ADVANCED AUDIT AND ASSURANCE PAPER p7 REVISED

Reporting non-compliance to regulatory authority If the auditor is precluded by management or those charged with governance from obtaining sufficient appropriate audit evidence to evalu

LEVERAGE ASSOCIATE, LAGOS

2016/17

ADVANCED AUDIT AND

ASSURANCE PAPER P7

NOTE ON ACCA PAPER P7

TESLEEM ADELODUN (ACCA)

+2348039399907,teshocki@gmail.com

TABLE OF CONTENT

STATEMENTS ISA 250 Non compliance

Non-compliance refers to acts of omission or commission by the entity, either intentional

or unintentional which are contrary to the prevailing laws or regulations

Companies are subject to many laws and regulations for example:

 Company law

 Employment law

 Income tax law

 Labour law

 Environmental Protection law etc

Responsibilities of Management and Auditors regarding laws and regulation

Management

Management is responsible for the prevention, detection and correction of compliance with laws and regulations

non-The following policies and procedures may be implemented by the management in order

to prevent and detect non-compliance with laws and regulations:

1 Maintain a register of significant laws with which the entity has to comply

2 Engage legal advisors to assist in monitoring legal requirement

3 Institute and operate appropriate system of internal controls

4 Develop, publicize and follow a code of conduct

Auditor

As with fraud, the auditors are not, and cannot be held responsible for preventing compliance but they should aim to be aware of those that could materially affect the Financial Statements There is unavoidable risk that some material misstatements in the financial statements go undetected even though the audit is properly planned and performed.

non-1 The auditor should obtain general understanding of the laws and regulations affecting the entity, which includes procedures such as:

 Use the auditor’s existing understanding of the entity’s industry, regulatory and other external factors

 Enquire of management as to the laws and regulations that may be expected

to have a material effect on the operations of the entity

 Enquire of management concerning the entity’s policies and procedures regarding compliance with laws and regulations

 Enquire of management the policies or procedures adopted for identifying, evaluating and accounting for litigation claims

2 The auditor should obtain sufficient appropriate audit evidence of compliance with other laws and regulations such as entity’s license to operate (non-compliance may doubt going concern) that may have a fundamental effect on operations of the entity

3 The following procedures may indicate the instances of non-compliance such as:

 Reading minutes

 Enquiring from the company’s and external legal advisors

 Performing substantive tests of details of classes of transactions, accounts balances and disclosures

4 The auditor should obtain written representation from management and those charge with governance that they have informed auditor about all known and suspected non-compliance

In such a case the auditor shall obtain:

1 An understanding of the nature of the act and the circumstances in which it has occurred

2 Further information to evaluate the possible effect on the financial statements When evaluating the possible effect on the financial statements the auditor should consider the following:

 Potential financial consequence such as fines and penalties

 Whether potential financial consequence require disclosure

 Impact on the auditor’s report

When non-compliance is identified the auditor should:

 Reassess the risk

 Reassess the validity of written representation

 Take independent legal advice

In exceptional cases the auditor may consider whether withdrawal from the engagement

is necessary

Reporting of identified or suspected non-compliance

 Communicate to those charged with governance, unless they themselves are involved

 If management and those charged with governance are involved consider reporting to next level of authority like audit committee

 Where no higher authority exists, or if the auditor believes that the communication may not be acted upon or is unsure as to the person to whom to report, the auditor shall consider the need to obtain legal advice

 When non-compliance is material and not adequately disclosed in the financial statement the auditor shall express qualified opinion or adverse opinion

 When the auditors is precluded by the management and those charged with governance from obtaining sufficient appropriated audit evidence than the auditor should express a qualified opinion or disclaim an opinion on the basis of limitation

of scope

Reporting non-compliance to regulatory authority

If the auditor is precluded by management or those charged with governance from obtaining sufficient appropriate audit evidence to evaluate whether non-compliance that may be material to the financial statements has, or is likely to have, occurred, the auditor shall express a qualified opinion or disclaim an opinion on the financial statements on the basis of a limitation on the scope

Consideration of withdrawal from the Engagement

The auditor may conclude that withdrawal from the engagement is necessary when the entity does not take the remedial action that the auditor considers necessary in the circumstances, even though the noncompliance is not material to the financial statements Non-compliance with regulation cast doubt on the integrity of the management

MONEY LAUNDERING Money laundering is the process by which criminals attempt to conceal the true origin and ownership of the proceeds of their criminal activity In order to be able to spend money openly, criminals will seek to ensure that there is no direct link between the proceeds of their crime and the actual illegal activities

 Transactions routed through several jurisdiction

 High level of secrecy over transactions

 Excessive use of wire transfers

 High value deposits or withdrawals not characteristics of the type of account

 A pattern that after a deposit, the same amount is wired to another financial institution

The three stages of the money laundering process

 Placement;

 Layering.; and

 Integration

Anti-money laundering procedures

The firm must gather know your client information (KYC) to assist in spotting suspicious transactions This includes:

