Advanced Auditing & Assurance August 2023 Past paper
Guaranteed
95.5% Pass Rate
CPA Advanced Leval Advanvced Auditing and Assurance December 2022 Suggested solutions
Advanvced Auditing and Assurance
Revision Kit
QUESTION 1(a)
Q
The role of auditors in non-financial audits is increasingly coming under scrutiny. One such area of interest is in “green” audits, also referred to as environmental audits. A recent article in a leading accountancy journal highlighted this fact as below:
“In many jurisdictions, corporate auditors are not under any obligation to report to stakeholders of the entities on the impact of social and environmental issues. It is therefore important that regulators of the accountancy profession set prescribed and dedicated standards on social and environmental issues for auditors”.
Noting the above trends, the accountancy regulatory body in your country has engaged you to develop a discussion paper to guide policy on conduct of environmental audits auditors.
Required:
Draft a discussion paper focusing on the following, clearly elaborating on each:
(i) Limitations of financial accounting in reflecting the social and environmental impact of organisations.
(ii) Objectives of environmental audits.
(iii) Information components that should be disclosed in an environmental status report.
A
Solution
Introduction:
Environmental audits, also known as "green" audits, have gained significant attention in recent years. The role of auditors in non-financial audits, particularly in assessing the social and environmental impact of organizations, is becoming increasingly important. This discussion paper aims to address the need for dedicated standards on social and environmental issues for auditors. It highlights the limitations of financial accounting in reflecting the social and environmental impact of organizations, outlines the objectives of environmental audits, and identifies key information components that should be disclosed in an environmental status report.
(i). Limitations of Financial Accounting in Reflecting Social and Environmental Impact:
➧ Limited Non-Financial Reporting: Financial accounting primarily focuses on economic aspects and may not capture the full extent of social and environmental impacts. It lacks comprehensive reporting frameworks for non-financial data, hindering the disclosure of relevant information.
➧ Lack of Standardization: Unlike financial accounting standards, there is a lack of universally accepted standards for reporting social and environmental impacts. This lack of standardization hampers comparability and consistency across organizations.
➧ Subjectivity and Measurement Challenges: Quantifying social and environmental impacts is often complex and subjective. Financial accounting relies on historical cost and objective measurement, making it challenging to accurately represent intangible or long-term effects.
➧ Time Lag in Reporting: Financial accounting reports are typically prepared on an annual basis, resulting in a time lag between the occurrence of social and environmental impacts and their disclosure. This delay may hinder timely decision-making and responsiveness to emerging sustainability issues.
➧ Lack of Externalities Consideration: Financial accounting often fails to capture externalities, which are the indirect costs or benefits imposed on society and the environment. These externalities, such as pollution or resource depletion, can have significant social and environmental impacts but are not fully reflected in financial statements.
➧ Incomplete Scope: Financial accounting primarily focuses on the financial performance of an organization, neglecting broader social and environmental aspects. It may not capture the organization's contributions to the well-being of society or its impact on natural resources.
(ii). Objectives of Environmental Audits:
➧ Compliance Verification: Environmental audits aim to verify compliance with applicable laws, regulations, and environmental standards. They assess whether organizations are meeting their legal and regulatory obligations related to environmental protection.
➧ Performance Evaluation: Environmental audits evaluate an organization's environmental management systems, practices, and performance. They assess the effectiveness of environmental controls, identify areas for improvement, and provide recommendations for sustainable practices.
➧ Stakeholder Assurance: Environmental audits provide stakeholders, including investors, customers, and the public, with assurance regarding an organization's environmental performance. They enhance transparency, accountability, and trust by independently assessing and verifying environmental claims made by the organization.
➧ Risk Identification and Mitigation: Environmental audits aim to identify potential risks and hazards associated with an organization's operations. By evaluating the adequacy of risk management systems and controls, auditors help organizations mitigate environmental risks and ensure compliance with safety and environmental regulations.
➧ Cost and Efficiency Assessment: Environmental audits can assess the cost-effectiveness and efficiency of an organization's environmental initiatives. They evaluate the return on investment for sustainability projects, identify areas of improvement, and provide recommendations to optimize resource utilization.
(iii). Information Components in an Environmental Status Report:
An environmental status report should provide comprehensive and transparent information about an organization's environmental performance.
Information components that should be disclosed:
➧ Environmental Policy and Strategy: The report should include the organization's environmental policy, objectives, and the strategies in place to achieve them. It should outline the commitment to environmental sustainability and how it is integrated into the organization's overall business strategy.
➧ Environmental Impact Assessment: The report should assess and disclose the organization's environmental impacts, including resource consumption, greenhouse gas emissions, waste generation, and pollution. It should highlight significant environmental risks and their potential consequences.
➧ Environmental Management Systems: Information on the organization's environmental management systems should be provided. This includes details of policies, procedures, and controls in place to manage environmental risks, monitor performance, and ensure compliance with applicable regulations.
➧ Energy and Resource Efficiency: The report should address the organization's efforts to improve energy and resource efficiency. It should highlight initiatives such as energy conservation, water management, waste reduction, and the use of renewable resources.
