UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT
- Nature of the entity
- Laws and Regulatory environment
- Related parties
- Litigation and claims
By the end of this chapter students should be able to:
- Describe appropriate tasks and procedures to understand the client’s entity’s business and its environment before any ground work can be carried out.
This chapter looks at the auditors understanding of the entity and its environment. It starts with a discussion of the nature of industry as it affects audit of financial statements. The importance of laws and regulatory issues together with an understanding of related parties are discussed before ending with a look at litigation and claims
- Nature of the entity
ISA 315 Identifying and Assessing the Risk of Material Misstatement through Understanding the Entity and its Environment states that the objective of the auditor is to identify and assess the risk of material misstatements, whether due to fraud or error, at the financial statement and assertion levels, through the understanding of the entity and its environment , including the entity’s internal control, thereby providing a basis for the designing and implementing responses to the assessed risk of material misstatement.
- Why should auditors obtain an understanding of the entity and its environment?
- To identify and assess the risk of material misstatements in the financial statements
- To enable the auditor to design and perform further audit procedures
- To provide a frame of reference for exercising audit judgment, for example , when setting audit materiality
- How do auditors obtain the understanding?
There are several methods that auditors can use to obtain the understanding:
- Enquiries of management and others within the client
- Analytical procedures
- Observation and inspection
- Prior period knowledge
- Discussion of the susceptibility of the financial statements to material misstatements among the engagement team members
- What should auditors understand about the entity and its environment?
The ISA sets out a number of requirements about what auditors must consider in relation to obtaining an understanding of the business. Some of the elements that auditors must understand are:
- Business operations of the entity
In terms of business operations the auditor looks at matters such as: nature of revenue sources, products or services, and markets involvement in electronic commerce such as internet sales and marketing activities, conduct of operations (for example, stages and methods of production, or activities exposed to environmental risks).
- Financial reporting
The auditor also considers the entity’s selection and application of accounting policies, including the reasons for changes thereto; an evaluation of whether the entity’s accounting policies are appropriate for its business and consistent with the applicable financial reporting framework and accounting policies used in its industry.
- Objectives and strategies and relating business risk
The auditor looks at the entity’s objectives and strategies. He/she considers whether management does adequately monitor the results of the operations of the business units against objectives and expected results, including budget and forecast. In addition the auditor considers whether management does have adequate procedures in place to ensure that all personnel understand the entity’s objectives and how their actions interact and contribute to those objectives, and those related business risks that may result in risks of material misstatement, the measurement and review of the entity’s financial performance.
- Industry, regulatory and other external factors
Examples of matters the auditor may consider include the market and competition, including demand, capacity, and price competition, cyclical or seasonal activity, product technology relating to the entity’s products energy supply and costs.
The auditor should also consider relevant industry external factors including industry conditions such as the competitive environment, suppliers and customer relationships, the general economic conditions, interest rates, availability of financing, inflation or currency revaluation and technological developments.
Other matters to consider include;
- Geographic dispersion and industry segmentation
- Location of production facilities, warehouses, and offices
- Location and quantities of inventories
- Key customers
- Important suppliers of goods and services
- Research and development activities and expenditures.
The auditor needs also to understand critical accounting policies and practices. Critical accounting policies and practices are those that, in the auditor’s judgment, are both most important to the portrayal of the entity’s financial condition, position, performance and cash flows, and require management’s most difficult, subjective, or complex judgments, often as a result of the need to make estimates about the effect of matters that are inherently uncertain. Critical accounting policies generally comprise a subset of the entity’s significant accounting policies. Most entities have one or more critical accounting policies.
Significant accounting policies and practices. Significant accounting policies and practices are those policies that are relevant to a user’s understanding of the financial statements and are disclosed in the financial statements in accordance with the applicable financial reporting framework. Such policies include critical accounting policies.
1.3.5 Internal controls
Auditors will need to appreciate the control activities, control environment, the entity’s risk assessment process, control activities, internal audit if it exists and how the entity monitors the control
1.3.6 Measurement and review of the entity’s performance
Auditors will need to appreciate the key operating statistics of the entity; key performance indicators; trends; use of forecasting, budgets , analysts reports competitor analysis and period – on – period financing performance.
