Financial audit

Last updated

A financial audit is conducted to provide an opinion whether "financial statements" (the information being verified) are stated in accordance with specified criteria. Normally, the criteria are international accounting standards, although auditors may conduct audits of financial statements prepared using the cash basis or some other basis of accounting appropriate for the organisation. In providing an opinion whether financial statements are fairly stated in accordance with accounting standards, the auditor gathers evidence to determine whether the statements contain material errors or other misstatements. [1]

Contents

Overview

The audit opinion is intended to provide reasonable assurance, but not absolute assurance, that the financial statements are presented fairly, in all material respects, and/or give a true and fair view in accordance with the financial reporting framework. The purpose of an audit is to provide an objective independent examination of the financial statements, which increases the value and credibility of the financial statements produced by management, thus increase user confidence in the financial statement, reduce investor risk and consequently reduce the cost of capital of the preparer of the financial statements. [2]

In accordance with the US GAAP, auditors must release an opinion of the overall financial statements in the auditor's report. Auditors can release three types of statements other than an unqualified/unmodified opinion. The unqualified auditor's opinion is the opinion that the financial statements are presented fairly. A qualified opinion is that the financial statements are presented fairly in all material respects in accordance with US GAAP, except for a material misstatement that does not however pervasively affect the user's ability to rely on the financial statements. A qualified opinion can also be issued for a scope limitation that is of limited significance. Further the auditor can instead issue a disclaimer, because there is insufficient and appropriate evidence to form an opinion or because of lack of independence. In a disclaimer the auditor explains the reasons for withholding an opinion and explicitly indicates that no opinion is expressed. Finally, an adverse audit opinion is issued when the financial statements do not present fairly due to departure from US GAAP and the departure materially affects the financial statements overall. In an adverse auditor's report the auditor must explain the nature and size of the misstatement and must state the opinion that the financial statements do not present fairly in accordance with US GAAP. [3]

Auditors report

The auditor's report is a disclaimer thereof, issued by either an internal auditor or an independent external auditor as a result of an internal or external audit, as an assurance service in order for the user to make decisions based on the results of the audit.

A scope limitation is a restriction on the applicability of an auditor's report that may arise from the inability to obtain sufficient appropriate evidence about a component in the financial statements. When all the audit procedures that are considered necessary, either by circumstances, engagement, or client limitation, the audit is limited in scope.

Financial audits are typically performed by firms of practicing accountants who are experts in financial reporting. The financial audit is one of many assurance functions provided by accounting firms. Many organizations separately employ or hire internal auditors, who do not attest to financial reports but focus mainly on the internal controls of the organization. External auditors may choose to place limited reliance on the work of internal auditors. Auditing promotes transparency and accuracy in the financial disclosures made by an organization, therefore would likely reduce such corporations concealmeant of unscrupulous dealings. [4]

Assurance services

Assurance service is an independent professional service, typically provided by Chartered or Certified Public Accountants or Chartered Certified Accountants, with the goal of improving information or the context of information so that decision makers can make more informed, and presumably better, decisions. Assurance services provide independent and professional opinions that reduce information risk.

Internal audit An audit of accounting for audiences within a firm

Internal auditing is an independent, objective assurance and consulting activity designed to add value to and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal auditing achieves this by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.

Internationally, the International Standards on Auditing (ISA) issued by the International Auditing and Assurance Standards Board (IAASB) is considered as the benchmark for audit process. Almost all jurisdictions require auditors to follow the ISA or a local variation of the ISA.

International Standards on Auditing

International Standards on Auditing (ISA) are professional standards for the performance of financial audit of financial information. These standards are issued by International Federation of Accountants (IFAC) through the International Auditing and Assurance Standards Board (IAASB). According to Olung M ISA guides the auditor to add value to the assignment hence building confidence of investors.

The International Auditing and Assurance Standards Board (IAASB) is an independent standards body which issues standards, like the International Standards on Auditing, quality control guidelines and other services, to support the international auditing of financial statements. It is a body supported by the International Federation of Accountants (IFAC). The Public Interest Oversight Board provides oversight of the IAASB, ensuring that the standards are in the public interest.