➧ Stakeholder Engagement: Information on stakeholder engagement related to environmental issues should be disclosed. This includes mechanisms for dialogue with stakeholders, engagement in community initiatives, and collaborative efforts to address environmental concerns.
➧ Performance Indicators and Targets: The report should present key performance indicators (KPIs) that measure the organization's environmental performance. It should include targets, benchmarks, and progress toward achieving sustainability goals, facilitating monitoring and comparison over time.
➧ Supply Chain and Supplier Engagement: The report should address the organization's efforts to promote sustainability throughout its supply chain. It should disclose initiatives such as responsible sourcing, supplier engagement, and efforts to reduce environmental impacts across the value chain.
➧ Environmental Training and Education: The report should outline the organization's programs and initiatives to enhance environmental awareness and knowledge among employees. It should highlight training programs, awareness campaigns, and educational initiatives aimed at promoting sustainable practices and fostering a culture of environmental responsibility.
(i) Describe circumstances under which a professional auditor may reveal confidential information relating to the client.
(ii) “Independence threats” are likely to affect an auditor’s ability to comply with the fundamental principles of ethics.
Required:
With relevant examples, justify the above statement.
A
Solution
(i) Circumstances under which a professional auditor may reveal confidential information relating to the client:
While auditors are bound by strict confidentiality obligations, there are situations where they may be required or permitted to disclose confidential information.
Here are a few circumstances:
➧ Legal or Regulatory Requirements: If auditors are legally compelled or required by regulatory authorities to disclose certain information, they may have to reveal confidential client information. For example, if a court issues a subpoena or a regulatory agency requests specific information as part of an investigation, auditors may be obligated to provide the requested data.
➧ Fraud or Illegal Activities: If auditors uncover evidence of fraud, illegal activities, or non-compliance with laws and regulations during an audit, they have a duty to report such findings to the appropriate authorities. In such cases, the auditor may need to disclose confidential information to facilitate the investigation and ensure appropriate actions are taken.
➧ Safeguarding Public Interest: Auditors have an overarching responsibility to safeguard the public interest. If they become aware of circumstances where public interest is at risk, such as significant environmental damage, public health hazards, or systemic financial mismanagement, they may disclose confidential information to relevant stakeholders or regulatory bodies to address the issue and protect public interests.
NOTE:
It's important to note that auditors should follow legal and professional guidelines and consult with legal counsel before disclosing confidential information to ensure compliance with applicable laws and regulations.
(ii) Justification for the statement that "independence threats" are likely to affect an auditor's ability to comply with the fundamental principles of ethics:
Independence is a fundamental principle of ethics for auditors. The presence of "independence threats" can compromise an auditor's ability to remain independent and objective in performing their duties.
Examples to justify this statement:
➧ Financial Interest: When an auditor or their immediate family members hold a significant financial interest in a client company, it creates a financial self-interest threat. This threat may impair the auditor's objectivity and independence, as they may be inclined to favor the client's interests to protect their financial investment.
➧ Familiarity or Close Relationships: If an auditor has a close personal or business relationship with key individuals within the client organization, it can create a familiarity threat. This familiarity can lead to bias, impairing the auditor's ability to maintain independence and exercise professional skepticism.
➧ Advocacy or Promotion of Client: When an auditor promotes or advocates for a client's interests, it creates an advocacy threat. This threat arises when the auditor acts as an advocate for the client rather than maintaining a neutral and objective stance, compromising their independence and objectivity.
➧ Employment Relationship: If an auditor has previously worked for the client organization or is offered future employment, it creates an employment threat. The possibility of future employment can influence the auditor's objectivity and independence, as they may be hesitant to raise critical issues or challenge management's assertions.
➧ Intimidation or Undue Influence: When auditors face threats of intimidation or undue influence from the client, such as threats of litigation or termination, it creates an intimidation threat. These threats can hinder the auditor's ability to exercise professional judgment and maintain independence.
Q
During a recent seminar on adapting the audit approach to emerging technological changes, a presenter made the following statement:
“To ensure a successful audit of internet/mobile banking applications, the audit team must understand the business environment in which they are operating and the prevailing conditions such as regulatory requirements, business requirements and stakeholders’ needs. The audit team needs to put together a robust internet/mobile banking and electronic payment application audit program”.
Required:
With reference to the above statement, discuss areas of the internet/mobile banking applications and supporting information technology (IT) infrastructure that should be reviewed to confirm the adequacy of controls and ensure security of the applications.
A
Solution
➦ To confirm the adequacy of controls and ensure the security of internet/mobile banking applications, the audit team should review various areas of the applications and supporting information technology (IT) infrastructure.
key areas that should be assessed:
➧ Authentication and Access Controls:
Review the methods used for user authentication, such as username/password combinations, biometric authentication, or multi-factor authentication. Assess the strength and effectiveness of these controls in preventing unauthorized access to customer accounts. Evaluate access controls to ensure that appropriate permissions and restrictions are in place for different user roles and that segregation of duties is maintained.
