Auditing and Assurance

(ACT 380)

Fall, 2019 1
 Auditing at a Glance:
 Basic Understanding of Auditing Process
 Assurance and auditing: An overview & Structure of Profession Ch1 & Ch 2 (Lecture 1)
 Auditor’s liability and Ethics, independence, corporate governance Ch 2 & Ch 3 (Lecture 2)
 The auditor’s reporting obligations Ch 12 (Lecture 3)
 The financial report audit process Ch 4 (Lecture 4)

 Client Acceptance, Plan and risk assessment

 Planning, understanding the entity and assessing business risk Ch 5 (Lecture 5)
 Specific business risks and materiality Ch 6 (Lecture 6)

 Response to Assessed Risks

 Understanding Internal Control and Testing controls Ch 7 & 8 (Lecture 7)
 Substantive tests of transactions and balances Ch 9 (Lecture 8)
 Audit sampling Ch 10 (Lecture 9)

 Complete the Audit and Issue a Report plus Others

 Completing the audit Ch 11 (Lecture 10)
2
 Legal Liability of Auditors

3
 Establishing the auditor’s duty
Society imposes a duty to exercise reasonable care and
skill in two ways:
1. Contractual (including statutory) relationship

2. Special relationship between two parties.

4
 Examples of the Magnitude of Claims

Claimed
Deposit & Investment Co $73 million
(KPMG - breach of contract)
SA Govt - State Bank $3.1 billion
(KPMG - negligence)
Health & Life Care $105 million
(Price Waterhouse- lack of due care)
Estate Mortgage $650 million
(Priestley & Morris - true & fair view)
Linter Group $320 million
(Price Waterhouse-failed to detect fraud)
 IMPACT ON THE PROFESSION

 Huge Claims - Deep Pocket Syndrome

 Unlimited Liability inequitable to auditors
 False perception of auditor credibility
 Claims settled out of court
 Huge professional indemnity insurance premiums
(claimed to be 14% of audit revenues).
Liability to Clients (Shareholders)

The most common

source of lawsuits
against auditors
is from clients.
 Contractual Rights/Responsibilities
Law of Contract

Referred to in the Engagement Letter

(ASA 210)
 Common Law Duties
London & General Bank Ltd (1895)
(Duty to report to shareholders not to directors)

Kingston Cotton Mill Co. (1896)

(Reasonable person test)

Pacific Acceptance Corporation Ltd v Forsyth & Ors (1970)

(General auditor responsibilities & negligence)

AWA Ltd v Daniels & Others (1995)

(Contributory negligence)
Common Law Duties Re: Reasonable standard of care

London & General Bank Ltd (1895)

(Duty to report to shareholders not to directors)

Kingston Cotton Mill Co. (1896)

(Auditor is a “watchdog not a bloodhound” – if there is anything
calculated to excite suspicion, he should probe it to the bottom,
otherwise he is bound only to be reasonably cautious and careful)

Pacific Acceptance Corporation Ltd v Forsyth & Ors (1970)

(The judgment confirmed, and in some areas established many of the
current legal principles underpinning auditing)

10
 Standards/
Principles relating to auditing from the Pacific
Acceptance Case

 duty to use reasonable care and skill;

 duty to check and see for themselves;
 audit the whole year;
 appropriately supervise and review;
 properly document procedures;
 duty to warn and inform appropriate level of management;
 duty to take further action where suspicion is aroused;
 reliance on others is not a substitute for the auditor’s own procedures;
 expectation of discovering material error or fraud; and
 professional standards provide a guide*.

*(Note: As from July 2006, Auditing Standards have force of law)

 Liability to Clients
(Privity of Contract)
For Companies:
Client =all the shareholders

For an action to succeed:

 Auditor must be guilty of negligence AND

 Client must suffer a financial loss AND
 Loss must have been reasonably foreseeable & must have occurred as a
direct result of the negligence
Liability to Third Parties
 Liability to Third Parties

CONTRACT-
DUTY OF CARE
AUDITOR CLIENT

NO CONTRACT-
MUST PROVE
THIRD Bank, Creditors,
DUTY OF CARE
PARTY Potential Investors,
Financiers
 Liability to Third Parties
FIRST:
Foreseeability and Proximity

A duty of care must be owed by the

auditor to the 3rd party
(The auditor must be made aware of the particular third party
and the nature of their reliance on the accounts AND
information must be provided with the intention to induce the
recipient to act)
 Liability to Third Parties

IN ADDITION TO the DUTY OF CARE:

 The auditor must have been negligent (Breach of Duty of Care)

AND
 3rd party must suffer a loss relying on the audited financial statements
AND
 There must be sufficient connection between the loss and the
auditor’s negligence
 Some concepts

17
 Contributory negligence
• Exists where the plaintiff fails to exercise the required standard
of care, thus contributing to its own loss.

