Time to Review the ISQM

Time to Review the ISQM

The International Standards on Quality Management (ISQM) has been effective since December 2022.

It is applicable to all audit firms and is a step-change from the requirements of the, now defunct, ISQC 1. The ISQM introduced:

  • a new risk-based quality management approach that requires audit firms to
  • design and implement a System of Quality Management (SoQM); and
  • operate that system of quality management for audits, reviews of financial statements or other assurance engagements.

Now that the standard has been in effect for just over 12 months, each firm must compulsorily carry out a documented review of their System of Quality Management to assess its effectiveness since coming into force in December 2022.

Part of this assessment before the 2024 audit season commences, will be:

  • documenting the results of hot and cold file reviews that took place during 2023;
  • analyse the root causes of these findings; and
  • extract from these issues the reasons why the more significant/most frequent findings arose;
  • decide as a firm how best to avoid repeating the same mistakes; and
  • adjust the SoQM accordingly for a more effective audit approach in 2024.

Anyone who may like to migrate to a very user friendly version of the ISQM or use it as a benchmarking tool against which to measure the effectiveness of your current ISQM, may purchase our ISQM Toolkit for €250+VAT here.

Key features:

The Toolkit comprises three parts that are downloadable in Word format, with associated instructions in pdf format.

Part 1 – Setting Objectives and Risks.

Part 2 – Risk Assessment and Responses.

Part 3 – Monitoring and Remediation including Root Cause Analysis (RCA).

The toolkit comes with three additional optional questionnaires to help with documenting an assessment of the firm’s:

  • Methodology and software providers;
  • Training providers; and
  • File review and Technical Queries consultants.

More information on the ISQM Toolkit is available here.

In addition, during 2023 we also published a very helpful IT Controls Assessment questionnaire tool for audit firms to help implement ISA 315.

IT Controls Assessment

Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying and Assessing the Risks of Material Misstatement which was first applicable for accounting Periods Ended 21 December 2022 and of course Periods Ended 21 December 2023.

Auditors dealing with audits of affected entities will already have adopted new audit programmes in 2023, in additional to the normal audit tests, will also need to assess the entity’s IT controls (no matter what the size of that entity).

This is a significant new development for auditors of SMEs, in particular, and will be a game changer ion the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.

For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.

Please also go to our website www.jmcc.ie/training to see our latest:

  • Latest updated AML for Accountants webinar (December 2023) which explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox. A 20% discount is available for orders of five or more webinars/products, if bought together.
  • There are other accounting/audit webinars on the site and more will follow throughout 2024.
  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT – We can also tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
POTAS Scheme – Northern Ireland Entity Named

POTAS Scheme – Northern Ireland Entity Named

The UK HMRC has issued a stop notice against a Northern Ireland company under the Promoters of Tax Avoidance Schemes (POTAS) regime.

Under the POTAS regime HMRC has the power to publish information about promoters of tax avoidance schemes that are subject to a stop notice, alerting individuals to avoid signing up to illegal payment schemes.

The Northern Ireland entity is called Target Umbrella Limited (TUL), 6 Margaret Street, Newry,  Northern Ireland, BT34 1DF.  The notice states that TUL is a promoter of this scheme along with a Maltese company called Integra Resourcing Limited (IRL), Block 12 Office M1 Suite 106, Tigne Place, Tigne Street, Sliema, Malta, SLM 7173.

TUL had 31 employees according to its latest available abridged financial statements to the year ended 29 November 2022 and 131 in the prior year.

The HMRC say that users of the TUL/IRL scheme sign separate employment contracts with (IRL) and TUL. Users also sign an ‘Overarching Agreement’ with IRL to provide ‘loans’ to the user.

TUL sign a contract for services with the agency or the end client to provide the services of the user. TUL then invoices the end client for the work undertaken by the user. TUL pay users a salary in line with the National Minimum Wage Act for time worked and pays the remaining amount to IRL. IRL then pays the user a second nominal salary, per payroll run, usually below £10, and a larger amount, described as a ‘loan’. The ‘loan’ amount is not taxed.

