REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
Answer 1 AUDITORS AND AUDITING STANDARDS
(a)

Development, role, and authority of ISAs
„

ISAs set out the basic principles and essential procedures that auditors should
follow in the conduct of an audit of financial statements. Auditing Standards are in
bold type. The grey type found in ISAs provides guidance on the application of
ISAs.

„

Each Standard contains objectives and requirements (“shall”) with related guidance
(introductory, explanatory, application, definitions and other material, including
appendices). The entire text of a Standard must be understood in order to apply the
requirements of that Standard.

„

A current project is underway to redraft all ISAs – not to revise but to rewrite in
plainer language and an improved structure. The differentiation between bold and
plain text has been removed. The structure of the redrafted standard will show the
objective and requirements of the standard and will be supported by application and
other explanatory material – all of which should be considered as an integral part of
the standard.

„

International Standards on Auditing are set by the International Auditing and

Assurance Standards Board (IAASB) of the International Federation of Accountants
(IFAC). The IAASB is made up of representatives (in practice, commerce, research
and academic) of the profession who are members of IFAC.

„

ISAs and other documents issued by the IAASB are developed using a process of
exposure and consultation in order to obtain consensus and wide-spread acceptance
of standards. Consultation is with interested parties outside the profession, as well
as within the profession itself.

1001


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK

Project is proposed and input sought

If approved, project assigned to a Task Force

Research carried out and Exposure Draft prepared

ED placed on IFAC website and widely distributed for comment
to member bodies, interested parties and
general public

Comments received are considered, ED revised and re-issued if
substantive changes made

Revised ED approved and issued as a Standard


1002

„

Projects are identified by the members of the IAASB, the Consultancy Advisory
Group, the Forum of Firms, national auditing standard setting bodies and IFAC
members.

„

The Consultancy Advisory Group gives representatives of the business community
and international organisations the opportunity to contribute to the development of
international auditing guidance. Members of the Group represent organisations that
have an interest in international auditing.

„

The Task Force carries out the basic research and development of an Exposure
Draft (ED). This may be done as a joint project with a national auditing standard
setting body.

„

ISAs apply to all audits of financial statements that are expressed in “true and fair”,
“fair presentation”, or similar terms. Each of the objectives within a Standard must
be considered within the context of the overall objective of the audit as a whole. If
an objective cannot be achieved, the auditor must use their judgement to evaluate
the impact on their ability to achieve the overall audit objective.


„

By their very nature, ISAs require auditors to use their professional judgement when
applying them.

„

In exceptional circumstances, a professional accountant may judge it necessary to
depart from a basic principle or essential procedure of a Standard (and Practice
Statement) to achieve more effectively the objective of the engagement. When such
a situation arises, the professional accountant should be prepared to justify the
departure.


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
(b)

The role of the ACCA in the regulation of auditors
„

Auditors are regulated differently in different countries. In some countries
governments regulate auditors directly, or through government organisations (eg the
Public Accounting Oversight Board in the USA established by the Sarbannes-Oxley
Act). In other countries the profession is self-regulating. In most cases, there is
some combination of self-regulation and government regulation.

„

In the UK, the monitoring of the quality of the audit function carried out by listed
company auditors is conducted by the Professional Oversight Board for

Accountancy (POBA) of the Financial Reporting Council (FRC).

„

The FRC is the UK’s independent regulator for corporate reporting and governance
and is responsible for:
‰
‰
‰
‰
‰

(c)

setting, monitoring and enforcing accounting and auditing standards
statutory oversight and regulation of auditors
overseeing the regulatory activities of the professional accountancy bodies
promoting high standards of corporate governance
operating an independent investigation and discipline scheme for public
interest (eg listed) cases

„

Inspection of auditors under the monitoring of the POBA is carried out by the Audit
Inspection Unit (AIU). Such inspection incorporates a very thorough quality
control review including reviews of audit working papers and audit procedures.

„

The regulation and inspection of auditors for non-listed companies is carried out

directly by the professional bodies, eg the ACCA.

„

Professional bodies such as the ACCA, seek to uphold professional standards, to
investigate complaints against auditors, and to assist auditors in the performance of
their duties. They have both investigative powers and sanctions against auditors
who do not comply with professional standards. These include fines, exclusion from
membership, and the withdrawal of the licence to audit (audit registration).
Members of the ACCA are bound by its “Rules of Professional Conduct”.

„

The ACCA encourages high professional standards by setting academic
requirements for those wishing to study for the examinations, by setting the
examinations and by requiring additional experience of those who wish to practice
as auditors. This includes passing both Auditing papers (F8 and P7) in the ACCA
examinations.

„

In addition, all members of the IFAC (this includes the ACCA) are required to
continue their development throughout their careers (CPD).

How ISAs and national standards influence each other
„

In a global market-place it is increasingly important that Auditing Standards are
harmonised across the world, particularly for multinational companies. It is also
important that Auditing Standards are applied consistently. Over the last ten years,

standard setters in those countries where the profession is mature have sought to
harmonise their own standards with International Standards, and to influence
International Standards.

1003


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
„

In many countries, all new national Auditing Standards contain a statement to the
effect that compliance with the national standard will ensure compliance with the
relevant International Standard in all material respects, if that is the case, or it will
explain the difference(s).