➧ Encryption and Data Protection:
Examine the encryption mechanisms employed to protect sensitive data, such as customer login credentials, financial transactions, and personal information. Verify the use of secure protocols (e.g., SSL/TLS) for data transmission and storage. Assess the implementation of data protection measures, including encryption at rest and in transit, to mitigate the risk of data breaches and unauthorized disclosure.
➧ Application Security:
Assess the robustness of the application's security controls, including secure coding practices, vulnerability management, and regular security testing (such as penetration testing and code reviews). Review the effectiveness of mechanisms in place to prevent common security vulnerabilities, such as SQL injection, cross-site scripting (XSS), or session management issues.
➧ Transaction Monitoring and Fraud Detection:
Evaluate the effectiveness of transaction monitoring systems and fraud detection mechanisms. Assess whether the applications have real-time monitoring capabilities to detect suspicious activities, such as unusual transaction patterns, unauthorized access attempts, or account takeover attempts. Review the integration of fraud prevention tools, anomaly detection algorithms, and behavioral analytics to identify potential fraud risks.
➧ Compliance with Regulatory Requirements:
Review the application's compliance with applicable regulatory requirements and standards, such as data protection regulations (e.g., GDPR), financial regulations (e.g., PCI DSS for payment card security), and industry-specific guidelines. Assess the adequacy of controls implemented to address these requirements, including privacy policies, data retention practices, and customer consent mechanisms.
➧ Disaster Recovery and Business Continuity:
Assess the effectiveness of disaster recovery and business continuity plans for internet/mobile banking applications. Review backup processes, redundancy measures, and recovery strategies to ensure that critical systems can be restored in the event of a disruption or disaster. Verify that the plans are regularly tested and updated to maintain their effectiveness.
➧ Third-Party Risk Management:
Evaluate the controls and processes in place for managing third-party relationships, such as software vendors, cloud service providers, or payment processors. Assess the due diligence conducted on third parties, including security assessments, contract reviews, and ongoing monitoring of their performance and compliance with security standards.
➧ User Awareness and Education:
Assess the effectiveness of user awareness and education programs to promote safe online banking practices. Review the presence of security notifications, alerts, and educational resources within the application to help users protect their accounts from fraud or social engineering attacks.
Q
Analyse ways in which auditors might reduce the risk of professional liability in their dealings with clients.
A
Solution
➧ Maintain Professional Skepticism:
Auditors should maintain an attitude of professional skepticism throughout the audit process. This involves critically assessing and challenging the information and representations provided by the client. By adopting a skeptical mindset, auditors can reduce the risk of being misled or overlooking potential irregularities.
➧ Adhere to Professional Standards and Ethics:
Auditors should strictly adhere to professional auditing standards and ethical guidelines. Compliance with these standards helps ensure that audit procedures are conducted in accordance with accepted principles and practices, reducing the likelihood of errors or omissions that could lead to liability.
➧ Obtain Sufficient and Appropriate Audit Evidence:
Auditors should gather sufficient and appropriate audit evidence to support their conclusions and opinions. This involves obtaining documentary evidence, conducting inquiries, performing analytical procedures, and carrying out other audit procedures as necessary. Sufficient evidence helps auditors make informed judgments and provides a basis for their findings.
➧ Exercise Professional Judgment:
Auditors should exercise professional judgment when making decisions throughout the audit engagement. This includes assessing the materiality of misstatements, determining the nature and extent of audit procedures, and evaluating the adequacy of disclosures. Well-reasoned professional judgment can help mitigate the risk of liability by ensuring that audit opinions are based on a thorough and objective assessment of the financial statements.
➧ Document Audit Procedures and Findings:
Auditors should maintain comprehensive documentation of the audit procedures performed and the conclusions reached. This documentation serves as evidence of the auditor's work and reasoning, helping to demonstrate the appropriateness of their actions in case of any legal disputes or challenges.
➧ Maintain Independence and Objectivity:
Auditors must maintain independence both in appearance and in fact. They should avoid conflicts of interest that could compromise their objectivity and impartiality. Independence enhances the credibility of the audit and reduces the risk of liability resulting from potential biases or undue influence.
➧ Communicate Effectively:
Auditors should maintain open and effective communication with the client throughout the audit process. This includes discussing audit findings, potential risks, and recommendations for improvements. Clear and timely communication can help manage client expectations, address concerns proactively, and minimize misunderstandings that could lead to legal disputes.
➧ Continuous Professional Development:
Auditors should actively engage in continuous professional development to stay updated with changes in auditing standards, regulations, and emerging risks. Keeping abreast of developments in the profession ensures that auditors are equipped with the knowledge and skills necessary to perform their duties competently and minimize the risk of liability.
➧ Obtain Professional Liability Insurance:
Auditors may consider obtaining professional liability insurance coverage to protect themselves against potential claims or lawsuits. Professional liability insurance provides financial protection in the event that a claim arises due to alleged negligence or errors in the audit.
