500 likes | 578 Views
Audit Inspection Workshop. LICENSED AUDITORS. REGISTERED LICENSED AUDITORS AND APPROVAL OF FIRM NAMES. AUDIT PRACTICE REVIEW. Audit Practice Review started in October 2008 as per: Section 20 of the Financial Reporting Act 2004 and
E N D
Audit Inspection Workshop 12 September 2012
LICENSEDAUDITORS REGISTERED LICENSED AUDITORS AND APPROVAL OF FIRM NAMES 12 September 2012
AUDIT PRACTICE REVIEW Audit Practice Review started in October 2008 as per: • Section 20 of the Financial Reporting Act 2004 and • rules established by the Council under Government Notice No.116 of 2008 12 September 2012
Audit Practice Review (APR) Process • Established under GN No. 116 of 2008 as the Financial Reporting (APR) Rules 2008 • Selection of audit firms/LA to review • Notification of APR to audit firm/LA • Advance documentation request from AF/LA • Opening meeting with managing partner/partner • On-site inspection: • Whole firm QCS procedures • Audit file reviews • Preparation of preliminary inspection reports • Closing meeting to discuss on findings • Finalisation of APR report 12 September 2012
FIRMS REVIEWED No. of firms reviewed since October 2008 to June 2012 = 56 firms It includes: • Large firms • Firms with two or more partners • Sole practitioners 12 September 2012
Categories of FirmReviewed 12 September 2012
Licensed Auditors Assessed and Files Reviewed 12 September 2012
AUDIT PRACTICE REVIEW BASIS OF REVIEW: To verify compliance with: • Licensing Conditions issued by FRC • Requirements of International Standards on Quality Control 1 (ISQC1) • Requirements of International Standards in Auditing (ISA) • Compliance with IFAC Code of Ethics (Independence) 12 September 2012
Licensing Conditions Among others the licensing conditions are: • Not being involved in any fraud or dishonesty in any country • Being fit and proper person • Maintaining PII • Maintaining professional competence through CPD • Making arrangements for continuity of practice • Documenting, maintaining and complying with quality assurance procedures and with all technical standards and guidelines applicable to his work • Supply to the council all necessary information to enable it to conduct an APR • Documenting, maintaining and applying a complaints handling procedure 12 September 2012
OBSERVATIONS - Licensing Conditions (i) Maintaining PII • Application for renewal of PII made after expiry • Delay in submitting copy of PII to FRC • In most cases PII is for an amount of Rs 500k or Rs 1m (which may or may not reflect the client base) 12 September 2012
OBSERVATIONS - Licensing Conditions (ii) Making arrangements for continuity of practice • In most of the cases it is not formalised 12 September 2012
OBSERVATIONS - Licensing Conditions (iii) Maintaining Professional Competence through CPD • In most cases it is with respect to updates on IFRS CPD in Audit • Few firms have structured training for partners & staff • Others rely on workshops on audit organised by ACCA, FRC, MIPA etc (but CPD on auditing is rare) • Auditing standards can be downloaded for free from the IFAC web-site: www.ifac.org 12 September 2012
OBSERVATIONS - Licensing Conditions (iv) Documenting, maintaining + complying with quality assurance procedures and with all technical standards and guidelines applicable to his work • ISQC 1 requirements • ISA requirements 12 September 2012
OBSERVATIONS - Licensing Conditions (v) Documenting, maintaining and applying a complaints handling procedure • No complaints register • No complaints received by firms reviewed 12 September 2012
International Standards on Quality Control 1 (ISQC1) Para 4 of ISQC1: • ISQC applies to all firms of professional accountants in respect of: • Audits + reviews of FS • Other assurance reviews + related services engagements • Extent of the Policies and Procedures will depend on various factors such as: • The size • Operating characteristics • Whether part of a network 12 September 2012
ISQC 1 Para 16 of ISQC1 The firm shall establish and maintain a system of quality control that includes policies and procedures that address each of the following elements: • Leadership responsibilities for quality within the firm. • Relevant ethical requirements. • Acceptance and continuance of client relationships and specific engagements. • Human resources. • Engagement performance. • Monitoring. Para 17 of ISQC1 The firm shall document its policies and procedures and communicate them to the firm’s personnel. 12 September 2012
