By Fergal McManus, Account Manager, Ireland & Channel Islands at Confirmation, part of Thomson Reuters.
As several frauds, such as Luckin Coffee, Wirecard and Commerzialbank Mattersburg unravelled in 2020, auditors faced increased media scrutiny over their failure to detect such frauds.
In his 2018 review of the Financial Reporting Council (FRC), John Kingman pointed out that “high-profile enforcement action against auditors and audit firms are all contributing to reduced confidence in audit quality”.
The Brydon review of 2019 proposed reforms to address the situation. In the area of fraud, it recommended “clarity about roles, enhanced education, greater disclosure of anti-fraud measures, a fraud register and an independent sanctions regime”. It was hoped that taken together, they would go a long way to restoring confidence in the audit profession.
The review considered the question of fraud and auditors’ related responsibilities to be “the most complex and most misunderstood in relation to auditors’ duties".
It recommended a clear duty on auditors to endeavour to detect material misstatements (whether by error or fraud) in all reasonable ways, and to state in their report the steps they had taken to do so.
As well as promoting the concept of professional scepticism, the review asserted the need for professional suspicion – that auditors should be prepared to challenge management, assessing critically the information and explanations they had received.
What are the proposed revisions to audit standards?
The FRC accepted the criticisms in Brydon, admitting that “there is an ongoing concern that auditors are not doing enough to detect material fraud”.
In October 2020, the council published a consultation paper inviting interested parties to respond to its proposed revisions to ISA (UK) 240 – The auditor’s responsibilities relating to fraud in an audit of financial statements.
The amended standard emphasises that auditors must actively obtain “reasonable assurance” that the financial statements are free from fraud, not simply assess risks and react to them.
There is a section devoted to professional scepticism, which “assists the auditor in remaining unbiased and alert to both corroborative and contradictory audit evidence” and in evaluating the authenticity of records and documents.
There are also new requirements for the audit team. They should discuss fraud risk at the planning stage and decide whether they need additional specialised skills; for example, in forensic accounting or cybersecurity.
And the formal qualifications and continuous learning needed to practice as an auditor should include training in forensic accounting and fraud awareness.
There are also new duties, such as the requirement that – in conducting the “stand-back” evaluation of the evidence – auditors should consider objectively all the information they have obtained. They should then decide whether that evidence is sufficient and whether they have judged the risk of fraud accurately.
Welcome the opportunity for positive change
Confirmation, the world’s leading platform for confirming financial data, supports the FRC’s proposed changes to enhance auditing standards and the overall quality of audits.
It has also suggested to the FRC several further amendments. Here are three:
- Auditors need to have confidence that the party responding to their request for information is the valid one. The standard should mandate the validation of the responding party, both as a crucial step in establishing the authenticity of third-party audit evidence and as an exercise of professional scepticism.
- The auditor should address the risks related to any cash balances. If management tries to commit fraud by extracting assets from their business or covering up the existence of liabilities, there is a strong chance it will involve the manipulation of bank and cash balances.
- There should be a requirement for auditors to carry out an external confirmation process on a firm’s bank balances and relationships. This is currently left to their judgment, and the occasions where they choose to omit the process can be those that involve the greatest risk of fraud.
By adopting and engaging with the FRC’s revised standards, auditors can enhance their capacity to detect financial fraud and bolster confidence in the audit profession.
Confirmation, part of Thomson Reuters, pioneered the idea of digital confirmations in 2000 and still leads the industry today. More than 16,000 audit firms, 4,000 banks and departments, and 5,000 law firms have put their platform to work. They span 170 countries and process more than one trillion dollars in confirmations each year.
(This article is sponsored by Confirmation.)