➧ Rotate Staff Members:
Rotating staff members involves periodically assigning different team members to audit engagements. This strategy helps reduce the risk of professional liability by bringing fresh perspectives and preventing the development of long-term relationships that could compromise objectivity. Rotating staff members also allows for knowledge sharing and cross-training, enhancing the overall competency of the audit team.
➧ Use Other Audit Firms:
➢ Engaging another audit firm in situations where there could be a possible conflict of interest with the client is a proactive measure that auditors can take to reduce the risk of professional liability.
➢ Engaging other audit firms or external experts can provide an additional layer of assurance and reduce the risk of liability. Bringing in independent auditors can offer a different perspective and uncover potential issues that may have been overlooked by the internal audit team. This approach helps increase the overall effectiveness and credibility of the audit process.
➧ Train Staff:
Investing in training programs for audit staff is crucial for reducing the risk of professional liability. Continuous professional development ensures that auditors stay up-to-date with evolving auditing standards, regulations, and industry best practices. By enhancing their technical skills and knowledge, auditors are better equipped to perform thorough and accurate audits, reducing the likelihood of errors or omissions that could lead to liability.
➧ Use Chinese Walls:
Chinese walls, also known as information barriers, are internal controls implemented within an organization to prevent the unauthorized sharing of sensitive information. By segregating personnel and restricting access to specific information, Chinese walls help maintain confidentiality and independence within the audit process. This reduces the risk of potential conflicts of interest and unauthorized disclosure of client information.
(i) Distinguish between a “systems review” and an “engagement review”.
(ii) Citing reasons, explain the importance of peer review.
A
Solution
(i) Distinguishing between a "systems review" and an "engagement review" in the context of audit peer reviews:
➧ Systems Review: A systems review focuses on evaluating the overall quality control systems and processes implemented by an audit firm. It examines the firm's policies, procedures, and methodologies to ensure they comply with professional standards and regulatory requirements. The objective of a systems review is to assess whether the firm has an effective system of quality control in place to consistently deliver high-quality audit services.
➧ Engagement Review: An engagement review, on the other hand, specifically examines the work performed on individual audit engagements. It involves a comprehensive assessment of the audit documentation, including working papers, financial statements, and audit reports. The purpose of an engagement review is to determine whether the audit work was conducted in accordance with relevant auditing standards and whether the conclusions reached and reports issued are appropriate and supported by sufficient evidence.
Summary:
While a systems review focuses on evaluating the overall quality control systems and processes of an audit firm, an engagement review assesses the specific work performed on individual audit engagements.
(ii) Explaining the importance of peer review in the context of audit:
➧ Enhancing Quality Control: Peer review plays a crucial role in enhancing the quality control systems of audit firms. By subjecting audit practices to external evaluation, peer review helps identify areas of improvement, potential deficiencies, and non-compliance with professional standards. It promotes a culture of continuous improvement within the audit profession, leading to enhanced audit quality and increased public confidence.
➧ Validating Professional Competence: Peer review serves as a mechanism to validate the professional competence of auditors. Through the review process, auditors' technical skills, knowledge, and adherence to auditing standards are assessed. This helps ensure that auditors are adequately trained and possess the necessary expertise to perform high-quality audits.
➧ Identifying Best Practices: Peer review provides an opportunity for audit firms to learn from each other and identify best practices. By evaluating the methodologies, techniques, and procedures employed by peer firms, audit practitioners can gain insights into more effective and efficient audit approaches. This sharing of knowledge and experiences contributes to the overall improvement of the audit profession.
➧ Maintaining Consistency and Compliance: Peer review helps maintain consistency and compliance with professional standards across the audit profession. It acts as a mechanism to ensure that audit firms are consistently applying auditing standards and meeting regulatory requirements. This promotes uniformity in audit practices, leading to reliable and comparable audit reports.
➧ Protecting the Public Interest: The ultimate goal of peer review is to protect the public interest. By evaluating and monitoring audit firms, peer review helps safeguard the integrity of financial reporting and maintains confidence in the audit profession. It provides assurance to stakeholders that auditors are performing their duties diligently and that the audit profession operates with accountability.
➧ Regulatory Compliance: Peer review is often required by regulatory bodies and professional organizations as a mandatory practice for audit firms. Compliance with peer review requirements is essential for maintaining licenses, certifications, and membership in professional bodies. Non-compliance can result in penalties, loss of reputation, or even legal consequences.
Q
Jua Kali Motors Ltd. is a vehicle repair shop founded some years ago Ms Faulu who owns all of the shares apart from a qualifying share held her husband and co-director. She runs the workshop with the help of a foreman, five mechanics and a clerk cum typist. A quotation is issued for all jobs and about 80% of the work is on insurance accident claims. The insurance companies require typed, pre-numbered quotations and invoices for insurance work. For the very large claims and occasionally for smaller claims, the insurance companies bring in their own assessors to inspect the vehicles before authorising the repairs. Private work procedures are less formal and customers are required to pay before collecting their vehicles. Small stocks of parts and service material are held, but most parts are ordered as required and accounts maintained with spare parts suppliers.
