Professional Documents
Culture Documents
NOCLAR%2Bstudy%2Bnotes 1
NOCLAR%2Bstudy%2Bnotes 1
NOCLAR%2Bstudy%2Bnotes 1
NOCLAR is a common theme in SAICA exams, due to its highly relevant and important function
in the Code of Professional Conduct (CPC) in guiding how a CA(SA) should respond to
observed illegal behaviour. It is therefore very important to become familiar with how to apply
the NOCLAR sections of the CPC.
Required reading/reference:
Therefore, there are two possible scenarios that could be presented i.e. (1) a CA(SA) in business
(not public practice) is witness to NOCLAR; and (2) a CA(SA) in public practice (usually the
auditor) is witness to NOCLAR.
Here is a proposed structure for addressing these two scenarios of NOCLAR application:
Reporting:
• Discuss the issue with X (immediate reporting line manager – CFO – if not involved in
NOCLAR)
• Discuss the issue with the Board.
• Urge the directors to take steps to have the NOCLAR rectified, remedied and mitigated.
• Assess the appropriateness of the response of the superiors and those charged with
governance (timeliness of response, remediation actions, disclosure to authorities).
• If the necessary steps are not taken, further action may be needed.
• Consider informing the company’s auditors of the matter.
• Also consider resigning if appropriate remedy not taken.
• Document the following: The nature of the NOCLAR; the process followed;
discussions held with management/board; their responses; further actions taken.
Scenario 2: The auditor is made aware of NOCLAR at the client.
Typical required:
• Concerning XXX in working paper X, discuss, with reasons, the appropriate audit
response. OR
• As the auditor, provide your considerations and further actions, appropriate to respond
to the XXX issue in working paper X.
Note: the below is a good structure for complying with the requirements of the CPC
(NOCLAR), the Auditing Profession Act and ISA 250 (Consideration of Laws and. Regulations
in an Audit of Financial Statements)
PART 1:
Consider the requirements of Non-compliance with laws and regulations (NOCLAR) in terms
of section 360 of the Code of Professional Conduct, as well as ISA 250.
• The auditor has an ethical obligation to comply with the fundamental principles and
apply the conceptual framework set out in Section 120 to identify, evaluate and address
threats.
• A self-interest or intimidation threat to compliance with the principles of integrity and
professional behaviour is created when a professional accountant becomes aware of
non-compliance or suspected non- compliance with laws and regulations.
• The principle of confidentiality does not preclude the obligation to report non-
compliance with law if legally bound to do so.
PART 2:
Issue described:
• Why is this illegal and unethical behaviour by management?
• Was it a bribe/theft/money laundering/kickback/tender irregularity/illegal in some
sense?
• Use appropriate legislation, if possible, to describe the issue.
• Link to director’s conduct per Section 76, Companies Act, 2008.
PART 3:
Risk considerations
• Describe how the issue presents a risk or misstatement in the financial statements.
PART 4:
Risk response
• What audit procedures need to be performed to better understand and document the
perceived NOCLAR?
• The auditor needs more evidence before taking further action – this requires audit work.
PART 5:
Reportable irregularity considerations:
If this matter is considered a reportable irregularity, then the process of reporting the matter to
the IRBA in terms of section 45 of the Auditing Profession Act should be followed:
Written notice/report of the matter to the IRBA.
Within three days of sending the report to the IRBA, the Board must be notified of the matter
in writing (together with a copy of the report to the IRBA provided)
The auditor must, within no later than 30 days, ... etc.
PART 6:
If the matter is considered a reportable irregularity and fraud perpetrated by management, then,
in terms of ISA 240 and ISA 250:
• Increase the unpredictability of procedures.
• Place less reliance on management representations.
• Increase the assessed risk of management control override and manipulation of the
financial statements (profit and financial position in particular). May no be appropriate
to rely on controls at the client due to poor control environment.
• Consider performing additional audit testing as a result (especially over accounts with
an identified fraud risk).
• Consider specifically testing (scrutinising) manual journal entries.