• Prior to AWA (1995), such a defence by auditors was

unsuccessful. Refer to Pacific Acceptance (1970)…
• To excuse an auditor because the directors or management were also
at fault, and in particular to excuse him when he failed to perform his
duty with independence and to check on management and the board,
would be to negate a fundamental reason for the appointment of an
auditor.

18
 As a result of the AWA case…

Contributory negligence is now accepted as a reason

for reducing the damages attributable to an auditor.

19
 Privity letters
• A privity letter is a letter from the auditor acknowledging
a third party’s reliance on an audited report.

• The third party requests the privity letter from auditor.

• Purpose: to establish a relationship with the requisite foreseeability and

proximity and thereby establish a duty of care by the auditor to the third
party.

• AGS 1014 provides guidance:

• Unless an auditor intends to accept responsibility to a third party, the auditor should
respond unequivocally (unmistakably) stating that the body of shareholders is the
only group entitled to rely on the audit report..
20
 Responsibility for the prevention and detection of fraud

Guidance: ISA 240 for fraud and error

• Prevention of fraud is management’s responsibility
ISA 240 outlines auditor's responsibility:
• Emphasises the need for the auditor to maintain an attitude of
professional scepticism
• Requires the engagement team to discuss how the financial report
may be susceptible to material misstatement from fraud and
identify what audit procedures would be effective for its detection
• Design and perform these audit procedures

21
 Responsibility for the reporting of fraud
• An auditor has a duty of care to report fraud, irrespective of
materiality, to an appropriate level of management when
suspicions are aroused.

• An auditor may have a mandatory responsibility to report

fraud under the Corporations Act or the Crimes Act
(accessory after the fact).

• An auditor is protected by qualified privilege

when reporting matters in good faith.

22
 Professional Ethics &
Independence

23
 The Code of Ethics for Professional Accountants
(APES 110)

 Part A: General Application of the Code:

 Fundamental principles applicable to Professional Accountants
 Integrity: Objectivity; Prof Competence & Due Care; Confidentiality; Prof Behaviour

 Part B: Applies to Members in Practice:

 Appointment; Conflict of Interest; Fees; Marketing; Gifts; Custody of client assets

 Part C: Applies to Members in Business:

 Potential conflicts; Preparation and reporting of information; Acting with sufficient
expertise; Financial interests; Inducements
24
 Fundamental principles

 APES 110, s 290 provides specific guidance on independence

requirements for audit and review engagements, while s 291 provides
similar requirements for other assurance engagements.
25
 Fundamental Principles:
 Integrity:
 To be straightforward and honest in professional and business
relationships. Integrity also implies fair dealing and truthfulness

 A Member should not be associated with reports, returns,

communications or other information where they believe that the
information:
(a) Contains a materially false or misleading statement;
(b) Contains statements or information furnished recklessly; or
(c) Omits or obscures information required to be included where such
omission or obscurity would be misleading.
26
 Fundamental Principles cont’d…
 Objectivity:
 Imposes an obligation on members not to compromise their
professional or business judgment because of bias, conflict of
interest or the undue influence of others

 Relationships that bias or unduly influence the professional

judgment of the Member should be avoided

27
 Fundamental Principles cont’d…
 Professional Competence and Due Care:
 Imposes the following obligations on Members:
(a) To maintain professional knowledge and skill at the level required to
ensure that Clients or employers receive competent professional service;
and
(b) To act diligently in accordance with applicable technical and professional
standards when providing their services.

 Requires the exercise of sound judgment in applying professional

knowledge and skill in the performance of such service:
(a) Attainment of professional competence; and
(b) Maintenance of professional competence.

28
 Fundamental Principles cont’d…
 Confidentiality:

 Requires members to refrain from:

(a) Disclosing outside the Firm or employing organisation confidential
information acquired as a result of professional and business relationships
without proper and specific authority from the Client or employer or unless
there is a legal duty to disclose; and
(b) Using confidential information acquired as a result of professional and
business relationships to their personal advantage or the advantage of third
parties

29
 Fundamental Principles cont’d…
 Professional Behaviour:
 Requires members to comply with relevant laws and regulations and
avoid any action or omission that may bring discredit to the
profession; and

 In marketing and promoting themselves and their work, Members

should not bring the profession into disrepute. Members should be
honest and truthful and should not:
(a) Make exaggerated claims for the services they are able to offer, the
qualifications they possess, or experience they have gained; or
(b) Make disparaging references or unsubstantiated comparisons to the work of
others.

30
 Auditor independence
 Independence is a key characteristic of an audit or assurance
service provider.
 In order for auditors to add credibility to financial reports or other
subject matter, they need to remain independent.
 Independence is one of the fundamental ethical virtues or
principles required by APES 110.

31
 Independence:
The concept of Independence is fundamental to compliance
with the principles of Integrity & Objectivity (Para 290)

 Independence of Mind: (Actual Independence)

 The state of mind that permits the expression of a conclusion without
being affected by influences that compromise professional judgment,
allowing an individual to act with integrity, and exercise objectivity and
professional scepticism.

