Money laundering

Offences
• Money laundering- acquiring and possession of criminal property
• Tipping off
• Not setting up procedures
• Not complying with procedures
Failure to report
Concealing disguising
Duties
• Client due diligence
• Appointing an MLRO
• Staff training
• Reporting
– Internally to MLRO
– To an External Regulatory Authority
Policies and procedures
1. The audit firm should appoint an MLRO (money laundering
reporting officer)- What should
the MLRO do? MLRO do the following:
a) MLRO receive and assess ML reports (communication / working papers)
from his/ her colleagues.
b) MLRO passes on a valid suspicion to the regulator (external)
2. More time should be spent on client screening/ know your client/ client
due diligence
a. If more time is spent the process will become more sceptical and
thorough and there are more chance that the auditor may find suspicious
activities about client like for e.g. tax evasion, PEPs at a client, or any
recent activity of bribery and corruption etc.
3. Review client anti-money laundering policies and procedures by
performing a thorough discussion with management and test of controls
over these polices to ensure they are robust.
4. Audit firm should keep records/working paper for 5 years,
because this can help in any regulatory investigation opened against the
audit firm client and could be used as evidence that the client was or was
not involve in money laundering.
5. Audit team member should not tip-off
a) Should not conceal info that the client is involved in money laundering
(ML) from the MLRO
b) Should conceal this information that the client is involved in ML from the
client itself.

Code of ethics and conduct

Fundamental principles
• Integrity: Members should be straightforward and honest in all professional and business
relationships.
• Objectivity: Members should not allow bias, conflicts of interest or undue influence of
others to override professional or business judgements.
• Professional competence and due care: A professional accountant must attain and
maintain professional knowledge and skill at the level required to ensure that a client or
employer receives a competent and professional service.
• Confidentiality: Members should respect the confidentiality of information acquired
because of professional and business relationships and should not disclose any such
information to third parties without proper and specific authority or unless there is a legal or
professional right or duty to disclose.
• Professional behaviour: Members should comply with relevant laws and regulations and
should avoid any action that discredits the profession.

Threats to compliance with fundamental principles

Advocacy e.g., promoting share issue in audit client.
Self-interest e.g., undue dependence on fees from a client
Self-review e.g., report on financial statements prepared on behalf of the client.
Familiarity e.g., acting as auditor of companies with family involvement.
Management e.g., making decisions, giving advice.
Intimidation e.g., threat of auditor removal

ACCA guidance on fees

1. Fees should be fair/ reasonable
2. Basis of charging fees should be mentioned in proposal document / engagement letter
3. Fees should not be on contingent basis
4. If fees are increased from previous year the audit firm should explain that to client
5. Assuming there are no dramatic changes in the size or complexity of an audit client it is
reasonable to expect that the audit fee should fall over time.