Financial audits exist to add credibility to the implied assertion by an organisation's management that its financial statements fairly represent the organisation's position and performance to the firm's stakeholders. The principal stakeholders of a company are typically its shareholders, but other parties such as tax authorities, banks, regulators, suppliers, customers and employees may also have an interest in knowing that the financial statements are presented fairly, in all material aspects. An audit is not designed to provide absolute assurance, being based on sampling and not the testing of all transactions and balances; rather it is designed to reduce the risk of a material financial statement misstatement whether caused by fraud or error. A misstatement is defined in ISA 450 as an error, omitted disclosure or inappropriate accounting policy. "Material" is an error or omission that would affect the users decision. Audits exist because they add value through easing the cost of information asymmetry and reducing information risk, not because they are required by law (note: audits are obligatory in many EU-member states and in many jurisdictions are obligatory for companies listed on public stock exchanges). For collection and accumulation of audit evidence, certain methods and means generally adopted by auditors are: [5]

In contract theory and economics, information asymmetry deals with the study of decisions in transactions where one party has more or better information than the other. This asymmetry creates an imbalance of power in transactions, which can sometimes cause the transactions to go away, a kind of market failure in the worst case. Examples of this problem are adverse selection, moral hazard, and monopolies of knowledge.

  1. Posting checking
  2. Testing the existence and effectiveness of management controls that prevent financial statement misstatement
  3. Casting checking
  4. Physical examination and count
  5. Confirmation
  6. Inquiry
  7. Observation
  8. inspection
  9. Year-end scrutiny
  10. Re-computation
  11. Tracing in subsequent period
  12. Bank reconciliation
  13. Vouching
  14. Verification of existence, ownership, title and value of assets and determination of the extent and nature of liabilities

Financial audit is a profession known for its male dominance. According to the latest survey, it found that 70%-80% of the financial auditors are male, with 2% being female and the rest being a mixture of both (Bader, 2018).

The Big Four

Greenwood et al. (1990) [6] defined the audit firm as professional partnership which has a decentralized organization relationship between the national head office and local offices. Local offices can make most decision except for the drawing up professional standard and maintaining it.

The Big Four are the four largest international professional services networks, offering audit, assurance, tax, consulting, advisory, actuarial, corporate finance, and legal services. They handle the vast majority of audits for publicly traded companies as well as many private companies, creating an oligopoly in auditing large companies. It is reported that the Big Four audit 99% of the companies in the FTSE 100, and 96% of the companies in the FTSE 250 Index, an index of the leading mid-cap listing companies. [7] The Big Four firms are shown below, with their latest publicly available data. None of the Big Four firms is a single firm; rather, they are professional services networks. Each is a network of firms, owned and managed independently, which have entered into agreements with other member firms in the network to share a common name, brand and quality standards. Each network has established an entity to co-ordinate the activities of the network. In one case (KPMG), the co-ordinating entity is Swiss, and in three cases (Deloitte Touche Tohmatsu, PricewaterhouseCoopers and Ernst & Young) the co-ordinating entity is a UK limited company. Those entities do not themselves perform external professional services, and do not own or control the member firms. They are similar to law firm networks found in the legal profession. In many cases each member firm practises in a single country, and is structured to comply with the regulatory environment in that country. In 2007 KPMG announced a merger of four member firms (in the United Kingdom, Germany, Switzerland and Liechtenstein) to form a single firm. Ernst & Young also includes separate legal entities which manage three of its four areas: Americas, EMEIA (Europe, The Middle East, India and Africa), and Asia-Pacific. (Note: the Japan area does not have a separate area management entity). These firms coordinate services performed by local firms within their respective areas but do not perform services or hold ownership in the local entities. [8] This group was once known as the "Big Eight", and was reduced to the "Big Six" and then "Big Five" by a series of mergers. The Big Five became the Big Four after the demise of Arthur Andersen in 2002, following its involvement in the Enron scandal.

Costs

Costs of audit services can vary greatly dependent upon the nature of the entity, its transactions, industry, the condition of the financial records and financial statements, and the fee rates of the CPA firm. [9] [10] A commercial decision such as the setting of audit fees is handled by companies and their auditors. Directors are responsible for setting the overall fee as well as the audit committee. The fees are set at a level that could not lead to audit quality being compromised. [11] The scarcity of staffs and the lower audit fee lead to very low billing realization rates. [12] As a result, accounting firms, such as KPMG, PricewaterhouseCoopers and Deloitte who used to have very low technical inefficiency, have started to use AI tools. [13] Research has found that annual reports that convey optimistic tone are associated with lower audit fees, suggesting that annual report tone reflects factors that auditors consider in assessing audit risk. [14]

History

Audit of government expenditure

The earliest surviving mention of a public official charged with auditing government expenditure is a reference to the Auditor of the Exchequer in England in 1314. The Auditors of the Imprest were established under Queen Elizabeth I in 1559 with formal responsibility for auditing Exchequer payments. This system gradually lapsed and in 1780, Commissioners for Auditing the Public Accounts were appointed by statute. From 1834, the Commissioners worked in tandem with the Comptroller of the Exchequer, who was charged with controlling the issuance of funds to the government.