„

The requirements of the Standards do not override local regulations governing audit
and assurance in a particular country. If local regulations have been followed and
ISAs (and Practice Statements) that are applicable to the engagement have not been
applied in their entirety, then compliance with ISAs cannot be stated as fact.

„

It is not always possible for local Auditing Standards to be the same as International
Standards because of local legal requirements. Nevertheless, a number of countries
have accepted International Standards in their entirety, or have accepted them
subject to some minor local variations. International Standards are thus extremely
useful for countries where the profession is not strong and where government does
not seek to detail Auditing Standards, and where there are few resources to develop

local standards.

„

Standard setters in countries where the profession is mature make a significant
contribution to the development of ISAs by providing representatives to sit on IFAC
Committees and working parties and by providing the resource to help draft
standards. National standard setters comment on consultation papers and exposure
drafts issued by the IAPC and help summarise responses on certain projects.

„

ISAs only have force internationally if they have the support of those countries who
lead the profession internationally. It is therefore essential for both national standard
setters and international standard setters to take account of each other’s work.

Answer 2 JUMPER & CO
Memo
From:
To:
Subject:
Date:

A Manager, Tela & Co
Jumper & Co
Corporate Governance in the SGCC Company
dd/mm/yyyy

As requested, I write to explain where your client SGCC does not appear to be following appropriate
corporate governance codes and to recommend changes to ensure that the principles of good corporate

governance are being followed.
Chief Executive Officer (CEO) and Chairman
Mr Sheppard is both CEO and chairman of SGCC. Corporate governance indicates that the person
responsible for running the company (the CEO) and the person responsible for controlling the board
(the chairman) should be different people. This is to ensure that no one individual has unrestricted
powers of decision.
I recommend that Mr Sheppard is either the CEO or the chairman and that a second individual is
appointed to the other post to ensure that Mr Sheppard does not have too much power in SGCC.
Composition of board
The current board ratio of executive to non-executive directors is 5:2. This means that the executive
directors can dominate the board proceedings. Corporate governance codes suggest that there should be
1004


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
a balance of executive and non-executive directors so this cannot happen. A minimum of three nonexecutive directors are also normally recommended, although reports such as Cadbury note this may be
difficult to achieve.
I recommend that the number of executive and non-executive directors is equal to help ensure no one
group dominates the board. This will mean appointing more non-executive directors to SGCC.
Director appointment
At present, Mr Sheppard appoints directors to the board, giving him absolute authority over who is
appointed. This makes the appointment procedure and qualities directors are being appointed against
difficult to determine. Corporate governance suggests that appointment procedures should be
transparent so that the suitability of directors for board positions can be clearly seen.
I recommend that an appointments committee is established comprising three non-executive directors to
ensure there is no bias in board appointments. Formal job descriptions should also be published making
the appointment process more transparent.
Review of board performance
It is correct that the performance of senior managers is reviewed, but this principle should also be
applied to the board. While Mr Sheppard may undertake some review, this is not transparent and it is

not clear what targets the board either met or did not meet.
I recommend that performance targets are set for each director and actual performance assessed against
these on a regular basis. Reasons for underperformance should also be ascertained and where
appropriate, changes made to the composition of the board.
Board pay
At present, board members’ pay is set by Mr Sheppard. This process breaches principles of good
governance because the remuneration structure is not transparent and Mr Sheppard sets his own pay.
Mr Sheppard could easily be setting remuneration levels based on his own judgements without any
objective criteria.
I recommend that a remuneration committee is established comprising three non-executive directors.
They will set remuneration levels for the board, taking into account current salary levels and the
performance of board members. Remuneration should also be linked to performance, to encourage a
high standard of work.
Internal control
The system of internal control in SGCC does not appear to be reviewed correctly. While external
auditors will review the control system, this review is based on their audit requirement and cannot be
relied on to test the overall effectiveness of the system. The system may therefore still contain
weaknesses and errors.
I recommend that some more formal review of internal control is carried out, perhaps by establishing an
internal audit department, as noted below. The relationship with the company’s auditors must also be
reviewed so that the work of the board and the auditors regarding internal control is understood by both
parties.

1005


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
Internal audit
SGCC does not have an internal audit department. Given the lack of formal review of internal control in
the company, this is surprising. Good corporate governance implies that the control system is monitored

and that an internal audit department is established to carry out this task.
I recommend that an internal audit department is established, reporting initially to the audit committee
who will monitor internal control and then summarise reports for the board.
Financial statements
There appears to be acceptable disclosure in the financial statements regarding the past results of the
company. However, the board should also provide an indication of how the company will perform in
the future, by a forecast review of operations or similar statement. This is partly to enable investors to
assess the value of their investment in the company.
I therefore recommend that the annual accounts of SGCC include some indication of the future
operations of the company.
Audit committee
There is no mention in the report of an audit committee. Good corporate governance implies that there
is some formal method of monitoring external auditors as well as checking that the reports from the
external auditors are given appropriate attention in the company.
I recommend that an audit committee is established – made up from non-executive directors. The
committee will receive reports from the external and internal auditors (as mentioned above) and ensure
that the board takes appropriate action on these reports.
I hope this information is useful. Please contact me again if you require any further assistance.
Sincerely
Ann C. Outent
Note to candidates: An alternative and allowable answer format was to answer sections (a), (b) and (c)
of the question separately. Taking this approach would also allow other valid points in part (b) such as
inability to obtain a stock exchange listing.