Professional responsibilities and liability

Procedures required by ISA 250:
• Obtain a general understanding of the legal and regulatory framework and of how the
entity is compliant
• Inspecting correspondence with relevant licensing or regulatory authorities
• Enquiring of the management as to whether the entity follows such laws and regulations
• Consider the results of other audit procedures
• Obtaining written confirmation from directors that they have disclosed all events which
involve possible non-compliance.
Auditor responsibilities
• Obtain reasonable assurance that the financial statements, taken as a whole, are free from
material misstatement, whether caused by fraud or error.
• Maintain an attitude of professional scepticism.
• Identify and assess the risks of material misstatement due to fraud.
NOCLAR- Non-compliance with laws and regulations
Auditor response to NOCLAR
it is management’s responsibility to ensure the entity’s operations are conducted in
accordance with the provisions of laws and regulations, the auditor is responsible for
obtaining sufficient and appropriate audit evidence regarding compliance with laws and
regulations. Auditors need to assess the evidence especially where non-compliance has an
impact on the financial statements or where any non-compliance will affect the entity’s
ability to continue its operations.
1. Obtain an understanding of:
a) The nature of act (omission or commission)
b) The circumstance in which it occurred (intentional or un-intentional)
c) The effect on FS if any
2. Discuss with:
a) Management (middle management / CEO)- first
b) Those charged with governance (Audit committee/ BODs)- second (if needed)
c) Seek a legal advice in certain circumstance (correspond with a legal expert for
discussing the likely implication of the NOCLAR on FS or on the going concern of the
company pertain to laws in relation to operating aspect of client business)
3. Evaluate the implication of NOCLAR on:
Other aspects of audit. Reassess
1. Client integrity – the auditor should rethink or reassess the client integrity.
2. the sample size for the rest of the auditor
3. the materiality levels.
4. The future of auditor-client relationship
4. Evaluate the impact on: (unresolved NOCLAR)
a. Audit opinion- if management and TCWG failed to rectify the NOCLAR
5. Determine whether to report NOCLAR to a: (un-resolved)
a. Regulator (consider the national laws and national requirement)
6. Documentation – the working paper in a proper manner for NOCLAR to ensure auditor
has sufficient appropriate audit evidence that auditor has fulfilled the responsibilities for
NOCLAR
Fraud risk assessment procedures
• Engagement teams should discuss the risk of fraud.
• Consider the results of controls tests and analytical procedures.
• Enquire of client how they assess, and respond to, fraud risk.
• Enquire if client is aware of actual or suspected fraud.
• Consider incentives to commit fraud e.g., performance related bonuses.
Audit procedures
• Review year-end journals and adjustments.
• Review accounting estimates and areas of management judgment.
• Review transactions outside the normal course of business.
• Obtain written representation from management.
Auditor liability
Auditors are liable to the client if they fail to comply with the terms of the engagement letter
e.g., to deliver a competent and professional service.
For the auditor to be found liable to a third party:
1. A duty of care must exist
– The auditor must know, or should have known, that the injured party was likely to rely on
the financial statements
– The injured party must have sufficient ‘proximity’ i.e., must belong to a class likely to rely
on the financial statements
– The injured party must in fact have so relied
– The injured party must show they would have acted differently if the financial statements
had shown a less attractive picture.
2. The duty of care must have been breached.
3. Loss must have been suffered because of the breach.
Solutions to the negligence problem
• Restrict use of documents to intended use
• Engagement letter and auditor’s report to include disclaimer clause to limit liability
• Screening potential clients
• Take specialist advice
• Respective responsibilities to be communicated and agreed
• Insurance – professional indemnity insurance
• Carry out high quality work
• Set liability cap with client
Expectation gap
The gap that exists between what the public, especially users of financial statements, believe
auditors do (or ought to do) and what the auditors do.
Potential ways of closing the gap
• Users having a better understanding of the meaning, purposes, and limitations of financial
statements and the auditor’s report.
• Improved communication between auditors and users of accounts.
• Clarification of the responsibility for fraud.
• Improved control and education of the auditing profession.

Using the work of others

Criteria to use the work of others (pre-requisite of using the work of others)
Whenever the external auditor, uses the work of others, given in ISA-600 series, the external
auditor should ensure before using or relying on the work of others that: (ICED)
 The other is independent (I)
 The other is competent (C)
 The other is experienced (E)
 The work perform by other is well documented. (D)

ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation is the
source of guidance for auditors when an audited entity chooses to outsource one or more
business activities. T

The objectives of the user auditor, when the user entity uses the services of a service
organization, are:
 (a) To obtain an understanding of the nature and significance of the services provided by
the service organization and their effect on the user entity’s internal control relevant to the
audit, sufficient to identify and assess the risks of material misstatement; and
(b) To design and perform audit procedures responsive to those risks

According to ISA 402, when obtaining this understanding, the following matters should be
considered:
–The nature of the services provided by the service organisation and the significance of
those services to the user entity, including the effect thereof on the user entity’s internal
control.
–The nature and materiality of the transactions processed, or accounts or financial
reporting processes affected by the service organisation.
–The degree of interaction between the activities of the service organisation and those of
the user entity; and
–The nature of the relationship between the user entity and the service organisation,
including the relevant contractual terms for the activities undertaken by the service
organisation.

The audit firm should conduct procedures at the planning stage to develop this
understanding, including:
–Review the contract between Mercurio Co and Fairbank Co to understand the terms of the
engagement.
–Review reports issued by Fairbank Co, for example, to determine the effectiveness of the
credit control function performed.
–Document how the systems of interface to understand how the credit control function
impacts on Mercurio Co’s accounting records.
If the audit firm needs to develop a further understanding to assess the risk of material
misstatement in relation to the service organisation’s activities, then further activities should
be planned for, including:
–Obtaining a type 1 or type 2 report, if available.
A Type 1 report provides coverage over management’s assessment and the overall design of
controls at a specific point in time, so it specifies if the right controls are in place and if the
control processes are properly designed to achieve their purpose.
A Type 2 report provides the same coverage as Type 1. However, it goes a step further and
covers the operating effectiveness of controls over a period of time.
–Contacting the service organisation, through the user entity, to obtain specific information.
–Visiting the service organisation and performing procedures which will provide the
necessary information about the relevant controls at the service organisation; or
–Using another auditor to perform procedures which will provide the necessary information
about the relevant controls at the service organisation.
the audit firm must ensure that they use appropriately skilled and experienced staff to
adequately assess the service organisation. Additionally,
 plan for additional time to ensure that the service organisation is contacted with sufficient
time so that the required information and any visits are conducted in advance of the final
audit work.