As Chancellor of the Exchequer, William Ewart Gladstone initiated major reforms of public finance and Parliamentary accountability. His 1866 Exchequer and Audit Departments Act required all departments, for the first time, to produce annual accounts, known as appropriation accounts. The Act also established the position of Comptroller and Auditor General (C&AG) and an Exchequer and Audit Department (E&AD) to provide supporting staff from within the civil service. The C&AG was given two main functions – to authorise the issue of public money to government from the Bank of England, having satisfied himself that this was within the limits Parliament had voted – and to audit the accounts of all Government departments and report to Parliament accordingly.

Auditing of UK government expenditure is now carried out by the National Audit Office. The Australian National Audit Office conducts all financial statement audits for entities controlled by the Australian Government. [15]

Governance and oversight

Seal of the United States Government Accountability Office US-GovernmentAccountabilityOffice-Seal.svg
Seal of the United States Government Accountability Office

In the United States, the SEC has generally deferred to the accounting industry (acting through various organisations throughout the years) as to the accounting standards for financial reporting, and the U.S. Congress has deferred to the SEC.

This is also typically the case in other developed economies. In the UK, auditing guidelines are set by the institutes (including ACCA, ICAEW, ICAS and ICAI) of which auditing firms and individual auditors are members. While in Australia, the rules and professional code of ethics are set by The Institute of Chartered Accountants Australia (ICAA), CPA Australia (CPA) and The National Institute of Accountants (NIA). [17]

Accordingly, financial auditing standards and methods have tended to change significantly only after auditing failures. The most recent and familiar case is that of Enron. The company succeeded in hiding some important facts, such as off-book liabilities, from banks and shareholders. [18] Eventually, Enron filed for bankruptcy, and (as of 2006) is in the process of being dissolved. One result of this scandal was that Arthur Andersen, then one of the five largest accountancy firms worldwide, lost their ability to audit public companies, essentially killing off the firm.

A recent trend in audits (spurred on by such accounting scandals as Enron and Worldcom) has been an increased focus on internal control procedures, which aim to ensure the completeness, accuracy and validity of items in the accounts, and restricted access to financial systems. This emphasis on the internal control environment is now a mandatory part of the audit of SEC-listed companies, under the auditing standards of the Public Company Accounting Oversight Board (PCAOB) set up by the Sarbanes-Oxley Act.

Many countries have government sponsored or mandated organizations who develop and maintain auditing standards, commonly referred to generally accepted auditing standards or GAAS. These standards prescribe different aspects of auditing such as the opinion, stages of an audit, and controls over work product (i.e., working papers).

Some oversight organisations require auditors and audit firms to undergo a third-party quality review periodically to ensure the applicable GAAS is followed.

Stages of an audit

The following are the stages of a typical audit: [1]

Phase I: plan and design an audit approach

Phase II: perform test of controls and substantive test of transactions

Notes:

Phase III: perform analytical procedures and tests of details of balances

Notes:

Phase IV: complete the audit and issue an audit report

After the auditor has completed all procedures for each audit objective and for each financial statement account and related disclosures, it is necessary to combine the information obtained to reach an overall conclusion as to whether the financial statements are fairly presented. This highly subjective process relies heavily on the auditor’s professional judgment. When the audit is completed, the CPA must issue an audit report to accompany the client’s published financial statements.

Responsibilities of an auditor

Corporations Act 2001 requires the auditor to:

Commercial relationships versus objectivity

One of the major issues faced by private auditing firms is the need to provide independent auditing services while maintaining a business relationship with the audited company.

The auditing firm's responsibility to check and confirm the reliability of financial statements may be limited by pressure from the audited company, who pays the auditing firm for the service. The auditing firm's need to maintain a viable business through auditing revenue may be weighed against its duty to examine and verify the accuracy, relevancy, and completeness of the company's financial statements. This is done by auditor.