1006


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
Answer 3 CORPORATE GOVERNANCE
Memo

From:
To:
Subject:
Date:

Chief Internal Auditor
Board of ZX
Role of Audit Committee
dd/mm/yyyy

(a)
Areas where the internal audit department can assist the directors with the implementation of
good corporate governance in an organisation include:
Board reports
Reviewing reports to the board and reports produced by the board to ensure that they do
present a balanced and understandable assessment of the company’s position and prospects.
The internal audit department will have good knowledge of the operations of the company as
well as access to accounting information. The department can effectively “audit” board
reports to ensure they are accurate and understandable.
Internal controls
The board need to maintain a sound system of internal control. The internal audit department
will be able to review existing controls and recommend improvements to ensure this objective
is met.
Application of ISA and IFRS
The board need to have a policy for applying appropriate International Statements on
Auditing (ISA) and International Financial Reporting Standards (IFRS) to the organisation.
Internal audit will certainly be aware of new auditing standards and will have the technical
expertise (especially where internal auditors are professionally qualified) to identify changes
required by accounting standards. Amendments to control systems for new auditing standards
and financial accounting systems for new accounting standards can therefore be

recommended.
Communication with external auditors
Under corporate governance regulations, communications with external auditors will
normally be via the audit committee, although the board must maintain an appropriate
relationship with the external auditors. However, internal and external auditors can also work
together to ensure that the internal control system is sufficient; possibly by external audit
delegating work to internal audit, and each auditor reviewing the work of the other auditor.
The board will therefore receive reports from both sets of auditors which will be accurate
because they have been properly checked.
Communication to the board
The internal auditor can also check that appropriate information is provided to the board from
the external auditor. ISA 260 Communications of audit matters with those charged with
governance provides a list of matters which should be communicated to the board and the
internal auditor can work with the external auditor to ensure that this information is provided.

1007


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
(b)

The advantages of an audit committee include:
Public confidence
Providing increasing public confidence in the creditability and objectivity of published
financial information. This will be particularly important for ZX if listing arrangements go
ahead. While an internal audit department is not normally necessary for incorporated
companies, the provision of that department will provide additional confidence in the
accuracy of the financial statements and hopefully make ZX an attractive investment.
Financial reporting
Supports the directors in fulfilling their financial reporting obligations. The directors have to

prepare financial statements for ZX. The committee can assist by checking the financial
statements to ensure that they comply with appropriate reporting requirements. This is
especially important where the board do not have detailed knowledge of accounting
requirements.
Communication
Enhancing the role of ZX’s external auditors by providing an appropriate channel of
communication. Use of the audit committee will enable the external auditor to discuss issues
with the financial statements with the internal auditor, prior to providing a final summary of
key points to the board.
“Friend” of the Board
The audit committee may also act as a “critical friend” to the board by monitoring the work of
the board and providing helpful guidance, where corporate governance requirements do not
appear to be being met. The audit committee should have detailed knowledge of corporate
governance as part of its monitoring function of the company and can share this with the
board who may not have the time to obtain detailed information.
The disadvantages of an audit committee include:
Lack of understanding of function
As the directors in ZX do not have much knowledge of corporate governance, they may see
the additional involvement of the audit committee as a threat to their authority or taking away
some of their responsibilities. This memo has hopefully outlined the advantages of an audit
committee in supporting the work of the directors, removing this as a problem.
Role of non-executive directors
As the audit committee will be made up mainly from non-executive directors, the board may
see this as a means of decreasing their power and possibly letting other people run the
company. Again, the audit committee must be seen as fulfilling a supporting role for the main
board. It will utilise the special knowledge of account production and internal controls from
the external auditor and business non-executives to provide appropriate review of information
being given to the board.
Cost
The audit committee will increase the expenditure of the company as the non-executive

directors will require some remuneration due to their additional responsibilities. While this
cannot be avoided, the benefits of the committee in terms of providing assistance to the board
and raising the profile of ZX ready for possible listing must not be forgotten.

1008


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
Answer 4 FRAUD AND COMPLIANCE SEMINAR
(a)

Missing share certificates
The auditors must treat this matter as extremely serious. Not only has a senior executive
perpetrated an illegal act, he has also been guilty of deliberately attempting to mislead the
auditors.
The auditors must report the matter immediately to the audit committee, if there is one, or
otherwise to the full board of directors (ISA 240). A criminal offence has been committed in
the theft of the shares and in attempting to mislead the auditors. The auditors would expect
appropriate action to be taken. Any further course of action depends on the action taken by
the directors.
If the directors do not take appropriate action, such as reporting the matter to the police, the
auditors must consider the desirability of continued association with the company. Failure to
take action would make the directors a party to the wrongdoing involving, as it does, money
for which they have a responsibility to the shareholders.
In most jurisdictions the auditors do not normally have any responsibility for reporting the
matter to third parties except in the public interest or where there is some direct legal duty
imposed on auditors. Their duty of confidentiality prevents their taking further action.
However, on resigning, they can take the opportunity to reveal their concerns in any
communication accompanying their resignation. They may also respond appropriately to
professional enquiries from auditors nominated to replace them. However, they need to

obtain legal advice on the form of such communication to avoid the risk of action for breach
of confidence by the company or even defamation by the finance director.
If the directors do take appropriate action, the auditors must consider their position with
respect to the current audit engagement. The finance director is a key person with respect to
representations on which the auditors would have relied. Now that the credibility of that
officer is in doubt, the necessary level of professional scepticism becomes much greater.
Such an official has the authority to override almost any control and is in a position to conceal
such actions. The control environment must be regarded as being wholly ineffective and
inherent risk assessed as high. Extended substantive procedures will now need to be
performed in all areas that could have been manipulated by the chief financial officer.
Providing sufficient appropriate evidence is available then there would be no effect on the
auditors’ report. It is possible, under the circumstances, that the auditors may be unable to
reassure themselves that further misstatements are not present. In this case they would need
to issue an “except for – scope limitation” qualified auditors’ report.