Quality management
The principles and purpose of quality management
There are three professional standards that set out the responsibilities of auditors
regarding quality:
• ISA 220 (Revised) Quality Management for an Audit of Financial Statements
• ISQM 1 Quality Management for Firms that Perform Audits or Reviews of Financial
Statements, or Other Assurance or Related Services Engagements
• ISQM 2 Engagement Quality Reviews.
The purpose of assurance services is to enhance the intended user's confidence in the
subject matter they are using to make decisions. For there to be confidence in the assurance
process, engagements must be performed to a satisfactory quality. Failure to do so would
not only mean a loss of confidence in the profession as a whole but could lead to
professional negligence claims against the assurance provider.
If a professional negligence claim is made, and suitable quality procedures have been
followed, the firm should be able to defend the claim.
Therefore, firms must:
• conduct engagements in accordance with professional standards and applicable legal and
regulatory requirements
• issue reports that are appropriate in the circumstances.

The quality management standards aim to address public interest concerns about audit
quality by:
• Encouraging proactive management of quality at the engagement level.
• Emphasising the importance of the exercise of professional scepticism.
• Enhancing documentation of the auditor’s judgements.
• Keeping the standard fit for purpose in a wide range of circumstances and in a complex
environment.
Element Key features
Governance and Leadership responsibilities
• Engagement partner responsible for managing and achieving quality-tone at the
top.
• All team members responsible for quality-reward commitment to quality
• Open and robust communication without fear of reprisal.
• importance of professional ethics, values, and attitudes.
• Professional scepticism throughout the engagement.
Ethical requirements
 • Identify, evaluate, and address threats. training and ethical declarations such as
independence forms
• Remain alert for ethical breaches throughout engagement.
• Take appropriate action where ethical requirements have not been fulfilled.
• Prior to the auditor’s report, take responsibility for determining whether ethical
requirements have been fulfilled.
Acceptance & continuance
• Assess Integrity and ethics of client.
• financial and operational priorities do not lead to inappropriate judgements.
• reassessed at the start of each new year prior to reappointment as auditor.
• Sufficient and appropriate resources available
• Competence and capabilities of team
• those charged with governance have acknowledged their responsibilities.
Engagement resources.
• Human – experience & expertise, professional scepticism & judgment
• Technological – communication, automated tools & techniques
• Intellectual – consistent application of professional standards
Engagement performance- understand their responsibilities, ensure professional
scepticism and judgement are exercised audit team has insufficient time to perform
necessary procedures.
• Direction
• Supervision
• Review
Direction Supervision Review
Informing team members of • Tracking the progress of Checking the audit work to
their responsibility to: the audit to ensure the ensure:
• Contribute to quality timetable can be met • The work has been
• Exercise professional • Considering the performed in accordance
scepticism competence of the team with professional standards
• Fulfil ethical requirements • Addressing significant • Appropriate consultations
• Perform procedures matters arising and have taken place.
• Don’t allow budget or modifying the planned • The work performed
resource constraints to approach accordingly supports the conclusions
reduce quality. • Identifying matters for reached
consultation. • The evidence obtained is
Providing coaching to help sufficient and appropriate to
develop skills and support the auditor’s report.
competencies.
• Creating an environment
where engagement team
members can raise
concerns without fear of
reprisal.
 • Engagement quality review – pre-issuance review of significant judgments and
conclusions
i) Determine that an EQR has been appointed.
ii) Cooperate with the reviewer and inform other team members of their
responsibility to do so.
iii) Discuss significant matters and significant judgements arising during the
engagement with the reviewer.
iv) Not date the auditor’s report until the completion of the EQR.
Eligibility of engagement quality reviewers:
• Cannot be a member of the engagement team.
• Must have the competence and capabilities, including sufficient time, and the appropriate
authority to perform the EQR.
• Must comply with relevant ethical requirements and laws and regulations.

