Recent developments in auditing standards Bangalore Branch of SIRC of ICAI 15th December 2010 CA Suresh DM
Auditing Standards: Indian Perspective • Auditing Standards are codification of existing best practices in the area of auditing. • International Standards on Auditing (ISAs) are issued by the IAASB of IFAC. • In India, the ICAI formulates Auditing and Assurance Standards (AASs). • Basic Considerations behind AASs formulation • Harmonization with ISAs, to the extent possible – a Membership obligation for ICAI • Applicable laws in India. • Customs, usages & business environment in India.
Auditing Standards: Indian Perspective • Companies Bill 2009 – NACAAS to be given authority to notify Auditing Standards • MCA has observed that Auditing Standards are currently issued by a “Single Institute”. The fact is standards are issued after due consultations by releasing Exposure Drafts
Auditing Standards: Indian Perspective (contd. …) Scope of AASs • Apply whenever independent audit carried out. • Apply irrespective of size, legal form or commercial motives of the client. • May appropriately apply to other functions of auditors. Authority Attached to AASs • Mandatory compliance by members of ICAI. • Material departures from AASs to be brought out in the report
Engagement & Quality Control Standards Road to Convergence – Clarity Project AASB founder member of IFAC Auditing standards based to the extent possible on corresponding International Standards (IS) of International Auditing and Assurance Standards Board (IAASB). Chalked out timeline for bridging gap in convergence with IS under IAASB Clarity Project Revised the entire suite of 36 Standards on Auditing in line with the International Standards.
Engagement & Quality Control Standards AASB’s response to IAASB Clarity Project (2006 till date): Revised & more rigorous Due Process Revised Framework & Preface AASs renamed & renumbered in line with IAASB terminology – ENGAGEMENT STANDARDS: Standards on Auditing Standards on Review Engagements Standards on Assurance Engagements Standards on Related Services Mother Standard on Quality Control Revised/ new Standards on Fraud, Audit Planning & Risk-based Audits Many new/ revised Standards in pipeline
Clarity Project • Exercise to rewrite and Update. Includes : • Identifying the overall objectives of the auditor when conducting an audit in accordance with ISAs, setting an objective in each ISA, and establishing an obligation on the auditor in relation to those objectives • Clarifying the obligations imposed on auditors by the requirements of the ISAs and the language used to communicate such requirements • Eliminating ambiguity about the requirements the auditor needs to fulfil.
Layout of Standards • Scope • Effective Date • Objective • Definitions • Requirements • Application and Other Explanatory material ( Basically details out requirements)
Standard on Quality Control – SQC 1 QUALITY CONTROL FOR FIRMS THAT PERFORM AUDITS AND REVIEWS OF HISTORICAL FINANCIAL INFORMATION, AND OTHER ASSURANCE AND RELATED SERVICES ENGAGEMENTS
SQC 1 – Quality Control for Firms • Definitions • Elements of a System of Quality Control • Leadership Responsibilities for quality within the Firm • Ethical Requirements • Acceptance and Continuance of Client Relationships • Human Resources • Engagement Performance • Monitoring • Documentation
Objective of SQC 1 The firm should establish a system of quality control designed to • provide it with reasonable assurance • that the firm and its personnel comply with professional standards and regulatory and legal requirements, • and that reports issued by the firm or engagement partner(s) are appropriate in the circumstances
Meaning of certain terms Engagement quality control review – How: • a process designed to provide an Why • objective evaluation, When • before the report is issued, What • of the significant judgments the engagement team made and the conclusions they reached in formulating the report
Meaning of Certain Terms Any individual with capabilities to act as engagement partner or an employee of another firm Engagement quality control reviewer • a partner, other person in the firm, • suitably qualified external person, • a team made up of such individuals, • with sufficient and appropriate experience and authority to objectively evaluate, before the report is issued, the significant judgments the engagement team made and the conclusions they reached in formulating the report. • However, in case the review is done by a team of individuals, such team should be headed by a member of the Institute
Meaning of Certain Terms Engagement team – • all personnel performing an engagement, • including any experts contracted by the firm in connection with that engagement
Meaning of Certain TermsNetwork Firm – Change made during Clarity Project An entity • under common control, ownership or management with the firm or • Any entity that a reasonable and informed third party having knowledge of all relevant information would reasonably conclude as being part of the firm nationally or internationally • That is aimed at cooperation, and aimed at • profit or cost-sharing • or shares common ownership, control or management, • common quality control policies and procedures, • common business strategy, • Use of a common brand name, or a significant part of professional resources. BEFORE AFTER
Leadership Responsibilities for Quality within the Firm • promote an internal culture for stressing upon quality in deliverance • firm’s chief executive officer to assume ultimate responsibility for the firm’s system of quality control • Perform work that complies with professional standards and regulatory and legal requirements
How to promote quality-oriented internal culture • clear, consistent and frequent actions and messages from all levels • culture that recognizes and rewards high quality work • training seminars, meetings, formal or informal dialogue, mission statements, newsletters, or briefing memoranda.
Ethical Requirements The firm should establish procedures that enable its personnel comply with ethical requirements: (a) Integrity; (b) Objectivity; (c) Professional competence and due care; (d) Confidentiality; and (e) Professional behavior.