(b)

Product safety
The auditors have no duty to search for all instances of non-compliance with all applicable
laws and regulations. However, in addition to laws and regulations directly pertaining to
financial reporting, the auditors also have a duty (ISA 250) to become familiar with any
particular laws and regulations breaches of which might result in the company no longer
being a going concern. Moreover, in this case, they have already become aware of the
possible breach. Their suspicions are aroused and they are under a duty to investigate the
matter further.

1009


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK

The finance director may be right in claiming the matter is of no consequence, but the fact of
attempting to conceal the evidence from the proper authorities must arouse suspicions that the
matter is serious. The auditors need to obtain independent expert advice on the implications
of the matter. If the company denies access to an independent expert the auditors may
consider, at the very least, issuing an “except for – scope limitation” qualified auditors’
report. If the expert confirms suspicions and the effect is potentially material, at the very least
the auditors would require full provision to be made, failing which an “except for –
disagreement” qualified auditors’ report would be necessary (ISA 250).
If the auditors’ suspicions are confirmed and the effect is material, the auditors would
normally report the matter to the board of directors and to the audit committee, if the
company has one. In this case, however, the board is implicated in the attempt to cover up the
evidence, so the auditors would report solely to the audit committee.
Again legal advice needs to be sought on whether the actions of the board are illegal. If so,
then they may consider it desirable to resign from the audit. Moreover, consideration must be
given to the consequences of the continued supply of unsafe goods. It is likely the auditors
have a case for alerting the appropriate authorities in the public interest which overrides their
duty of confidentiality to the client – legal advice must be sought before doing so.
(c)

Understatement of royalties
This suspected fraud differs in being perpetrated by the company and not by employees
against the company. The auditors’ duty of confidentiality to the company prevents them
from communicating their suspicions to the authors. However, the company has a liability
under the terms of the royalty agreements which must be provided for until extinguished by
the statute of limitations or other limitation on the rights of creditors to sue for amounts due.
The auditors would possibly seek legal advice on whether the company’s action was illegal,
such as a conspiracy to defraud the authors or false accounting to obtain a pecuniary
advantage. If the directors’ actions are illegal the auditors would expect the directors to pay
the amounts due in full. If the directors refuse, the auditors should consider resigning.
If the action is not illegal, it is certainly unethical, and the audit will be affected in two ways.

Firstly, if the amounts are material and the company fails to make adequate provisions within
the financial statements, the auditors must issue an “except for – disagreement” qualified
auditors’ report (ISA 240). Secondly, the auditors will need to revise their assessment of
inherent risk at the entity level. They would need to increase the tolerable level of detection
risk and perform a higher level of substantive procedures than previously would have been
considered necessary (ISA 240).

(d)

Unclaimed wages
If there is no immediately apparent explanation, such as an employee on long-term sick leave,
the circumstances arouse suspicions that the employee is fictitious – possibly a former
employee whose resignation the supervisor has deliberately withheld from the personnel
department. If the amount is wholly immaterial, the auditor has no duty to investigate the
matter further.
However, the auditor does have a duty to communicate suspicions promptly to an appropriate
level of management and to see that the matter is properly investigated (ISA 240). If the
auditor is not satisfied that a proper investigation is performed, it is possible that the level of
management to which the suspicions are communicated is also implicated in the fraud. The
matter becomes more serious and must be reported to the audit committee or board of
directors.

1010


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
Answer 5 STONE HOLIDAYS
(a)

(b)


Internal audit function: risk of fraud and error
„

The internal audit function in any entity is part of the overall corporate governance
function of an entity. Corporate governance objectives include the management of
the risks to which the entity is subject that would prevent it achieving its overall
objectives such as profitability. Corporate governance objectives also include the
overarching need for the management of an entity to exercise a stewardship function
over the entity’s assets.

„

A large part of the management of risks, and the proper exercise of stewardship,
involves the maintenance of proper controls over the business. Controls over the
business as a whole, and in relation to specific areas, include the effective operation
of an internal audit function.

„

Internal audit can help management manage risks in relation to fraud and error, and
exercise proper stewardship by:
(1)

commenting on the process used by management to identify and classify
the specific fraud and error risks to which the entity is subject (and in
some cases helping management develop and implement that process);

(2)


commenting on the appropriateness and effectiveness of actions taken by
management to manage the risks identified (and in some cases helping
management develop appropriate actions by making recommendations);

(3)

periodically auditing or reviewing systems or operations to determine
whether the risks of fraud and error are being effectively managed;

(4)

monitoring the incidence of fraud and error, investigating serious cases
and making recommendations for appropriate management responses.