Your firm of Certified Public Accountants prepares and audits the accounts and provides tax and other advice to Faulu Motors.
Required:
Discuss the audit procedures that you would perform to assess the internal controls operations and ultimately the reliability of financial reports.
A
Solution
Understanding the Business and Internal Control Environment:
➢ Gain a comprehensive understanding of the business operations, including the industry, market conditions, and competitive landscape.
➢ Evaluate the internal control environment by assessing the control activities, risk assessment processes, information systems, and monitoring activities in place.
Risk Assessment:
➢ Identify and assess the risks that could impact the financial statements, such as the risk of fraud, misstatements, or errors in financial reporting.
➢ Evaluate the risk associated with insurance claims, including the reliability of the estimation process, authorization of repairs, and handling of insurance reimbursements.
➢ Assess the risk associated with private work procedures, particularly regarding payment collection and potential revenue recognition issues.
Understanding the Accounting System and Processes:
➢ Gain a thorough understanding of the accounting system, including how transactions are initiated, recorded, processed, and reported.
➢ Evaluate the adequacy and effectiveness of the controls over the accounting system, such as segregation of duties, access controls, and approval procedures.
Testing Control Activities:
➢ Perform walkthroughs of key processes to evaluate the design and effectiveness of internal controls, including the issuance of quotations, job authorization, invoicing, and payment collection.
➢ Test the operating effectiveness of control activities by selecting a sample of transactions and verifying that the controls are being consistently applied.
Reviewing Documentation and Authorization:
➢ Review the pre-numbered quotations and invoices for insurance work to ensure they are properly prepared and authorized.
➢ Examine documentation related to insurance claims, including agreements, assessments by insurance assessors, and authorizations for repairs.
Assessing Inventory and Procurement:
➢ Evaluate the controls over inventory management, including stock counts, stock requisitions, and ordering processes for spare parts and service materials.
➢ Review the accounts maintained with spare parts suppliers to assess the accuracy and completeness of records.
Analytical Procedures:
➢ Perform analytical procedures to assess the reasonableness of financial information, such as comparing historical data, industry benchmarks, and trends.
➢ Analyze revenue recognition patterns, comparing insurance claims revenue with private work revenue, and assessing the consistency of revenue recognition practices.
Testing for Fraud:
➢ Perform procedures to detect the risk of fraud, such as interviewing employees, assessing management override of controls, and reviewing unusual transactions or adjustments.
➢ Conduct surprise cash counts and reconcile cash balances to assess the integrity of cash handling and potential misappropriation risks.
Substantive Testing:
➢ Perform substantive testing procedures, such as sample testing of account balances, confirmation of receivables and payables, and physical verification of assets.
➢ Verify the accuracy of financial reports by performing reconciliation procedures, including bank reconciliations, accounts receivable reconciliations, and accounts payable confirmations.
Reporting:
➢ Document the findings and conclusions from the audit procedures in an audit report, highlighting any significant control weaknesses or discrepancies identified.
➢ Provide recommendations for improving internal controls and financial reporting processes, addressing any areas of concern or non-compliance.
(i) Citing FOUR reasons, justify to Ms. Faulu on why her company should continue to engage an auditor annually for audit of the business.
(ii) Suggest an alternative to a full audit that Jua Kali Motors Ltd. could consider.
A
Solution
(i) Justification for Annual Engagement of an Auditor:
➧ Compliance with Legal and Regulatory Requirements:
Engaging an auditor annually ensures compliance with legal and regulatory requirements. Many jurisdictions mandate that companies undergo an annual audit, especially for entities that exceed certain thresholds in terms of revenue or assets. By conducting an audit, Jua Kali Motors Ltd. can demonstrate its adherence to these obligations and avoid potential penalties or legal consequences.
➧ Independent Assurance of Financial Statements:
An auditor provides an independent and objective assessment of the company's financial statements. This assurance adds credibility and reliability to the financial reports, as the auditor verifies the accuracy and completeness of the information presented. External stakeholders, such as investors, lenders, and business partners, often rely on audited financial statements to make informed decisions.
➧ Detection and Prevention of Errors and Fraud:
An audit involves examining the company's internal controls and assessing the risk of errors and fraud. Through the audit process, the auditor can identify control weaknesses, potential misstatements, or fraudulent activities. This helps Jua Kali Motors Ltd. detect and prevent financial irregularities, safeguard assets, and improve the overall efficiency of its operations.
➧ Business Improvement and Advisory Services:
Beyond financial statement assurance, auditors can provide valuable insights and recommendations to enhance the company's operations. They can identify areas for improvement, suggest best practices, and offer advice on risk management, internal control enhancements, and cost-saving measures. These additional services contribute to the company's overall growth and success.
(ii) Alternative to Full Audit:
Jua Kali Motors Ltd. could consider a review engagement as an alternative to a full audit. A review engagement provides a limited level of assurance compared to an audit but still offers some benefits. In a review engagement, the auditor performs analytical procedures, inquiries, and discussions with management to obtain a moderate level of assurance that the financial statements are free from material misstatements.