2 Laws and regulations
The effect on financial statements of laws and regulations varies considerably. Those laws and regulations to which an entity is subject constitute the legal and regulatory framework. The provisions of some laws or regulations have a direct effect on the financial statements in that they determine the reported amounts and disclosures in an entity’s financial statements. Other laws or regulations are to be complied with by management or set the provisions under which the entity is allowed to conduct its business but do not have a direct effect on an entity’s financial statements. Some entities operate in heavily regulated industries (such as banks and chemical manufacturers). Others are subject only to the many laws and regulations that relate generally to the operating aspects of the business (such as those related to occupational safety and health, and equal employment opportunity). Non-compliance with laws and regulations, including illegal acts, may result in fines, litigation or other consequences for the entity that may have a material effect on the financial statements.
Laws and regulations may affect an entity’s financial statements in different ways: for example, most directly, they may affect specific disclosures required of the entity in the financial statements or they may prescribe the applicable financial reporting framework. They may also establish certain legal rights and obligations of the entity, some of which will be recognized in the entity’s financial statements. In addition, laws and regulations may impose penalties in cases of non-compliance with laws and regulations, including illegal acts.
The entity is obliged to comply with laws and regulations; for example company law governing its regulatory filings with the local authorities. This legislation includes provisions on the information to be filed/ the time permitted to make required filings/ penalties for non-compliance. The entity is obliged to comply with import and export regulations governing the sale of its products abroad and the import of goods from abroad. This legislation also includes provisions on the types of goods that can be sold/ the notification of sales and purchases to the authorities/ duties. Accounting principles and industry specific practices, regulatory framework for a regulated industry, legislation and regulation that significantly affect the entity’s operations, including direct supervisory activities taxation (corporate and other).
The auditor monitors legal requirements and ensuring that operating procedures are designed to meet these requirements. For example the auditor considers whether the entity;
- Employment arrangements (including the existence of union contracts, pension and other post-employment benefits, stock option or incentive bonus arrangements, and government regulation related to employment matters) comply with employment laws.
- Monitors compliance with the code of conduct and acting appropriately to discipline employees who fail to comply with it.
- Has engaged legal advisors to assist in monitoring legal requirements
- Government policies currently affecting the conduct of the entity’s business, such as monetary, including foreign exchange controls, fiscal, financial incentives (for example, government aid programs), and tariffs or trade restriction policies
- Environmental requirements affecting the industry and the entity’s business
The auditor looks at laws and regulations applicable to the entity and the industry or sector
in which the entity operates. To obtain a general understanding of the legal and regulatory framework, and how the entity complies with that framework, the auditor may, for example:
- use existing understanding of the entity’s industry, regulatory and other external factors
- update the understanding of those laws and regulations that directly determine the reported amounts and disclosures in the financial statements
- inquire of management as to other laws or regulations that may be expected to have a fundamental effect on the operations of the entity, such as laws relating to bribery and corruption
- inquire of management regarding the policies or procedures adopted for identifying, evaluating and accounting for litigation and claims
- Consider auditor’s knowledge of the entity’s history of non-compliance with laws and regulations, including illegal acts.
The auditor’s responsibilities in relation to the entity’s compliance with laws and regulations are distinguished between the following two different categories:
Certain laws and regulations are well-established, known to the entity and within the entity’s industry or sector, and relevant to the entity’s financial statements as described above. These laws and regulations generally are directly relevant to the determination of material amounts and disclosures in the financial statements and readily evident to the auditor. They could include those that relate to, for example:
- The form and content of financial statements (for example, statutorily-mandated requirements)
- Industry-specific financial reporting issues
- Accounting for transactions under government contracts (for example, laws and regulations that may affect the amount of revenue to be accrued) the accrual or recognition of expenses for income tax or pension costs, or employment and social security regulations.
Some provisions in those laws and regulations may be directly relevant to specific assertions in the financial statements (for example, the completeness of income tax provisions), while others may be directly relevant to the financial statements as a whole (for example, the required statements constituting a complete set of financial statements).
Our responsibility regarding misstatements resulting from non-compliance with laws and regulations, including illegal acts, having a direct effect on the determination of material amounts and disclosures in the financial statements is the same as that for misstatements caused by fraud or error.
Non-compliance with other provisions of such laws and regulations and other laws and regulations, including illegal acts, may result in fines, litigation or other consequences for the entity, the costs of which may need to be provided for or disclosed in the financial statements, but are not considered to have a direct effect on the financial statements.
Not a direct effect
Certain other laws and regulations may need particular attention by the auditor because they
have a fundamental effect on the operations of the entity. Non-compliance with laws and regulations that have a fundamental effect on the operations of the entity, including illegal acts, may cause the entity to cease operations, or call into question the entity’s continuance as a going concern.
For example, non-compliance with the requirements of the entity’s license or other entitlement to perform its operations could have such an impact (for example, for a bank, non-compliance with capital or investment requirements).