„

In practice, the work of internal audit often focuses on the adequacy and
effectiveness of internal control procedures for the prevention, detection and
reporting of fraud and error. Routine internal controls (such as the controls over
computer systems and the production of routine financial information) and nonroutine controls (such as controls over year-end adjustments to the financial
statements) are relevant.

„

It should be recognised however that many significant frauds bypass normal internal
control systems and that in the case of management fraud in particular, much higher
level controls (those relating to the high level governance of the entity) need to be
reviewed by internal audit in order to establish the nature of the risks, and to
manage them effectively.


External auditors: fraud and error in an audit of financial statements
„

External auditors are required by ISA 240 The Auditor’s Responsibility to Consider
Fraud in an Audit of Financial Statements to consider the risks of material
misstatements in the financial statements due to fraud. Their audit procedures will
then be based on a risk assessment. Regardless of the risk assessment, auditors are
required to be alert to the possibility of fraud throughout the audit and maintain an
attitude of professional skepticism, notwithstanding the auditors’ past experience of
the honesty and integrity of management and those charged with governance.

1011


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
Members of the engagement team should discuss the susceptibility of the entity’s
financial statements to material misstatements due to fraud.

(c)

„

Auditors should make enquiries of management regarding management’s
assessment of fraud risk, its process for dealing with risk, and its communications
with those charged with governance and employees. They should enquire of those
charged with governance about the oversight process.

„

Auditors should also enquire of management and those charged with governance

about any suspected or actual instance of fraud.

„

Auditors should consider fraud risk factors, unusual or unexpected relationships,
and assess the risk of misstatements due to fraud, identifying any significant risks.
Auditors should evaluate the design of relevant internal controls, and determine
whether they have been implemented.

„

Auditors should determine an overall response to the assessed risk of material
misstatements due to fraud and develop appropriate audit procedures, including
testing certain journal entries, reviewing estimates for bias, and obtaining an
understanding of the business rationale of significant transactions outside the
normal course of business. Appropriate management representations should be
obtained.

„

Auditors are only concerned with risks that might cause material error in the
financial statements. External auditors might therefore pay less attention than
internal auditors to small frauds (and errors), although they must always consider
whether evidence of single instances of fraud (or error) are indicative of more
systematic problems.

„

It is accepted that because of the hidden nature of fraud, an audit properly
conducted in accordance with ISAs might not detect a material misstatement in the

financial statements arising from fraud. In practice, routine errors are much easier to
detect than frauds.

„

Where auditors encounter suspicions or actual instances of fraud (or error), they
must consider the effect on the financial statements, which will usually involve
further investigations. They should also consider the need to report to management
and those charged with governance.

„

Where serious frauds (or errors) are encountered, auditors need also to consider the
effect on the going concern status of the entity, and the possible need to report
externally to third parties, either in the public interest, for national security reasons,
or for regulatory reasons. Many entities in the financial services sector are subject to
this type of regulatory reporting and many countries have legislation relating to the
reporting of money laundering activities, for example.

Nature of risks arising from fraud and error: Stone Holidays
„

1012

Stone Holidays is subject to all of the risks of error arising from the use of computer
systems. If programmed controls do not operate properly, for example, the
information produced may be incomplete or incorrect. Inadequate controls also give
rise to the risk of fraud by those who understand the system and are able to
manipulate it in order to hide the misappropriation of assets such as receipts from
customers.



REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
„

All networked systems are also subject to the risk of error because of the possibility
of the loss or corruption of data in transit. They are also subject to the risk of fraud
where the transmission of data is not securely encrypted.

„

All entities that employ staff who handle company assets (such as receipts from
customers) are subject to the risk that staff may make mistakes (error) or that they
may misappropriate those assets (fraud) and then seek to hide the error or fraud by
falsifying the records.

„

Stone Holidays is subject to problems arising from the risk of fraud perpetrated by
customers using stolen credit or debit cards or even cash. Whilst credit card
companies may be liable for such frauds, attempts to use stolen cards can cause
considerable inconvenience.

„

There is a risk of fraud perpetrated by senior management who might seek to lower
the amount of money payable to the central fund (and the company’s tax liability)
by falsifying the company’s sales figures, particularly if a large proportion of
holidays are paid for in cash.


„

There is a risk that staff may seek to maximise the commission they are paid by
entering false transactions into the computer system that are then reversed after the
commission has been paid.

Answer 6 MANLY
(a)

Removal from office
(i)

Removal by management

The financial statements being reported on represent a statement of accountability by
management and directors to those on whose behalf they exercise their function, that is the
shareholders, in the case of an incorporated business. The ability of management to control
the appointment of auditors threatens to undermine the independence of the audit. They can
effectively evade an unsatisfactory auditor’s report by dismissing the auditor. Even where the
right to appoint (and remove) auditors is in the hands of shareholders or members,
management are often able to influence the exercise of that function.
There are a number of safeguards available to auditors to minimise the extent of the problem.
„

Not accepting appointment where there is reason to suspect management might seek
to dismiss the auditor to evade an unsatisfactory report.

„

Communicating with predecessor auditors to ascertain if such reasons lie behind the

proposed change of auditor.

„

Adhering strictly to professional independence rules to ensure an ability to
withstand management threats of removal from office in an attempt to dissuade
auditors from modifying their report.

