Sri Lanka Accounting and Auditing Standards Monitoring Board (SLAASMB) changed its approach to audit inspections (previously referred to as audit reviews) to a more risk-based,comprehensive approach since September 2016. This change is mainly attributable to the extensive exposure gained by the technical staff from an International Consultant with handson-experience in audit regulations in the United Kingdom.
The previous approach which was practiced during the first nine months of the year facilitated the staff engaged in the reviews, to obtain an understanding of the level of overall compliance with the auditing standards by the auditor, when performing the audit under inspection. However, the revised approach facilitates a more in-depth inspection, and involves carrying out detailed planning on the extent of inspections, on the identified high risk areas.
SLAASMB inspected 99 audits carried out by 14 firms during the year 2016 compared with 91 audits carried out by 29 firms during the previous year. Audits inspected included 81 audits carried out by 4 firms which are members of international networks. 6 audits inspected were carried out by 5 firms which conduct audits of less than 10 Specified Business Enterprises(SBEs). 58% of audits were identified to be not in compliance with the Sri Lanka Auditing Standards while 41% of audits were found to be compliant. Further, based on the inspections,suggestion for improvements in relation to 8 audits was communicated to 3 firms. The suggestions are expected to assist the auditors to improve their future audits.
During the year, significant non-compliances were observed in two audits and SLAASMB issued directions to these SBE’s requiring them to get their financial statements re-audited.These companies were required to publish and circulate copies of the re-audited financial statements to all the parties who had received the annual report for such year.
Directions to re-audit
Consequent to the audit inspection, 1 audit was referred for investigation due to the significance of the risks identified.
Referred for investigations
Deficiencies were identified in 55 audits conducted by 12 firms. The departures from Sri Lanka Auditing Standards detected were communicated to the respective firms in the form of letters of assistance. The main findings are as follows.
Observations made on audit inspections
5.1. Failure to obtain sufficient appropriate audit evidence
Audit working paper files of 34 audits did not consist of evidence of performing audit procedures to obtain sufficient appropriate audit evidence relating to financial statement assertions.
- Failure to perform audit procedures to test certain financial statement assertions.
- To ensure a property development company had not entered into several sales agreements relating to a single plot of land.
- Existence of impairment indicators relating to micro finance loans.
- Existence of related parties by obtaining direct confirmations.
- Existence, accuracy and completeness relating to valuation of inventories by being present at the physical verification, verifying accuracy and completeness of the inventory values and performing audit procedures on the entity’s final inventory records.
- Existence of trade receivables and fixed deposits and the accuracy of carrying amounts.
- Accuracy of the classification of loans and receivables into age buckets to determine the appropriateness of its impairment.
- Existence of the additions made to property,plant and equipment and to gem stocks.
- Existence of trade payables and the accuracy of carrying values.
- Occurrence of a cash transaction by ascertaining the business rationale with regard to a related journal entry.
- Accuracy and completeness of revenue by verifying prices in the sales invoices.
- Completeness and existence of bank balances when the amounts in the bank reconciliation had differed from the balances in the general ledger and when bank confirmations had reflected certain balances not reflected in the financial statements.
- Not assessing the technical capability of the audit engagement team to evaluate IT related documents and to conclude the system to be effective, without the assistance of the IT experts.
- Not performing any audit procedures to cover the period subsequent to the interim period in relation to items in the statement of comprehensive income, gross written premium,revenue and cost of sales.
- Failure to perform additional audit procedures when audit evidence displays existence of material misstatements.
5.2. Failure to establish and maintain a system of quality control
- Failure to make any branch visits when such branches were key contributors in the company’s operations.
Failure to provide evidence of adopting quality control procedures for the audit engagements were observed in 10 audits.
- Failing to establish any system of quality control.
- Not appointing an engagement quality control reviewer (EQCR) despite the engagement being of an entity listed in the stock exchange.
- EQCR not being involved in planning, execution and control of the audit.
- EQCR failing to perform objective evaluations of the significant judgments and conclusions reached by the audit team.
- Signing the working papers on a date subsequent to the date of signing the audit report.
- Modifying electronic based working papers between the date of calling for the audit inspection and the date of the inspection.
5.3. Lack of evidence of communications with those charged with governance
- Not establishing whether the independence requirement has been fulfilled in an audit engagement.