Monitoring & remediation provide relevant, reliable, and timely information about the
design, implementation, and operation of the system of quality management and take
appropriate actions to respond to identified deficiencies such that deficiencies are
remediated on a timely basis.
To achieve this the firm must:
• Establish quality objectives
• Identify and assess quality risks
• Design and implement responses to address quality risks.
• Monitor the firm’s quality system.
• Evaluate severity of deficiencies, investigate root cause.
• Remediate deficiencies responsive to root cause.
• Perform annual evaluation.
Overall responsibility
• Prior to dating auditor’s report, partner ensures their involvement has been
sufficient and appropriate.
• Timely review of work, evidence of partner’s direction and supervision
Documentation
• Conclusions reached in respect of fulfilment of quality responsibilities.
• Conclusions resulting from consultations.
• Confirmation that an EQR has been completed on or before the date of the auditor’s
report (if applicable)

Practice management
Matters to consider before submitting a tender.
• Resources
• Competences
• Independence
• Risks
• Specialist skills
• Potential for profitability
• Additional services

What goes in a proposal?

• The fee and how it has been calculated.
• Proposed audit partner and key members of the audit team.
• Capacity of the audit partner to commit sufficient time to the audit.
• Relevant experience of the industry and type of company.
• Ability of the firm to bring insight, add value, and show understanding of the company’s
values and strategies and objectives.
• Proposed approach to the audit e.g., use of technology and innovation such as
data analytics.
• The firm’s audit quality track record and commitment to provide a quality service.
• Ability to maintain independence and challenge management.
• Nature, purpose, and legal requirements of an audit.
• Assessment of the client’s requirements and how the audit firm will meet them.
• Ability of the firm to offer other services.

Engagement letters
The terms of engagement are recorded in a written audit engagement letter and should
include:
• The objective and scope of the audit.
• The responsibilities of the auditor
• The responsibilities of management
• Identification of the applicable financial reporting framework
• The expected form and content of reports to be issued.

Accepting a new client (decision

1. Client screening – identifying whether there is something negative about the new client
(e.g., tax evasion, negative media publicity, breach of laws, money laundering etc.)/
customer due diligence / know your client procedure
2. Correspondence with the previous auditor – (Case study)
a. There was no previous auditor.
b. There was a previous auditor.
How to correspond with previous auditor?
 Seek the client permission (professional courtesy)
 If the client give permission- correspond and get information info from previous
auditor
 If the client refuses to give permission- reject the new client (client is concealing)
3. Pre-conditions of audit are present
a) Pre-condition= management responsibilities are present
b) Management responsibilities
i. Prepare the FS in accordance with applicable financial
reporting framework.
 ii. To implement a sound system to internal control to
prevent and detect fraud and errors.
iii. To give access to auditor to all information and
explanations
4. Deadline- should be realistic to complete the work with quality / effectively
a. Versus the amount of work to be performed
b. Versus the size and complexity of the company
5. Competence (new audit client)
a. Specialization in the industry from where the client has come from.
b. Case study- know the industry.
c. Specialism – lead to quality/ reduce negligence.
6. Ethical issues and safeguard- case study for any ethical threat when accepting a new audit
client and suggest a safeguard.
7. Fees – fair/ reasonable
1) versus?
a) The size and complexity of client
b) The amount of work

Accepting a service from an existing client

1. Competence versus the nature of service the firm is to offer
2. Deadline- realistic versus the nature/ complexity of the service
3. Ethical issue+ safeguard – remember it’s your existing client
4. Fees – should be fair/ reasonable versus the nature & complexity of
service being offered

Planning, materiality and assessing the risk of

misstatement.
ISA 300 Planning an Audit of Financial Statements In accordance with ISA 300 the auditor
should establish an audit strategy and an audit plan. This includes consideration of:
Strategy:
• Scope:
– engagement characteristics
– reporting objectives
– significant engagement factors
– preliminary activity results
– the resources needed.
• Timing of when to deploy resources.
• Management, direction, and supervision of resources (including meetings, debriefs,
reviews etc).

Opening balances – ISA510

When there is a change of auditor- what are the responsibilities of the new (incoming)
auditor with regards to opening balances?
  The new auditor should confirm the competence and independence of the previous
auditor before placing any reliance on the previous auditor work with regards to
last year closing balance.
 Review the working papers of the previous auditor to confirm the closing balances to
be carried forward as opening balances for this year.
 If there is any difference in last year closing balances and this year opening – discuss
with management, the reason thereof.
 If last year audit report was modified, the new auditor will emphasize on the year of
modification in the current year audit.
 The change of auditor, will be mentioned in the other matter para of the audit report
(OMP because it is a conditional para of the audit report if added, will make the audit
report modified.)
If the company was exempt from audit in the last year, and this is the first year that the audit
is required by law, what responsibilities will the auditor have in this situation for opening
balances?
Receivable/ payables
 Verify the collection in the current year against the opening receivables.
 Verify the payment in the current year against the opening payable.
 Circularize confirmation letters to receivables and payable for confirm the current
year and the last year balance.
Inventory
 Observe the current year inventory count and determine the closing inventory
position for the current year.
 Roll back the closing inventory to the opening inventory by adding the GDN and
subtracting the GRN.
 A sample of the opening inventory and confirm the post year end selling prices to
confirm. whether inventory was rightly valued at lower of cost or NRV.
Non-current assets / liabilities
 Review the source documents underlying the opening loans and fixed assets to
confirm they exist and are accurate.
 Circularize confirmation to bank for confirming the closing balance of current year
and last year for loan.
 Obtain a representation letter from the management for the overall completeness of
the opening balances.

