640 likes | 842 Views
Chartered Accountants Audit Conference APES 320: Quality Control for Firms – A Mandatory Requirement!. Michael Cain, FCA Audit & Accounting Technical Director Nexia International – Australia and New Zealand. charteredaccountants.com.au. Session Topics. ASIC Audit Inspection
E N D
Chartered Accountants Audit Conference APES 320: Quality Control for Firms – A Mandatory Requirement! Michael Cain, FCA Audit & Accounting Technical Director Nexia International – Australia and New Zealand charteredaccountants.com.au
Session Topics ASIC Audit Inspection Institute Inspection Program Quality Control in Firms: APES 320/PS 1 Network Firm Definition Implementation Strategy Useful Implementation Tools
1. ASIC Audit Inspections • Round 1 – September 2005 • Round 2 – August 2006 • Round 3 – No report issued yet
1. ASIC Audit Inspections • Scope of ASIC audit inspections • Second year inspection of Big 4 firms • First year inspection of various offices of BDO, Horwath, PKF, Grant Thornton, Pitcher Partners and RSM Bird Cameron • Quality control systems re Independence • Quality control systems re audit methodologies
1. ASIC Audit Inspections (b) Observations & Findings - Big 4 • Significant improvements in independence systems • Strong tone at the top leadership • Implemented systems to monitor compliance, annual/quarterly independence confirmations, conflict checking, engagement acceptance/continuance, systems that monitor and record personal investments
1. ASIC Audit Inspections (b) Observations & Findings - Big 4 • Non-audit services now are pre-approved by the audit partner • Now better communication of consequences of non-compliance with policies and systems to staff, including disciplinary actions • Now have systems for capturing independence consultations and enquiries by staff • 3 firms enhanced independence training and use e-learning tools
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Adoption of CLERP 9 • Induction program for new employees did not include awareness of independence policies • Independence training not widely conducted • Lateral hires and contractors not provided with independence training
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Non-Audit Services • Main threat to independence • Inadequate documentation supporting decisions to provide non-audit services • Need to clarify prohibited services • Some firms not complying with their own policies • Instances of journals prepared and payroll services offered, yet no documentation of independence decision
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Partner Evaluation & Compensation • Partner performance reviews either not conducted or not documented • Remuneration of audit partners linked purely to financial results • Independence/audit quality considerations not part of partner evaluation/compensation • Performance criteria does not include independence or audit quality
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Client Acceptance & Continuance • 1 firm did not document acceptance or continuance Testing of Compliance • 2 firms conducted limited reviews on compliance • 2 firms need to develop and communicate disciplinary policies which outline consequences of non compliance • Staff interviewed to test recall of consequences
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier • Whistleblower • No firm had a formal complaints/whistleblower process Strategic Plans and Code of Conduct • 4 firms had strategic plans that DID NOT include independence and quality issues • 2 firms code of conduct are deficient • Need to establish a “Tone at the Top”
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier AUDIT QUALITY Application of Audit Methodology • 2 firms have no audit manual • 2 firms have fully mapped manuals to Audit Standards, supported by proprietary software • 1 firm has not updated manual for recent changes • All firms need to improve engagement file application of methodologies
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Application of Auditing Standards • Reviewed 30 engagements • 3 audit standards poorly applied:- ASA 520 Analytical Review- ASA 240 Fraud- ASA 530 Audit Sampling • Most have removed guidance on sample sizes
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Audit Documentation • Incomplete documentation of work • In all firms, less adequate documentation at final stages then at commencement Common deficiencies in documentation related to: • Consideration of laws and regulations • Partner review of planning prior to field work • Mandatory fraud audit steps • Analytical reviews • Documentation of the substantive sampling approach adopted • Engagement and management letters not issued/obtained • Inconsistent application of methodology across industry groups within the firms
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Audit Evidence • General lack of evidence for disclosure items such as related party, commitments and contingencies, director remuneration Engagement Quality Control Review • On some listed clients, inadequate evidence of review being performed • In 1 firm, not sure who the review partner was
1. ASIC Audit Inspections (b) Observations & Findings - Mid-Tier Monitoring • 2 did not have adequate policies to support monitoring of audit quality • 4 firms deficient in communicating results of reviews beyond the engagement team • 1 firm had no monitoring policies • No link between partner/staff performance evaluation and results of their internal monitoring process