Benefits of a review engagement include:
➧ Cost-effectiveness:
A review engagement is generally less expensive than a full audit since it involves limited procedures. This can be beneficial for smaller businesses like Jua Kali Motors Ltd. that may have budget constraints but still want some level of assurance on their financial statements.
➧ Timeliness:
A review engagement can be completed more quickly than a full audit due to the reduced scope of work. This allows the company to obtain a timely assessment of its financial statements, which can be important for decision-making and reporting purposes.
➧ External Stakeholder Confidence:
While a review engagement provides a lower level of assurance compared to an audit, it still offers some degree of external stakeholder confidence. Lenders, investors, and other parties may find comfort in knowing that an independent professional has performed limited procedures to assess the financial statements.
Q
Achievers Holdings Ltd. is a non-trading holding company with several subsidiaries within East Africa. The company is based in Nairobi with investment holdings ranging from 75% to 100% in several subsidiary companies.
You are the audit manager responsible for the audit of the group accounts. One subsidiary company operating in Rwanda is audited by your firm through a branch office in Kigali. The other subsidiaries in Tanzania and Uganda are audited by other audit firms based in the respective countries.
Assume that the financial year end of Achievers Holdings Ltd. is 30 June, but the subsidiary companies based in Uganda and Rwanda are engaged in highly seasonal businesses, and have 31 March as their financial year end. The subsidiary company in Tanzania was acquired during the year ended 30 June 2022.
Required:
Describe the evidence you would expect to obtain in your review of the audit work undertaken in Rwanda, Uganda and Tanzania.
A
Solution
Audit Work in Rwanda:
Since the subsidiary company in Rwanda is audited by the firm's branch office in Kigali, the evidence obtained would include:
➢ Confirmation of the qualifications, experience, and independence of the audit team assigned to the engagement.
➢ Review of the audit plan and engagement letter specific to the Rwandan subsidiary.
➢ Evaluation of the branch office's internal quality control procedures and compliance with auditing standards.
➢ Examination of the working papers prepared during the audit, including documentation of significant findings, tests performed, and conclusions reached.
➢ Correspondence and communication with the branch office, including discussions on audit findings, adjustments, and management representations.
➢ Review of the final audited financial statements and audit report issued for the Rwandan subsidiary.
Audit Work in Uganda (Performed by External Audit Firm):
As the audit of the subsidiary company in Uganda is performed by an external audit firm, evidence obtained would involve:
➢ Reviewing the engagement letter between the subsidiary and the external audit firm, including details of the scope, responsibilities, and deliverables.
➢ Evaluating the qualifications and independence of the external audit firm, ensuring they meet professional standards.
➢ Requesting and reviewing the audited financial statements and the audit report issued by the external audit firm for the Ugandan subsidiary.
➢ Obtaining any significant findings or management letters issued by the external audit firm and evaluating management's responses and actions taken.
➢ Communicating with the external audit firm to discuss audit procedures performed, areas of focus, and any specific concerns or issues identified.
Audit Work in Tanzania (Acquired Subsidiary):
As the subsidiary company in Tanzania was acquired during the year, evidence would include:
➢ Reviewing the acquisition agreement and related documentation to understand the terms and conditions of the acquisition.
➢ Evaluating the valuation and accounting treatment of the acquisition, including fair value assessment, goodwill calculation, and any contingent liabilities.
➢ Obtaining and reviewing the audited financial statements and audit report of the acquired subsidiary for the period before the acquisition.
➢ Assessing the completeness and accuracy of the consolidation process, including the elimination of intercompany transactions and adjustments for the acquisition.
➢ Reviewing any post-acquisition audit work performed by the external audit firm in Tanzania, including the audit report issued for the consolidated financial statements.
Following the completion of the subsidiary companies audits, discuss the matters that you would address in your review of the consolidated financial statements of Achievers Holdings Ltd. for the year ended 30 June 2022, with specific focus on:
(i) General issues touching on consolidated accounts.
(ii) Audit issues relating to subsidiaries with different year ends.
(iii) Audit issues relating to the newly acquired subsidiary in Tanzania.
A
Solution
(i) General Issues Touching on Consolidated Accounts:
➧ Consolidation Methodology: Evaluate the consolidation methodology used to combine the financial statements of the subsidiaries with the holding company. Ensure compliance with relevant accounting standards, such as IFRS 10 Consolidated Financial Statements or applicable local accounting standards.
➧ Intercompany Transactions and Balances: Review and assess the elimination of intercompany transactions and balances to avoid double counting and ensure accurate presentation of the consolidated financial statements.
➧ Equity Method: Determine whether any investments in subsidiaries are accounted for using the equity method, rather than consolidation, and ensure proper application of the equity method accounting.
➧ Non-controlling Interests: Verify the recognition and appropriate measurement of non-controlling interests in the consolidated financial statements, ensuring compliance with relevant accounting standards.
➧ Consistency and Disclosures: Evaluate the consistency of accounting policies and disclosures across the consolidated financial statements, providing sufficient and relevant information to users.