1 Who the client is

2 Who controls it

3 The nature of the client

4 The client’s sources of funds

5 The client’s business and economic purposes

In the UK, the basic requirements are for accountants to keep records of client’s identity and to report suspicions of money laundering to the Serious Organized Crime Agency (SOCA)

1 Appoint Money Laundering Reporting Officer (MLRO)

2 Train the individuals to ensure that they are aware of relevant legislation, know how to deal with potential money laundering, how to report suspicions to MLRO

3 Establish internal procedures such as know your client and client acceptance procedures to prevent money laundering

4 Verify the identity of new and existing clients and maintain evidence of identification

5 Maintain records of identification, and any transactions undertaken for or with the client

6 Report suspicions of money laundering to SOCA

The need for ethical guidance on money laundering

This is needed because there is a clear conflict between the following two situations:

1 The accountants’ professional duty of confidentiality in relation to client’s business, and

2 The duty to report suspicions of money laundering to the appropriate authorities

as required by law

Professional accountants are not in breach of their professional duty of confidentiality if they report in good faith their knowledge or suspicions of money laundering to the appropriate authority

Disclosure without reasonable grounds would possibly lead to the accountants being sued for breach of confidence

3) If he resigns from an engagement as a result of money laundry suspicion, auditor needs guidance is responding to the clearance letter regarding any necessary disclosures

4) Where there is conflict between the legal responsibility and professional responsibility as regards disclosure of information, accountants need guidance on which of the responsibilities overrides another

1) Audit firm should appoint a compliance officer with suitable level of seniority and experience

The compliance officer will be responsible for:

 receiving and assessing money laundering reports from colleagues

 making reports to the relevant agency

2) The audit firm should ensure there is adequate training of its staff regarding:

 relevant money laundering legislation

 ethical and professional guidance relating to the responsibilities of

accountants regarding money laundry

 how to report money laundry suspicions

3) Firms should Perform customer due diligence before accepting an engagement Firms should verify the following:

 the ownership structure of the client

 the identities of the major shareholders

 the identities of the directors

 the nature of transactions of the client

4) The firm should maintain adequate records of the client including details of its transactions

ACCA members are expected to carry out their work with due skill and care while giving proper

regards to technical and professional standards

Auditors are not only required to be ethical but they must be seen to be ethical It is on this note

that ACCA publishes rules of professional conduct which all members and students must adhere

to

The fundamental principles (OPPIC)

O bjectivity Members should strive to be objective in all professional and

business judgments

P rofessional behavior Members should desist from any act that can bring disrepute to

the accounting profession

P rofessional

competence

Members have the responsibility to maintain up-to-date knowledge that will enable them to competently carry out their work

I ntegrity Members should be straightforward and honest in their

professional dealings

C onfidentiality Auditors should not disclose client’s information to a third party

without due permission from the client

Threats to the fundamental principles (AFISS) - These are situations that make auditor not

to adhere to the fundamental ethical codes

Advocacy This is a situation where the auditor finds himself in a position he has

to defend or promote the interest of its client before a third party

Familiarity This threat arises as a result of the auditor becoming unduly

sympathetic towards its client as a result of long association

Intimidation This threat arises when the auditor comes under intimidation by

dominant individual or aggressive atmosphere at the clients

Self interest This arises when personal interest of the auditor conflicts with that of

the client

Self-review

that he helps to carry out

SPECIFIC SITUATIONS THAT THREATEN ADHERENCE TO THE FUNDAMENTAL CODES Gift and hospitality

This may create self-interest and familiarity threat The IESBA code of ethics states that when a firm or a member of the assurance team accepts gift and hospitality, unless the value is clearly insignificant, the threat to independence cannot be reduced to acceptable level by applying appropriate safeguards, so the firm or team member should decline the gift and hospitality Possible safeguards:

 Inform the client’s management

 Seek legal advice

 Inform the auditor’s professional body to seek for advice

Audit firm carrying out actuarial service for clients

Going by IESBA code of ethics, provision of actuarial service and other valuation services may give rise to self-review threat

If the service involves evaluating matters that are material to the financial statement and the valuation involves a high degree of subjectivity, the threat to objectivity and independence cannot

be reduced to an acceptable level by applying appropriate safeguards The service should therefore not be provided, or the audit firm should withdraw from the engagement if it wants to carry out the service

Audit firm offering internal audit services to client

Offering of this service may result in self-review threats to objectivity To reduce the threat to an acceptable level, the firm should ensure that management is ultimately responsible for the control and management of internal audit

Possible safeguards:

 The client should acknowledge that it is responsible for establishing and monitoring the system of internal controls

 The scope of work to be done should be set by the client’s management

 The audit firm should ensure that members responsible for the internal audit service are not part of the assurance team

Contingent fee

This is a situation whereby the auditor’s fee depends on the outcome of uncertain future event IESBA code of ethics out rightly prohibit contingent fee for audit engagement It creates self-interest threat to objectivity No level of safeguards will be adequate in this regards, contingent fee arrangement should be rejected by audit firm

Long association with audit client

This may lead to familiarity threat The auditor may not see anything wrong in what the client is doing now because it has always got things right in the past This makes the auditor to lose his professional skepticism as a result of the close relationship It may equally lead to self-interest threat because the auditor does not want to lose a source of income

