- CAs need to be aware of the changing regulations regarding auditing and assurance.
- Inadequate documentation and not meeting independence requirements are two common shortfalls reported to CA ANZ.
- CAs should only take on assurance engagements when they have sufficient expertise in auditing.
By Anthony O'Brien
Chartered accountants undertaking assurance services have an important role. They provide an impartial view on an entity’s financial and non-financial reporting to ensure applicable accounting standards have been followed. A broad range of stakeholders other than the client rely on that assurance work, including funders, investors, customers, suppliers, employees and beneficiaries.
CAs undertaking assurance engagements must rigorously comply with ethical and statutory obligations, and stay up to date on changing standards, say Rebecca Stickney and Kate Dixon, conduct leaders at Chartered Accountants ANZ.
Each year, CA ANZ handles complaints relating to members providing assurance services. Understanding the types of complaints can help CAs understand their obligations and the pitfalls to avoid, says Stickney.
Document everything: we really mean it
A common feature of assurance complaints involves the engagement not being conducted in accordance with applicable assurance standards and relevant statutory requirements. Some regular shortcomings include inadequate documentation of the audit procedures planned or performed, or the evidence obtained as a result. This will be evident from gaps in the practitioner’s work papers in key areas, such as independence, risk assessment, going concern, planning, or quality control, Stickney explains.
“In the absence of adequate documentation, it is difficult for the disciplinary bodies to determine what procedures were considered and performed by the practitioner or the evidence that resulted. Consequently, the disciplinary bodies often apply the adage ‘if it’s not documented, it’s not done’.”
Comply with independence requirements
Independence is another trouble spot. Dixon points out that CA ANZ is still seeing audits where there is a failure to comply with the independence requirements.
“This becomes a problem when there is a risk of self-review that cannot be mitigated, for example, preparing and then auditing the same set of financial statements, which leads to a breach of independence standards.”
“This becomes a problem when there is a risk of self-review that cannot be mitigated, for example, preparing and then auditing the same set of financial statements...”
Equally, relying on work conducted by another area of the audit firm that has a material impact on the audit, or failing to consider long association threats or rotation requirements, can undermine independence.
The Australian Securities & Investments Commission (ASIC) has recently taken action against self-managed super fund (SMSF) auditors by disqualifying them from holding a registration. In most cases, this has principally been because of a breach of the independence requirements, where CAs have audited their own funds or that of a close relative.
In some of these cases, it was clear that CAs had simply not kept up with the requirements in the standards. The Australian Taxation Office (ATO) has recently issued guidance that it also considers reciprocal arrangements between practitioners who audit each other’s SMSFs to be a significant threat to independence (see page 86).
The clear lesson here is that even if you have been auditing for some time, you must keep up with developments in the standards, says Dixon.
Are you qualified to do the auditing and assurance work?
The work of other staff involved in an assurance engagement may also trigger a complaint, says Stickney. CAs performing an engagement quality control review or providing technical support have an important role to play in promoting audit quality. Members undertaking such roles need to do so with a high degree of competence, diligence and objectivity.
A pitfall for CAs is when members take on assurance engagements when they don’t have sufficient expertise or competence in audit, or do not hold the required registration to perform the particular engagement.
Sometimes, a lack of experience can see CAs not understanding the statutory or regulatory framework applicable to the client, and accepting an engagement they’re not qualified to perform. On the other hand, a CA may have long, but not recent, experience. In this case there is a risk of missing changes in the standards because the CA lacks appreciation of up-to-date audit practice.
Inexperience can lead to similar problems.
Stickney explains that the Disciplinary Tribunal in New Zealand has recently dealt with a number of complaints where CAs have performed statutory assurance engagements which require the auditor to hold Qualified Auditor status under the Financial Reporting Act (2013) when they do not hold that qualification.
Examples of the types of clients that require a qualified auditor include: companies; real estate agencies operating a trust account; charities with annual expenses over NZ$500,000; friendly societies; or clubs with class four gaming licences (operating poker machines).
Stickney says that conducting an audit without the proper registration is not only a breach of the CA’s professional and statutory obligations, but can potentially expose the client to being in breach of their own obligations.
“This can have consequences for a client’s standing with their own regulator and possible time and cost implications if the audit needs to be redone,” she adds.
Ensure auditing templates are up to date
A further feature of some of the competency complaints involves issuing incorrect audit opinions; in some instances, this is because the CA’s template is out of date. While it’s a matter of choice whether an auditor uses electronic or hardcopy work papers, it’s important the system used is kept up to date with current standards. Problems can occur, particularly when old audit checklists don’t reflect the modern risk-based approach or templates are outdated.