There are also many laws and regulations relating principally to the operating aspects of the entity that typically do not affect the financial statements (their financial statement effect is indirect) and are not captured by the entity’s information systems relevant to financial reporting, for example, laws relating to bribery and corruption. Their indirect effect may result from the need to disclose a contingent liability because of the allegation or determination of identified or suspected non-compliance. Those other laws or regulations may include those related to securities trading, occupational safety and health, food and drug administration, environmental protection, equal employment, and price-fixing or other antitrust violations. We may not have a sufficient basis for recognizing possible noncompliance with such laws and regulations.
For the “Not a direct effect”, our responsibility is limited to performing specified audit procedures that may identify non-compliance with those laws and regulations, including illegal acts, that may have a material effect on the financial statements. Even when those procedures are performed, we may not become aware of the existence of non-compliance or illegal acts unless there is evidence of non-compliance or illegal acts in the records, documents or other information normally inspected in an audit of financial statements.
As the financial reporting consequences of other laws and regulations can vary depending on the entity’s operations, the audit procedures included are directed to bringing to our attention instances of non-compliance with laws and regulations, including illegal acts that may have a material effect on the financial statements.
In some cases, the amount of an entity’s correspondence with licensing or regulatory authorities is voluminous. In exercising professional judgment in such circumstances, we may consider the following in determining the extent of inspection that may identify instances of non-compliance or illegal acts:
- the nature of the entity
- The nature and type of correspondence.
3. Related parties
A related party is a party that is either: a related party as defined in the applicable financial reporting framework where the applicable financial reporting framework establishes minimal or no related party requirements: a person or other entity that has control or significant influence, directly or indirectly through one or more intermediaries, over the reporting entity another entity over which the reporting entity has control or significant influence, directly or indirectly through one or more intermediaries, or another entity that is under common control with the reporting entity through having:
Common controlling ownership owners, who are close family members, or common key management
However, entities that are under common control by a state (i.e. a national, regional or local government) are not considered related unless they engage in significant transactions or share resources to a significant extent with one another.
During the audit, the auditor shall remain alert, when inspecting records or documents, for arrangements or other information that may indicate the existence of related party transactions that management has not previously identified or disclosed to the auditor.
A related party transaction is a transfer of resources or obligations between related parties, regardless of whether a price is charged.
In particular, the auditor shall inspect the following for indications of the existence of related party relationships or related party transactions that management has not previously identified or disclosed to the auditor:
- Bank and legal confirmations obtained as part of the auditor’s procedures
- Minutes of meetings of shareholders and those charged with governance, including any relevant committees of these groups
- Such other records or documents as the auditor consider necessary in the circumstances of the entity.
- Additionally, auditors may review the prior years’ audit documentation for information about related party relationships and related party transactions. If applicable, the auditor may inquire of a predecessor auditor about the predecessor’s knowledge of existing relationships and the extent of management involvement in material transactions.
The existence of the following relationships may indicate the presence of control or significant influence:
- Direct or indirect equity holdings or other financial interests in the entity
- The entity’s holdings of direct or indirect equity or other financial interests in other entities
- Being part of those charged with governance or key management (i.e. Those members of management who have the authority and responsibility for planning, directing and controlling the activities of the entity)
- Being a close family member of any person referred to in relationship
- Having a significant business relationship with any person referred to in relationship
Significant influence is generally defined as the power to participate in the financial and operating policy decisions of an entity, but is not control over those policies. Significant influence may be gained by share ownership, statute or agreement. Significant influence may be exercised by representation on the board of directors, but may also be apparent by such means as participation in the policy-making process, material intercompany transactions, interchange of managerial personnel and dependency on technical information.
Special-purpose entities as related parties
In some circumstances, a special-purpose entity may be a related party of the entity because the entity may in substance control it, even if the entity owns little or none of the special-purpose entity’s equity.
Measurement and review of financial performance
The auditor considers third party expectations related to the entity’s financial performance, particularly those that may put pressures on, or provide incentives to management to engage in fraudulent financial reporting.
The following matters include guidance regarding obtaining an understanding of the measurement and review of the entity’s financial performance, including the consideration of third party expectations:
Why we obtain an understanding of the measurement and review of financial performance, including the consideration of third party expectations
Management and others will measure and review those things they regard as important. Performance measures, whether external or internal, create pressures on the entity.