„

Taking full advantage of whatever statutory protection exists against removal from
office such as a right to communicate with shareholders where a change in
appointment is proposed by management.

1013


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
„

Adhering to professional rules relating to providing advice to non-audit clients,
which might put undue pressure on their auditor. Without discussing all of the
issues with the current auditors, the other firm in this question appears to be acting
in breach of this rule.

(ii)

Audit committee

It is now a requirement under many listing jurisdictions for listed companies to have an

independent audit committee. The role of the committee is to oversee the integrity of the
financial reporting controls and procedures implemented by management, to protect the
interests of shareholders and other stakeholders.
For example, under the OECD Principles, the audit committee should be responsible (or at
least recommend – as required by the UK Combined Code) for the appointment, reappointment and sacking of the external auditors.
This therefore clarifies that the external auditors are responsible to the shareholders and not
directly to the executive management of an entity.
All material audit findings should be discussed with the audit committee, as well as the
executive directors. If the audit committee accept the auditor’s findings and the need to
qualify, then it is unlikely that they would also recommend sacking the auditor.
(b)

1014

Provision of other services
(i)

Rules of Professional Conduct

„

An auditor should not provide accountancy services to listed or public interest
company audit clients except of a purely mechanical nature such as drafting the
statutory financial statements.

„

Where accountancy services are provided to other company audit clients, the client
should accept full responsibility for the records, the assistance should not extend to
management decision making and a full audit must also be undertaken.


„

In the provision of other services, care must be exercised that the service is limited
to providing advice and not the exercise of management functions. This applies
particularly in providing executive recruitment services. The service should be
limited to identifying a short-list and not to making the final selection.

„

Other services should not include the making of specialist valuations, which are to
be incorporated in the audited financial statements.

„

The provision of non-audit services should not constitute recurring work which
brings total fees received from that audit client to more than 15% of the firm’s gross
fee revenues or 10% if the client is a listed or public interest company. The reasons
for this are evident from the engagement partner’s reluctance to qualify the opinion
for fear of angering the management and losing the audit.

„

Although not over the limit, fees from the provision of non-audit services are,
nevertheless, high. The engagement partner’s concern is unprofessional and it
would be hoped that professional accountants would be more objective.

„

Nevertheless, it illustrates concerns that would arise in the minds of users of

financial statements if it is seen that the auditors are generating substantial fee
income from providing non-audit services to the companies they audit.


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
(ii)

Prohibition of non-audit service provision

The Rules of Professional Conduct state that, in principle, there is no objection to providing
non-audit services to audit clients. However, it is also claimed that the provision of such
services impairs auditor independence. The alleged scenario is as follows:
„

As auditors, the firm is appointed by and is responsible to the members of the
company.

„

In providing other services, the firm is appointed by and is responsible to the
management, although an audit committee would advise on the appointment.

„

Because of the advantages of dealing with just one firm of accountants, the
management tends to prefer to use the audit firm to provide these other services.

„

If the firm loses the audit, they are likely to lose revenues from the provision of

other services. This is clearly the case here and the audit partner’s judgement is
strongly influenced by the potential loss of revenue.

„

The auditors recognise the ability of the management to influence auditor
appointment. Where auditors receive revenues from providing non-audit services,
as in the case of Manly, it is alleged that management may exploit this fact in order
to put pressure on the auditors.

„

Other services often attract higher fees than audit services. Firms may seek to
secure audit appointments primarily as a means of obtaining contracts for the
provision of more rewarding other services.

„

For these reasons, it is argued, firms should be forbidden to provide non-audit
services to audit clients, or at the very least, such services are appointed by the audit
committee.

The profession, on the other hand, argues that quarantining audit from the provision of nonaudit services denies companies the right to select their professional advisers. It also imposes
costs in that the audit, necessarily, will become more expensive as will the provision of nonaudit services as the firm providing the services will not have the benefit of knowledge of the
company gained through the audit.
As professionals, it is argued, accountants will not allow their judgement to be influenced by
such considerations and the situation illustrated in the question is an unlikely one. Moreover,
there is bound to be overlap between audit and non-audit services such as advice on internal
control and related matters contained in the management letter.
(c)


Rotation
Rotation is the term given to limiting the number of years an individual or a firm is associated
with the audit of a particular client.
As from 2004, the ACCA professional ethics require that that the engagement partner should
be rotated every 5 years and other audit partners every 7 years. The benefit of understanding
of the clients’ business is outweighed by the possible loss of professional scepticism. In this
case the audit partner has known Manly’s chief financial officer for too long to be able to
entertain ideas that he may not be trustworthy. In addition she is in breach of the ACCA
rules.

1015


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
At a further level it is argued that audit firms should only serve a fixed term of office,
although not part of the requirements of the ACCA. The benefits of securing non-audit work
from clients are substantially reduced if the term of office as auditor is limited to say seven
years. Similarly, efforts to maintain good relations with management possibly to the extent of
condoning questionable financial statements would no longer serve a useful purpose.
The argument against rotation of audit firms is that it imposes additional costs and risks. It is
the first year as auditor that is most costly and also the year the auditor is at greatest risk of
failing to detect misstatement through unfamiliarity with the client. Rotation of audit firms is
statutorily required in some countries.
Answer 7 INTERNAL AUDITOR
(a)

1016

Request to alter accounts

„

The first Fundamental Principle of the ACCA’s “Rules of Professional Conduct”
states that members should behave with integrity in all professional relationships,
and that integrity implies honesty, fair dealing and truthfulness.

