Challenges for Auditors During the Pandemic – Part 3

Challenges for Auditors During the Pandemic – Part 3

This is our third and final blog about the results of audit monitoring inspections during the Pandemic.

In Part 2 last week, we looked at going concern (ISA 570), subsequent events (ISA 560) and the lack of financial statement disclosures regarding COVID.

In Part 1 two weeks ago, we looked at stock attendance (ISA 501), fraud (ISA 240) and accounting systems and controls (ISA 315).

Other matters that we have seen on cold file reviews and on recent audit monitoring visits include:

Walk-through testing

Walk through tests that appear on audit files often start from within the client’s accounting system which is the wrong place to start. For walk through tests to be fully effective, they need to commence outside the main system i.e., at the authorisation stage for purchases, at the customer order stage for sales, using clock cards, timesheets and/or employment contracts for wages etc.

Ethical Standards for Auditors

The new IAASA Ethical Standards for Auditors (Ireland) 2020 are effective from 15 July 2021.

Sometimes auditors do not appreciate the implications of certain ethical standards which require appropriate safeguards to mitigate the threats posed. The most common threats we see are Long Association with Audit Engagements (audit partner in place for 10+years) and Provision of Non-Audit Services (especially for the provision of accounting, tax and company secretarial services).  Firms are reminded to review the Ethical Standards (Sections 3 and 5 respectively) to ensure they have dealt appropriately with the threats and identified/implemented relevant safeguards. Quite often the only practical safeguard for sole practitioners with a long association problem is to arrange for an annual hot issue or a hot file review (also known as an Engagement Quality Control Review (EQC Review) in year 11 onwards. The implementation of safeguards needs to be properly documented.

It may be possible to apply Provisions Available for Audits of Small Entities (Section 6 PAASE) to deal with threats arising from economic dependence or where tax or accounting services are provided to certain ‘small’ entities, as defined in Section 6.  Where PAASE is applied, two matters arise:

  1. the auditors’ report must disclose this fact and
  2. either the financial statements notes or the auditors’ report must include the relevant disclosures specified in ES PAASE para 6.15(b).

Small Companies Exemption Incorrectly Claimed – Schedule 5 Companies Act 2014

A reminder that entities listed in Schedule 5, Companies Act 2014 are deemed ‘large’ and often include entities regulated by the Central Bank of Ireland (e.g., ‘insurance intermediaries’).  Please note that such entities cannot:

  • Use FRS 102 Section 1A (which is only for certain ‘small’ entities;
  • Use the Provisions Available for Audits of Small Entities;
  • Avail of small companies’ audit exemption; and
  • File abridged financial statements with the CRO.

Such companies must also produce a Statement of Cash Flows and disclose the remuneration of their auditors in four stated categories (for the current/prior years) for:

  1. audit of the company/group;
  2. other assurance services;
  3. tax advisory services; and
  4. other non-audit services.

For bespoke training on any of the topics mentioned here, please see our website.

Challenges for Auditors During the Pandemic – Part 2

Challenges for Auditors During the Pandemic – Part 2

This is Part 2 of our series of three blogs about the impact that the Coronavirus (COVID-19) is having on evidencing of audit work.

In Part 1 last week, we looked at issues like stock attendance (ISA 501), fraud (ISA 240) and accounting systems and controls (ISA 315). Here are some other problem areas seen during recent audit monitoring inspections.

Going concern (ISA 570)

Going concern has always been a key audit area and remains so, particularly at the moment.  Monitoring inspectors often see excellent examples of audit work on going concern including consideration of worst case scenarios when assessing forecasts, and good documentation of the thought processes supporting the auditor’s conclusions on this topic. This will include evidence of scepticism and challenge of management’s assumptions.

In other cases with less than ideal inspection outcomes, audit work on going concern may have been carried out but inadequately documented, or in some cases insufficient audit work on going concern is performed.  Areas giving rise to findings on monitoring visits include lack of, or insufficient challenge and assessment of management assumptions or the lack of alternative audit procedures on the audit file, where for example formal future cash flow forecasts are not prepared, particularly on smaller clients. These need to be on file for a period of at least 12 months from the date of sign-off of the financial statements.