 Independence in Appearance: (Perceived Independence)

 The avoidance of facts and circumstances that are so significant that a
reasonable and informed third party, having knowledge of all relevant
information, including safeguards applied, would reasonably conclude a
Firm’s, or a member of the Assurance Team’s, integrity, objectivity or
professional scepticism had been compromised.

32
Major threats to auditor independence

 Auditor employment relationships

 Member of the assurance team cannot be employed by the client

 Financial and business relationships, including:

 Investments in audit clients
 Loans to and from clients
 Business relationships
 Goods and services from clients

33
Threats to independence
 Self-Interest Threat:

 Occurs when a Firm or a member of the Assurance Team

could benefit from a Financial Interest in, or other self-
interest conflict with, an Assurance Client.

 Examples include, but are not limited to:

 A Direct Financial Interest or material Indirect Financial Interest in an
Assurance Client;
 Undue dependence on total fees from an Assurance Client;
 Concern about the possibility of losing the Engagement;
 Potential employment with an Assurance Client; and
 Contingent Fees relating to Assurance Engagements.

35
 Self-Review Threat:
 Occurs when:
 any product or judgment of a previous Assurance Engagement or non-
Assurance Engagement needs to be re-evaluated in reaching conclusions on the
Assurance Engagement; or
 when a member of the Assurance Team was previously a Director or Officer of
the Assurance Client or was an employee in a position to exert direct and
significant influence over the subject matter of the Assurance Engagement.

 Examples include, but are not limited to:

 Performing services for an Assurance Client that directly affect the subject matter
of the Assurance Engagement; and
 Preparation of original data used to generate a financial report or preparation of
other records that are the subject matter of the Assurance Engagement.

36
 Advocacy Threat:
 Occurs when a Firm, or a member of the Assurance Team,
promotes, or may be perceived to promote an Assurance
Client's position or opinion to the point that objectivity may,
or may be perceived to be, compromised.

 Examples include, but are not limited to:

 Dealing in, or being a promoter of, shares or other securities in an Assurance
Client; and
 Acting as an advocate on behalf of an Assurance Client in litigation or in
resolving disputes with third parties.

37
 Familiarity Threat:
 Occurs when, by virtue of a close relationship with an
Assurance Client, its Directors, Officers or employees, a
Firm or a member of the Assurance Team becomes too
sympathetic to the Client's interests.

 Examples include, but are not limited to:

 A member of the Assurance Team having an Immediate Family member or
Close Family member who, as an employee of the Assurance Client, is in a
position to exert direct and significant influence over the subject matter of the
Assurance Engagement;
 Long association of a senior member of the Assurance Team with the
Assurance Client; and
 Acceptance of gifts or hospitality, unless the value is Clearly Insignificant

38
 Intimidation Threat:
 Occurs when a member of the Assurance Team may be
deterred from acting objectively and exercising professional
scepticism by threats, actual or perceived, from the
Directors, Officers or employees of an Assurance Client.

 Examples include, but are not limited to:

 Threat of replacement over a disagreement with the application of an
accounting principle; and
 Pressure to reduce inappropriately the extent of work performed in order to
reduce fees.

39
Provision of non-audit services
 Provision of non-audit services, including:
 Preparing financial reports
 Valuation services
 Taxation
 Internal audit
 Design of systems
 Temporary staff assignments
 Litigation support services
 Legal services
 Recruiting senior management
 Corporate finance
3-40
 Safeguards to Threats (APES 110, s 290 ):

 Safeguards fall into three broad categories:

 Safeguards created by the profession, legislation or regulation;
 Educational, training and experience requirements for entry; Continuing
education requirements; Prof Stds, monitoring & disciplinary processes;

 Safeguards within the Assurance Client;

 persons other than management ratify or approve the appointment
 competent employees to make managerial decisions

 Safeguards within the firm's own systems and procedures

 Adherence with Quality control standards
 Rotation of auditors
41
 Legislative requirements
 Independence declaration
 Auditors must give directors a written declaration of their independence and this is to be included
in the directors’ report.
 Conflict of interest
 Auditor must take reasonable steps to ensure conflict of interest situations cease to exist as soon
as possible. Conflict of interest is where members of audit team are not capable of exercising
objective and impartial judgment, as judged by a reasonable person.
 Former auditors
 Directors’ report is to include names of each officer of client who was a former partner or director
of current auditor.
 Member of auditor team
 Cannot become director, company secretary or member of senior management of a client until
two years after ceasing to be with audit firm.
 Rotation of audit partners
 Lead or review partner for five successive years cannot play a significant role in the audit of that
entity for at least another two successive years.
 Non-audit services
 Boards of all listed companies are required to provide a statement in their annual report that
identifies all non-audit services provided by an audit firm, the fee for each service and an
explanation of why provision of the service did not impair independence.
42