OBSERVATIONS – ISQC1 Documentation of Quality Policies and Procedures 12 September 2012
ISQC1: Observations QUALITY MANUAL • There is a lack of understanding of the requirements of the Quality Standards (ISQC1) • The quality manual (QM) is a copy of the requirements of the standards without the firm’s own quality strategy to reflect the requirements of the standards • The QM has been made too complicated for the size of the firm. Thus, it is difficult to implement same. • (Should be tailor made to the size of the firm – but in line with the requirements of ISQC1) 12 September 2012
ENGAGEMENT FILES REVIEW 12 September 2012
ENGAGEMENT FILES REVIEW Purpose To ensure that the engagement partner provides reasonable assurance that: • engagements are performed in accordance with professional standards and regulatory and legal requirements, and • reports issued by the partners are appropriate in the circumstances 12 September 2012
ENGAGEMENT FILES REVIEW Basis for Selection of EF Risk based approach • Listed Entities • PIEs • Other Regulated entities (Banks, Insurance) • Statutory Audit (Highest turnover) 12 September 2012
Engagement Files Reviewed 12 September 2012
FINDINGS ON ENGAGEMENT FILES REVIEW Common and critical findings from the reviews will be presented from each phase of the audit • Planning and Risk Assessment • Audit evidence gathering • Audit Finalization • Reporting • Communication with those charged with governance • Documentation 12 September 2012
Planning and Risk Assessment • Preliminary engagement activities • Planning the audit • Perform risk assessment procedure 12 September 2012
Planning and Risk Assessment OBSERVATIONS Preliminary Engagement Activities • Acceptance and continuance (box ticking exercise) • Terms of Engagement • No engagement letter • Engagement letter not updated • Engagement letter not drafted as per requirements of ISAs • Independence assessment 12 September 2012
Planning and Risk Assessment OBSERVATIONS Planning the Audit More than 50% of the engagement files reviewed have shortcomings w.r.t planning • No planning at all • No kick-off meeting • Materiality • Not computed (risk-based audit) • Basis for materiality computation • No clear documentation on overall audit strategy 12 September 2012
Planning and Risk Assessment OBSERVATIONS Risk Assessment Procedures No evidence in the engagement files w.r.t: • Understanding the entity • consideration of laws and regulations • communication with board/audit committee • inquiries with management • analytical procedures • the entity control environment. 12 September 2012
Audit Evidence Gathering Procedures for obtaining evidence • Inspection • Observation • Enquiry/ Confirmation • Recalculation/ Reperformance • Analytical Procedures 12 September 2012
Observations - Audit Evidence Gathering Inconsistency between planned and actual audit approach • Work not performed as planned • For example, planned to carry out EQCR (in the case of listed entity) – no evidence that same was done 12 September 2012
Observations - Audit Evidence Gathering Revenue (Presumed Risk) • No reasons why not assessed as high risk • Where assessed as high risk • Lack of sufficient and appropriate evidence Audit procedures were not focused on the risks associated with revenue recognition (completeness, accuracy, occurrence) • insufficient evidence was obtained to support the conclusion that related internal controls were operating effectively • There often appears to be a tendency to focus on the balance sheet and assume that the work will cover the income statement (balance sheet approach) 12 September 2012
Observations - Audit Evidence Gathering Receivables • Inadequate work with respect to impairment test (Valuation), age analysis • No consideration of entity’s policy wrt impairment of debtors • Existence of the account balance 12 September 2012
Observations - Audit Evidence Gathering Inventories • Accounting policy (Valuation objective) • Lower of cost and NRV • No work done to ascertain that cost or NRV is lower • Stock Take (Existence assertion) • No stock take (although practical) • If stock take attended: • No evidence on the evaluation of management’s instructions and procedures for stock count by the auditor • Only a listing of stock found in the files 12 September 2012