Safeguard

For listed clients, the IESBA code requires the key audit partner to be rotated after 7 years and should not be involve in the audit for 2 years

Recruitment of staff on behalf of audit clients

Provision of this service is not prohibited by the IESBA code It could however lead to the following threats:

 Self-interest threat This is because the firm will want to protect its fee income from the recruitment The firm may compromise quality in order to earn its own fee

 Self-review threat If the staff recruited is responsible for the financial statement, this will amount to the firm auditing its own work

familiarity with the staff The firm may be less critical of the work of such employee based

on the impression created by the employees during the interview

 Management threat Recruitment of staffs is management’s responsibility Offering of this service will amount to making management decision and auditors are not allowed to be acting in management’s capacity

Possible safeguards:

 Request management to acknowledge that it is responsible for the recruitment of staff

 The firm should only make recommendation, the selection should be made by the management

 The fee charged should be disclosed to the audit committee

Temporary staff assignment

This is a situation whereby staffs of audit firm are temporarily assigned to work in a client This arrangement will lead to the following threats to objectivity and independence:

 Management threat Depending on the seniority of staff and the position they are assigned to work, the assigned staffs may be making management decision In no way should auditor be making management decision It will lead to self-review threat because the auditor will be part of the system he set out to audit

 Self-review threat The seconded staffs will be auditing the work they help to prepare and may never want to fault their own work The other staffs of the firm on the audit team may not want to fault the work prepared by their colleagues

 Familiarity threat The seconded staffs will be familiar to the members of the audit team and as a result the team may not be performed the audit with required level of professional skepticism

Possible safeguards:

 The firm should ensure the seconded staffs do not take on management role or take any management’s decision

 Seconded staffs should not be included in the audit team to the client

 Audit work performed should be reviewed by an independent accountant

Auditors are not allowed to have financial interest in audit client as the following threats as it could lead to self-interest threat to objectivity This threat is so enormous that it may not be surmounted by safeguards in place

Safeguards

The auditor should dispose of the investment in order to continue with the audit If the auditor

is interested in keeping his investments in the client, the he must resign as the auditor

Preparing financial statement for audit client

Auditors are prohibited from preparing financial statements for public entities (listed clients) However, auditors may prepare financial statements for non-listed entities provided adequate safeguards are in place to mitigate the effect of the threats Offering this service will lead to the following threats:

 Self-review threats: auditor will be reviewing his own work if the financial statements being audited are prepared by him

 Self-interest threat: the fees charged for the service constitute self-interest threat The fee charged for this service may increase the percentage of total fees from the client

to more than 15% of income of the auditor

You are a manager in Depeche, a firm of Chartered Certified Accountants You have specific responsibility for undertaking annual reviews of existing clients and advising whether an engagement can be properly continued The following matters arose in connection with the audit of Duran, a company listed on a stock exchange, for the year to 31 December 2008:

(1) The audit team included a manager, two supervisors, two qualified seniors

and six trainees The final audit, which lasted approximately five weeks, was very time-pressured and the team worked late into the night towards the end

of the audit Duran’s staffs were very supportive throughout and paid for evening meals that were brought in so that the audit team could work with minimum disruption

(2) Duran’s chief finance officer, Frankie Sharkey, was so impressed with the

commitment of the audit staff that he asked that Depeche pay them all a bonus through an increase in the audit fee In April 2009, Depeche paid all the members of the team below manager status a bonus amounting to a week’s salary The bonus was processed through Depeche’s payroll, in the same way as overtime payments, and recharged to Duran as part of audit expenses

(3) One of the points initially drafted for possible inclusion in the report to the

company’s audit committee concerned the illegal dumping of drums, containing used machine oil, on nearby wasteland Notes of discussions between the audit manager and Frankie show that it is the company’s unwritten policy to disregard the local environmental regulations and risk incurring the fines, which are only small, as it would be costly to use the nearest licensed disposal unit The matter is not referred to in the final report Required:

(a)Comment on the ethical and other professional issues raised by each of the above matters (10 marks)

(b)Discuss the appropriateness of available safeguards and advise whether or not Depeche should continue as the auditor to Duran

(15 marks)

Answers Part A

(1) Hospitality-client paying for evening meals

■ Hospitality is prohibited for audit client unless it is clearly insignificant

■ Depeche will have to determine if the meal is significant to pose a threat to

the objectivity of its staff While the meal may not be significant to the audit seniors, it may have serious significance on the objectivity of the juniors

■ Depeche is unlikely to be seen as objective given that it has accepted the

hospitality Instead, Depeche could have made arrangement for its own meal knowing the team could work late

(2) Financial reward

■ The bonus was not accepted in respect of the audit manager’s

involvement Therefore there is no obvious threat to his objectivity

■ The bonus may be perceived to be a reward (or “bribe”) for having not

detected or reported on a matter and acceptance of it may cast doubt on the audit team’s integrity

■ The increase in audit fee as a result of the bonus should be included in the

amount disclosed in the note to the financial statements as auditors’ remuneration

