Friday, February 25, 2022

ISA (UK) 240: The auditor's responsibilities relating to fraud in an audit of financial statements

 Financial statement misstatements can result from either fraud or human error. The difference between fraud and error is whether the underlying conduct that causes the financial statements to be misstated is deliberate and involves deception or is unintentional. Although fraud is a broad legal notion, the auditor is concerned with fraud or suspected fraud that produces a material misstatement in the financial statements for the purposes of the ISAs (UK). The auditor is concerned with two sorts of intentional misstatements: those resulting from dishonest financial reporting and those originating from asset misappropriation.

Members of the audit committee should take an active part in preventing fraud by challenging management and auditors to verify that enough is being done to prevent and identify fraud throughout the organization. When financial crises make the news, the most pressing question is who bears blame and who could have stopped it. The auditing standard ISA 240 governs the auditor's responsibilities in relation to fraud, and many amendments have taken effect in both the UK and Ireland. In May 2021, the FRC issued a revised ISA (UK) 240 in response to the Brydon Review's recommendations to clarify auditor roles.

For auditors, what has changed?

-       Professional skepticism is getting more attention.

-       The significance of keeping vigilant and investigating further if conditions indicate that material submitted to auditors may not be real or has been tampered with is emphasized.

-       The auditor must evaluate both qualitative and quantitative elements of the fraud when determining whether it is material.

-       To undertake a risk assessment, audit methods, or evaluate evidence obtained, the audit team must examine whether specialist skills are required.

-       The audit team is likely to have more discussions, including exchanging ideas about how management or others within the entity could commit or hide fraud.

The ISA 240 modification was made in response to recent complaints that auditors aren't doing enough to uncover substantial fraud. It aims to clarify auditor responsibilities and place a greater emphasis on the auditor's role to look for suspected fraud. The auditor's job is to design and conduct an audit so that he or she may have reasonable assurance that the financial statements are free of serious misstatement due to fraud. This is a welcome clarification that will help auditors identify and analyze the risk of a significant misstatement as a result of fraud, as well as design processes to manage those risks.

 

Practice:

Both those charged with governance and management bear major responsibilities for fraud prevention and detection. It is critical that management, under the supervision of those charged with governance, place a high emphasis on fraud prevention, which may minimize possibilities for fraud, and fraud deterrence, which may encourage individuals not to commit fraud due to the risk of detection and punishment. This necessitates a commitment to cultivating a culture of honesty and ethical behavior, which can be maintained through active governance supervision.

Reference:     

https://bit.ly/3JQ9h86

https://bit.ly/3JTIyaO

Thursday, February 17, 2022

ISA (UK) 250: Consideration of Laws and Regulations in an Audit of Financial Statements

The impact of laws and regulations on financial statements varies greatly. The legal and regulatory framework is made up of the rules and regulations that an entity is bound by. Some laws or regulations have a direct impact on financial statements because they determine the reported amounts and disclosures in the financial statements of a company. Other laws or regulations must be followed by management or establish the conditions under which the corporation is permitted to operate, but they have no direct impact on the financial statements. Some businesses are involved in highly regulated industries (such as banks and chemical companies). Others are solely bound by the numerous laws and regulations that apply to the business's operational aspects (such as those relating to occupational safety and health and equal employment opportunity). Noncompliance with rules and regulations could result in penalties, litigation, or other consequences for the company, all of which could have a major impact on the financial statements.

Management responsibility

Management is responsible for ensuring that the entity's operations are done in conformity with rules and regulations, with oversight from those concerned with governance. Laws and regulations can have a variety of effects on an entity's financial statements. For example, they can alter the specific disclosures that the entity must make in its financial statements, or they can dictate the applicable financial reporting structure. They may also establish the entity's legal rights and liabilities, some of which will be reflected in the financial statements. In addition, violation of rules and regulations may result in sanctions.

Objectives of Auditor under ISA 250

According to paragraph 11 of ISA 250, the auditor's objectives are:

§  to gather adequate relevant audit proof of conformity with the provisions of those laws and regulations commonly recognized to have a direct impact on the assessment of material amounts and disclosures in financial statements.