„

It is therefore unethical for members of the ACCA to falsify financial records. To
do so might also constitute a criminal offence and if the public interest or national
security is involved, there may even be a responsibility to report the matter to third
parties, although there is no indication in the question that this is the case. In
practice however, the dividing line between what is acceptable and what is not is
often a difficult one to draw.

„

The internal auditor should first conduct a thorough review of the internal records to
establish whether or not the company has in fact complied with the bank’s
requirements. If the company has not done so, the question arises as to whether any
legitimate changes can be made in order to meet the requirements.

„

The question indicates that the profit figures are significantly affected by the
calculation of the bad debt and depreciation figures. It is not uncommon for changes
to such calculations to be made, although the justification for such changes must be
in order to present the financial position more fairly, and not simply to achieve
targets.


„

Changes in these calculations do not generally amount to changes in accounting
policy and do not therefore require separate disclosure in financial statements as
required by accounting standards (IAS 8 “Accounting Policies, Changes in
Accounting Estimates and Errors”), unless perhaps the amounts are material, in
which case they might constitute exceptional items (IAS 1 “Presentation of
Financial Statements”). Only if a change in calculations is justified by reference to a
re-assessment of assets lives perhaps, or because the bad debt provision has been
calculated over-prudently in the past, will it be acceptable to make the changes.

„

It may be legitimate to move bad debts and certain elements of depreciation from
cost of sales to overheads, thus improving gross margins. This would not amount to
a change in accounting policy but it would be important for the change to be
disclosed if the effect were to mean that the bank’s conditions were met, and they
would not have been met were the changes not made.

„

It is essential that the documentation that goes to the bank clearly discloses the
changes, as they are likely to be material to the bank.


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)

(b)

„


The situation might arise where the changes are made and the internal auditor
agrees, subject to proper disclosure being made, or signs relevant documentation,
but at a later stage discovers that the bank has not been properly informed about the
changes. In these circumstances, there is no duty to report the matter to the bank,
and the auditor would be in breach of his duty of confidentiality to his employer if
he did so.

„

However, I would seriously consider whether to continue in employment with such
a company. I would express my concerns, in writing, at the highest possible level, at
all stages during the proceedings.

Implications for the audit, the auditor’s report and the relationship between the firm
and client
(i)

Implications for the audit of the financial statements

„

The reasons for the changes in the accounting policy in relation to leases is likely to
be important, because the amounts involved are likely to be material and disclosure
in the financial statements is required by IAS 8. The external auditor should satisfy
himself that the reason for the change is justified in terms of the financial statements
giving a true and fair view.

„


The external auditor should establish the reasons for the change in the calculation of
provisions in the same way as the internal auditor in (a) above. Whilst a matter may
be material to the bank in the context of the lending decision, it may not be material
to the audit of the financial statements.

„

If the external auditor believes that these changes are unjustified and symptomatic
of a wider problem, he should investigate any other areas in which inappropriate
changes may have been made, and form an opinion on the view given by the
financial statements as a whole, not just in part.

(ii)

Potential effect on the auditor’s report

„

The fact that the chief financial accountant is on holiday and that the internal auditor
is unavailable is suspicious in itself. If the auditor cannot obtain adequate
information and explanations from the company then he is required to say so in the
auditor’s report, which will be qualified. The external auditor should warn senior
management of the client of this possibility, at the earliest possible opportunity,
preferably in writing.

„

Furthermore, if there is significant doubt about the company’s ability to continue as
a going concern, then a modified (but unqualified) audit report may be required
under ISA 570 “Going Concern” (provided that the matter is properly disclosed), or

a qualified report if the matter is not properly disclosed.

(iii)

Implications for the continuing relationship between the audit firm and the client

„

If the auditor considers that the client lacks integrity, or does not have a proper
regard for accounting standards and disclosure requirements, the firm should
consider whether it is appropriate to continue the relationship with the client. It may
be preferable to discontinue the relationship.

1017


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK
Answer 8 CLIENT CONFIDENTIALITY
(a)

(b)

1018

Disclosure of information relating to clients to third parties
„

Auditors are permitted or required to disclose information about their clients to third
parties without their knowledge or consent in very limited circumstances.


„

Generally, auditors can be required to, or are permitted to, disclose information to
certain regulatory bodies, including certain specialist units within police forces
under legislation. Such legislation in many countries includes financial services
legislation, legislation concerning banks and insurance companies, legislation
concerning money laundering and legislation concerning the investigation of serious
fraud or tax evasion.

„

Auditors are also permitted or required to disclose information where they are
personally involved in litigation, including litigation that involves the recovery of
fees from clients, or where they are subject to disciplinary proceedings brought by
ACCA or similar professional bodies.

„

Auditors are also permitted to disclose information where they consider it to be in
the “public interest” or in the interests of national security. Factors to take into
account include the seriousness of the matter, the likelihood of repetition and the
extent to which the public is involved. This right is rarely used in practice.

Response to requests
„

It is not unusual in practice for various bodies to request information from auditors
“informally” because it relieves them of the obligation to obtain the necessary
statutory authorities which may be time consuming or difficult.


„

Auditors must not disclose information without the consent of the client or unless
the necessary statutory documentation is provided by the person(s) requesting the
information.