(ii) Audit Issues Relating to Subsidiaries with Different Year Ends:
➧ Cut-off Procedures: Review the cut-off procedures applied to transactions and events occurring between the year-end of the holding company and the year-end of the subsidiaries with different financial year-ends.
➧ Subsequent Events: Assess the disclosure and accounting treatment of subsequent events occurring between the year-ends of the subsidiaries and the holding company, ensuring appropriate adjustments and disclosures have been made.
➧ Audit Timing: Evaluate the timing of the audits of subsidiaries with different year-ends to ensure sufficient time for the completion of audit procedures and the issuance of audited financial statements.
(iii) Audit Issues Relating to the Newly Acquired Subsidiary in Tanzania:
➧ Purchase Price Allocation: Review the purchase price allocation for the acquisition of the Tanzanian subsidiary, ensuring compliance with relevant accounting standards (e.g., IFRS 3 Business Combinations) and the appropriate identification and valuation of assets acquired and liabilities assumed.
➧ Goodwill Impairment: Assess the testing of goodwill for impairment, if applicable, ensuring compliance with relevant accounting standards (e.g., IAS 36 Impairment of Assets) and the use of appropriate assumptions and methodologies.
➧ Transition and Consolidation Procedures: Evaluate the transition and consolidation procedures for the newly acquired subsidiary, including the integration of financial data, alignment of accounting policies, and the elimination of intercompany transactions.
➧ Adequate Disclosure: Ensure that the consolidated financial statements disclose the acquisition of the Tanzanian subsidiary, including relevant information such as the purchase price, the fair value of assets acquired and liabilities assumed, and the impact on the consolidated financial statements.
Q
Describe risks that an auditor could face in the audit of each the following items:
(i) Related party transactions.
(ii) Construction contracts.
(iii) Impairment.
(iv) Contingent liabilities.
A
Solution
(i) Risks in the Audit of Related Party Transactions:
➧ Undisclosed Related Parties: The risk that the auditor may not be aware of all related parties and their transactions, leading to incomplete disclosure or misstatement of related party transactions in the financial statements.
➧ Lack of Independence or Objectivity: The risk that related party transactions may be influenced by personal relationships or conflicts of interest, compromising the independence and objectivity of the auditor.
➧ Unfair Terms or Pricing: The risk that related party transactions may be conducted on terms that are not at arm's length or at fair market value, potentially resulting in material misstatements in the financial statements.
➧ Inadequate Disclosure: The risk that the financial statements do not provide sufficient information about the nature, extent, and terms of related party transactions, which could lead to noncompliance with relevant accounting standards and disclosure requirements.
(ii) Risks in the Audit of Construction Contracts:
➧ Revenue Recognition: The risk of improper revenue recognition from construction contracts, such as recognizing revenue too early or failing to recognize revenue in accordance with the percentage of completion method or other appropriate methods.
➧ Measurement of Contract Costs: The risk that the costs associated with construction contracts, including labor, materials, and overhead, are not properly accounted for, resulting in misstatement of costs and profit margins.
➧ Contract Modifications: The risk of not properly accounting for changes in contract scope, pricing, or completion timelines, which can impact revenue recognition and cost allocation.
➧ Estimation of Progress and Completion: The risk that management's estimates of progress and completion percentages are inaccurate or subject to bias, leading to misstatements in revenue, costs, and profitability.
(iii) Risks in the Audit of Impairment:
➧ Inadequate Impairment Assessment: The risk that the company may not have properly assessed and recognized impairments for assets, such as property, plant, and equipment, intangible assets, or investments, resulting in overstated carrying values.
➧ Subjective Assumptions: The risk that management's estimates and assumptions used in impairment testing, such as cash flow projections, discount rates, or future market conditions, are not reasonable or supported by sufficient evidence.
➧ Disclosure of Impairment: The risk that the financial statements do not provide adequate disclosures regarding impairments, impairments indicators, and the key assumptions used in impairment assessments, leading to incomplete or misleading information for users of the financial statements.
(iv) Risks in the Audit of Contingent Liabilities:
➧ Inadequate Identification: The risk that the auditor may fail to identify all contingent liabilities, including potential legal claims, warranties, guarantees, or other uncertain obligations that may have a material impact on the financial statements.
➧ Insufficient Disclosure: The risk that the financial statements do not disclose all relevant information about contingent liabilities, including their nature, likelihood of occurrence, and potential financial impact, resulting in incomplete or misleading disclosures.
➧ Estimation Uncertainty: The risk that management's estimates of potential costs associated with contingent liabilities may be subject to bias, inaccuracy, or lack of supporting evidence, leading to material misstatement in the financial statements.
➧ Legal or Regulatory Changes: The risk that changes in laws, regulations, or legal interpretations may impact the assessment and disclosure of contingent liabilities, requiring the auditor to stay updated and consider the impact on the audit procedures and financial statement disclosures.
You are the auditor of Saidia Development Trust (SDT), a not-for-profit entity supporting charitable activities. SDT has three major donors one of whom contributes over 80% of the entity’s budget.