Observations - Audit Evidence Gathering Related Parties (Presumed risk) • No procedures on identification of related parties • No adequate disclosures in accordance with IAS 24 • Insufficient rationale being given for the exclusion of certain individuals from related party disclosures • Arm’s length 12 September 2012
Observations - Audit Evidence Gathering External confirmations (existence, rights and obligations) • No circularisation at all • Circularised and response received • No evaluation of the responses • Circularised and no response received • No alternative tests performed 12 September 2012
Observations - Audit Evidence Gathering Work of Expert • Valuation of investment • Employee Benefits • PPE • Not assessed the expert’s: • Consider the expert’s (Documentation issue) – • Professional qualifications • Reputation • Independence • Audit input data used by the expert • Review the methods and assumptions used 12 September 2012
Observations - Audit Evidence Gathering Sampling (ISA 530) • Principles of sampling not applied • Representative of population • Basis for sampling not implemented • No conclusions of the results from sample tests 12 September 2012
Observations - Audit Evidence Gathering Analytical procedures (ISA 520) • weaknesses in the performance of substantive analytical procedures for certain account balances • no consideration of the reliability of the source data or setting of thresholds for investigation of variances • No analytical review at the end of the audit 12 September 2012
Observations - Audit Evidence Gathering Group Audit (ISA 600) • The principal auditor did not perform procedures to obtain sufficient appropriate audit evidence, that the work of the component auditor was adequate for the principal auditor’s purposes • Accounts consolidated although not prepared under the same financial reporting framework 12 September 2012
Observations - Audit Finalisation Audit finalisation procedures include amongst others: • A final analytical review • Subsequent events • Appropriateness of the going concern assumption • Management representations • Specific representations are missing – • Fair value • Related parties • Laws and regulations • Going concern • Management representations not a sufficient evidence 12 September 2012
REPORTING Types of Audit Report • Unmodified report (commonly known as clean report) • Modified report • Disclaimer • Qualified • Adverse • FRC has observed a confusion by auditors when they have to submit a modified report, instead they report an ‘emphasis of matter’. 12 September 2012
Observations - REPORTING 12 September 2012
ISA 230: Documentation This is a major non-compliance. Documentation of audit work is important for the various reasons as follows: • Assists the auditor in planning and performing the audit; • Facilitates supervision and review of the work performed by assistants; • Helps in the evaluation of the audit evidence obtained and conclusion reached before the auditor’s report is finalised; • Provides a record of matters of continuing relevance that can be simply updated 12 September 2012
ISA 230: Documentation • Provides a head start to the following year audit; • Helps to enhance the quality of the audit in terms of the quality of the auditor’s judgments; • Helps to understand the rationale of the auditor’s conclusions; • Helps to enhance the logic and the clarity of thinking and last but not least; • Provides a record that may assist audit oversight authorities and others when reviewing audit files. 12 September 2012
Mandatory documentation : ISAs Requirements: 210: Terms of Engagement( para 10-12) 220: Quality control of an audit (24-25) 240: The Auditor’s Responsibility (44-47) 250: Considering laws and regulations- Para 29 260: Communication with those charged with Governance (para 23) 300: Planning the audit ( para 12) 315: Understanding the entity ( para 32) 320: Materiality ( planning) ( para 14) 330: Response to assessed risks (para 28-30) 450; Evaluation of misstatements ( para 15) 540; Auditing Accounting estimates ( para 23) 550; Related parties ( para 28) 600; Group Audits (para 50) 610: Use of work of Internal Audit ( para 13) 12 September 2012
THANK YOU 12 September 2012