Numerous proposals are made to revise the current system to provide better economic incentives to auditors to perform the auditing function without having their commercial interests compromised by client relationships. Examples are more direct incentive compensation awards and financial statement insurance approaches. See, respectively, Incentive Systems to Promote Capital Market Gatekeeper Effectiveness [21] and Financial Statement Insurance. [22]


Auditors and technology

Currently, many entities being audited are using information systems, which generate information electronically. For the audit evidences, auditors get dynamic information generated from the information systems in real time. There are less paper documents and pre-numbered audit evidences available, which leads a revolution to audit mythology. [23]


See also

Related Research Articles

Statement on Auditing Standards No. 99: Consideration of Fraud in a Financial Statement Audit, commonly abbreviated as SAS 99, is an auditing statement issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) in October 2002. The original exposure draft was distributed in February 2002.

External auditor

An external auditor performs an audit, in accordance with specific laws or rules, of the financial statements of a company, government entity, other legal entity, or organization, and is independent of the entity being audited. Users of these entities' financial information, such as investors, government agencies, and the general public, rely on the external auditor to present an unbiased and independent audit report.

Generally Accepted Auditing Standards

Generally Accepted Auditing Standards, or GAAS are sets of standards against which the quality of audits are performed and may be judged. Several organizations have developed such sets of principles, which vary by territory. In the United States, the standards are promulgated by the Auditing Standards Board, a division of the American Institute of Certified Public Accountants (AICPA).

Continuation of an entity as a going concern is presumed as the basis for financial reporting unless and until the entity's liquidation becomes imminent. Preparation of financial statements under this presumption is commonly referred to as the going concern basis of accounting. If and when an entity's liquidation becomes imminent, financial statements are prepared under the liquidation basis of accounting.

Audit risk refers to the risk that an auditor may issue an unqualified report due to the auditor's failure to detect material misstatement either due to error or fraud. This risk is composed of:

Materiality is a concept or convention within auditing and accounting relating to the importance/significance of an amount, transaction, or discrepancy. The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, in conformity with an identified financial reporting framework such as Generally Accepted Accounting Principles (GAAP).

ISA 400 Risk Assessments and Internal Control is one of the International Standards on Auditing. It serves to require the auditor to understand the client's accounting system and internal control system and to assess control risk and inherent risk. The objective is to determine the nature, timing and extent of substantive procedures in order to reduce audit risk to an acceptable low level.

Editing ISA 500 Audit Evidence is one of the International Standards on Auditing. It serves to expect the auditor is to obtain audit evidence from an appropriate mix of tests of control systems and substantive tests of transaction and balances.

Audit evidence is evidence obtained by auditors during a financial audit and recorded in the audit working papers.

Internal control, as defined by accounting and auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization.

SOX 404 top–down risk assessment

In financial auditing of public companies in the United States, SOX 404 top–down risk assessment (TDRA) is a financial risk assessment performed to comply with Section 404 of the Sarbanes-Oxley Act of 2002. The term is used by the U.S. Public Company Accounting Oversight Board (PCAOB) and the Securities and Exchange Commission (SEC). The TDRA is used to determine the scope and required evidence to support management's testing of its internal controls under SOX404. It is also used by the external auditor to issue a formal opinion on the company's internal controls. However, as a result of the passage of Auditing Standard No. 5, which the SEC has since approved, external auditors are no longer required to provide an opinion on management's assessment of its own internal controls.

Sampling risk is one of the many types of risks an auditor may face when performing the necessary procedure of audit sampling. Audit sampling exists because of the impractical and costly effects of examining all or 100% of a client's records or books. As a result, a "sample" of a client's accounts are examined. Due to the negative effects produced by sampling risk, an auditor may have to perform additional procedures which in turn can impact the overall efficiency of the audit.

Management assertions or financial statement assertions are the implicit or explicit assertions that the preparer of financial statements (management) is making to its users. These assertions are relevant to auditors performing a financial statement audit in two ways. First, the objective of a financial statement audit is to obtain sufficient appropriate audit evidence to conclude on whether the financial statements present fairly, in all material respects, the financial position of a company and the results of its operations and cash flows. In developing that conclusion, the auditor evaluates whether audit evidence corroborates or contradicts financial statement assertions. Second, auditors are required to consider the risk of material misstatement through understanding the entity and its environment, including the entity's internal control. Financial statement assertions provide a framework to assess the risk of material misstatement in each significant account balance or class of transactions.