§  to carry out certain audit procedures in order to detect instances of non-compliance with other laws and regulations that could have a major impact on the financial statements.

§  to respond appropriately to any suspected or identified non-compliance with laws and regulations discovered during the audit.

 

Practice:

When an auditor detects noncompliance with rules and regulations, he or she must tell those responsible for governance. However, the auditor must exercise caution because if the auditor suspects individuals in charge of governance are engaged, the auditor must notify the next highest level of authority, which might include the audit committee. If a higher level of authority is not available, the auditor will consider seeking legal advice. The auditor must also assess if the noncompliance has a material impact on the financial statements and, as a result, the influence on their report.

 

Reference:      https://bit.ly/3rVILnG 

https://bit.ly/3gRhOLA

Thursday, February 10, 2022

ISA (UK) – 260: COMMUNICATION WITH THOSE CHARGED WITH GOVERNANCE

According to ISA (UK) 260, auditors must convey audit concerns of governance interest to persons charged with governance. It is critical that individuals in charge of governance are aware of all serious issues that have surfaced as a result of the audit process. The board of directors (executive and non-executive) of a firm, as well as members of an audit committee if one exists, are all entrusted with governance in the United Kingdom. It frequently comprises similar persons such as partners, proprietors, management committees, or trustees for various sorts of entities. Communication with individuals charged with governance should be considered as a critical audit reporting 'output.' It permits management to be aware of serious issues raised throughout the audit process, as well as the opportunity to reply to the auditor and take action to enhance the entity's accounting and financial reporting functions.

 

Matters to be communicated

§  Responsibilities of the Auditor in Relation to the Financial Statement Audit

§  Scope and timing of the audit as are planned

§  The Audit's Most Important Findings

§  Matter of Auditor’s independence in case of audit of a listed company

§  Other Supplementary Matters

 

Timing of Communication

A healthy two-way interaction between those responsible for governance and the auditor is aided by timely communication during the audit. However, depending on the conditions of the engagement, the best time to communicate would differ. The importance and nature of the issue, as well as the expected action by those in charge of governance, are all relevant circumstances. For example, communications about planning issues are frequently made early in the audit engagement and, in the case of an initial engagement, as part of agreeing on the engagement conditions. However, the auditor may communicate results from the audit, including his or her thoughts on the qualitative aspects of the entity's accounting practices as part of the final conversation.

 

Practice:

The many modes of communication that should be used are discussed in ISA 260. In most circumstances, communication will be in writing, which is a requirement of the standard in the UK and Ireland. Even if the auditor has no issues to bring to the notice of those charged with governance, a letter should be sent out noting that there are no important findings from the audit that need to be shared. In the case of oral communication, minutes provided by the entity may be included in the audit documentation as part of the oral communication documentation.

 

Source:           https://bit.ly/3soBWKg

  https://bit.ly/34MeRt9

Thursday, February 3, 2022

How to make a plan for conducting an audit engagement (ISA-300)

 Establishing the overall audit strategy for the engagement and producing an audit plan are both part of the planning process for an audit. The type and scope of preparatory activities will vary depending on the entity's size and complexity, the past experience of key engagement team members with the entity, and changes in circumstances that occur throughout the audit engagement. Planning is not a distinct phase of an audit; rather, it is a continuous and iterative process that often begins soon after (or in conjunction with) the completion of the prior audit and continues until the current audit engagement is completed.

The audit approach and plan

According to ISA 300, audit planning activities should include:

§  establishing the overall audit strategy for the engagement; and

§  developing an audit plan.

Audit Strategy

The audit strategy lays out in broad terms how the audit will be done, as well as the audit's scope, timing, and direction. After that, the audit strategy directs the creation of the audit plan, which includes the comprehensive responses to the auditor's risk assessment.

Audit Plan

The audit plan is more specific than the overall audit strategy since it specifies the nature, time, and scope of audit procedures that engagement team members will undertake. Prior to the auditor's identification and assessment of the risks of material misstatement, planning includes such matters as:

§  The analytical procedures to be used as risk assessment procedures must be considered.

§  Getting a general grasp of the legal and regulatory framework that applies to the entity, as well as how that framework is being followed.