Group and transnational audits

Acceptance as group auditor
In addition to the normal acceptance considerations firms should consider whether to
accept the role of group auditor. To assist the decision, they must consider:
• Whether sufficient appropriate audit evidence can reasonably be expected to be
obtained in relation to the consolidation process and the financial information of the
components of the group.
• Where component auditors are involved the engagement partner shall evaluate whether
the group engagement team will be able to be involved in the work of the component
auditors.
• Whether reliance can be placed on the component auditor’s work.
• The materiality of the portion of the group not audited by them.
• Understanding of the group, the components, and their environments.
• Any other risks identified which affect the group and its financial statements.
Acceptance as component auditor
The component auditor will consider the following before accepting appointment:
• Whether they are independent of the parent and component companies and can comply
with ethical requirements applying to the group audit.
• Whether they possess any special skills necessary to perform the audit of the component
and are competent to perform the work.
• Whether they have an understanding of the auditing standards relevant to group audits
and can comply with them.
• Whether they have an understanding of the relevant financial reporting framework
applicable to the group.
• Whether they can comply with the group audit team instructions including the deadlines.
• Whether they are willing to have the group auditor be involved in their work and evaluate
it before relying on it for group audit purposes.

Joint audits
Requirements for effective joint audits:
• Preliminary planning meeting between the two firms to decide on timing, work allocation
etc.
• Final meeting to discuss audit issues, conclusions, management letter and joint audit
opinion.
• Proper work allocation to avoid dominance.
• Both firms should have adequate professional indemnity insurance.
Advantages: Disadvantages:
• Improved service through firms’ different • Each joint auditor takes responsibility for
expertise the other’s shortcomings
• Improved geographical coverage • May be more expensive
• Use of two independent firms can provide • Different firm’s audit methods may not be
added assurance to client reconciled
• Close control of division of work is required

Transnational audits
An audit of financial statements which may be relied upon outside the audited entity’s home
jurisdiction.
Reliance on these audits might be for purposes of significant lending, investment or
regulatory decisions.
The differences between a ‘normal’ audit, conducted within the boundaries of one set of
legal and regulatory requirements, and a transnational audit are largely due to variations
in:
• Auditing standards
• Regulation and oversight of auditors
• Financial reporting standards
• Corporate governance requirements.

Evidence
Sufficient evidence
• A measure of quantity, i.e., does the auditor have enough evidence to draw a conclusion.
• Affected by risk and materiality of the balances and quality of evidence. [ISA 500, 5e]
Appropriate evidence
• Measures quality of evidence – reliability and relevance. [ISA 500, 5b]
• Reliability of evidence depends on several factors [ISA 500, A31]:
– Independent, externally generated evidence is better than evidence generated internally
by the client.
– Effective controls imposed by the entity improve the reliability of evidence.
– Evidence obtained directly by the auditor is more reliable than evidence obtained
indirectly or by inference.
– It is better to get written, documentary evidence rather than verbal confirmations.
– Original documents provide more reliable evidence than copies or documents transformed
into electronic form.
• Relevance means the evidence relates to the financial statement assertions being tested.
[ISA 500, A27]
Audit procedures for obtaining evidence.
Action – a procedure cannot start without action.

The methods of obtaining evidence are:

• Review/Inspection of records, documents, or physical assets.