■ If the audit team had any expectation that a bonus might be awarded to

them it is likely that there will be a perception that their objectivity could have been impaired

■ That the bonus was not accepted at the manager level suggests that this

was considered to be a threat to objectivity This consideration and the

decision to accept the bonus for other staff should have been

(3) Illegal dumping of drums

Frankie Sharkey’s intentional dumping of drums shows that management

of the company has no regard for environmental regulation This cast doubt on the integrity of the management Depeche will have to re- examine the validity of previous representation made by the management

to determine the extent of reliance that can be placed on such representation

Depeche should evaluate the financial implication of the breach and determine if provision or disclosure is required in the financial statement

The illegal dumping with the financial implication should be communicated

to those charged with governance The fact that management intentionally breaches environmental regulation should be equally communicated

PART B

Available safeguards

■ The audit staff that collected the bonus should be removed from

the audit team

■ The partner’s decision to accept the bonus should be investigated

by other partners in the firm

■ To prevent future ambiguity, the firm should have a system in place

to determine the significance of hospitality

■ Audit work already performed should be reviewed by a partner who

was not part of the audit

■ The gift of the hospitality should be disclosed to the audit

committee Potential threat to the auditor’s independence and available safeguards should equally be disclosed to the committee

If Depeche consider the available safeguards to be adequate, the engagement should be retained, otherwise Depeche may have to withdraw from the audit

FRAUD AND ERROR Fraud involves the use of deception to obtain an unjust or illegal financial advantage and intentional misrepresentation by management, employees or a third party Fraud may be categorized as below:

 Fraudulent financial reporting, which involves the following:

Falsification or alteration of accounting records Misrepresentation of transactions

Intentional misapplication of accounting standards Omitting the effect of transactions

 Misappropriation of assets or theft

Detection and prevention of fraud Management responsibilities

Client’s management and those charged with governance are primarily responsible for the detection and prevention of fraud The management of the client is responsible for establishing strong system of internal controls to be able to detect and prevent fraud

Auditor’s responsibility

Auditor is not primarily responsible for detecting fraud Rather ISA 240 requires auditor to be aware, when planning and performing their audit, that fraud may have taken place Auditor is only responsible for detecting fraud to the extent that it is material to the financial statements

On discovering fraud by auditor, ISA 240 the auditor’s responsibility relating to fraud in an audit

of financial statements prescribes the following:

 Auditor should communicate the discovered fraud to management as soon as discovered or suspected

 If the discovered fraud involves management, the auditor must communicate the matter

to those charged with governance

 The auditor should consider if he has statutory duty to report the fraud to a regulatory and enforcement authorities

 The auditor should consider the effect of the fraud on the audit opinion

ERROR Error is an unintentional mistake Auditors have the following duties regarding detection and

reporting of error:

 The auditor has the responsibility of discovering material errors

 The auditor should assess whether immaterial errors discovered during the audit are material in aggregate

 The records of all errors discovered by the auditor should be communicated to the management as soon as possible

 Auditor should request the discovered errors be corrected by management

 The aggregate of uncorrected misstatement that were determined by management not

to be material, both individually and in aggregate to the financial statements should be communicated to those charged with governance by the auditor

PROFESSIONAL LIABILITY (EXTERNAL AUDIT)

Auditors have a duty of care to the body of the shareholders (not to individual shareholder) and may be found liable to them if the auditor was negligent

Generally, auditors do not owe a duty of care to third parties and cannot be liable to them For auditor to be held liable to a 3rd party, the followings must be established:

 There was duty of care at the time of the audit owed by the auditor to the 3rd party

 The duty of care was breached by performing negligent audit by the auditor

 The 3rd party has suffered a loss as a result of the breach

Ways of reducing auditor’s liabilities:

 The audit firm may operate as a limited liability company

 The audit firm may use insurance to limit exposure to claims from third party

 The firm may operate as a limited liability partnership

 Use of liability limitation CAP

 Use of disclaimer in the audit report

 Performing the audit according to international standards

Auditor’s liability (Non audit assignment)

The auditor will only be liable to the following persons:

 Persons with whom proximity can be established

 The direct beneficiaries of the information in the report

 Persons who can reasonably be foreseen to rely on the report

Ways to reduce auditor’s liabilities (Non audit assignment):

 The report should contain a statement that management is responsible for the underlying information

 The auditor should clearly state in the report that it is only the intended recipient that can rely on the report

 Liability cap may be included in the engagement letter

 The assignment should be strictly performed according to the terms of engagement

 Use of liability disclaimer paragraph

Ways of reducing auditor’s exposure to litigation

 Firm should develop a robust client acceptance procedure This should ensure that only client with manageable level of risk is accepted

 Firms should follow quality control procedures as contained in ISQC 1 This will reduce the risk of performing negligent audit