INDEPENDENCE • Scope of various services provided to Client not to be threat to Independence • Annual Independence confirmation from all the personnel of the Audit Firm regarding independence. • Rotation of Partners and Managers to reduce familiarity threat ( SEC Rules – 7 years for listed entities and 10 years for other engagements) Note: For Sole Proprietors/Individuals auditing listed entities, rotation policy is not applicable. However they need to undergo compulsory Peer Review Process.
Threats to Independence - Prohibited Activities • An auditor of an entity is prohibited from providing an audit client, any of nine specified non-audit services.
Prohibited Non-Audit Activities • Bookkeeping or other services related to the accounting records or financial statements of the audit client; • Financial information systems design and implementation; • Appraisal or valuation services, fairness opinions, or contribution-in-kind reports; • Actuarial services;
Prohibited Non-Audit Activities • Internal audit services; • Management functions or human resources; • Broker or dealer, investment adviser, or investment banking services; • Legal services and expert services unrelated to the audit; and
Independence • Firm Should frame policies so that • Firm’s personnel are aware of the independence requirements • Partners are provided with relevant data about client hierarchy and threats to independence.
Threats to Independence • Independence of Mind • Independence of Appearance • Threat of potential employment • Threat of undue dependence on fees and fear of losing client • Threat of self review – review of judgements made in earlier periods • Threat of investment in client’s shares
Acceptance & Continuance ( A&C) • Undertake or continue relationships and engagements. • Ascertain Integrity of Client • Auditor is competent to perform and has sufficient resources. • Compliance with ethical requirements achieved
Human Resource • Firms should frame policies to address • (a) Recruitment; • (b) Performance evaluation; • (c) Capabilities; • (d) Competence; • (e) Career development; • (f) Promotion • (g) Compensation; and • (h) Estimation of personnel needs
Engagement Performance • establish consistency in the quality of engagement performance which is accomplished through standardized documentation. • Qualitative deliverance involves consultation
Review of Quality Controls and Risks ( RQR process) • Engagement Quality control review – Objective evaluation of Judgments used, which should be done before issue of report. • Must for all Listed Companies Audit • Criteria to be set out for other Audits
RQR Process • Nature, Timing and Extent • Criteria for Reviewers • Documentation Requirements
Other Matters • Engagement Documentation • Final Working Files to be completed and assembled before reports have been finalized. • (Means before release of report) • Confidentiality, Safe Custody, Integrity, Accessibility and Retrievability of Documentation • Retention of Documentation • Ownership of Documentation • Monitoring Process
SA’s applicable for audits relating to accounting periods beginning on or after 1.4.2010
SA’s applicable for audits relating to accounting periods beginning on or after 1.4.2010
SA 265 - COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT • Scope • Auditor is required to obtain understanding of internal Control. • This understanding is to design appropriate audit procedures and not for purpose of expressing opinion on internal controls. • Standard is only a carve out standard from SA 260 – Communicating to those charged with governance. • No such separate reporting requirements normally.(Other than SOX assignments)
SA 265 - COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT • This standard is very simple. Contains Just 11 Para in the Main Text. • Others clauses are Application and explanatory Material
SA 265 - COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT • Identify deficiencies in Internal Controlon the basis of audit work performed • Determine whether they constitute significant deficiencies ( Deficiency which merit immediate attention of Management in terms of likelihood, susceptibility to Loss or Fraud, Amount exposed) • Communicate to those charged with Governance • Please note it is “communicate to the Management” and not the owners. • (Auditor Report under legal framework will be addressed to the Owners/Shareholders.)
SA 265 - COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT • What Should be Communicated • Description of Deficiencies • Context and effect of such deficiencies • Highlight the fact that these are only identified deficiencies in designing the Audit Procedures.
SA 265 - COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT • What type of controls are analysed. • General monitoring controls (such as oversight of management). • Controls over the prevention and detection of fraud. • Controls over the selection and application of significant accounting policies. • Controls over significant transactions with related parties. • Controls over significant transactions outside the entity’s normal course of business. • Controls over the period-end financial reporting process (such as controls over non-recurring journal entries).
SA 402 – Audit Considerations relating to an entity using a service organisation. • This standard deals with auditors responsibility to obtain sufficient appropriate audit evidence when an entity uses the services of service organisations. • Common examples are Actuary Services, Payroll outsourcings, Vendor payment process etc.
SA 402 – Audit Considerations relating to an entity using a service organisation. • Methodology of obtaining Audit Comfort • Obtain a Type 1 or Type 2 Report • Contact/Visit the Service Organization. • Using the work of another auditor.
SA 501 – Audit Evidence – Selected Items • This standard mainly deals with • Inventory • Litigation and Claims • Segment Information • Compared to earlier SA 501, this revised standard does not deal with Valuation and Disclosure of Long Term Investments.
SA 501 – Audit Evidence – Selected Items - Inventory • Attendance at Physical Count • Evaluate managements instructions and procedures • Observe the performance of managements count procedures • Inspect the inventory • Perform test counts • Verify financial inventory records to ensure it reflects physical counts
SA 501 – Audit Evidence – Selected Items - Inventory • If count < or > “Balance Sheet Date”, perform roll forward/backward testing • Inventory lying with third party • Obtain confirmation • Perform Inspection
Quantities and prices Inventories – Basic Principles 50,000 lbs Ending inventories = Net income
Cenco Corporation • Changed quantities on inventory tags • Altered quantities on computer listings • Management created fictitious tags