• Observation of processes and procedures, e.g. inventory counts.
• External confirmation obtained in the form of a direct written response to the
auditor from a third party.
• Recalculation to confirm the numerical accuracy of documents or records.
• Re-performance by the auditor of procedures or controls.
• Discuss/Enquiry of knowledgeable parties.
• Analyse
RODAR

Tests of control and substantive procedures

Tests of controls are designed to evaluate the operating effectiveness of the audit client's
controls at preventing, detecting, and correcting material misstatements. [ISA 500, 4]
Examples of tests of controls:
• Inspect purchase invoices for evidence of authorisation by a manager before payment is
made.
• Observe the process for despatch of goods to ensure the warehouse staff check the goods
to the order before despatch.
• Using test data, enter a dummy order over a customer's credit limit to verify that the
system will not accept it.
Substantive procedures are designed to detect material misstatements (fraud and error) in
the financial statements. Substantive procedures can be tests of detail or analytical
procedures. [ISA 500, 4]
Substantive tests of detail look at the supporting evidence for individual transactions and
traces them through to the financial statements to ensure they are dealt with appropriately.

ISA 501 Audit Evidence – Specific Considerations for Selected Items In accordance with ISA
501, auditors are required to obtain sufficient appropriate evidence with regard to three
specific matters, as follows:
1 The existence and condition of inventory
– Attendance at the inventory count
– Evaluate management's instructions
– Observe the count procedures
– Inspect the inventory
– Perform test counts
– Perform procedures over the final inventory records to ensure they reflect actual inventory
count results.
2 The completeness of litigation and claims involving the entity.
– Enquiry of management and in-house legal counsel.
– Reviewing minutes of board meetings and meetings with legal counsel.
– Inspecting legal expense accounts.
– If there is a significant risk of material misstatement due to unidentified litigation or claims
the audit should seek direct communication with the entity's external legal counsel.
3 The presentation and disclosure of segmental information
– Understand, evaluate, and test methods used by management to determine segmental
information.
– Perform analytical procedures.

Audit Data Analytics (ADA) is the science and art of discovering and analysing patterns,
deviations and inconsistencies, and extracting other useful information in the data of
underlying or related subject matter of an audit through analysis, modelling, visualisation for
the purpose of planning and performing the audit.
Big data refers to data sets that are large or complex.
Big data technology allows the auditor to perform procedures on very large or complete sets
of data rather than samples.
Features of audit data analytics
• ADA allows the auditor to manipulate 100% of the data in a population quickly which
reduces audit risk.
• Results can be visualised graphically which can make the reports more user-friendly.
• ADA can be used throughout the audit to help identify risks, test the controls and as part
of substantive procedures. The results still need to be evaluated using the professional skills
and judgement of the auditor in order to analyse the results and draw conclusions.
• As for analytical procedures in general, the quality of ADA depends on the reliability of the
underlying data used.
• ADA can incorporate a wider range of data. For example, data can be extracted and
analysed from social media, public sector data, industry data and economic data.
Benefits of ADA
• Audit procedures can be performed more quickly and to a higher standard. This provides
more time to analyse and interpret the results rather than gathering the information for
analysis.
• Audit procedures can be carried out on a continuous basis rather than focused on the
year end.
• Reporting to the client and users will be timelier as the work may be completed within
weeks rather than months of the year-end.
• The use of ADA may result in more frequent interaction between the auditor and client
over the course of the year.
• Audit efficiency should increase resulting in a reduction in billable hours. Although this is
good news for the client, it will mean lower fees for the auditor.

Completion and review

Audit procedures to assess going concern.
• Review cash flow forecasts and perform sensitivity analysis.
• Review correspondence from major customers for evidence of disputes or difficulties
paying invoices.
• Review correspondence from the bank to assess the likelihood of obtaining further
finance.
• Review correspondence from lawyers regarding the outcome of a legal case.
• Review board minutes for management’s plans to address going concern issues.
• Obtain written representation from management that they believe the company is a going
concern.

Reporting
The auditors’ report.
• Title
• Addressee
• Auditor’s opinion
• Basis for opinion
• Material uncertainty related to going concern (if applicable)
• Emphasis of matter (if applicable)
• Key audit matters (Listed companies)
• Other information
• Responsibilities of management
• Auditor’s responsibilities
• Report on other legal and regulatory requirements
• Other matter (if applicable)
• Signature
• Auditor’s address
• Date
Nature of issue Not material Material but Material &
Not Pervasive
Pervasive
Misstatement Unmodified opinion Qualified Opinion Adverse Opinion
True and fair view Except for ... FS do not give a true and
Basis for opinion Basis for qualified fair view Basis for
opinion adverse opinion
Inability to Unmodified opinion Qualified Opinion Disclaimer of Opinion
obtain True and fair view Except for ... Do not express an
sufficient Basis for opinion Basis for qualified opinion.
appropriate opinion Basis for disclaimer of
audit evidence opinion

Material but not pervasive – misstatements do not represent a substantial proportion of the
FS.
Material and pervasive – misstatements represent a substantial proportion of the FS making
them unreliable.