5.4. Non compliances relating to understanding and assessment of risk of material misstatements
- Failure to provide evidence of communications with those charged with governance, inparticular, with the audit committee was observed in 9 audits. Absence of evidence on communication with the audit committees regarding the overview of the planned scope,and timing of the audit was a common feature.Further, some audit inspections did not have evidence on communication of significant issues identified during the audit with those charged with governance.
Deficiencies observed included the following;
- Non compliances relating to identifying and assessing the risks of material misstatements were observed in 12 audits, Further, 9 audits had failed to respond appropriately to the risks identified and assessed.
- Representations received from the managementFailure to obtain an understanding of the entity and its internal controls and to evaluate the design and implementation of controls.
- Failure to identify significant risks in order to apply more focused and comprehensive audit procedures.
5.5. Deficiencies in audit sampling
- Failure to evaluate the changes made to the IT system during the financial year.
Non-compliances relating to audit sampling were observed in 20 audits.
The observations include;
- Failure to establish the basis of selecting the samples for testing, in order to gather sufficient appropriate audit evidence to meet the objectives of the audit procedures.
- Failing to select the items in a sample giving each sampling unit in the population a chance of getting selected.
- Failure to perform appropriate audit procedures on each item in the sample selected.
5.6. Accounting estimates including fair value accounting estimates and related disclosures
- Failure to evaluate the sample results to determine whether the use of sampling has provided a reasonable basis when arriving at the conclusions about the population.
- Failure to test how management had used accounting estimates and the input data on which such estimates had been based, were observed in 13 audits.
- Failure to independently examine the sources used to obtain inputs used in calculating the cost of equity, considered in the impairment testing model of goodwill.
5.7. The auditor’s responsibilities relating to fraud in an audit of financial statements
- Failure to evaluate the reasonableness of the significant assumptions made by the management when determining the fair value of property.
In 22 audits, the auditor has failed to identify and assess the risk of material misstatements of the financial statements due to fraud.
The observations include;
- Deficiencies in designing and performing audit procedures relating to testing of journal entries.
- Failure to test the journal entries at the end of the reporting period
- Failure to select the sample of journal entries based on the characteristics of fraudulent journal entries
5.8. Other observations
- Failure to perform audit procedures except for testing a few journal entries to identify the risks related to management override of controls.
- In the audits of group financial statements,auditor had failed to obtain any audit evidence relating to consolidation adjustments, financial information of the components and of the consolidation process, to express an opinion on the group financial statements.
- Audit documentation of some of the files inspected did not provide adequate evidence on performing analytical procedures at the planning stage, to identify the areas of potential risk and to corroborate conclusions formed during the audit of individual components of the financial statements and lacked any documentation of the overall audit strategy and of the audit plan.
- In some audits, the auditor has failed to evaluate whether the results of the external confirmation procedures provided relevant and reliable audit evidence or whether further audit evidence was necessary.
- Some auditors have not obtained sufficient appropriate audit evidence about whether the related party relationships and transactions had been appropriately identified, accounted for and/ or disclosed in the financial statements.
Future Inspection focus
Aligning with the global perspectives, SLAASMB recognized the need to enhance audit quality.In initiating this need, the staff engaged in audit inspections was provided comprehensive training by two foreign consultants with a wide-array of experience and expertise in the regulatory environment in the United Kingdom.Consequent to the capacity building, SLAASMB focused on a risk based approach to inspections comprising of detailed planning and in-depth inspections. In furthering this aim, in 2017,SLAASMB expects to conduct discussions with audit firms to understand the processers in practice and is expected to perform thematic inspections on identified themes. Thematic inspections will assist the auditors to enhance the quality of the audits, especially in the areas of focus. Further, SLAASMB expects to commence the conduct of firm-wide inspections in 2017. Since the statute of SLAASMB is being amended, SLAASMB plans to conduct the firmwide inspections on firms which volunteer to be inspected.
As audit quality is best achieved in an environment where there is support from and appropriate interactions among participants in the financial reporting supply chain, SLAASMB identified the need to enhance the public awareness of the participants of the audit environment on the drivers of audit quality.As an initial measure, SLAASMB conducted separate workshops on the new Audit Report to be effective from 2018 and on the Framework for Audit Quality developed by the International Auditing and Assurance Standards Board (IAASB) to the financial sector regulators, auditors and audit committees who are directly associated with the performance of the audits of SBEs.