1. ASIC Audit Inspections (c) Future Inspections • Follow up action on all firms in the report • Extend reach into other Mid-Tier firms • Other offices of Big 4 firms not in 1st & 2nd report • Focus on Independence & Quality • Practical application of Auditor Rotation • Increase number of engagement files reviewed
1. ASIC Audit Inspections (c) Future Inspections Focus on Auditing Standards not adequately dealt with: • ASA 315 Understand Entity & Risk • ASA 240 Fraud • ASA 530 Audit Sampling • ASA 230 Documentation ASA 315 would naturally extend to ASA 330
1. ASIC Audit Inspections (c) Future Inspections • Transition to Force of Law Standards and APES 320 (APS 5) • IFAC broadened definition of “Network”, affiliations must be independent of each other
1. ASIC Audit Inspections How to handle ASIC Concerns?? Nexia ASIC Concerns Questionnaire and Action Plan
2. Institute Inspection Review As at 30 June 2007 • 478 practice firms’ reviews completed • 32 listed public companies completed • 518 practice firms’ reviews were in progress • 16 listed public companies in progress Review Policy • All practices that audit publicly listed companies reviewed every 3 years • All other practices reviewed every 5 years
2. Institute Inspection Review • 87.5% [85%] of practices were either informed there was no further action required or that procedures were adequate, with only minor issues to address • 12% [14%] had policies and procedures that were insufficientto comply with professional and legal requirements or did not adhere to existing policies and procedures • <1%(1%) were referred to Institute disciplinary processes for investigation because of fundamental breaches of standards
2. Institute Inspection Review Majority are meeting independence standards, but deficiencies noted were: • Independence • Self Managed Superannuation Fund audits • Provision of accounting and audit • Inadequate documentation in relation to threats to independence
2. Institute Inspection Review Deficiencies noted: • Audit Engagements • No evidence of planning documentation • No internal controls or risk assessment prior to the audit work performed • No subsequent events review documentation • No evidence of going concern assessment • No letters of engagement or representation • Insufficient documentation surrounding independence considerations
2. Institute Inspection Review Deficiencies noted: • Compilation Engagements • Did not specify they were Special Purpose Financial Reports • Non-compliance with APS 9: Compilation of Financial Reports • Errors in accounting and disclosure
2. Institute Inspection Review Deficiencies noted: • Training and development • Failure to meet minimum hours of training and development R:7 Regulations relating to training development • Failure to meet training and development re statutory audit registration
2. Institute Inspection Review Improvements in Quality Control Systems ARE required across the majority of practices, in particular: • Formal policies and procedures of quality control across the whole practice firm • Training in the Code of Ethics for Professional Accountants
ASIC Greater powers to investigate Have access to all files No reported breaches of Corporations Act Institute Cooperative approach Not have access to all files under privacy legislation Cannot access all records 2. Institute Inspections
3. Quality Control • Why is it important? • APES 320: Quality Control for Firms – Compulsory • APES 110: Code of Ethics for Professional Accountants – Compulsory • Legislative Requirements – CLERP 9 • Australian Auditing Standards – Force of Law • Risk Management: Protect your REPUTATION AND INTEGRITY!!
3. Quality Control • APES 320: Quality Control for Firms • Applicable from 1 July 2006 • More stringent QC than APS4/5 • Basic principles and essential procedures • Firm wide system of quality control, not just audit • Quality Control Manual/ QC Guide –http://www.charteredaccountants.com.au/resource_centre • Quality Control Report (“QCR”)
3. Quality Control Mandatory requirement for every practice firm is to: “Establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with professional standards and regulatory and professional requirements and that reports issued by the firm or engagement partners are appropriate to the circumstances” (APES 320(3))
3. Quality Control The key document to ensure compliance! The “Quality Control Manual” (QCM) Quality Control Guide and Checklist Templates enclosed Let’s surf the requirements…
3. Quality Control • Elements of Quality Control • Leadership responsibilities • Ethical requirements • Acceptance and continuance of client relationships and specific engagements • Human resources • Engagement performance • Monitoring
3. Quality Control • Leadership Responsibilities - Policy • Partners are committed to a high standard of quality on all engagements • All staff required to be fully conversant with APES 110: Code of Ethics for Professional Accountants • Quality will not be compromised by commercial considerations on assignments • All partners and staff to follow policies and procedures
3. Quality Control • Leadership Responsibilities - Policy • Effective training key component to quality maintenance • Mandatory training required for all staff • Sufficient resources devoted for the development, documentation, and support of quality policies and procedures • Annual performance reviews to include appraisal of commitment to quality, ethics, CPE, adherence to policies and procedures, and competency
3. Quality Control • Leadership Responsibilities • Procedures and Documentation • Documented set of policies and procedures that reflect what the practice MUST do! • This is to be documented in the Quality Control Manual • Applies to the WHOLE firm, all services, all engagements!