These pressures, in turn, may motivate management to take action to improve the business performance or to misstate the financial statements. For example:
- For listed entities, analysts may have expectations concerning financial performance measures, for example revenue and net income growth that may put pressure on management to record fraudulent revenue in order to meet such expectations.
- For private entities, banks may have expectations concerning debt covenants, minimum capital requirements, etc.
Accordingly, an understanding of the entity’s performance measures assists the auditor in considering whether pressures to achieve performance targets may result in management actions that increase the risks of material misstatement, including those due to fraud.
Smaller entities often do not have processes to measure and review financial performance. Inquiry of management may reveal that it relies on certain key indicators for evaluating financial performance and taking appropriate action. If such inquiry indicates an absence of performance measurement or review The auditor shall include in his/her audit documentation:
- The key elements of the understanding obtained regarding each of the aspects of the entity and its environment
- The sources of information from which the understanding was obtained, and The risk assessment procedures performed.
- Key elements of the auditor’s understanding are those elements which are related to the identification and assessment of risks and to the design of further audit procedures. It is not necessary to document the entirety of our understanding of the entity and matters related to it.
Using professional judgment, the auditor may consider the following in determining the nature and extent of his/her audit documentation:
- The nature, size and complexity of the entity and its internal control
- The availability of information from the entity
- For entities that have uncomplicated businesses and processes relevant to financial reporting, the documentation may be simple in form and relatively brief
The extent of documentation may also reflect the experience and capabilities of the members of the engagement team. Provided the requirements of audit documentation are always met, an audit undertaken by an engagement team comprising less experienced individuals may require more detailed documentation to assist them to obtain an appropriate understanding of the entity than one that includes experienced individuals. For recurring audits, certain documentation may be carried forward or updated as necessary to reflect changes in the entity’s business or processes.
- Litigation and claims
Litigation and claims are actual or potential legal actions, demands, fines and/or proceedings against the client related to alleged wrongful conduct brought by an individual, entity and/or regulatory or governmental body. The auditor does the following
- Evaluates management’s assessment of each litigation, claim and assessment (in addition to required evaluations and related procedures performed for estimates that give rise to significant risks:
- Understand the relevant facts related to the litigation and claims including: (a) when the underlying cause for legal action occurred (b) the degree of probability of an unfavourable outcome and (c) the amount or range of potential loss;
- Evaluate the response to any relevant audit inquiry letter that was sent and;
- Evaluate and document conclusions regarding the accounting and disclosure related to the litigation, claims and assessments.
- Design and perform audit procedures in order to identify litigation and claims involving the entity which may give rise to a risk of material misstatement, including:
- Reviewing minutes of meetings of those charged with governance, documents obtained from management concerning litigation and claims, and correspondence between the entity and its external legal counsel
- Reviewing legal expense accounts and invoices from external legal counsel.
- In addition, other relevant procedures include, for example, using information obtained through risk assessment procedures carried out as part of obtaining an understanding of the entity and its environment to assist us to become aware of litigation and claims involving the entity. For example, the auditor may: read minutes of meetings of owners, directors, governing bodies of governmental entities and appropriate committees held during, and subsequent to, the period being audited
- Read contracts, loan agreements, leases and correspondence from taxing or other governmental agencies, and similar documents
- Obtain information concerning guarantees from bank confirmations
- Inspect other documents for possible guarantees by the entity
End of Chapter Questions
City Housing, a house building company established for many years, has recently approached your firm to act as the company’s auditors. Professional clearance has been obtained from previous auditors and an audit engagement letter has been issued. It is now 1 December 2013 and your firm’s audit partner has asked you to visit the company in order to obtain as much relevant knowledge as possible for use in planning the audit of the company.
- Identify to whom in a limited company and audit engagement letter should be addressed, and explain how acceptance of the terms of engagement should be conveyed to the auditor. 6 Mark
- Explain the purpose of an audit engagement letter, state when such a letter should be issued to an audit client and identify occasion when it may be appropriate to
issue a new letter. 6 Marks
- State procedures and matters would consider about the clients background before acceptance of the engagement. 6 Mark
- Write a paragraph in your own words for inclusion in an audit engagement letter, setting out the responsibilities of the directors and auditors for safeguarding the
assets of the company and for the prevention and detection of fraud, errors and non-compliance with laws and regulations. 2 Marks
Total 20 Marks
ISA 315 (Redrafted) Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and Its Environment requires auditors to obtain an understanding of the entity and its environment, including its internal control.
- Explain why obtaining an understanding of the entity and its environment is important for the auditor. 6 Marks
- State five matter and sources of information you would consider to understand the entity 10 Marks
Total 16 Marks