+ Use your assets
+ Surviving in tough times
+ How CAs can add value
+ Entering foreign markets
+ Valuing small firms
+ Expanding the biz
IFRS AND ISA
+ IFRS and Canadian GAAP
+ New auditing standards
+ Gauging ISA adoption
+ IFRS and audit firms
+ Diversity in the profession
+ CSR is worth it
+ Health and productivity
+ Preventing fraud
+ Chronological resumes
+ Expense fraud on rise
+ Gen X, Gen Y
+ Meeting time-savers
+ Bonuses still top reward
By Phil Cowperthwaite
Illustration: Baiba Black
Auditors of micro-entities can offer value-added services, providing they take safeguards against familiarity threats
Auditors can provide their micro-entity clients with much additional value when it comes to accounting and financial reporting. As part of an audit, they almost always have a significant role in helping management fulfill its responsibility for preparing annual financial statements. The alternative for these small entities is to hire a qualified accountant independent of the auditor to prepare statements — much less efficient and likely more expensive.
The practice of auditors helping micro-entity clients with statement preparation is common in Canada and around the world. Auditor independence in every audit engagement is a given, being required by the code of ethics. Independence is also essential to maintaining a skeptical and objective state of mind. But how can auditors re-tain that independence while helping their micro-entity clients fulfill their responsibility for financial reporting at the same time as auditing the financial statements? What are the principal threats to that independence and what safeguards are essential if it is to be maintained?
Requirements in the Canadian Audit Standards (CAS) on preconditions for an audit in CAS 210.06 state that the auditor shall ... obtain the agreement of management that it acknowledges and understands its responsibility:
But what does taking responsibility look like in the micro-entity environment where the auditor may help draft the financial statements? It isn’t practical for management to take a couple of courses in accounting and financial-statement preparation. Thankfully, there are straightforward procedures to follow that enable management to accept the responsibility for financial reporting in a meaningful way.
Review the period-end financial position and results with your client before you start the audit fieldwork
Auditing a micro-entity often begins with a preliminary client-prepared trial balance. As an essential first step in the fieldwork, review that trial balance with management and combine this discussion with updating your understanding of the entity, its environment and its internal controls over financial reporting (CAS 315.11–315.14).
Typically, management has a good idea of where the micro-entity stands financially. It will also likely be able to point out possible areas of concern as it is guided through the trial balance. Audit adjustments in micro-entity engagements are frequent. They are, however, often a result of management’s unfamiliarity with the financial reporting framework. This unfamiliarity should not be confused with poor management or unwillingness to take responsibility for the accounts.
On the other hand, there are not-for-profit clients whose management is un-willing or unable for a variety of reasons to take responsibility for financial reporting. In these situations, auditors should only accept the engagement on condition that a member of the board of directors take responsibility for the accounts and only when that member has sufficient knowledge of the transactions and events throughout the year to accept the responsibility in a meaningful way. When a client is managed by a volunteer board, a member of the board is required to accept responsibility for financial reporting as a condition of audit. Firms should not accept an audit engagement where both management and those charged with governance are either unwilling or unable to accept that responsibility since the preconditions for an audit under the CAS do not exist. In addition to the practitioner not complying with the standards in this situation, the engagement risk will likely exceed the level a firm should be willing to accept.
Ensure clients approve financial statements before you date your audit report
An auditor can’t date an audit report before management or those charged with governance demonstrate to the auditor that they have fulfilled their responsibility for financial reporting by approving the financial statements being audited (CAS 700.11(a); CAS 580.10). That management or those charged with governance must approve the statements prior to completion of the audit should be agreed to in writing in an engagement letter before the audit commences. Management’s acceptance or responsibility is often documented in the letter of representation sent to the auditor prior to completion of the engagement. Its wording will likely be similar to that of the engagement letter obtained before starting the audit, and the auditor must be certain that management has thoroughly accepted that responsibility.
It is important to review the nature of the client’s responsibility for financial reporting with the management at the outset of every micro-entity client. Management needs to take ownership of annual audited statements. Client education undertaken by the auditor is vital to ensuring this important responsibility is understood.
Safeguard against a self-review threat
It is essential for an auditor to safeguard against a self-review threat to independence if the auditor is also helping management fulfill its financial-reporting responsibilities by assisting in drafting the financial statements. The more familiar an auditor is with a client, the more difficult it is to maintain skepticism — making the threat of self-review all the more important and difficult to guard against.
Fortunately, micro-entities have a number of characteristics that help an auditor implement appropriate and sufficient safeguards. Micro-entities are by definition uncomplicated from an accounting perspective, so it should be well within the expertise of an experienced micro-entity auditor to assist management in measuring or evaluating accounting estimates required for financial reporting. As a result, statement preparation is generally straightforward. It is also important for the auditor to talk to management throughout the audit about the accounting options and nonroutine transactions, if any. Even though management may not be versed in accounting, it will understand the assumptions made to support accounting estimates and mandatory disclosures such as those required if the going concern assumption is not appropriate.
Auditors need to listen closely and gauge management’s reaction to financial reporting alternatives presented. Besides showing if it is informed enough to take responsibility for financial reporting, management’s reaction can also provide a check to the auditor’s assumptions used.
Industry-specific knowledge is helpful in managing a self-review threat. This is especially true when the client operates in a sector governed by specific laws and regulations (i.e., condominium corporations and other sector-specific not-for-profit organizations). If management is unfamiliar with the financial-reporting framework as it relates to its specific sector, it may overlook the need for certain accruals, tax-related entries or accounting disclosures mandated by grantors and others. When auditing statements of an entity in an unfamiliar sector, it is always best to consult an experienced colleague to help identify areas of risk of material misstatement.
In short, don’t sail in uncharted waters without adequate consultation and study. Doing the audit on site often improves the quality of audit evidence obtained. The small size of a micro-entity and the ability to talk with management during fieldwork means an opportunity to be familiar with what happened throughout the year. For example, it usually doesn’t take long to review the general ledger for the entire year. This will provide insight into the state of the bookkeeping and help identify any unusual transactions.
Safeguard against a familiarity threat
Equally as important as the self-review threat is safeguarding against the threat of familiarity. An auditor who looks at the entire financial-reporting process over a number of years acquires an excellent knowledge base with which to make recommendations for improvement. As a result, the auditor often becomes a trusted adviser.
The cost of becoming an instrumental, valuable resource to management can be a perceived decrease in independence, but the benefits of auditor/client continuity generally outweigh perceptions of lack of independence. Having micro-entities change auditors every five years or more frequently may not be in the public interest in the long run.
Safeguards that can protect against a threat of familiarity include, but are not limited to, the following:
Providing assistance in financial reporting to micro-entity management is a valuable service offered by many auditors in conjunction with the annual audit. As long as the client fully understands his or her financial reporting responsibilities and the auditor has adequate safeguards against self-review and familiarity threats, this value-added service can be offered without compromising independence.
Phil Cowperthwaite, FCA, is a partner of Toronto CA firm Cowperthwaite Mehta and a member of the IFAC’s Small and Medium Practices Committee
Technical editor: Ron Salole, vice-president, Standards, CICA