3. Quality Control • Ethical Requirements - Policy • Maintain a high standard of personal conduct to avoid damage to: • Personal reputation • Firms’ reputation • Professional Accounting Body (Institute of Chartered Accountants in Australia,CPA,NIA) • Mandatory compliance with APES110: Code of Ethics for Professional Accountants • Has force of law for Corporations Act audits • Chapter 2M – Registered Schemes or Disclosing Entities • Chapter 7 – Financial Services Licensees • Public Interest
3. Quality Control • Ethical Requirements • Fundamental Principles • Integrity • Objectivity • Independence • Professional Competence and Due Care • Confidentiality • Professional Behaviour
3. Quality Control • Client Acceptance & Continuance • Policy – Acceptance of New Clients • Client integrity • Cultural fit • Firm’s ability to conduct engagement competently and within timeframe • Ethical issues: perceived independence and conflict of interest threats • Decision documented by engagement partner together with information collected on client file
3. Quality Control • Client Acceptance & Continuance • Policy – Continuance • Not continue engagement where not have accepted had information been available earlier • Report events of lack of integrity of client to partner • Partner to consider professional and legal responsibilities and make effort to resolve • Must document resolution or decision to withdraw from engagement on client file
3. Quality Control • Client Acceptance & Continuance • Procedures – Key Documents • Client Screening Questionnaire • New Client Form • Welcome Letter • Ethical Letter • New Client Acceptance Checklist • Client Engagement Task Checklist • Client Retention Checklist • Lost Client Form • Disengagement Letter
3. Quality Control • Human Resources - Policy • Sufficient personnel • Appropriate competence and capabilities • Partner responsibility for HR issues • Policies and procedures to be monitored • Commitment to ethical principles • Performance appraisals, promotion, and remuneration • Non compliance – counselled and/or disciplined
3. Quality Control • Human Resources - Procedures • Recruitment • Job descriptions • Candidate selection • Probation reviews • Performance evaluation/promotion/remuneration • Six monthly interactive performance evaluation • Recognition, feedback, and advancement • Compliance with policies and procedures • Appropriate remuneration re performance and industry standards
3. Quality Control • Human Resources - Procedures • Capabilities/competence/career development • Relevant training • Maintenance of CPE requirements • On the job coaching and mentoring • Assignment to engagements • Depends on complexity of assignment and ability of staff member • Supervision • Engagement planning • Monitoring of work in progress and milestones
3. Quality Control • Human Resources - Key Documents • Human Resource Policy • Job Descriptions • Candidate Interview and Evaluation Checklist • New Staff Orientation Checklist • Professional Staff Performance Review • Administrative Staff Performance Review • Training and Development Record
3. Quality Control • Engagement Performance - Policy • Consistency in quality of engagements performed • Achieved through • Use of up to date manuals • Industry standard software • Template documents • Guidance Material • Pre engagement briefings to set objectives and tasks • Contentious/difficult matters referred to engagement partner for resolution
3. Quality Control • Engagement Performance - Procedures • Supervision • Review • Training and coaching • Consultations and referrals • Engagement documentation
3. Quality Control • Engagement Performance – • Key Documents • Client Acceptance and Continuance docs • Work Control Form • Job entered into firm’s workflow system (APS) • Timesheets completed and entered • Work in progress produced and monitored • Workflow reviewed by team • Document consultation/referral on Checklist for Use of Outside Consultant
3. Quality Control • Monitoring - Policy • Quality Control System has to be: • Relevant • Adequate • Operating effectively • Complied with