 Auditors should work to the terms of the engagement

 Signing of limited liability agreement with client The disadvantage of this is that the auditor may not be conscious of quality anymore, knowing that arrangement exist to limit

his liability, and leading to poor quality audit This may reduce the overall value placed

on the auditor’s opinion

Question T U R N A L S Turnals is an unlisted manufacturing company with 120 employees, projected sales of $12 million, and estimated profit before tax of $1.5 million During the current year the directors’ attention had been brought to a recently discovered fraud perpetrated by Mr Jones, the purchasing manager: He had set up a fictitious business that had invoiced Turnals for goods that had never been supplied The fraud had been going on for over two years Mr Jones was immediately suspended from all duties and the police informed During their investigation, Mr Jones admitted to the police that he had perpetrated a similar fraud at his previous employers, who had not informed the police When Mr Jones had been employed, no reference had been sought from his previous employers

Mr Jones had responsibility for obtaining competitive quotes, checking and initially approving new suppliers Final approval was authorised by the Managing Director but in practice this was a formality Mr Jones also raised most of the purchase requisitions based

on information supplied by the storekeeper and approved any requisitions made by other members of staff

The storekeeper’s responsibility was to match each delivery note to a copy of the purchase requisition before the goods were taken into inventory The two documents were then sent to Mr Jones who matched them with the purchase invoice before passing the invoice

to the payables ledger cashier for payment When the storekeeper was on holiday the system of internal control specified that a deputy should perform the delivery note matching procedure In practice this had always been done by Mr Jones

The fraud took place during the storekeeper’s holidays (4 weeks each year) It was discovered when the cashier had to query one of the fraudulent invoices with the storekeeper because Mr Jones was absent on company business

Subsequent investigation revealed that approximately $50,000 had been misappropriated by

Mr Jones

Garner & Co has been the auditor of Turnals for many years The firm has 12 partners and 60 audit staff The internal control over Turnal’s purchase system was recorded and tested for the first time during last year’s interim audit In previous years a fully substantive approach to purchases had been applied and no review of the internal controls over the purchase system had ever been carried out

No comments were made to management by the auditors on their findings from the interim work on the purchase system

Garner & Co had also acted as management and systems design consultants during the implementation of Turnals’ purchase system at the beginning of last year As a result the directors believe that Garner & Co should be liable for the losses suffered by Turnals as they employed the audit firm in a dual capacity

(ii) tests of controls on the authorisation of new suppliers;

(iii) analytical procedures

(10 marks)

(c) Discuss the bases on which Turnals believe they have a claim against their auditors and the likelihood of its success (5 marks)

(20 marks)

Answers

(a) Regulations and practices that avoid conflicts of interest

■ It is recommended that the recurring fees from a single client should not

exceed 15% of the gross practice income If the fee from a single client is too high, it will cause self-interest threat to objectivity

■ Auditors are prohibited from having direct financial interest in an audit

client When auditors have financial interest in a client, the interest of the auditor becomes conflicting with that of the client This situation will lead

to the auditor protecting his own interest against the interest of the client

■ Auditors are required to strictly adhere to the IESBA codes of ethics in their

audit practice Where there is perceived threat to auditors adherence to the codes, he is required to consider the adequacy of safeguards For example, where an audit client intends to outsource its internal audit to the same audit firm, this situation will lead to self-review threat and could make the auditor lose its objectivity Though, it is not prohibited for audit firm to carry out internal audit service for audit clients, but the auditor must ensure adequate safeguards are in place Where the auditor considers the safeguards inadequate, such service may need to be declined

■ It is prohibited for audit firm to prepare financial statement for its listed

clients unless in times of emergency Provision of this service may make the auditor lose his objectivity and independence Where auditors are allowed to carry out this service, adequate safeguards must be put in place

(b) Failure to detect the fraud

(i) Evaluation of system of controls

Auditors are required to ascertain and test the system of internal control like the purchase system in this case This has not been done in the previous audits The auditor may have discovered the weakness in the purchase system but unwilling to report it because it is responsible for the design

Mr Jones was responsible for raising purchase requisition and also approves new suppliers This is obvious weakness in the purchase system which exposes the company to fraud

The amount involved is likely to be immaterial and the fraud is not frequently perpetrated Thus, the fraudulent invoices may escape the test of the auditor

(ii) Tests of control on the system for authorising new suppliers

■ The auditor would test on a sample basis that new suppliers are initially

approved by the purchasing manager and then authorised by the Managing Director the fictitious suppliers may not have been detected because the auditor would have carried out his test on a sample basis There is tendency that the fictitious suppliers were not selected among the samples to be tested

■ The managing director does not take the authorisation serious He may as

a result approve the fictitious suppliers This is a weakness in the control environment which the test on the system may not have detected

(iii) Analytical procedures

Analytical procedure would have indicated inconsistency in the movement

of gross profit percentages and inventory levels However, the small size

of the amount involved would not give a significant inconsistency to attract the attention of the auditor

(c) Bases for a negligence claim, and chance of success

The success of the negligent claim against Garner & co will be discussed in

the following two capacities:

(i) In the capacity of auditors

Arguments in favour of the directors making successful claim

The auditors have a duty of care to the company This duty of care appeared to have been breached by performing a negligent audit The audit has been negligently performed because the auditors did not follow the requirements of ISA 315 They have not fully understood the entity’s internal control and may not have sufficiently assessed the risk of fraud (ISA 240) to enable them to appropriately plan their audit In addition, the company has suffered a loss

