Chapter 7 - Responsibilities Flashcards
Management responsibilities:
What should they do in terms of BUSINESS RISK?
- Assess business risks facing the company
- Devise strategies to deal with those risks
Management responsiblities:
Companies Act 2006:
Directors should act in a way to promote success of the company, this involves:
- Safeguard assets
- Keep proper accounting records
- Prepare company F/S and deliver to Companies House
- Ensure company complies with laws and regulations
Responsibility of Assurance providers is determined by:
- Legislation/Regulation
- Terms of engagement
- Ethical/Quality control standards
Companies Act 2006 lists the Auditor responsibilities to be:
1.
2.
3.
- Form independent opinion on truth and fairness
- Confirm accounts properly prepared in accordance with Companies Act 2006
- State in auditor report if the director’s report is consistent with annual accounts
The Auditor forms an opinion on the F/S being free from material misstatement.
Material misstatement could be caused by
______________ and ___________
FRAUD and ERROR
Why is fraud more difficult to detect than error?
It is accompanied with deliberate attempt to conceal
What are the TWO types of misstatement arising from fraud?
- Fraudulent financial reporting
- Misappropriation of assets
Fraud:
Management responsibilities
Prevent/Detect fraud
Fraud:
Auditor responsibilities
Obtain reasonable assurance that F/S are free from material misstatement, whether caused by fraud or error
Fraud:
What AUDIT PROCEDURES should be carried out to identify material misstatement caused by fraud?
- Risk assessment. Indicators: incentive/pressure/opportunities/attitude)
- Professional sceptism (questioning mind)
- Discuss fraud among engagement team
- Respond appropriately to fraud risk level (appropriate personnel, assess control - any management override, be unpredictable)
- Consider implications in other areas (is management representation reliable?)
The auditor can report fraud to which three parties?
- Internal/management
- Shareholders
- Third parties
When can the auditor report fraud to shareholders?
- If management is suspected of fraud
- If material/uncertainty
When can the auditor report fraud to third parties?
If right or duty to disclose eg: regulator
Material misstatement could be caused by non-compliance with laws and regulations.
TRUE/FALSE
TRUE
Law and regulation:
Management responsibility:
responsible for complying with law and regulation
Law and regulation:
Auditor responsibility:
Reasonable assurance that F/S are free from material misstatement (fraud or error which could be caused by non compliance)
Law and regulation:
What AUDIT PROCEDURES should be carried out to identify material misstatement caused by non compliance with law and error?
- Risk assessment (relevant laws, how the client complies with them)
- Evidence about compliance
- talk to management
- written representation about non compliance
- talk to regulatory bodies
Law and regulation:
What do you do if management is suspected of non compliance?
Report to those charged with governance
If no higher level, get legal advice
What is the Bribery act 2010?
Penalties to individuals and organisation for offering/accepting a bribe, bribing a foreign official, failing to prevent employees or agents bribing.
How do ORGANISATIONS comply with Bribery act 2010?
Bribery prevention policy:
- top level culture that bribery is unacceptable
- risk assessment (new partners/suppliers)
- due diligence, risk based approach
- communication to staff (training)
- monitoring and review
How do AUDITORS comply with Bribery act 2010?
Identify misstatement caused by non-compliance with Bribery act.
- assess non compliance risk with Bribery act
- professional sceptism
- assess bribery prevention policies
WHO should the auditor report suspicions of bribery to?
NCA (national crime agency)
Proceeds of Crime Act 2002
What is the Sarbanes-Oxley Act 2002?
improves quality of financial reporting
What else can the Sarbanes Oxley act be referred to as?
Sarbox or SOX
Sarbanes Oxley is not a UK law - so why do we need it?
Subsidaries are US
Sarbanes-Oxley Act 2002:
Management responsibilities
CEO and CFO must attest veracity of F/S
Greater disclosure of amendments made to F/S during audit
Sarbanes-Oxley Act 2002:
Auditor responsibilities
Stricter enforcement of independence
PCAOB (public company accounting oversight board) can inspect audit files of US listed companies
Define a related party
Company/person that might have/expected to have influence on company to be audited
What are some examples of related parties?
- Directors and family
- Key management
- other companies in group
Related party transaction may or may not be at arm’s length - give an example?
Director buying property from company at less than market value
Related Party transactions:
Accounting rule
Disclosed in F/S
Related Party transactions:
Audit risk
NOT disclosed = material misstatement
Related Party transactions:
Management responsibilities
Disclose them
Related Party transactions:
Auditor responsibilities
Perform audit procedures to identify/assess/respond to the risk of material misstatement from failing to disclose related party transactions.
Related Party:
What AUDIT PROCEDURES should be carried out to identify material misstatement caused by non disclosure of related party transactions?
- Ask management for list of related parties
- Written representation that all related party transactions have been disclosed
- confirm correct disclosures made
- do detailed test of transactions to look for rpt
- review bank confirmation letter for guarantor relationships
- review investment transactions
- minutes of meetings between shareholders and directors incase any discussions
Define money laundering (proceeds of crime act 2002)
Disguise origins of funds from criminal conduct.
- Using, acquiring, retaining, controlling, concealing, disguising, converting, transferring and removing from the UK the proceeds of criminal conduct.
List examples of money laundering.
Tax evasion
Saving costs by not complying with laws and regulations
Offences overseas that are criminal in UK
Money laundering:
Auditor responsibilities
Report actual knowledge
Report suspicion (reasonable grounds)
Money laundering:
Who should the auditor report to?
Money Laundering Nminated Officer (MLNO)
Money laundering:
What will the MLNO do after you report money laundering to them?
Consider if need to tell National Crime Agency (NCA)
Money laundering:
Auditor offences
Failing to report
Failing to train staff
Tipping off money launderer
Money laundering:
What is the most severe penalty (years)?
14
What does GDPR (General Data Protection Regulation) do?
Give individuals control of their personal information
- data protection
- privacy of key info
What are the rules of GDPR and Data Protection Act?
- Anyone processing personal info needs to make sure it is PROTECTED
- Individual can ACCESS data and how data is being used
- Data only HELD if lawful reason or client allows storage
Data Protection:
What does ICO stand for?
Information Commissioner Office
Data Protection:
What is the role of the ICO?
Organisations processing personal info need to report to them once a year
Data Protection:
What is the name of the individual in the organisation who informs the ICO?
Data controller
Data Protection:
What is classed as a criminal offence?
Failure to report to the ICO
Expectations gap:
Common expectations of auditor
- Detect/ Prevent all fraud
- Test every transaction to find all errors
Expectations gap:
Actual responsibilities of the auditor
- Identify material fraud in F/S
- Audit procedures to provide reasonable assurance that F/S are free from material misstatement
- Detect fraud
Expectations gap:
What steps have been taken to narrow the expectations gap?
- Responsibilities of director and auditor listed in audit report and engagement letter
- Explain how audit is conducted (test basis, material misstatements)
- Liaising with audit committee
Audit failure:
Why does the auditor not always identify fraud?
- Immaterial
- Auditor did everything but concealed/carefully executed
What are the reasons for Audit Failure when the auditor is negligent?
Failure to:
- Assess risk
- Respond to risk
- Recognise/respond to threats to objectivity
- Recognise/respond to situations where auditor is not competent