Please remember ISA 570 (Revised) (effective for audits of financial statements for periods commencing on or after 15 December 2019) contains increased requirements in relation to audit work on going concern.

Subsequent events (ISA 560)

Inspectors also see cases where there has been a delay in signing some financial statements due to the Pandemic.  Don’t forget to ensure that appropriate subsequent events procedures are performed up to the date of the auditor’s report in such circumstances. This should include details of the date/time/place and names of those attending the final close off meeting, even if this s a brief 5-minute phone call. The notes should also contain details of action points agreed and matters forward to the next audit.

Financial Statement disclosures – COVID

There are often comprehensive disclosure in financial statements regarding the impact of COVID.  Unfortunately in other cases, there are only brief or no disclosures.

Even where the directors consider COVID has had no impact on the entity, it may still be appropriate to include disclosure in the financial statements to that effect.  Disclosure should be sufficient to enable the reader of the financial statements to understand why the directors believe this to be the case.  Information disclosed in the directors’ report must be consistent with the information disclosed in the financial statements.

See the final Part 3 of this blog next week.

 

Challenges for Auditors During the Pandemic – Part 1

Challenges for Auditors During the Pandemic – Part 1

The Coronavirus (COVID-19) has caused auditors to develop new techniques in carrying out their audit work, mainly involving greater use of technology. In this, the first blog of our three-part series, we will look at some recent audit monitoring inspection reports that have highlighted the most common problem areas for auditors.

Stock Attendance (ISA 501)

Many firms have not been able to attend clients’ premises for inventory counts. In these circumstances the auditor must attempt to perform alternative procedures e.g., where the client takes a live video call from the auditor and ‘walks’ the auditor remotely through the stock count location.   Details of alternative procedures like this, and the auditors’ conclusions following the procedures, must be documented on the audit file.  If adequate alternative procedures cannot be performed the audit file needs to document a consideration of the impact on the auditor’s report.

Where audit clients have not traded for significant periods of time, the audit file needs to show some consideration of potential stock impairment or obsolescence. A sceptical approach by auditors is always prudent. The ICAS has issues excellent guidance on attendance at stocktakes during the coronavirus outbreak. It’s worth looking at.

Fraud (ISA 240)

Audit files should fully document consideration of fraud (including the scope for fraud involving Government Covid subsidies/grants), especially where the audit firm may not have direct access to its audit client and/or where audit clients may not have direct access to their customers.

Common findings on monitoring visits include poor or inadequate completion of fraud checklists with no additional consideration documented regarding:

  • fraud risk assessment;
  • insufficient documentation of discussions between the auditor and management;
  • lack of evidence of the auditor’s assessment of fraud and
  • lack of evidence of the auditor’s conclusions regarding fraud risk.

Accounting systems and controls (ISA 315)

The Coronavirus (COVID-19) has challenged client’s accounting systems and controls like nothing has ever before.

Audit firms need to consider whether the audit clients’ accounting systems and controls remain appropriate during Covid-19, especially with few or no client staff working from their office location.  A common failing at monitoring visits is the carrying forward of systems notes from prior years with little evidence of written assessment of the impact of the Coronavirus on the accounting systems and controls. The notes on file must take account of the impact on the client’s operations of remote working and/trading in an online environment.

See Part 2 of this blog next week.

Common Issues Arising on AML Monitoring Visits

Common Issues Arising on AML Monitoring Visits

The various professional bodies are ramping up their anti-money laundering (AML) inspection regime, as there is more and more pressure coming at EU level, on professional bodies, to improve the consistency of the inspection system.