Arguments against successful claim

The directors have the primary duty of safeguarding the company’s assets The fraud was successful as a result of the Managing Director not taking approval serious

Auditors design their tests with the expectation of detecting a material fraud The amount involved does not appear to be a material

(ii) In the capacity of acting as consultants to Turnals

The auditors were contracted for the design of the system The system has been shown to have weakness that lead to fraud This may mean that the directors a strong case against the auditors However, it would be necessary to look at the contract terms to see if there is disclaimer

QUALITY CONTROL (ISQC 1) The importance of having good quality control procedures in place is to ensure quality of audit work is maintained and to ensure the auditor complies with his duty of professional competence and behavior Lack of quality audit work will generally bring the audit profession to disrepute and increase litigation risk against the auditor

Quality control at firm level

 Management of the firm should establish internal culture that promotes quality

 A staff with appropriate level of authority should be appointed as the quality control manager This person will ensure quality is maintained within the firm

 Firm should ensure it has sufficient staff with required competence and capabilities

 Firm should maintain a robust recruitment process

 Continuous training of staff

Quality control on individual assignment

 The engagement partner should ensure that the team is appropriately qualified and experienced staff assignment should be based on competence and capabilities

 All assignments should be adequately directed, supervised and reviewed

 Acceptance or continuance of client relationship should be carefully evaluated

 Engagement partner should ensure that audit evidence is sufficient and appropriate to support the audit opinion

 All work should be properly planned and documented

ADVERTISEMENT OF AUDIT AND OTHER ASSURANCE SERVICES BY AUDITORS Advertising is not prohibited for audit firm However, the content of the advertisement or the medium used should not bring accounting profession to disrepute The following principles on advertising should be followed:

 Adverts should not discredit the service offers by other members

 The adverts should be truthful and honest

 The use of ACCA logo is not allowed to be used in such a manner that portray the firm

as being part of ACCA

 If a fee is included in the advertisement, the basis of calculation should also be included

 Unsubstantiated claims should be avoided

AUDIT FEES Audit fee constitute expense and companies may perceive it to be too high The auditor must therefore ensure that they can provide a quality audit for the price charged

Auditors may use any suitable method to calculate fees, but the basis upon which the fee is calculated should reflect the level of work done Contingent fee arrangement is however specifically prohibited by the IESBA code

TENDERING FOR NEW CLIENT When companies want to appoint auditors, they normally invites tender for their audit work This will give them the opportunity to obtain a competitive rate The tender give opportunities to each audit firm to showcase what they have in their fold to give them competitive hedge against others

A typical tender of an audit firm usually have the following contents:

 The level of expertise the firm can boast of in the industry

 Previous experience in terms of similar companies audited by the firm

 Width of coverage in terms of national and international presence

 The propose audit fee and the basis of calculation

Lowballing This is a situation where firms charge less than market rate for an audit This practice is common when firms are tendering for new clients

While Lowballing is not considered ethically wrong, the firm must ensure the following conditions are strictly upheld:

 The auditors must ensure they carry out an audit of required quality as dictated by international standards of auditing

 The auditors must ensure that the low audit fee does not create a situation where their independence will be compromised

ETHICS OF APPOINTMENT Ethics of appointment is divided into two phase, procedures to follow before accepting a nomination and procedures to follow after accepting nomination

Procedures before accepting nomination

 The firm must ensure that it is completely independent of the client

 The firm should assess the integrity of the directors of the company, where the integrity

of the directors or the company is questionable, the nomination should be rejected

 The firm should ensure it has adequate resources in terms of staff strength, expertise and availability of time to perform the audit

 The firm must ensure that there is no any conflict of interest with the potential client

 The firm must ensure it is professionally qualified to act for the potential client

 Communicate with the incumbent auditor to learn of the reason for the change of auditor and some other issues the new auditor should be aware of The firm must seek for permission from client before making any contact with the incumbent auditor In the event that the company refuses to grant this permission, the nomination should be rejected

Procedures after accepting nomination

 The firm should ensure that the removal of the outgoing auditor is legally done

 The new auditor should request for a copy of the resolution passed at the general meeting to confirm the validity of his appointment

 The auditor should draft letter of engagement to be submitted to the directors of the company

Question AGNESAL (a) “Quality control policies and procedures should be implemented at both the level of the audit firm and on individual audits.” ISA 220 “Quality Control for Audit Work”

Describe the nature and explain the purpose of quality control procedures appropriate to the individual audit (7 marks)

(b) You are the manager responsible for the quality of the audits of new clients of Signet, a firm of Chartered Certified Accountants You are visiting the audit team at the head office of Agnesal Co The audit team comprises Artur Bois (audit supervisor), Carla Davini (audit senior) and Errol Flyte and Gavin Holst (trainees) The company provides food hygiene services which include the evaluation of risks of contamination, carrying out bacteriological tests and providing advice on health regulations and waste disposal

Agnesal’s principal customers include food processing companies, wholesale fresh food markets (meat, fish and dairy products)and bottling plants The draft accounts for the year ended 30 September 2008 show turnover $19.8 million (2007 $13.8 million) and total assets

