Chapter 7 Assessing specific business risks and materiality 7-1 Copyright 2010 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services

Chapter 7

Assessing specific business risks and materiality

7-1Copyright 2010 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia 4e by Grant Gay and Roger SimnettSlides prepared by Roger Simnett

Assessing risk of material misstatement

• As discussed in chapter 5 and outlined in ASA/ISA 200:– Risk of material misstatement may exist at both the

financial report level and at the assertion level– Risk of material misstatement at the assertion level

consists of two components: inherent risk and control risk.

• ASA 315/ISA 315 requires the auditor to identify and assess risk of material misstatement at both the financial report and assertion levels.

• Inherent risk is covered in chapter 7, control risk in chapter 8.


Learning objective 1:Inherent risk

• Inherent risk (IR):– Susceptibility of account balance or class of transactions

to material misstatement given inherent and environmental characteristics, but without regard to internal control.

• An assessment of IR and control risk (CR) can be combined or separate. Irrespective of this, an auditor is required to:

– Assess IR at financial report level for audit plan.– Assessment must then be related to assertions

at account balance or class of transactions level when developing audit program.


Business risk (BR) and IR

• An entity’s business strategy and associated risks will affect an auditor’s assessment of IR at the financial report level.

• Where possible, an auditor traces BRs to areas of a financial report which are likely to be misstated.


Factors affecting IR at financial report level

• Integrity of management

• Management experience, knowledge and changes during the period

• Unusual pressure on management

• Nature of entity’s business

• Factors affecting the industry.


Inherent risk and information technology (IT)

• As IT risks can be pervasive to the entity, factors affecting overall IR associated with IT include:– Significant changes in IT– Insufficient IT skills and resources– Lack of entity support and focus– High dependence on IT– Reliance on external IT– Reliability and complexity of IT.


Inherent risk at assertion level• IR is greater for some assertions and related

classes of transactions, account balances and disclosures than for others.

• Auditor will normally focus on:– Accounts likely to require adjustment– Complexity of underlying transactions– Judgement involved in determining account balances– Susceptibility of assets to loss or misappropriation– Occurrence of unusual and complex transactions,

particularly at or near year-end– Transactions not subject to ordinary processing.


Effect of inherent risk on account balance assertion


Learning objective 2: Special areas of audit risk

• ASA/ISA 315.27-.28 requires the auditor to determine whether any of the risks identified are significant and to specifically consider at least the following matters when deciding which risks are significant:

– Whether there is a risk of fraud– Whether the risk is related to recent significant developments– Complexity of the transactions– Whether the risk involves significant transactions with related

parties– The degree of subjectivity in the measurement of financial

information– Whether the risk involves significant unusual transactions.


Special areas of audit risk: fraud• Auditor’s responsibility for identifying and reporting

fraud introduced in chapter 4.

• At the planning stage, an auditor should consider the risk that misstatements due tofraud or error will not be detected.

• It is easier to miss material misstatements resulting from fraud because fraud involves acts designed to conceal it.


Fraud

• Fraud is defined in ASA 240.11 (ISA 240.11) as:– ‘An intentional act by one or more individuals among

management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage’.

• Therefore, there can be two types of misstatement that are relevant to the auditor:

– Misstatement resulting from fraudulent financial reporting – Misstatement resulting from misappropriation of assets.


Fraudulent financial reporting

• Fraudulent financial reporting may involve:

– Manipulation, falsification or alteration of records or documents

– Suppression or omission of the effects of transactions from records or documents

– Recording of transactions without substance; or

– Intentional misapplication of accounting policies.


Misappropriation of assets

• Misappropriation of assets may involve:

– Embezzling receipts

– Stealing assets

– Causing an entity to pay for goods not received; or

– Using an entity’s assets for personal use.


Audit procedures for fraud at planning stage

• In planning and conducting the audit the auditor must exercise reasonable care and skill and maintain an attitude of professional scepticism.

• An auditor will use his or her experience, knowledge and training to determine whether fraud could occur.

• An auditor needs a thorough understanding of a client’s business in order to identify opportunities for the perpetration of fraud.

• ASA 240 (ISA 240) requires the auditor to specifically consider the risks of material misstatement in the financial report owing to fraud.


Increased attention to fraud• The most recently revised ASA 240/ISA 240

requires auditors to pay greater attention to fraud.

