Summary Notes

Question 1

What are the different types of assurance?

Answer 1

Audit of financial information: Reasonable (type), high (level), positive (opinion)
- Review of financial information: Limited (type), moderate (level of assurance), negative (opinion)

Question 2

What are the objectives of an audit?

Answer 2

• Obtain reasonable assurance about whether the financial statements are free from material misstatement and properly prepared in accordance with an applicable financial reporting framework
• Report on the financial statements
• Communicate with those charged with governance

Question 3

When are companies exempt from audit?

Answer 3

• Small private limited companies are exempt from a mandatory audit if they satisfy two of the following:
• No more than 50 employees
• Turnover does not exceed £10.2m
• Gross assets total does not exceed £5.1m

Subsidiary companies will not require an audit if their parent company guarantees their liabilities

Question 4

Which companies must have an audit?

Answer 4

• Plcs
• Insurance companies and banks
• Where shareholders owning at least 10% shares ask for an audit

Question 5

What are the benefits of an audit?

Answer 5

• Independent scrutiny of the business by experts
• Additional assurance may be necessary for third parties e.g. banks
• A growing business will need an audit one day
• Subsidiary benefits of the audit e.g. reports to management

Question 6

What is the difference between audit and assurance?

• Report to
• Scope
• Reporting
• Level of assurance
• Available to

Answer 6

Statutory audit:
Report to: Shareholders
Scope determined by: Companies Act 2006, ISAs, Other audit regulation
Reporting: Express an opinion on the financial statements (true & fair, properly prepared), certain other matters e.g information in the directors report is consistent with the financial statements
Level of assurance: Reasonable
Circulation of report: In public domain once the accounts are filed

Other assurance:
Report to: Usually management
Scope determined by: Terms of engagement, Relevant ISAEs or ISREs
Reporting: Report a conclusion depending on the nature of the work performed
Level of assurance: Usually limited
Circulation of report: Likely to be restricted

Question 7

What are management’s reponsibilities?

Answer 7

• Managing the business: so as to achieve company objectives, assessing business risks to those objectives being achieved
  Fulfilling statutory duties under Companies Act 2006: - safeguarding the company’s assets
• keeping proper accounting records
• preparing company financial statements and delivering them to Companies House
• ensuring the company complies with applicable laws and regulations

Question 8

What are the auditor’s responsibilities?

Answer 8

Form an opinion on the financial statements:
- True & fair
- Properly prepared
- Directors’ report consistent with financial statements
Identify material misstatement whether caused by error, fraud or non-compliance

Question 9

What are the fraud procedures?

Answer 9

1. Perform a fraud risk assessment
2. Exercise professional scepticism
3. Discuss fraud among the engagement team
4. Respond appropriately to the assessed level of fraud risk
5. Consider the implications for other areas of the audit e.g. if fraud is suspected it may cast doubt on the reliability of management representations

Question 10

Who do you report suspected fraud to?

Answer 10

Internal (management): Report to management, If management suspected of fraud, report to those charged with governance
Shareholders: Only if the fraud causes a material misstatement or uncertainty in the financial statements
Third parties: If there is a duty or right to disclose e.g. to a regulator

Question 11

What are the non-compliance procedures?

Answer 11

ISA 250:

1. Perform a risk assessment
2. Obtain evidence about compliance
3. If non-compliance suspected, document and discuss with management

Question 12

How do you report non-compliance?

Answer 12

Internal (management)

• Report to management
• If management suspected of involvement in non-compliance, report to those charged with governance
• If there is no higher level of management, consider obtaining legal advice

Shareholders:
- Only if the non-compliance causes a material misstatement or uncertainty in the financial statements

Third parties:
- If there is a duty or right to disclose e.g. to a regulator

Non-compliance may involve conduct designed to conceal it, such as collusion, forgery, deliberate failure to record transactions, management override of controls or intentional misrepresentations being made to the auditor.

Question 13

How do you report bribery and what should anti-bribery policies focus on?

Answer 13

Suspicions of bribery must be reported to the National Crime Agency (NCA) under the Proceeds of Crime Act 2002.
Policies should focus on:
- Top level culture in which bribery is unacceptable
- Risk assessment
- Due diligence procedures taking a risk-based approach
- Communication to staff including training
- Monitoring and review

Question 14

What are the implications of the Sarbanes-Oxley Act 2002?

Answer 14

Management:

• CEOS and CFOs must attest to the veracity of the financial statements (criminal penalties apply for false attestations)
• Greater disclosure of the amendments made to the financial statements during the audit process

Auditors:

• Stricter enforcement of auditor independence rules
• Public Company Accounting Oversight Board (PCAOB) can inspect audit files of US listed companies, including subsidiaries based overseas

Question 15

How do you deal with related party transactions?