„

Unless the auditor has reason to believe that there is a statutory duty not to inform
the client that an approach has been made, the client should first be approached to
see if consent can be obtained, and to see if the client is aware of the investigations,
as should normally be the case. The auditor should ensure that the client is aware of
the fact that voluntary disclosure may work in the client’s favour in the long run, but
if the client refuses, the auditor should inform the client if the auditor has a statutory
duty of disclosure.

„

Auditors should consider taking legal advice in all of the cases described.

„

Where auditors are made aware of potential actions against the client that may have
an effect on the financial statements, they must consider the effect on the audit
report. If the client is aware of the investigation, auditors will be able to seek audit
evidence to support any necessary provisions or disclosures in the financial
statements.

„


The auditors should consider whether the suspected fraud relating to the managing
director relates to the company and affects the financial statements.


REVISION QUESTION BANK – AUDIT AND ASSURANCE (Int) (F8)
„

Auditors will be in a very difficult situation if they become aware of an action that
may materially affect the financial statements, but where the client is not, and where
auditors are under a statutory duty not to inform the client. This situation will not be
improved by the resignation of auditors as they may be obliged to make a statement
on resignation. This puts auditors in a very difficult position and legal advice is
essential in such circumstances.

„

Tax authorities normally have powers to ask clients to disclose information
voluntarily. Such voluntary disclosure is often looked on favourably by the tax
authorities and the courts. Tax authorities normally also have statutory powers to
demand information from both clients and auditors. The same is generally true of
environmental and health and safety inspectors.

„

The power of the police to demand information is sometimes less clear and auditors
and clients should take care to ensure that the appropriate authorities are in place.
Those sections of the police investigating serious frauds usually have more powers
than the general police. It is unlikely that trade union representatives have any
statutory powers to demand information.


Answer 9 MELTON MANUFACTURING
(a)

Investigations and practical and ethical matters to be considered
„

Eligibility – the firm should be recognised to provide audit services (eg a firm of
Chartered Certified Accountants) and the reporting partner should hold a recognised
qualification (eg be a member of the Association of Chartered Certified
Accountants and hold a practising certificate). The firm should have adequate
professional indemnity insurance (PII) cover.

„

The reason for the change in auditor – whether it is just that the directors believe
they do not receive a cost effective service from the existing auditor. There may be
problems with the level of the audit fee or the existing auditor may want to modify
his auditor’s report (which the directors are trying to prevent).

„

Previous years’ audited accounts. If the auditor’s report is modified, it indicates that
the audit has a higher than normal risk. From these accounts it may be possible to
assess:
‰

whether the company appears to be having going concern problems (eg by
calculating appropriate ratios, eg debt/equity ratio);

‰


if there could be weaknesses in the system of internal control (because the
company is small or has a dominant proprietor).

With a manufacturing company there are likely to be more problems with the
valuation of inventory, but there would be less risks over sales and purchases as
they are likely to be on credit. There could be problems with obsolete plant and
equipment.
„

The size of the audit client and the fee compared with other clients. The Guide to
Professional Ethics says that an auditor’s independence may be compromised if the
fee from a single client exceeds 15% of the total practice income (10% for listed
and other public interest companies).

1019


AUDIT AND ASSURANCE (Int) (F8) – REVISION QUESTION BANK

(b)

1020

„

This does not appear to be a public company, but for a public company the auditor
should not normally both prepare and audit the financial statements. For other
companies, if the auditor both prepares and audits the financial statements, it is
desirable that these are carried out by different staff.


„

Independence issues – in particular, shares should not be held in the client company.
(Any shareholdings should be disposed before being appointed as auditor.) Close
family and business relationship with any directors of the company would also
impair objectivity.

„

Fees – should be sufficient to provide an acceptable return. An inadequate fee
could result in insufficient audit work being carried out and thus increase the audit
risk.

„

Prior experience of the manufacturing industry and auditing companies in this
industry. Without such experience the auditor may not have the skills necessary to
audit inventory, impairment of plant and equipment, etc. Thus, the invitation to
accept the audit appointment would need to be declined.

„

Whether staff with special skills (eg of computer-aided manufacturing design) or
external specialists may be required to carry out certain aspects of the audit.

„

Whether Melton Manufacturing will give permission to communicate in writing
with the retiring auditor. If the prospective client refuses, the nomination should be

refused.

„

With permission, the retiring auditor will be contacted and asked if there are any
professional reasons why the appointment should not be accepted.

„

If the company has not paid the retiring auditor’s fees, the appointment can be
accepted. However, if it suggests that Melton is a “bad payer” it can obviously be
declined.

Letter of engagement
(i)

Importance

„

The main reason why it is important that an auditor should send a letter of
engagement to the client is that it explains the duties of the auditor: and the contract,
which exists between the auditor and the client. If no letter of engagement is sent,
disputes and misunderstandings may arise about the auditor’s duties.

„

The letter of engagement explains that the auditor’s duties are governed by the
relevant legislation and cannot be limited by the company. Also, the auditor reports
to the shareholders (and not the directors) whether the financial statements show a

true and fair view.

„

Further, it explains the directors’ responsibilities, particularly that they are
responsible for preparing the financial statements (although the auditor can prepare
the financial statements for the directors, if requested) and for ensuring there are
proper systems of internal control to prevent or detect errors, irregularities and
fraud.