Audit-related services
Levels of assurance
The International Framework for Assurance Engagements permits only two types of
assurance engagement to be performed:
• Reasonable assurance: the reporting accountant concludes that the subject matter
conforms in all material respects with identified suitable criteria. Reports express positive
assurance, i.e. giving an opinion that the subject matter is (or is not) free from material
misstatement.
• Limited assurance: the reporting accountant concludes that the subject matter is plausible
in the circumstances Reports express negative assurance, i.e. that procedures have not
identified any material misstatement regarding the subject matter.
Reporting
• Title
• Addressee
• Identification and description of the subject matter
• Identification of the criteria
• Description of any significant, inherent limitations
• Restriction on the use of the report to specific users
• Statement of responsibilities of the responsible party and practitioner
• Statement that the engagement was performed in accordance with professional standards
• Summary of the work performed
• Practitioner’s conclusion
• Date
• Name of the firm or practitioner and location

Review of interim financial information

Objective of a review of interim financial information
To enable the auditor to express a conclusion whether, on the basis of the review, anything
has come to the auditor’s attention that causes the auditor to believe that the interim
financial information is not prepared, in all material respects, in accordance with an
applicable financial reporting framework.
Principles of the review
• Comply with the ethical requirements
• Comply with ISRE 2410 Review of Interim Financial Information Performed by the
Independent Auditor of the Entity.
• Implement appropriate quality management procedures.
• Consider whether the engagement should be accepted.
• Agree the terms of engagement.
• Plan the engagement so that it will be performed effectively including:
– Applying professional scepticism.
– Obtaining an understanding of the subject matter.
– Assessing the suitability of the criteria to evaluate the subject matter.
– Consideration of materiality and engagement risk.
• Obtain sufficient appropriate evidence on which to base the conclusion.
• Consider subsequent events.
• Document matters significant in providing evidence that supports the engagement
report.
• Provide a clear written expression of the conclusion about the subject matter information.
Procedures
• Enquiries of relevant parties (usually management).
• Analytical procedures.
• Other review procedures as necessary to obtain sufficient appropriate evidence.
• Written representations from management.

Prospective financial information

PFI =Financial information based on assumptions about events that may occur in the future
and possible actions by the entity.
FORECAST= PFI based on management expectations
PROJECTION= PFI based on hypothetical assumptions about future events that may or may
not take place or based on a combination of best-estimate and hypothetical assumptions.

Prior to ACCEPTANCE of a PFI engagement, the auditor must consider:

• The intended users.
• Whether the information will be for general or limited distribution.
• The nature of assumptions: best estimate or hypothetical?
• Elements to be included and period covered.
 Scope of the work
 Resources and skills
 Client integrity
 Ethical matters
Procedures
• Cast the forecast to verify arithmetical accuracy.
• Compare previous forecasts with actual results to assess the ability of the preparer.
• Compare accounting policies used in the financial statements to those used in the forecast
to ensure consistency.
• Agree opening cash figure to cash book (if already within the forecast period).
• Calculate key ratios and trends to assess reasonableness of the forecast figures.
• Enquire of management where there are unusual movements expected.
• Enquire of management of their plans for the forecast period and ensure these are
reflected in the figures.
• Compare forecast with management accounts for prior year to assess reasonableness of
figures and identify any missing items.
• Compare forecast to management accounts for period to date to see if the figures are in
line.
• Review forecast for any items which are to be discontinued and ensure they are not
included.
• Review forecast for any new costs/ incomes that should be included that weren’t present
previously.
• Compare trends with industry expectations to assess reasonableness.
• Obtain written representation from management that they believe the assumptions are
reasonable.
• Inspect the forecast for any new loans and interest to ensure they have been included.
Reporting
The report will contain:
• a conclusion providing negative assurance over the reasonableness of the assumptions
used to prepare the forecast, and
• an opinion on whether the forecast has been properly prepared on the basis of the
assumptions and presented in accordance with the relevant financial reporting framework.

Due diligence
Due diligence involves gathering information for a client on a potential acquisition. The aim
is to reduce the risk of making a bad investment.
Consider what information will impact the client’s decision to go ahead with the acquisition
or what price to pay. Obtain information to suggest whether this is a good or bad
investment.