The major donor has placed a condition that operating cost must not exceed 10% of the total budget. Funding from each of the donors is designated and restricted to specific projects. In some instances, donor funds have not been disbursed in time making it necessary for SDT to seek for bank overdrafts to continue meeting fixed costs and ongoing projects. The Executive Director has requested you not to mention the loans in the financial statements or management letter as the donors may raise concerns. Furthermore, the overdraft has been fully repaid period end.
Two employees have sued SDT for wrongful dismissal and claimed Sh.10 million. In order to demonstrate to the courts that SDT does not have money to meet such a claim, Sh.11 million was withdrawn from the entity‘s account and banked in the Executive Director’s personal account. The director is not ready to give you his bank statement as he claims it is personal.
In an effort to reflect that SDT is not overly reliant on the major donor, a material amount has been included as “other income”. This constitutes cash injections the Executive Director from his own sources. In order to meet the 10% operating cost requirements, actual operating costs are understated materially crediting them and debiting the director’s loan account.
Most expenses are paid cash even though the SDT’s policy is that amounts beyond Sh.15,000 should be paid cheque. To achieve this, two petty cash floats are maintained, one the receptionist which is subject to stringent controls and general cash maintained the Executive Director where no cash count is ever done and no independent control is exercised.
Required:
Prepare a memorandum to the non-executive directors of SDT detailing issues noted, their implications and how to correct them.
A
Solution
To: Non-Executive Directors of Saidia Development Trust (SDT)
From: [Name], Auditor
Subject: Issues, Implications, and Corrective Actions for SDT
Dear Non-Executive Directors,
I am writing to bring to your attention several significant issues identified during the audit of Saidia Development Trust (SDT) and to discuss their implications as well as propose corrective actions.
Overreliance on a Major Donor:
➦ Implication: SDT heavily depends on a single donor who contributes over 80% of the entity's budget. This dependency poses a financial risk to SDT in case the major donor reduces or withdraws funding. ➢ Corrective Action: SDT should diversify its donor base by actively seeking additional funding sources and partnerships. This will help mitigate the risk associated with overreliance on a single donor.
Loan Repayment and Overdrafts:
➦ Implication: SDT has taken bank overdrafts to cover fixed costs and ongoing projects when funds from donors were not disbursed on time. The Executive Director has requested not to mention the loans in the financial statements or management letter. ➢ Corrective Action: It is important to accurately disclose all loans and overdrafts in the financial statements and management letter to ensure transparency and compliance with accounting standards. Proper communication with donors regarding the financial challenges faced by SDT should be conducted to foster understanding and support.
Misappropriation of Funds:
➦ Implication: Sh.11 million was withdrawn from SDT's account and transferred to the Executive Director's personal account to create the appearance that SDT lacks sufficient funds to meet the claim of Sh.10 million for wrongful dismissal. The Director is unwilling to provide his bank statement. ➢ Corrective Action: The misappropriation of funds and failure to provide the bank statement raise serious ethical and legal concerns. The Executive Director's actions must be addressed promptly and appropriately. The matter should be reported to the appropriate authorities, and legal advice should be sought to recover the misappropriated funds.
Misrepresentation of Income and Operating Costs:
➦ Implication: To demonstrate reduced reliance on the major donor and meet the 10% operating cost requirement, material amounts have been included as "other income," consisting of cash injections by the Executive Director. Actual operating costs are understated materially by crediting them and debiting the Director's loan account. ➢ Corrective Action: SDT must accurately reflect its financial position and operations in the financial statements. All income, including the Executive Director's cash injections, should be appropriately classified and disclosed. Operating costs should be recorded accurately to ensure transparency and compliance with accounting principles.
Inadequate Cash Handling Controls:
➦ Implication: Most expenses are paid in cash, deviating from SDT's policy of using cheques for amounts exceeding Sh.15,000. Petty cash floats are maintained with different control standards, including the lack of independent control over the Executive Director's cash. ➢ Corrective Action: SDT should enforce its cash handling policy consistently, ensuring that all expenses exceeding the threshold are paid by cheque. Controls over petty cash floats should be strengthened, including independent verification and regular cash counts. The Executive Director's cash handling practices must be brought in line with SDT's policies and subjected to appropriate oversight.
Addressing these issues is critical to maintain the integrity, transparency, and sustainability of SDT's operations. I recommend that the Board take immediate action to address these matters, including but not limited to:
➧ Conducting an independent investigation into the misappropriation of funds by the Executive Director and seeking legal remedies.
➧ Engaging legal counsel to recover misappropriated funds and to address the potential legal implications of the Director's actions.
➧ Strengthening financial controls, including adherence to accounting standards, accurate financial reporting, and compliance with donor requirements.
➧ Developing and implementing a comprehensive policy for cash handling and enforcing it consistently throughout the organization.
➧ Promoting ethical practices and transparency within the organization through proper governance, oversight, and independent monitoring.
I am available to provide further guidance and support as needed to rectify these issues and restore the trust and credibility of SDT. Please do not hesitate to reach out to me for any clarifications or additional information.