Chapter 7 - Responsibilities

Question 1

Management responsibilities:

What should they do in terms of BUSINESS RISK?

Answer 1

• Assess business risks facing the company

- Devise strategies to deal with those risks

Question 2

Management responsiblities:

Companies Act 2006:

Directors should act in a way to promote success of the company, this involves:

Answer 2

• Safeguard assets
• Keep proper accounting records
• Prepare company F/S and deliver to Companies House
• Ensure company complies with laws and regulations

Question 3

Responsibility of Assurance providers is determined by:

Answer 3

• Legislation/Regulation
• Terms of engagement
• Ethical/Quality control standards

Question 4

Companies Act 2006 lists the Auditor responsibilities to be:

1.

2.

3.

Answer 4

1. Form independent opinion on truth and fairness
2. Confirm accounts properly prepared in accordance with Companies Act 2006
3. State in auditor report if the director’s report is consistent with annual accounts

Question 5

The Auditor forms an opinion on the F/S being free from material misstatement.

Material misstatement could be caused by
______________ and ___________

Answer 5

FRAUD and ERROR

Question 6

Why is fraud more difficult to detect than error?

Answer 6

It is accompanied with deliberate attempt to conceal

Question 7

What are the TWO types of misstatement arising from fraud?

Answer 7

• Fraudulent financial reporting

- Misappropriation of assets

Question 8

Fraud:

Management responsibilities

Answer 8

Prevent/Detect fraud

Question 9

Fraud:

Auditor responsibilities

Answer 9

Obtain reasonable assurance that F/S are free from material misstatement, whether caused by fraud or error

Question 10

Fraud:

What AUDIT PROCEDURES should be carried out to identify material misstatement caused by fraud?

Answer 10

1. Risk assessment. Indicators: incentive/pressure/opportunities/attitude)
2. Professional sceptism (questioning mind)
3. Discuss fraud among engagement team
4. Respond appropriately to fraud risk level (appropriate personnel, assess control - any management override, be unpredictable)
5. Consider implications in other areas (is management representation reliable?)

Question 11

The auditor can report fraud to which three parties?

Answer 11

1. Internal/management
2. Shareholders
3. Third parties

Question 12

When can the auditor report fraud to shareholders?

Answer 12

• If management is suspected of fraud

- If material/uncertainty

Question 13

When can the auditor report fraud to third parties?

Answer 13

If right or duty to disclose eg: regulator

Question 14

Material misstatement could be caused by non-compliance with laws and regulations.

TRUE/FALSE

Answer 14

TRUE

Question 15

Law and regulation:

Management responsibility:

Answer 15

responsible for complying with law and regulation

Question 16

Law and regulation:

Auditor responsibility:

Answer 16

Reasonable assurance that F/S are free from material misstatement (fraud or error which could be caused by non compliance)

Question 17

Law and regulation:

What AUDIT PROCEDURES should be carried out to identify material misstatement caused by non compliance with law and error?

Answer 17

1. Risk assessment (relevant laws, how the client complies with them)
2. Evidence about compliance
   - talk to management
   - written representation about non compliance
   - talk to regulatory bodies

Question 18

Law and regulation:

What do you do if management is suspected of non compliance?

Answer 18

Report to those charged with governance

If no higher level, get legal advice

Question 19

What is the Bribery act 2010?

Answer 19

Penalties to individuals and organisation for offering/accepting a bribe, bribing a foreign official, failing to prevent employees or agents bribing.

Question 20

How do ORGANISATIONS comply with Bribery act 2010?

Answer 20

Bribery prevention policy:

• top level culture that bribery is unacceptable
• risk assessment (new partners/suppliers)
• due diligence, risk based approach
• communication to staff (training)
• monitoring and review

Question 21

How do AUDITORS comply with Bribery act 2010?

Answer 21

Identify misstatement caused by non-compliance with Bribery act.

• assess non compliance risk with Bribery act
• professional sceptism
• assess bribery prevention policies

Question 22

WHO should the auditor report suspicions of bribery to?

Answer 22

NCA (national crime agency)

Proceeds of Crime Act 2002

Question 23

What is the Sarbanes-Oxley Act 2002?

Answer 23

improves quality of financial reporting

Question 24

What else can the Sarbanes Oxley act be referred to as?

Answer 24

Sarbox or SOX

Question 25

Sarbanes Oxley is not a UK law - so why do we need it?