Stop notices are one of the ways in which HMRC tackle tax avoidance and those responsible for promoting it. The notice’s legal impact is:

  • the promoter who receives the notice must stop selling the specified scheme;
  • the promoter who receives the notice must also pass a copy of it to certain associated persons, who are also subject to the stop notice and must also stop selling the specified scheme;
  • all those persons subject to the notice must inform HMRC of all the people to whom they have promoted the scheme and the names of those to whom they continue to promote it;
  • the persons subject to the stop notice must inform all clients and intermediaries that they are subject to a stop notice, what this means, and provide them with a copy of the stop notice.

Where a promoter fails to comply with a stop notice they can face penalties of up to £100,000 which can increase to up to £1 million in certain circumstances.

Anyone affected should contact HMRC as soon as possible. There is more information about how to do this here.

Please also go to our website www.jmcc.ie/training to see our latest

  • Latest updated AML for Accountants webinar (December 2023) It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox. A 20% discount is available for orders of five or more webinars/products, if bought together.
  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT – We can also tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
CPD is Not a Load of Rubbish

CPD is Not a Load of Rubbish

Who said Continuing Professional Development (CPD to you and me) is a waste of time?

Well did you know that an entity operating a waste disposal business without a licence is committing a money laundering (ML) offence? In fact, any business that requires a licence to legitimately operate in the State, is committing a ML offence by not having/renewing the licence.

Listen and learn more about this and similar money laundering offences that are reportable by accountants on our latest AML Webinar for Accountants, updated as at December 2023.

Please also go to our website jmcc.ie/training to see our latest:

  • Latest updated AML for Accountants webinar (December 2023) It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox. A 20% discount is available for orders of five or more webinars/products, if bought together.
  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT – We can also tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
Role of the Money Laundering Reporting Officer (MLRO) – Part 2

Role of the Money Laundering Reporting Officer (MLRO) – Part 2

In last week’s blog we looked at the overall responsibilities of the Money Laundering Reporting Officer

This week we look at the administrative aspects of the MLRO’s role.

STRs received

It is very important to keep a comprehensive record of all Suspicious Transaction Reports (STRs) received by the MLRO, including:

  • the reasons, in writing, for decisions made as to whether the STR is sent to the Garda/Revenue or not.
  • It is also strongly recommended that all verbal discussions and external professional and legal advice obtained regarding suspicions, are fully recorded.

Internal Quality Control

The guidance from the CCABI places considerable responsibility on the MLRO implementing and maintaining internal controls and risk management around Money Laundering and Terrorist Financing.

  • As part of AML compliance, firms must carry out independent AML Compliance Reviews to assess the adequacy of their AML systems and controls;
  • External reviews are not always necessary but hiring an external expert who carries out these reviews all the time will result in a more focused manner and will result in a much better compliance outcome for the firm. If the firm has the capacity, a partner or senior manager not involved with AML policies, controls and procedures could carry out the review, with sample checks each year;
  • The MLRO should report formally to other partners and directors in writing every year on the effectiveness of the firm’s AML systems and controls.

 

Contents of the MLRO’s Annual Report

The MLRO’s report should include the following:

  • Executive summary for the year highlighting any serious compliance deficiencies, together with details of the remedial action that has been taken;
  • Review the number and quality of internal STRs and consider more focused training where none have been received;
  • Number of external STRs submitted to the Garda/Revenue;
  • Number of new clients declined because of unsatisfactory information;
  • Details of staff training during the year –
    • number of AML courses;
    • details of new/existing staff attending;
    • issues/queries/misunderstandings clarified;
    • supporting evidence of AML training and proof of understandingg. documented quiz assessment results with supporting attendance certificates;
  • Ensure that evidence is retained of the sample check of Client Due Diligence (CDD) files that were examined as part of the AML Compliance Review to ensure all information is relevant and up-to-date (e.g. identification is still valid, records match that of CRO and RBO websites, all ultimate beneficial owners (UBOs) and directors have been satisfactorily identified etc.);
  • Sample check of clients’ AML risk assessments to ensure that existing risk ratings are still appropriate, relevant and up-to-date;
  • Check that the AML Policies, Controls & Procedures Manual is up-to date;
  • Check that the Firm-Wide Risk Assessment is current and up-to-date;
  • Check that employees understand the role of ML and their individual responsibilities; and
  • Ensure that recommendations from past internal/external inspections are fully implemented.