Auditors:– Need specifically to consider risks of material

misstatement in financial report due to fraud– Must discuss an entity’s susceptibility to fraud

with other members of the audit team– Must make more extensive inquiries of management

with respect to fraud.

• Auditors are now specifically required to consider the risk of fraud in revenue recognition and the possibility of management override of controls.


Red flag indicators of fraud

• An auditor commonly uses a checklist to identify increased risks of fraud. Where risk is high, it is called a 'red flag'.

• These are listed in Table 7.1 (p. 317) and are grouped under:

– Management– Unusual pressures within an entity– Market pressures– Unusual transactions– Unsatisfactory records– IT environment.


Fraud in practice

• A 2008 KPMG survey of fraud in Australia and New Zealand identified the following main factors allowing fraud to occur:

– Poor internal controls– Override of controls– Collusion between employees and third parties– Collusion between employees and management.

• The survey found the majority of frauds, excluding financial services entities, were perpetrated internally. Gambling was a common motivator, and 15 per cent of largest frauds involved identity fraud.


Earnings management

• Earnings management occurs when judgement in financial reporting and in structuring transactions is used to alter financial reports to influence the perceptions of stakeholders.

• Earnings management involves those responsible for preparing the financial report such as the Chief Financial Officer (CFO) and Chief Executive Officer (CEO).

• Incentives to manage earnings can be either behavioural or market-based.


Broad categories of earnings management

• Earnings management by clients may fall into the following categories:

– Intentional violations of accounting standards, and other reporting requirements that are individually immaterial

– Inappropriate revenue recognition– ‘Big bath’ charges under the guise of restructuring– Improper accruals and estimation of liabilities

in good times.


Illegal acts

• ASA/ISA 250 provides guidance on an auditor’s consideration of illegal acts (noncompliance with laws and regulations):

– An auditor must understand the legal and regulatory framework applicable to the entity and industry.

– An audit normally does not include procedures specifically designed to detect illegal acts.

– An auditor must recognise circumstances requiring special attention (e.g. a debenture deed requires a specific current ratio be maintained) and consider these in preparation of audit programs.


Related parties

• ASA/ISA 550 requires auditors to specifically assess the risk that related parties and related-party transactions will not be identified, or appropriately disclosed and/or measured.

• An auditor must identify all related parties when planning the audit because:

– The existence of related parties or related-party transactions can affect the financial information

– The reliability of audit evidence is a function of the source of that evidence

– The initiation of a related-party transaction might be motivated by other than ordinary business conditions, such as fraud.


Procedures for identifying related parties

• Review the previous period’s working papers for known related parties

• Make inquiries of management concerning the names of all related parties

• Review the entity’s procedures for identifying related parties

• Inquire about management’s and directors’ affiliations with other entities

• Review minutes of meetings

• Inquire of other auditors involved in the audit.


Appropriateness of the going concern basis

• Going concern assumption:– Entity is viewed as continuing in business for the foreseeable

future without any intention or necessity to liquidate or otherwise cease its operations (ASA 570.2/ISA 570.2).

• ASA 570.10/ISA 570.10 requires auditors to assess going concern at planning stage, as imminent business failure might have an effect on appropriateness of presentation of financial report or might motivate management misrepresentations.


Appropriateness of the going concern basis (cont.)

• Early identification helps focus audit effort on appropriate assertions in the financial report, and permits early communication with management.

• An auditor focuses primarily on anticipated events during the relevant period, approximately 12 months from the date of the current audit report to the expected date of the next audit report.


Examples of indications of going concern problems

• Financial indicators:– High gearing, or fixed-term or reliance on short-term

borrowings– Withdrawal of financial creditors, inability to pay

creditors or denial of trade credit by suppliers– Negative operating cash flows or adverse key

financial ratios– Lack of sustainable operating profits– Dividend arrears– Difficulty in complying with terms of loan agreements– Inability to obtain necessary financing.

• See Table 7.2.


Examples of indications of going concern problems (cont.)

• Operating indicators include:– Management intention to cease operations– Loss of key management personnel– Loss of major market, licence or franchise– Prolonged industrial action– Shortages of important supplies– Emergence of highly successful competitors.

• See Table 7.2.


Examples of indications of going concern problems (cont.)

• Other indications:– Non-compliance with capital or statutory requirements– Legal proceedings against the entity– Adverse changes in legislation or government policy– Uninsured or underinsured disasters.