§  The process of determining materiality.

§  The participation of experts.

§  Performing of other risk assessment techniques.

Benefits of Audit Planning

The audit of financial statements benefits from adequate planning in various ways, including the following:

§  assisting the auditor in devoting adequate attention to critical areas of the audit

§  assisting the auditor in identifying and resolving potential issues in a timely manner.

§  assisting the auditor in appropriately organizing and managing the audit engagement in order for it to be completed in a timely and effective manner.

§  assisting in the selection of engagement team members with the necessary talents and expertise to respond to predicted risks, as well as the suitable assignment of tasks to them.

§  facilitating the direction, supervision, and evaluation of engagement team members' work.

§  assisting, if appropriate, in the coordination of work done by component auditors and experts.

Practice:

At the start of every audit engagement, the auditor must include the following in the audit documentation: (a) the overall audit strategy; (b) the audit plan; and (c) any major changes to the overall audit strategy or the audit plan made during the audit engagement, as well as the reasons for such changes.

 

Source: https://bit.ly/3Gok0V9

  https://bit.ly/3rnf5iZ

Thursday, January 27, 2022

Audit Engagement Letter (ISA-210)

 The auditor's goal is to accept or continue an audit engagement only after the basis on which it will be performed has been agreed upon, which includes:

(a) determining whether the preconditions for an audit are present; and

(b) confirming that the terms of the audit engagement are understood by the auditor, management, and, where appropriate, those charged with governance.

Management or those in charge of governance, as applicable, must agree to the parameters of the audit engagement. The following items must be included in an audit engagement letter or another suitable form of a written agreement:

(a) the objective and scope of the financial statement audit;

(b) the auditor's responsibilities;

(c) management's responsibilities;

(d) identification of the applicable financial reporting framework for the preparation of the financial statements; and

(e) reference to the expected form and content of an audit report

(f) a statement that a report's form and substance may deviate from what is expected in certain instances.

Except for the fact that such law or regulation applies and management acknowledges and understands its responsibilities, the auditor does not need to record the terms of the audit engagement referred to above in a written agreement if the terms of the audit engagement referred to above are prescribed in sufficient detail by law or regulation. On recurring audits, the auditor must determine if the terms of the audit engagement need to be updated and whether the business needs to be reminded of the existing audit engagement terms.

If there is no reasonable justification, the auditor will not consent to a change in the terms of the audit engagement. If the auditor is asked to convert the audit engagement to one that provides a lower level of assurance before it is completed, the auditor must consider whether there is a reasonable rationale for doing so.

If the audit engagement's conditions change, the auditor and management must agree on and document the new terms in an engagement letter or other suitable form of a written agreement. If the auditor is unable to agree to a change in the audit engagement terms and is not permitted by management to continue the original audit engagement, the auditor shall:

(a) Withdraw from the audit engagement where possible under applicable law or regulation; and 

(b) Determine whether there is any contractual or other obligation to report the circumstances to other parties, such as those charged with governance, owners, or regulators.

 

Practice:

It is in both the entity's and the auditor's best interests to minimize misunderstandings about the audit. The auditor, thus, should issue an audit engagement letter before the start of the audit.


Source: https://bit.ly/3nZ6Ur6

Monday, September 20, 2021

ISA (UK) 200: Objectives of the Auditor

ISA (UK) 200 deals with the independent auditor’s overall responsibilities when conducting an audit of financial statements in line with International Standards on Auditing UK (ISAs UK).

The objective of an audit is to boost the amount of confidence of intended users in the financial statements. This is accomplished by the declaration of an opinion by the auditor on whether the financial statements are prepared in accordance with relevant financial reporting mechanism.