Please also go to our website to see our:

  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.

We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.

Role of the Money Laundering Reporting Officer (MLRO)

Role of the Money Laundering Reporting Officer (MLRO)

The term ‘MLRO’ is not mentioned in the legislation but at this stage has become well-established in practice. In this short series of blogs, we explore the role and responsibilities of the MLRO in an accountancy firm.

The MLRO is responsible for the following anti- money laundering (ML) tasks is an accounting firm:

  1. Implementing and enforcing an appropriate risk-based approach;
  2. Ensuring that the systems and controls in place are appropriate to manage the risks faced by the firm; and
  3. Ensuring that the firm complies with the legislation and CCABI Guidance.

The MLRO must also:

  1. Possess the knowledge, skills and understanding of the firm’s ML risks;
  2. Complete, and periodically update, the Firm-Wide Risk Assessment (also known as the Business Wide Risk Assessment) under section 30A of the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 to 2021 which outlines and provides an assessment of these risks;
  3. Receive internal STRs (Suspicious Transaction Reports) from employees and Senior Management in the firm;
  4. Make the ultimate decisions on behalf of the firm on whether these suspicions need to be reported externally to the Garda And Revenue;
  5. Report to Garda And Revenue by completing and submitting an external STR on the GoAML system and subsequently with Revenue on ROS.

IT Controls Assessment

Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying and Assessing the Risks of Material Misstatement for accounting periods commencing 15 December 2021, which in practical terms means, accounting periods Ended 21 December 2022 and later.

Auditors dealing with the audits of entities with such accounting periods affected by these change will need, to adopt new audit programmes and, in additional to the normal audit tests, to also assess the entity’s IT controls (no matter what the size of that entity).

This is a significant new development for auditors of SMEs, in particular, and will be a game changer ion the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.

For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.

Please also go to our website to see our:

  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.

We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.

Tax Services to Majority Shareholders Could be Banned

Tax Services to Majority Shareholders Could be Banned

A controversial proposal to update the UK FRC Revised Ethical Standard from the Financial Reporting Council in the UK states that they are proposing to enhance the prohibition (among other proposals) on certain tax services that can be provided to the majority shareholders of unlisted entities. The proposal is for this service to be banned in the UK from 15 December 2024. Please note that this is a UK proposal only and is not necessarily going to be adopted as currently worded. It does not apply to audits for Republic for Ireland entity audits.

The proposal wording is as follows (quoting from the consultation document):

Tax Services

5.67 The range of activities encompassed by the term ‘tax services’ is wide. They include where the firm:

(a) provides advice to the entity on one or more specific matters at the request of the entity; or

(b) undertakes a substantial proportion of the tax planning or compliance work for the entity; or

(c) promotes tax structures or products to the entity, the effectiveness of which is likely to be influenced by the manner in which they are accounted for in the financial statements, or in audit subject matter information;

(d) performs any of the services described in paragraphs a-c to individuals who are the majority owner(s) of an unlisted entity relevant to an engagement.

This latter service is proposed to be banned from 15/12/2024 in the UK.’ The consultation is now closed as the deadline was 31 October 2023.

The reason we bring this to the attention of our readers in Ireland is that quite often the Irish Audit & Accounting Supervisory Authority (the audit regulator in Ireland) has, in the past, incorporated similar changes to the Code of Ethics for Auditors in Ireland, sometimes with amendments, but not always.

The normal process would be for the Irish Audit & Accounting Supervisory Authority to consult in Ireland on any changes to its Code of Ethics and, taking account of feedback received, may then publish a new Ethical Standard for auditors, which would most likely not be effective before 15 December 2024. At the time of writing we have no notice of such intent on the part of the Irish Audit & Accounting Supervisory Authority.

IT Controls Assessment

Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying and Assessing the Risks of Material Misstatement for accounting periods commencing 15 December 2021, which in practical terms means, accounting periods Ended 21 December 2022 and later.

Auditors dealing with the audits of entities with such accounting periods affected by these change will need, to adopt new audit programmes and, in additional to the normal audit tests, to also assess the entity’s IT controls (no matter what the size of that entity).

This is a significant new development for auditors of SMEs, in particular, and will be a game changer ion the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.

For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.

Please also go to our website to see our:

  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.

We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.