• See Table 7.2.


Mitigating factors

• Auditor should consider mitigating factors. These include:– Asset factors — sale of assets, or delayed

replacement– Debt factors — unused lines of credit, ability

to renew or extend existing loans– Cost factors — ability to reduce costs– Equity factors — additional contributions

from owners, subsidiaries or associates.

• See Table 7.3.


Learning objective 3:Materiality

• Auditor must make preliminary assessment of materiality when planning the audit.

• ‘Materiality’ defined: information, individually or in aggregate, that if misstated or omitted from a financial report may adversely affect decisions about the allocation of scarce resources made by financial report users (ASA/ISA 320.2).

• Auditor uses materiality to:– Evaluate the presentation of financial data– Determine the nature, timing and extent of audit

procedures (sometimes called planning materiality).


Performance materiality• ASA/ISA 320.11 requires the auditor to set

performance materiality for the purposes of assessing future audit procedures.

• ASA/ISA 320.9 defines performance materiality as:

‘The amount or amounts set by the auditor at less

than materiality for the financial report as a whole

to reduce to an appropriately low level the

probability that the aggregate of uncorrected and

undetected misstatements exceeds materiality for

the financial report as a whole.’


Materiality level

• As noted by ASA/ISA 320.6, the auditor will consider the nature of the item when determining the materiality level.

• Materiality is a concept of relative significance.– It depends on the amount of the item of interest and

some relevant basis of comparison.

• To estimate an amount for planning materiality, the auditor selects a base and a suitable percentage to apply to that base. – This requires professional judgment, and not all

auditors do it the same way.


Choice of base

• The choice of a base depends on value judgements about relevance, stability and predictability.– Net profit may be the most relevant base for a

company with publicly traded securities. However, because net profit can fluctuate significantly from year to year it lacks stability, and it is not relevant to entities such as non-profit organisations.

– Size-related bases such as total assets or total revenue may be preferred because of their relative stability.


Rules of thumb for planning materiality


Financial information used as base

• Can be taken from:

– Financial report to be audited (if available)

– Annualised interim financial information; or

– Previous period’s financial reports.


Consideration of qualitative factors in materiality

• An auditor should consider qualitative factors as well as quantitative assessment. Qualitative factors include:

– The significance of the item to the particular entity

– The pervasiveness of the misstatement (e.g. the misstatement might affect the presentation of numerous items in the financial report)

– The effect of the misstatement on the financial report as a whole.


Materiality level for account balances, classes of transactions or

disclosures

• An auditor needs to allocate planning materiality to account balances and classes of transactions for audit testing.

• ASA 320.10 (ISA 320.10) requires that the auditor consider materiality at both the financial report level and in relation to individual account balances, classes of transactions and disclosures.

– However it does not mandate the specific steps that an auditor should take in allocating planning materiality.


Relationship between materiality and audit risk

• There is an inverse relationship between audit risk and materiality.

• An auditor sets a lower materiality threshold for accounts that have a higher audit risk. This means the auditor will need to collect more evidence for these riskier accounts.


Accounting materiality• Materiality is a matter of relative significance. • Any quantitative guideline for determining materiality

must necessarily be arbitrary.• However, AASB 1031 states that in the absence of

evidence or convincing argument to the contrary:– An amount that is equal to or greater than 10 per cent of an

appropriate base amount is presumed to be material.– An amount that is equal to or less than 5 per cent of an

appropriate base amount may be presumed not to be material.

– Determining whether an amount between 5 per cent and 10 per cent is material is a matter of judgement.


Accounting materiality (cont.)• In determining whether an amount or aggregate of an

item is material, the item should be compared with one of the following base amounts:

– Statement of financial position items—equity or the appropriate asset or liability class total.

– Income statement items—(1) profit or loss for the current financial year; or (2) average profit or loss for a number of years if net profit varies greatly from year to year.

– Cash flow items—(1) net cash provided or used in the operating, investing or financing activities as appropriate for the current financial year; or (2) average net cash flows provided by or used in the operating, investing or financing activities, as appropriate for a number of years.

• Evaluation of material misstatements identified during the audit is covered in ASA/ISA 450, discussed in chapter 12.


Documents

Chapter 7 Assessing specific business risks and materiality 7-1 Copyright 2010 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services