There are few elements to ISA (UK) 200

1. Objectives

2. Definitions of the key terms

3. Requirements


1. Objectives:

ISA (UK) 200 states there are two overall objectives of the auditor. First: 'To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework.' Secondly: 'To report on the financial statements, and communicate as required by the ISAs in accordance with the auditor's findings

2. Definitions of the key terms given in standard:

· Applicable financial reporting framework

· Audit evidence

· Audit risk

· Auditor

· Detection risk

· Financial statements

· Historical financial information

· Management

· Misstatement

· Professional judgment

· Professional skepticism

· Reasonable assurance

· Risk of material misstatement


3. Requirements:

ISA (UK) 200 carries five separate requirements.

a) Ethical Requirements Relating to an Audit of Financial Statements— Comply with relevant ethical requirements.

b) Professional Skepticism— plan and perform an audit with professional skepticism.

c) Professional Judgment— exercise professional judgment in planning and performing

d) Sufficient Appropriate Audit Evidence and Audit Risk— sufficient appropriate audit evidence to reduce audit risk to an acceptably low level

e) Conduct of an Audit in Accordance with ISAs— comply with all ISAs relevant to the audit, understand the entire areas of ISA.



Practice

As we discussed above that according to ISA (UK) 200 there are basically two overall objectives, (a) to obtain reasonable assurance, (b) to report on financial statements. Experts suggest that ISA (UK) 200 is of vital importance therefore due care should be given to its compliance while conducting audit. The auditor shall design and perform analytical procedures near the end of the audit that assist the auditor when forming an overall conclusion as to whether the financial statements are consistent with the auditor’s understanding of the entity. ISA 200 contains an objective relating to situations where reasonable assurance cannot be obtained, in which case the auditor, depending on the circumstances, may qualify the audit opinion, or disclaim an opinion, or withdraw from the assignment.



References:

https://www.accaglobal.com/sg/en/member/discover/cpd-articles/audit-assurance/isa-200.html

https://www.researchgate.net/publication/46534009_Recently_aspects_regarding_International_Auditing_Standard_200_Overall_Objectives_of_the_Independent_Auditor_and_the_Conduct_of_an_Audit_in_Accordance_with_International_Standards_on_Auditing

Thursday, August 19, 2021

ISA (UK) 220: Quality Control for an Audit of Financial Statements

 

The auditor is responsible for the quality control of the audit of financial statements. This responsibility is not solely outlined through ISA 220, but also through ISQC 1 and is further to be corroborated through the applicable ethical requirements. Each audit firm is responsible for the implementation and maintenance of a quality control system in order to ensure that the firm and its personnel comply with the ethical, legal, and regulatory requirements [L&RR] and that the audit reports issued by the firm are appropriate.

Responsibilities of an Engagement Partner

Being the leader of the audit team, the engagement partner observes a higher need for the maintenance of quality control throughout the audit. He, being responsible for the overall quality of the audit engagement, should stay alert and skeptical for any instance of non-compliance with the ethical and regulatory requirements by any member of the audit team.

Ethical Requirements

While the ethical requirements may vary from jurisdiction to jurisdiction, the fundamental principles of ethics laid down by the IESBA Code of Ethics include Integrity, Objectivity, Professional Competence, Confidentiality, and Professional Behavior. Additional ethical requirements may be imposed on an auditor through the local codes of conduct prevalent in different jurisdictions.

Engagement Team and Performance

The engagement partner must ensure that the team deployed on the audit of financial statements under his audit engagement is competent and capable enough to comply with the professional standards and applicable L&RR. The audit team must have the necessary competence to enable an audit report under the given circumstances.

The responsibility for the audit report and its validity, however, rests with the engagement partner. He is also responsible for the direction, oversight, and performance of the audit engagement in accordance with the applicable LR&R and professional standards.

Practice

While accepting or continuing an audit engagement, an engagement partner shall obtain information from the firm and network firms to identify any potential threats of non-compliance with the applicable quality control requirements. In the instance of identifying any such threat, an auditor is advised to immediately report the matter in his reporting line, or seek the application of safeguards that reduce the threat to an acceptably low level, or where appropriate, withdraw from the audit engagement. Any inability to resolve a given matter should be disclosed to the firm immediately for appropriate action.

It is also advised to conduct a thorough and rigorous review of the audit documentation and working papers before or on the date of the audit report to be satisfied that sufficient and appropriate audit evidence has been obtained by the audit team to base the audit opinion on.

References:

https://www.frc.org.uk/getattachment/615b6684-314e-44ae-a47f-1fc8ffa92bac/ISA-(UK)-220_Revised-November-2019-With-Covers.pdf