publicly available, as they are often held on public record. This fact alone may add to any perception
that exists that auditors address their report to more than just shareholders.
The problem of availability is exacerbated by the fact that many companies publish their financial
statements on their website. This means that millions of people around the world have access to the
audit report.
This issue may add significant misunderstandings.
~ Language barriers may cause additional understandability problems
~ It may not be clear which financial information an audit report refers to
~ The audit report may be subject to malicious tampering by hackers or personnel
If an audit report is published electronically, auditors lose control of the physical positioning of the
report, that is, what it is published with. This might significantly impact on understandability and also
perceived responsibility.
When financial information is available electronically, auditors must ensure that their report is not
misrepresented.
292 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION- REVIEW AND REPORTING
Reporting electronically
The Auditing Practices Board has issued an appendix to BSA 720, to help the auditor respond properly
to a request to publish the audit report electronically.
The BSA proposes that the directors should obtain the consent of the auditors to publish the audit
report on a website. The matter should ideally be referred to in the letter of engagement between
the parties.
The auditors may reserve the right to decline the report being so published, if they do not like the
presentation of the report and the associated financial statements that the directors propose.
Guidance has been published by another body which advises directors to highlight statutory information
given on the website.
~ The auditors should ensure that their report is worded so that it is appropriate for inclusion on a
website. This will include reference to specific financial statements rather than the use of page
numbers, for example. '
~ Where the auditor's report is to be published electronically, the auditors should carry out a series of
checks:
They should review the process for deriving the electronic information from the hard copy
financial statements
They should check that the electronic copy is identical to the hard copy
They should check that the presentation has not been distorted (i.e. that certain items have
not been given greater emphasis in the new presentation)
As the directors are responsible for controls in their business, they are responsible for ensuring
that the report is not tampered with once it is on the website.
© The Institute of Chartered Accountants in England and Wales, March 2009 293
Advanced Stage- Advanced Audit and Assurance
Definition
Other information: is financial and non-financial information other than the audited financial statements
and the auditor's report, which an entity may include in its annual report, either by custom or statute.
A material inconsistency: exists when other information contradicts information contained in the
audited financial statements. A material inconsistency may raise doubt about the audit conclusions drawn
from audit evidence previously obtained and, possibly, about the basis for the auditor's opinion on the
financial statements.
294 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION - REVIEW AND REPORTING
© The Institute of Chartered Accountants in England and Wales, March 2009 295
Advanced Stage- Advanced Audit and Assurance
~ Notifying those ultimately responsible for the overall direction of the entity
~ Obtaining legal advice.
7 .1.2 Overview
The BSA aims to address special considerations that are relevant to:
~ A complete set of financial statements prepared in accordance with another comprehensive basis
of accounting
~ A component of a complete set of general purpose or special purpose financial
statements, such as a single financial statement, specified accounts, elements of accounts or items in
a financial statement
~ Compliance with contractual agreements
~ Summarised financial statements
The aim of the BSA is simply to identify additional audit requirements relating to these areas. To be clear,
all other BSAs still apply to the audit engagement.
296 © The Institute of Chartered Accountants in England and Wales, March 2009
AUDIT COMPLETION- REVIEW AND REPORTING
© The Institute of Chartered Accountants in England and Wales, March 2009 297
Advanced Stage- Advanced Audit and Assurance
Therefore in Bangladesh auditors do not have to discuss with those charged with governance on the
compliance of two different sets of standards in preparation of accounts.
BAPS I0 14 supplements guidance provided in BSA 700, The Auditor's Report on Financial Statements.
A set of financial statements that has been prepared in accordance with one financial reporting framework
and that contains a note or supplementary statement reconciling the results to those that would be shown
under another financial reporting framework has not been prepared in accordance with that other
framework. This is because the financial statements do not include all the information in the manner
required by that other framework. The financial statements must comply with both financial reporting
frameworks simultaneously and without any need for reconciling statements if they are to be regarded as
having been prepared in accordance with both.
298 © The Institute of Chartered Accountants in England and Wales, March 2009