Answer 15

ISA 550:

1. Obtain a list of all related parties from management
2. Carry out detailed tests of transactions and balances (as would be done on all audits but looking out for related party transactions)
3. Reviewing minutes of meetings of shareholders and directors (where related party transactions may have been discussed)
4. Reviewing bank confirmation letters for evidence for guarantor relationships
5. Reviewing investment transactions e.g identifying new subsidiaries which are related parties
6. Confirming that correct disclosures have been made in the financial statements
7. Obtain written management representations confirming that all related party transactions have been disclosed

Question 16

What are the money laundering responsibilities?

Answer 16

• Report actual or suspected money laundering to the firm’s money laundering nominated officer
• MLRO reports to NCA if necessary
• Avoid tipping off client
• Offence to tip off and an offence not to report

Question 17

What are engagement regulations applicable to all engagements? What about additional guidance for audits?

Answer 17

All engagements:

• Ethical standards
• Risk assessment
• Terms of engagement
• ISQCs

Additional for audit:

• Companies Act 2006
• ISAs

Question 18

What is the role of the IAASB?

Answer 18

International Auditing and Assurance Standards Board:

• Subsidiary of IFAC
• Develops international standards - issues ISAs, ISQCs and other standards

Question 19

What is the role of the Financial Reporting Council?

Answer 19

• Supervises accountancy related issues in the UK
• Issues ISAs (UK)
• Also issues other standards and guidance for auditors:
• Ethical standards
• Practice notes
• Bulletins
• Standards for reviews of interim information
• Audit quality - thematic reviews

Question 20

What are some current issues? (Harmonisation)

Answer 20

EU Directive and Regulation 2014 Provisions:

• Improve quality of audit and reporting
• Mandatory retendering for audits (10 years) and auditor rotation (20 years)
• Ban on providing non-audit services to public interest entities
• Cap on fees for non-audit services

Question 21

What are some current issues (professional scepticism/newer considerations)?

Answer 21

PS; the FRC issued a briefing paper on professional scepticism.
Recognises the difficulty in exercising scepticism when the culture of audit firms encourages close working relationships with clients

Newer:

• Big data
• The future of audit
• Joint audits
• Climate change
• Technological advances
• Dominance of the Big 4

Question 22

What are the fundamental ethical principals?

Answer 22

• Professional competence and due care
• Integrity
• Objectivity
• Confidentiality
• Professional behaviour

Question 23

What are the threats to objectivity and independence?

Answer 23

• Self-interest threat
• Self-review threat
• Advocacy threat
• Familiarity threat
• Intimidation threat
• Management threat

Question 24

What length of time must the audit firm monitor?

Answer 24

The audit firm must monitor the length of time that partners and senior staff work on the client. Self-interest, self-review and familiarity threats

Question 25

What do you do if threats regarding length of time work on a client arise?

Answer 25

Where threats are identified, appropriate safeguards may include: - Rotation of partners - Involve another partner, not previously involved on the engagement, to review the work done by the partner and other senior staff - Engagement quality control review (EQCR)

Question 26

How long can an engagement partner remain on a non-listed client? What if they are not rotated?

Answer 26

When the engagement partner on a non-listed client has held the role for 10 years, careful consideration is given to the need to rotate the partner. If they are not rotated: - Apply safeguards (in other card) - Document reasoning and communicate reasoning with those charged with governance at the client

Question 27

How long can an engagement partner remain on a listed client? What if they are not rotated?

Answer 27

- Rotate after 5 years, no return within 5 years: This includes time spent when an audit engagement moved between firms. After a rotation, engagement partners should not have significant/frequent interaction with management The audit committee may approve the extension of the audit engagement partner's service to 7 years in certain circumstances, and sets out the requirement for safeguards such as an expanded engagement quality control review. Any such extension is disclosed to shareholders

Question 28

What happens when the audit client becomes listed?

Answer 28

When the audit client becomes listed, if the audit engagement partner has already served 4 or more years they may continue for a maximum of 2 years

Question 29

What is the time restriction for the engagement quality control review partner and key partners involved in the audit of a listed client? What about other staff?

Answer 29

Engagement quality control review partner and key partners involved in the audit of a listed client: - Rotate after 7 years - No return within 5 years (EQCR partner)/ 2 years (key partner involved in audit) Other partners/senior staff on a listed client: - Review safeguards after 7 years Paragraphs 3.22/3.23 set out the considerations that might suggest independence is compromised and safeguards to address

Question 30

How are non-audit fees treated for listed clients?

Answer 30

- Fees for non-audit services shall be limited to 70% of the average audit fee for the last 3 years - Where the fees charged for non-audit services for a financial year exceed the audit fee for that year, disclose to the Ethics partner and consider the need for safeguard

Question 31

How are audit fees treated for listed clients?

Answer 31

Where regular fee income is expected to exceed: - 10% of the firm's fee income - cannot act as auditor - 5% of the firm's income - disclose to Ethics Partner and those charged with governance and consider whether safeguards need to be applied (e.g. expanded EQCR, reduce other services)

Question 32

How are audit fees treated for non-listed clients?

Answer 32

Where regular fee income is expected to exceed: - 15% of the firm's income: cannot act as auditor - 10% of the firm's fee income - disclose to Ethics partner and those charged with governance and arrange an ECQR

Question 33

What might new firms find difficult?