“All members need to comply with the auditing and assurance standards issued by the External Reporting Board (XRB) when conducting such an engagement, regardless of the size or type of entity and whether or not it a paid or unpaid,” says Stickney.
This can be a particular risk for members who don’t have a working knowledge of the standards or perhaps do the occasional or honorary audit. Members who want to expand into assurance services must take the necessary steps to upskill and gain any necessary registration before taking on engagements.
Is an audit actually required?
Members in public practice can find themselves under pressure from clients to keep audit fees low, particularly for local clubs or charities, and it can be difficult to refuse.
However, the engagement must still comply with the assurance standards and it can be difficult for members to balance compliance requirements with fee constraints.
Stickney advises that: “It’s very important auditors don’t take on an engagement if the fee is not commensurate with the effort required to do the job properly.
“It’s very important auditors don’t take on an engagement if the fee is not commensurate with the effort required to do the job properly.”
In some cases, this might mean working with the client to help them understand what is involved. Equally, in many cases, it’s to help them work out if an audit is actually the right solution, or if there may be an alternative such as a review or compilation engagement that would be more suitable and can be accommodated by the entity’s constitution.”
‘I didn’t know’ is not an excuse
The crucial role auditors have in ensuring that an entities’ financial statements are true and fair means any allegations of breach of the audit or independence standards are carefully considered by disciplinary bodies. It’s a matter of public interest.
Audit regulation and the assurance standards have been around for some time, so CAs should be aware of the relevant standards or legislative requirements, says Stickney. “The disciplinary bodies are really drawing a line in the sand with this, and saying ‘no, there’s no excuse at this stage’,” she says.
The New Zealand Disciplinary Tribunal has recently issued a warning to members failing to comply with the Qualified Audit regime. In the recent case NZICA v Sinclair (18 December 2018), at page 6 of the decision, the Tribunal states:
This is at least the fifth case involving members conducting statutory assurance engagements when they were not qualified to do so. In all cases the relevant conduct predated the first decision of the Tribunal in this area – Middleton (15 March 2018). Members can expect that any future cases involving signing audit reports after 31 March 2019 when not qualified to do so may result in more serious consequences than for those unqualified members who have come before the Tribunal to date.
The members in this group of cases have been censured, issued with fines and ordered not to undertake assurance engagements for a period of between five to 10 years. They have also been ordered to meet the costs of the disciplinary hearing and investigation which range between NZ$10,000 and NZ$20,000 approximately.
Financial costs can be significant
Strong penalties have also been issued against CAs operating as licensed auditors under the New Zealand Auditor Regulation Act 2011. Sanctions have included reprimands; censures; restrictions on members undertaking certain categories of audits or from reapplying for an audit licence for a period of time. The costs associated with these types of cases can be significant, with costs orders ranging upwards of NZ$40,000 to NZ$70,000.
In Australia, some members have recently been disciplined for breaches of the independence requirements contained in CA ANZ’s Code of Ethics following ASIC’s action in disqualifying them from holding registration as an SMSF auditor. The members were reprimanded, required to have a quality review and pay costs and, in one case, the member undertook to cancel his certificate of public practice.
While there are jurisdictional differences between auditor regulation in Australia and New Zealand, an overarching issue in both nations is that complaints regarding audits are taken very seriously.
“Members must comply with the standards and upskill or seek guidance if they need to,” says Stickney.
Real mates don’t audit each other’s SMSFs
Reciprocal auditing arrangements for SMSFs are being scrutinised by the Australian Taxation Office (ATO) as they are seen as a major risk to auditor independence.
A reciprocal arrangement is when two auditors with their own SMSFs agree to audit each other’s funds. It’s a similar case when accountants who prepare the accounts for a number of SMSFs have an arrangement to audit each other’s clients.
The ATO identifies potential threats to auditor independence due to familiarity, self-interest or intimidation. While chartered accountants know not to audit their own SMSF or that of a close family member, in the ATO’s view it’s also not OK to do each other’s.
Approved SMSF auditors who keep up reciprocal auditing arrangements can expect to be closely examined by the ATO. If they fail to meet independence requirements, they may be referred to the Australian Securities and Investments Commission.
Let’s celebrate #AuditorProud Day 2019
Auditors habitually work behind the scenes, away from the spotlight, but the difference they make is profound. Businesses of all levels rely on auditors to build trust in the investment markets and companies that make the economy run. Thursday 26 September 2019 is #AuditorProud Day – a time to recognise the value of the audit profession around the globe. Let’s help clients and the business community appreciate the true value of audit.Join in #AuditorProud Day
Stay up to date with auditing and assurance
Information about current trends and up-to-date regulatory requirements for CA ANZ members.Audit and assurance updates
Audit regulation in NZ
What you need to know before performing a regulated audit in New Zealand.Find out about NZ audit regulation