$6.1 million (2007 $4.2 million)

You have summarised the findings of your visit and review of the audit working papers relating

to the audit of the financial statements for the year to 30 September 2008 as follows:

(1) Against the analytical procedures section of the audit planning checklist, Carla has written “not applicable – new client” The audit planning checklist has not been signed off as having been reviewed by Artur

(2) Artur is currently assigned to three other jobs and is working from Signet’s office He last visited Agnesal’s office when the final audit commenced two weeks ago In the meantime, Carla has completed the audit of tangible non-current assets (including property and service equipment) which amount to $1.1 million as at 30 September 2008 (2007 $1.1 million)

(3) Errol has just finished sending out the requests for confirmation of accounts receivable balances as at 30 September 2008 when trade accounts receivable amounted to $3.5 million (2007 $1.6 million)

(4) Agnesal’s purchase clerk, Jules Java, keeps $2,500 cash to meet sundry expenses The audit program shows that counting it is ‘outstanding’ Carla has explained that when Gavin was sent to count it he reported back, two hours later, that he had not done it because it had not been convenient for Jules Gavin had, instead, been explaining to Errol how to extract samples using value-weighted selection Although Jules had later announced that he was ready to have his cash counted, Carla decided to postpone it until later in the audit This is not documented in the audit working papers

(5) Errol has been assigned to the audit of inventory (comprising consumable supplies) which amounts to $150,000 (2007 $90,000) Signet was not appointed as auditor until after the year-end physical count Errol has therefore carried out tests of controls over purchases and issues to confirm the ‘roll-back’ of a sample of current quantities to quantities as at the year-end count

(6) Agnesal has drafted its first ‘Report to Society’ which contains health, safety and environmental performance data for the year to 30 September 2008 Carla has filed it with the comment that it is ‘to be dealt with when all other information for inclusion in the company’s annual report is available’

Required:

Identify and comment on the implications of these findings for Signet’s quality control policies and procedures (18 marks)

Answers

(a) QC procedures

Quality controls are the policies and procedures adopted by a firm to provide reasonable assurance that all audits done by a firm are being carried out in accordance with the objective and general principles governing an audit (ISA 220)

Individual audit level

 Work delegated to assistants should be directed, supervised and

reviewed to ensure the audit is conducted in compliance with ISAs

 Assistants should be professionally competent to perform the work

delegated to them with due care

 Audit Supervisors must address accounting and auditing issues arising

during the audit

 The work of assistants must be adequately reviewed to assess whether it

conforms to the audit program and objectives

 An independent review of audit work performed should be carried out to

assess the quality of audit work

(b) Implications of findings for QC policies and procedures

Analytical procedures

It is mandatory to perform analytical procedures at the planning stage of the audit This will enable the auditor understands then risk characteristics of the audit The fact that analytical was not performed is an indication that the audit was not properly planned

Another point that indicates inadequate planning was the fact that the audit had already began before the audit supervisor review the audit plan

Supervisor’s assignments

The audit senior should have been assigned to the audit of trade receivables This is because receivable is more material than tangible non-current asset Also, analytical procedures showed that receivable is riskier than tangible non-current asset The percentage change in tangible non-current asset was 0% from 2007 to 2008 while it was 119% for receivables

The above points mean that assignment of staff has not been properly done There

is indication that the firm may not have enough manpower to execute the audit assignment

Direct confirmation

Depending on the reporting deadline, there may still be time to perform a circularisation However, consideration should be given to circularising the most recent month end balances (i.e November) rather than the year end balances (which customers may be unable or reluctant to confirm retrospectively)

Cash count

Gavin ought to know that the cashier should not have dictated when the cash should

be counted He should have reported the request of the cashier to audit senior The shift of the counting date should also have been documented Though the amount is not material, but the trainee did not act properly in that situation

The trainees do not appear to have been given appropriate direction Gavin may not be sufficiently competent to be explaining sample selection methods to another trainee A more senior staff should be doing this This indicates that trainees are not properly monitored

Inventory

Given the nature of the service offered by the client, one would expect the auditor to know that inventory would be immaterial The company has no stock-in-trade, only consumables used in the supply of services The extensive work carried on the inventory by the trainee may not be needed Though, slightly material to total asset

at 2.1%, it is not material to the revenue This shows that the auditor lacks

knowledge of the client’s business which is essential to performing a quality audit Report to Society

The assumption that the ‘report to society’ is meant to be other information that need to just be reviewed for misstatement or inconsistencies may be wrong There may be a reporting requirement for Agnesal to publish a verifiable ‘report to society’

in which case it will be treated as other assurance service separated from the external audit Should this be the case, the auditor will have to have a separate negotiation with the client and must also assess if it has enough knowledge to handle such assignment

Question VALDA

As manager responsible for prospective new audit clients you have received a telephone call from an acquaintance of a client The caller, Richard Stone, has asked for your assistance concerning Valda Co, a supplier of electrical alarm equipment Business has boomed over the last two years due to reported increasing crime rates Turnover has nearly doubled and the company is very profitable