Answer 33

New firms may find the economic dependence requirements difficult to comply with so should consider the use of external quality control reviewers

Question 34

Fees affected by: - Sufficient time - Contingent fees (favourable result) - Non-audit services

Answer 34

- Assign sufficient partners and staff with time and skill to complete the audit regardless of the audit fee charged. Self-interest threat - Audit fees should not be influenced by the provision of non-audit services to the clients - Contingent fees for audit and non-audit services are not permitted. Self-interest threat so significant, cannot be eliminated/reduced

Question 35

Can you work if fees are overdue?

Answer 35

- Self-interest threat - Consider whether this can be resolved/settled - If fees outstanding then consider whether to accept/continue working for the entity or resign

Question 36

Fees: - Cross-selling - Gifts - Litigation (the process of taking legal action)

Answer 36

- Audit staff should not be assessed or paid related to their ability to cross-sell the firm's products - Audit firm, partners, covered persons and persons closely associated with them shall not accept gifts or hospitality unless the value is trivial. Self-interest and familiarity threats. Paras 4.42/.43/.45 - The auditor should resign if litigation between audit firm and client is in progress or threatened. Self-interest, advocacy and intimidation threats

Question 37

Anyone in the audit firm considering providing a non-audit service to one of the firm's audit clients must what?

Answer 37

Must communicate the details to the audit engagement partner. They can then consider the implications before the service is accepted.

Question 38

What should you do before accepting non-audit work?

Answer 38

Before accepting non-audit work, consider whether a reasonable and informed third party would regard the non-audit work as impairing the firm's objectivity and independence

Question 39

Can you make management decisions?

Answer 39

5.18: Management decision making services prohibited for audit firms

Question 40

What happens when safeguards are insufficient to mitigate the threats to independence?

Answer 40

Where safeguards are insufficient to mitigate the threats to independence, the non-audit work should not be accepted. Reminder that management decision making can never be safeguarded

Question 41

What are general safeguards for non-audit work?

Answer 41

- Separate teams for the audit and non-audit work | - Engagement quality control review of the work and conclusions of the audit team in relation to the non-audit service

Question 42

Do you need informed management?

Answer 42

Consider whether there is informed management. Without informed management it is unlikely that any safeguards could be effective against the management threat.

Question 43

When should you document all reasoning and safeguards related to non-audit services?

Answer 43

Document all reasoning and safeguards related to non-audit services. Ensure this occurs prior to an engagement letter being issued

Question 44

What matters should you communicate in regard to the provision of non-audit services?

Answer 44

Communicate matters that have a bearing on the auditor's objectivity and independence related to the provision of non-audit services to those charged with governance.

Question 45

What is the general approach for non-PIEs?

Answer 45

Ethical threats must be evaluated. If threats exist, safeguards must be applied or (where not possible) withdraw from the engagement. This is set out in paragraph 5.13

Question 46

What does the Standard provide for PIE clients?

Answer 46

For PIE audit clients, the Standard provides a permitted services list. If a specific service does not feature on the list, then it cannot be provided to the client. The full permitted list can be found in paragraph 5.40

Question 47

What are non-audit services that are strictly prohibited for PIE clients that are also audit clients?

Answer 47

- tax services - playing any part in management or decision making - bookkeeping/preparing accounting records/financial statements - payroll services - design/implementation of internal controls/risk management procedures - valuation services - legal services - services related to the internal audit function - services linked to financing, capital structure and allocation - promoting, dealing in or underwriting shares - human resources services (ethical standard)

Question 48

What is the rule for audits of small entities in relation to the requirement for an EIQC review if fees from a client are expected to exceed 10% but not exceed 15%?

Answer 48

No requirement for the independent quality control review, but must disclose the issue to the Ethics Partner and those charged with governance at the client

Question 49

What is the rule for audits of small entities in relation to section 5 requirements for the provision of non-audit services?

Answer 49

The firm is not required to apply safeguards to address the self-review threat provided there is: - informed management - more regular 'cold-review' of audits where non-audit services have been provided - disclosure of non-audit services in the audit report

Question 50

What is the rule for audits of small entities in relation to paragraph 2.45 - where an audit partner joins the client the firm should resign and cannot accept reappointment as auditor until 2 years have passed?

Answer 50

The firm can continue as auditor provided: - There is no significant threat to the audit team's integrity, objectivity and independence - Disclosure of the partner joining the client is made in the audit report

Question 51

Accountants have a duty of confidentiality which means what?

Answer 51

Means they: - should not disclose client information unless there is a right or duty to do so - should take all reasonable steps to preserve confidentiality - should not use confidential information for personal advantage

Question 52

What is the difference between a duty to disclose and a right to disclose?

Answer 52

Duty: - Required by a regulator - Ordered by a court - Comply with technical/professional standards (e.g. Money Laundering or terrorism) - Comply with quality review of professional body Right: - Client permission granted - Public interest - To defend the firm/provide evidence in legal proceedings