The main issues that are arising for Irish firms on recent AML inspections are:

  1. Lack of written procedures which evidence that firms are complying with AML regulations and legislation. These procedures ideally consist of an up to date AML Policies & Procedures Manual. Many firms have such policies and procedures already in place, but they are often out of date and do not clearly identify the MLRO. The latest changes to legislation came into effect on 23 April 2021 and the up to date AML Policies & Procedures Manual in use in the firm should reflect this.
  2. Client due diligence (CDD) – this consists of the following parts:
    1. Client verification – the ID obtained has not been signed and dated by the firm to evidence that they are ‘Certified Copies of the Originals’.
    2. Details of the client’s business, legal structure, sources of funds and geographic risks are often not properly recorded.
    3. Risk assessment and CDD procedures are not carried out prior to acting for the client.
  3. Firm-Wide Risk Assessment (often referred to as the Business-Wide Risk Assessment) – there is often little evidence that this written assessment (introduced in law since November 2018) has been completed or where it has been completed, the assessment is often not sufficiently detailed or up to date in accordance with Section 30A of the ‘Criminal Justice (Money Laundering and Terrorist Financing) Acts, 2010 to 2021’
  4. AML Compliance ReviewAnnual compliance review not completed or a inadequate review has been carried out. The review findings and implementation plan are extremely important. We carry out such external documented reviews for firms with advice on corrective action.
  5. Training – Appropriate AML training has not been undertaken by all relevant staff. We provide in-house and online AML Training delivered in a format tailored to each firm’s requirements.
  6. Annual Return declarations – Incorrect AML information disclosed on the firm’s Annual Return to its professional body. Attention to detail is important here and this will be reviewed as part of the AML Compliance Review we carry out.

 

ODCE Annual Report 2020

ODCE Annual Report 2020

The Office of the Director of Corporate Enforcement (ODCE) recently published their Annual Report for 2020.

The section on the reporting by auditors of indictable offences, makes interesting reading, especially the fact that the greatest increase in reports for any category, has been to do with the falsification of books or documents. This particular category of offence is up from one incidence in 2019 to three in 2020. Perhaps connected with Covid?

The below table has the details. It should be noted that the number of reports received by the ODCE does not accord with the number of suspected offences reported as, in several instances, the report received includes reference to more than one suspected offence

These types of offence rarely occur in isolation and are often connected with money laundering, because the lack of/falsification of accounting records can often be used to conceal the money laundering activity. Where money laundering is suspected there is a requirement for simultaneous reporting to An Garda Síochana and Revenue, a topic we discussed in an earlier blog.

You can download and read the full ODCE report here.

For more about accountants’ AML compliance obligations, see our AML Policies, Controls & Procedures Manual for 2021.

The Manual contains all the latest requirements relevant to accountants contained in the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 to 2021 now fully in force.

For more blogs please visit this link and for our publications and manuals and services click on the hyperlinked words.

In excess of 100 companies registered at Dublin family home

In excess of 100 companies registered at Dublin family home

A recent article by the Independent revealed that a Rathfarnham family home address had been used in the registration of over 100 companies. See the full article here.

The article reports that two tenants resident at the address, had use the owner’s address without his knowledge.  This highlights a major weakness in the CRO’s procedures for company set up where the trust placed in the ‘self-declaration’ process has been found wanting.

The Office of the Director of Corporate Enforcement (ODCE) and An Garda Siochana were contacted by the homeowner.

A spokesperson for the Department of Enterprise Trade and Employment which oversees the CRO confirmed that the CRO does not verify the identities of directors or secretaries of companies.

This latest development calls into question the serious lack of background verification carried out by the CRO which ensures that the Office never calls into question instances where multiple addresses are listed for the same director, not to mention the increased risk that these businesses could be used for money laundering activity.

A similar problem exists at UK Companies House where a consultation has been carried out called the ‘Corporate transparency and register reform’. Proposals include making companies using the FRS 105/102 accounts frameworks in the UK, declare their turnover, among other recommendations, to help verify that they genuinely qualify for these much reduced disclosure regimes. The results of the consultation have not yet been announced, but similar moves be follow in Ireland.

 

For more about accountants’ AML compliance obligations, see our AML Policies, Controls & Procedures Manual for 2021.

 

The Manual contains all the latest requirements relevant to accountants contained in the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 to 2021 now fully in force.  Future blogs will look at various parts of the new and existing provisions of this legislation.

 

For more blogs please visit this link and for our publications and manuals and services click here.