Answer 25

Subsidaries are US

Question 26

Sarbanes-Oxley Act 2002:

Management responsibilities

Answer 26

CEO and CFO must attest veracity of F/S

Greater disclosure of amendments made to F/S during audit

Question 27

Sarbanes-Oxley Act 2002:

Auditor responsibilities

Answer 27

Stricter enforcement of independence

PCAOB (public company accounting oversight board) can inspect audit files of US listed companies

Question 28

Define a related party

Answer 28

Company/person that might have/expected to have influence on company to be audited

Question 29

What are some examples of related parties?

Answer 29

• Directors and family
• Key management
• other companies in group

Question 30

Related party transaction may or may not be at arm’s length - give an example?

Answer 30

Director buying property from company at less than market value

Question 31

Related Party transactions:

Accounting rule

Answer 31

Disclosed in F/S

Question 32

Related Party transactions:

Audit risk

Answer 32

NOT disclosed = material misstatement

Question 33

Related Party transactions:

Management responsibilities

Answer 33

Disclose them

Question 34

Related Party transactions:

Auditor responsibilities

Answer 34

Perform audit procedures to identify/assess/respond to the risk of material misstatement from failing to disclose related party transactions.

Question 35

Related Party:

What AUDIT PROCEDURES should be carried out to identify material misstatement caused by non disclosure of related party transactions?

Answer 35

• Ask management for list of related parties
• Written representation that all related party transactions have been disclosed
• confirm correct disclosures made
• do detailed test of transactions to look for rpt
• review bank confirmation letter for guarantor relationships
• review investment transactions
• minutes of meetings between shareholders and directors incase any discussions

Question 36

Define money laundering (proceeds of crime act 2002)

Answer 36

Disguise origins of funds from criminal conduct.

• Using, acquiring, retaining, controlling, concealing, disguising, converting, transferring and removing from the UK the proceeds of criminal conduct.

Question 37

List examples of money laundering.

Answer 37

Tax evasion

Saving costs by not complying with laws and regulations

Offences overseas that are criminal in UK

Question 38

Money laundering:

Auditor responsibilities

Answer 38

Report actual knowledge

Report suspicion (reasonable grounds)

Question 39

Money laundering:

Who should the auditor report to?

Answer 39

Money Laundering Nminated Officer (MLNO)

Question 40

Money laundering:

What will the MLNO do after you report money laundering to them?

Answer 40

Consider if need to tell National Crime Agency (NCA)

Question 41

Money laundering:

Auditor offences

Answer 41

Failing to report

Failing to train staff

Tipping off money launderer

Question 42

Money laundering:

What is the most severe penalty (years)?

Answer 42

14

Question 43

What does GDPR (General Data Protection Regulation) do?

Answer 43

Give individuals control of their personal information

• data protection
• privacy of key info

Question 44

What are the rules of GDPR and Data Protection Act?

Answer 44

• Anyone processing personal info needs to make sure it is PROTECTED
• Individual can ACCESS data and how data is being used
• Data only HELD if lawful reason or client allows storage

Question 45

Data Protection:

What does ICO stand for?

Answer 45

Information Commissioner Office

Question 46

Data Protection:

What is the role of the ICO?

Answer 46

Organisations processing personal info need to report to them once a year

Question 47

Data Protection:

What is the name of the individual in the organisation who informs the ICO?

Answer 47

Data controller

Question 48

Data Protection:

What is classed as a criminal offence?

Answer 48

Failure to report to the ICO

Question 49

Expectations gap:

Common expectations of auditor

Answer 49

• Detect/ Prevent all fraud

- Test every transaction to find all errors

Question 50

Expectations gap:

Actual responsibilities of the auditor

Answer 50

• Identify material fraud in F/S
• Audit procedures to provide reasonable assurance that F/S are free from material misstatement
• Detect fraud

Question 51

Expectations gap:

What steps have been taken to narrow the expectations gap?

Answer 51

• Responsibilities of director and auditor listed in audit report and engagement letter
• Explain how audit is conducted (test basis, material misstatements)
• Liaising with audit committee

Question 52

Audit failure:

Why does the auditor not always identify fraud?

Answer 52

• Immaterial

- Auditor did everything but concealed/carefully executed

Question 53

What are the reasons for Audit Failure when the auditor is negligent?

Answer 53

Failure to:

• Assess risk
• Respond to risk
• Recognise/respond to threats to objectivity
• Recognise/respond to situations where auditor is not competent