This week we continue our series looking at some lessons that auditors can learn from past Decision Notices (DN) published by the Financial Reporting Council. To read last week’s post click here.
Today we focus on the journal entry testing audit failings in the case of Haysmacintyre LLP and its audit partner David Cox (Hays) and the audit of the consolidated financial statements for ‘Associated British Engineering plc’ (‘ABE’) for the FY 2018. The FRC did not make a finding that the FY2018 financial statements of ABE were misstated.
Hays communicated to ABE’s audit committee that “significant, unusual or unexpected journal postings [had] been investigated and verified”.
- However, in fact Hays’ work on journal entry testing failed to meet the Relevant Requirements of ISA 240 Auditor’s Responsibilities Relating to Fraud;
- ISA 500 Audit Evidence; and
- 230 Audit Documentation.
This arose from journal entry testing that did not comply with the requirements of paragraph 32 of ISA 240, and thereby failed to respond appropriately to the risk, present in all entities, that arises from the fact that management is in a unique position to perpetrate fraud by overriding controls.
The rationale of the Relevant Requirements of ISA 240 is that management has the ability to manipulate accounting records and prepare fraudulent financial statements by overriding controls that otherwise appear to be operating effectively.
The work on journal entries that Hays carried out did not meet the requirements in that:
- it did not constitute testing across all journal entries made in the year for the purpose of complying with ISA 240 paragraph 32 and
- was not designed or executed as testing of that kind;
- the work was confined to entries in discrete parts of the accounts and
- was directed to objectives other than those of ISA 240 paragraph 32, such as testing year-end journals as part of balance-sheet testing.
Hays did not document on the audit file the work done to ensure that significant, unusual or unexpected journal postings had been investigated and verified.
Although the relevant workpaper states that journal entries were “reviewed as part of testing, with no evidence of fraud or bias noted”, the workpaper does not:
- set out the audit procedures performed, either by explaining the procedures or attaching documents to substantiate the outcome of the procedures and
- the conclusion reached as to evidence of fraud or bias.
In this area of audit work, Hays therefore breached the requirement of ISA 240 paragraph 32(a),
- by failing to design and perform audit procedures to test the appropriateness of journal entries recorded in the general ledger and other adjustments made in the preparation of the financial statements and,
- in doing so, to make inquiries about inappropriate or unusual activity relating to the processing of the entries, to select entries made at the end of a reporting period and to consider the need to test them throughout the period.
Hays also breached the requirements of:
- ISA 500 (Audit Evidence), paragraph 6, by failing to design and perform appropriate procedures to obtain sufficient appropriate audit evidence; and
- ISA 230 (Audit Documentation), paragraphs 8 and 9, in respect of preparing audit documentation that:
- shows the results of audit procedures performed and
- the audit evidence obtained and documenting the identifying characteristics of the specific items or matters tested.
Please go to our website to see our new ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at firstname.lastname@example.org.
We typically tailor training and brainstorming sessions to suit your firm’s unique requirements.
Publications and AML webinars:
- The ISQM TOOLKIT 2022 is available to purchase here.
- See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
- Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
- To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.