Information required:
• Financial statements
• Forecasts and budgets
• Details of contracts and agreements
• Industry comparisons
• Details of outstanding litigation
• Details of tax investigations
• Details of management contracts
• Factors affecting asset values
• Completeness of liabilities
• Retention of staff
• Quality issues
• Reputational issues
• Likely synergies

Benefits of due diligence

• Decrease management time assessing acquisition
• Identification of operational issues and risks
• Liabilities evaluated and identified
• Identify assets not capitalised
• Gather information
• Enhance credibility of the investment decision
• Planning the acquisition
• Claims made by vendor substantiated
• Evaluation of post-acquisition synergies

Forensic audits
Forensic accounting is a specialist branch of the profession carried out by forensic
accountants and encompassing forensic auditing and investigation.
Planning
• Clarify the objectives and deadline for the engagement.
• Enquire whether the insurance company has been contacted.
• Scrutinise the insurance policy to ensure cover is in place.
• Consider the resources and skills required.
• Confirm with the client that full access to information will be allowed.
• Confirm the output of the investigation.
• Confirm whether you will be required as an expert witness.
Procedures
• Inspection of documents.
• Enquiries of management and staff.
• Analytical procedures.
• Automated tools and techniques.
• Tests of controls.
Report
• Summary of the procedures performed.
• Summary of results of procedures.
• Conclusion regarding losses.
• Recommendations to prevent future problems.
Applications of forensic accounting
Application Examples Type of work performed
Fraud Employee embezzlement of Funds tracing, asset identification and
investigations company funds, tax evasion, recovery, forensic intelligence gathering,
insider dealing. due diligence reviews, interviews,
detailed review of documentary
evidence.
Insurance Business interruptions, Detailed review of the policy from either
claims property losses, motor an insured or insurer’s perspective to
vehicle incidents, investigate coverage issues,
personal liability claims, cases identification of appropriate method of
of medical malpractice, calculating the loss, quantification of
wrongful dismissal. losses.
Professional Loss suffered as a result of Advising on merits of a case in regard to
negligence placing reliance on liability, quantifying losses.
professional adviser.

Audit of social, environmental, sustainability and

integrated reporting
Impact on reporting
• Organisations need to be accountable for their impact on social, environmental and
sustainability (SES) matters such as climate change.
• SES matters may directly impact financial statement amounts and disclosures.
• SES policies of an organisation may affect decisions of shareholders, customers, suppliers
and employees.
Audit testing will need to focus on:
• Review management’s risk assessment in respect of SES matters.
• Assessing the adequacy of management’s asset impairment reviews.
• Assessing the reasonableness of estimates including provisions.
• Obtaining evidence from experts such as environmental experts and lawyers.
• Reviewing compliance with laws and regulations.
• Evaluating management’s use of the going concern basis of accounting and adequacy of
disclosures.
Providing assurance on a sustainability report
Planning the engagement
• Understand and agree scope of engagement.
• Obtain an understanding of the entity, including the users and their needs.
• Consider the appropriateness of the information in light of the users’ needs.
• Consider the feasibility of conducting the engagement:
− Level of uncertainty, subjectivity, complexity
− Potential for manipulation
− Access to quality evidence
− Access to client staff
− Whether KPIs are specific enough to measure
Measurement difficulties
• Deciding which KPIs on which to report
• KPIs may not be specific enough to measure accurately.
• The concepts involved may lack precise definition.
• Systems and controls may not be in place to capture the information reliably.
Reporting difficulties
• Accountants may lack the specific skills and experience needed.
• Significant subjectivity of the subject matter.
• Evidence may not be sufficient or appropriate for the purposes of providing
assurance.
• Potential for manipulation to achieve the desired result.
Assurance report
The assurance report will include the following:
• Description of the scope of the engagement and type of assurance provided.
• Identification of the intended user.
• Respective responsibilities of the client and assurance provider.
• Details of the work performed.
• The opinion or conclusion.

Audit of performance information in the public

sector
Performance audits and performance information
Performance audits provide assurance regarding the effective functioning of the
organisation’s operations.
Performance information is published by an organisation to highlight achievement of their
objectives. Performance information is in the form of KPIs.
Planning an audit of performance information
• Obtain an understanding of the information to be audited.
• Enquire of management of how the information is collected and recorded.
• Determine an appropriate materiality level.
• Examine the systems and controls for recording the information.
Audit procedures
• Inspection of supporting documentation.
• Enquiries of management and staff.
• Perform analytical procedures.
• Recalculate the figures to verify arithmetical accuracy.
• Obtain written representations from management regarding accuracy and completeness.
Potential problems
As with any KPI, problems may be encountered with:
• Measuring the information in the first instance.
• Subjectivity of definition.
Reporting
An assurance report for performance information may provide reasonable assurance or
limited assurance depending on the requirements of the client.