Mr Stone asks you for an estimate of the cost of a “cheap and cheerful” review

of the company’s accounting systems and internal controls and of a new computer installation The new computer is to be supplied next month, by R S Office Equipment, subject to board approval He suggests that you could spend a few days looking at the systems’ flowcharts and documentation He wants you to tell him anything else that could be significant to the board’s decision to adopt his proposals

Although you are keen to gain the business, you inform him that you will write after giving the matter further consideration

Required:

(a) Identify and comment on the issues raised as they affect your decision to gain the business (10 marks)

(b) State what procedures you would adopt to clarify and agree the basis on which your firm would undertake this work (5 marks)

Deadline

Adequate time frame must be agreed to avoid offering poor quality service Mr Stone’s suggestion of spending few days on the system flowchart and documentation may be inadequate

Access to information

The auditor needs to ensure that there will be unrestricted access to information The firm may need to obtain permission from Valda’s auditor to access the management letter

Future business

Acceptance of the engagement may create opportunity to gain more work from Valda in the future

Decision to purchase

The following information may influence the board’s decision regarding the acceptance of Mr Stone’s proposals:

 Availability of better alternatives

 Cost effectiveness of the new system

 The impact on the external audit in terms of audit cost

 Availability of software support should there be any need to change or upgrade the software in the future

Availability of resources

The firm needs to ensure there are enough resources to perform the engagement Unavailability of skilled professionals may be the reason why Valda’s auditor is not engaged for the service

(b) Procedures

 We would review the system’ flowchart and available documentations to determine whether the information is detailed enough for the engagement

 We would agree the basis on which the fees will be charged with the client

 We would agree timetable with the client taking cognizance of the applicable deadline

 We would discuss with Mr Stone on the need to contact the current auditor of Valda

 We would search Valda’s website or its audited report to confirm if Mr stone is a director or a major shareholder

 We would draft the engagement letter

AUDIT OF FINANCIAL STATEMENTS

Audit planning Proper planning is required in audit to avoid performing negligent audit Overall audit plan includes consideration of the following:

 Knowledge of client’s business

 Understanding of accounting policies of client and reporting framework

 Assessment of risk and materiality

 Consideration of nature, timing and extent of procedures to perform in gathering evidences

 Co-ordination, direction, supervision and review

Knowledge of the business

The followings are the aspect of the client’s business which the auditor must understand:

 Understand nature of the industry and its regulatory framework

 Nature of the entity This includes knowledge of the corporate structure, organization structure, management’s objectives and philosophy, capital structure and the composition of the board of directors

 Nature of business This includes knowledge of products, market, suppliers and operation

 Financial reporting framework

 Business risk This is the risk that the company may not achieve its objectives Business risk is a good indicator of going concern problem

 Internal control Assessment of the internal control will determine the audit strategy to be adopted

 Performance measurement The auditor need to understand key performance ratios used to assess the performance of the entity Management may deliberately manipulate the financial statements to obtain a better assessment

Procedures to gain business understanding

 Discuss with regulatory agencies to gain knowledge of the industry regulations

 Discuss with internal audit personnel and review the internal control manual to obtain

knowledge of the internal control system in operation

 Observe internal control activities to assess the effectiveness of the internal control

system

 Perform analytical procedure on the entries in the financial statements to assess risk of material misstatement

 Discuss with management to gain knowledge of the corporate structure

 Read industry related publications to gain knowledge about the industry

 Inspect documentations to obtain knowledge of ownership structure

AUDIT APPROACH Risk-based approach

In this approach, the auditors assess the risks associated with the client’s business, transactions and systems and direct their testing to risky areas The extent of detailed testing depends on the outcomes of risk assessment

Audit risk

Audit risk is the risk that the auditor may give an inappropriate opinion

Components of audit risk

Audit risk= inherent risk x control risk x detection risk

Inherent risk- is the susceptibility of an account balance to misstatement It is a risk which remains until the causative agent is removed

Control risk- is the risk that the system of control put in place by the management will fail to detect material misstatement

Detection risk- is the risk that the procedures performed by the auditor will fail to detect material misstatements

If both control risk and inherent risks are low, the overall audit risk will be low The auditor will perform less substantive testing

If both control risk and inherent risks are high, the auditor needs to reduce the overall audit risk

by keeping the detection risk as low as possible as this is the only component of the audit risk the auditor can control To do this, the auditor will need to test more details

Advantage of risk-based strategy

This approach ensures that the greatest audit effort is directed at the riskiest areas, so that the chance of detecting misstatement is enhanced and less time is devoted to less risky areas Disadvantage of risk-based strategy

 It lays too much emphasis on test of details This may make the auditor overlook other important issues like frauds and going concern problem

 It’s time consuming

Business risk or Top down Approach to Audit

This approach starts by considering the business and its objectives and works down to the financial statements, instead of working up from the financial statements The auditor will establish what the business risks are and then relate these to how they could cause material misstatement in the financial statements

The auditor gains an understanding of management’s business strategy, business processes,

key performance indicators and associated risks and controls; he then compares his assessment of these factors with the position reflected in the financial statement

This approach saves auditor’s time and adds more value to the client