The following outline is provided as an overview of and topical guide to accounting:

Entity-level controls

Entity-level controls are internal controls that help to ensure that management directives pertaining to the entire entity are carried out. They are the second level of a top-down approach to understanding the risks of an organization. Generally, entity refers to the entire company.

References

  1. 1 2 Arens, Elder, Beasley; Auditing and Assurance Services; 14th Edition; Prentice Hall; 2012
  2. "Auditing Standard No. 5". pcaobus.org. Retrieved 7 April 2016.
  3. "AU 508 Reports on Audited Financial Statements". pcaobus.org. Retrieved 7 April 2016.
  4. CALCPA. (2010, November). Report: Auditing Missteps During the Economic Crisis. News & Trends, p. 4.
  5. Auditing and Assurance Vol.1. The Institute of Chartered Accountants of India. 2011. p. 3.4. ISBN   978-81-8441-135-5 . Retrieved 27 August 2012.
  6. Greenwood, Royston; Hinings, C. R.; Brown, John (1 December 1990). ""P2-Form" Strategic Management: Corporate Practices in Professional Partnerships". Academy of Management Journal. 33 (4): 725–755. doi:10.2307/256288. ISSN   0001-4273. JSTOR   256288.
  7. Mario Christodoulou (30 March 2011). "U.K. Auditors Criticized on Bank Crisis". Wall Street Journal.
  8. Ernst & Young. "Legal statement". ey.com.
  9. Denlinger, Craig. "Audit Costs" . Retrieved 27 January 2014.
  10. "Audit Costs" . Retrieved 15 April 2015.
  11. 1 2 Commission, c=au;o=Australian Government;ou=Australian Government Australian Securities and Investments. "Audit quality - The role of directors and audit committees". asic.gov.au. Retrieved 17 May 2016.
  12. Chang, Hsihui; Kao, Yi-Ching; Mashruwala, Raj; Sorensen, Susan M. (10 April 2017). "Technical Inefficiency, Allocative Inefficiency, and Audit Pricing". Journal of Accounting, Auditing & Finance. 33 (4): 580–600. doi:10.1177/0148558x17696760.
  13. Kokina, Julia; Davenport, Thomas H. (March 2017). "The Emergence of Artificial Intelligence: How Automation is Changing Auditing". Journal of Emerging Technologies in Accounting. 14 (1): 115–122. doi:10.2308/jeta-51730.
  14. Bicudo de Castro, Vincent; Gul, Ferdinand A.; Muttakin, Mohammad Badrul; Mihret, Dessalegn Getie (2019). "Optimistic tone and audit fees: Some Australian evidence". International Journal of Auditing. 23 (2): 352–364. doi:10.1111/ijau.12165. ISSN   1090-6738.
  15. Office, Australian National Audit (12 May 2016). "Auditor-General and the Office". www.anao.gov.au. Retrieved 17 May 2016.
  16. "U.S. GAO - Our Seal". Gao.gov. 29 September 2008. Retrieved 2 September 2013.
  17. "Part 2". archive.treasury.gov.au. Retrieved 17 May 2016.
  18. "A Look Back at the Enron Case". FBI. Retrieved 7 April 2016.
  19. International Standard on Auditing 315 Understanding the Entity and its Environment and Assessing the Risks of Misstatement
  20. Stef, Scott. "Tests of control & substantive tests". www.icas.com. Retrieved 17 May 2016.
  21. "Carrots for Vetogates: Incentive Systems to Promote Capital Market Gatekeeper Effectiveness by Lawrence A. Cunningham :: SSRN". 17 April 2007. SSRN   980949 .Missing or empty |url= (help)
  22. "Choosing Gatekeepers: The Financial Statement Insurance Alternative to Auditor Liability by Lawrence A. Cunningham :: SSRN". 3 June 2004. SSRN   554863 .Missing or empty |url= (help)
  23. Pathak, Jagdish; Lind, Mary R. (November 2003). "Audit Risk, Complex Technology, and Auditing Processes". EDPACS. 31 (5): 1–9. doi:10.1201/1079/43853.31.5.20031101/78844.1.