This guest post has been written by Ron Thomsen and Jordan Bryant of One Direct Advisory. It is especially useful for not-for-profit entities and their respective key personnel and board members.
With the end of the financial year, management and accounting teams will be turning now to consider the impending financial audit of the entity, and the audit timetable.
This paper will focus on preparing for the financial audit and the need to have an updated risk assessment with related remedies and controls for the benefit of the auditor.
The Audit Risk Professional Standards requires the auditor to understand and respond to
risks of material misstatement, whether due to errors or fraud.
In reaching that understanding, auditors will identify risks to the entity’s business and the controls in place to mitigate them.
The documentation and assessment of controls over financial reporting is generally a good place for the auditors to start. In the last two years, some entities have relied upon Government financial support, like Jobkeeper, and it would be an objective that the entity can continue as a going concern without such support.
Understanding the entity and its environment and any changes is very important, like succession risk for key personnel, changes in funding (Government Grants) or revenue, competition changes, new product risk, interest rate increases, accreditation for licensing or funding, premises rental agreement expiry, compliance with licences and for law changes, COVID etc. It is possible that these factors and changes could result in an impairment of the entity’s assets.
Also, in changing conditions such as has been experienced with lockdowns over the last two years, it is possible that the entity’s business model has been affected or changed from the likes of supply chain difficulties and or staff shortages, which may or may not have created new risks.
The Board and Management have ultimate responsibility for addressing the entity’s risks and any misstatements in the Financial Reports. However, they can prepare and assist in streamlining the audit process by considering what education the auditor will require in a full update on the business and its risks. Of course, an updated risk matrix would be a good and helpful aid for the Audit team.
The Auditor will gain a holistic understanding of the entity and risks, which will assist in focusing on the scope of the audit.
From our experiences in preparing for a number of Audits, some risk areas which will be investigated are:
a. Management Controls.
– Management Controls and Compliance with Legislative and Accounting/Auditing
Standards.
– Management checks and controls over fraud.
– Management monitoring and controls of CYBER risks and record keeping.
b. Revenue Recording. Key to the financial viability of the entity.
c. Liquid Assets and Working Capital Position. Entity’s ability to meet its current liabilities.
Checks on cash levels and reconciliations with Bank statements.
d. Inventory. Stock recording, controls and valuation.
e. Property, Plant and Equipment. Valuations, depreciations, gains and losses on any asset
changes.
f. Payroll monitoring. Generally the largest business cost. Ensuring all statutory payments
have been made and the employee is receiving the correct remuneration and entitlements.
g. Provisioning adequacy for Leave, Long Service Leave etc.
h. All taxes, incl CGT and FBT, have been paid or provisioned.i. Testing of EFT payment procedures.
Important mitigation of risk is through insurance and the adequacy of the entity’s
cover to meet any asset loss and/or business impairment should be checked. This
aspect could be checked by an independent Insurance Broker rather than the Auditor.
With possible changing circumstances in the business over recent times, it will be an objective of the Board to assist the auditor, who is the agent of the Board, to conduct an external check of the entity so that the financial statements reflect an accurate and true position. The Board’s aim is to achieve an unqualified audit opinion on the Financial Statements from the auditor, which the shareholders/members will be looking for.