Implementing GAAS 2017–18 · 1.6 Development of International Standards on Auditing (UK) 6 1.6.1...
Transcript of Implementing GAAS 2017–18 · 1.6 Development of International Standards on Auditing (UK) 6 1.6.1...
Implementing GAAS 2017–18Ian Connon and Helen MacNeill BDO LLP
2017–18
xxxiii
Preface
At the time of writing last year’s edition, the Financial Reporting Council
(FRC) had just released a final draft of its proposed revised auditing and
ethical standards. These included a new Ethical Standard, replacing the
Ethical Standards for Auditors issued by the former Auditing Practices
Board, and a new suite of International Standards on Auditing (UK) (ISAs
(UK)), including a revised ISQC (UK) 1, replacing the extant International
Standards on Auditing (UK and Ireland) and ISQC (UK and Ireland) 1.
By virtue of the Statutory Auditors and Third Country Auditors Regulations
2016 (SATCAR 2016) the FRC was designated as the UK Competent
Authority for audit with responsibility for the regulation of statutory
audit; including setting auditing and ethical standards, monitoring and
enforcement and on 17 June 2016 it issued its revised standards, which
now apply in respect of audits for periods commencing on or after that
date.
Responsibility for the setting of auditing standards in the Republic of
Ireland was transferred to the Irish Auditing and Accounting Supervisory
Authority (IAASA), which has since issued its own standards, based on
those issued by the FRC, but with some amendments. As a consequence,
this publication now refers only to the UK standards and does not
specifically consider requirements applicable in Ireland, although in many
cases they will be the same.
In conjunction with the new standards, the FRC issued updates to the
UK Corporate Governance Code and Guidance on Audit Committees
to reflect changes arising from the legislation on audit committees and
auditor appointments. Further changes to the Code are expected following
a recent government consultation on corporate governance.
In updating this edition we have attempted to reflect the key elements of
the changes introduced in the new standards and these are identified in
the introductory paragraphs to each section.
Principal drivers for the changes were:
• An EU Directive issued in 2014 amending the 2006 Statutory Audit
Directive and creating new legal requirements applicable to all
statutory audits. This introduced a new definition of public interest
entities (PIEs), being entities incorporated in an EU member state
with securities listed on a regulated market, credit institutions and
insurers.
• Specific requirements imposed by the EU Regulation in respect of the
statutory audit of PIEs.
xxxiv
Preface
• Changes to International Standards on Auditing not previously
reflected in UK standards. In particular those relating to the audit of
disclosures in the financial statements; the auditor’s responsibilities
regarding other information published with the financial statements;
and revisions to auditor reporting standards including the reporting of
key audit matters (KAMs).
• Changes to UK legislation regarding the auditor’s responsibilities in
relation to directors’ reports and strategic reports.
The new Directive and Regulation requirements are aimed largely at
improving audit quality, through a tightening of regulations governing
auditor independence, audit firms’ internal quality control procedures and
access to audit information by regulators, particularly in relation to work
done by overseas component auditors.
Stricter independence rules apply mainly to PIEs but may also be seen
as best practice in relation to other audits. These include mandatory
retendering of PIE audits after ten years with rotation after 20 years;
shorter rotation periods for key partners (other than the engagement
partner) and a process of gradual rotation for other senior members of
the audit engagement team; prohibitions and restrictions on the supply
of non-audit services by the auditor including a financial cap on fees for
permitted non-audit services; extension of the FRC’s independence rules
to auditors of overseas components and mandatory ‘cooling off’ periods
where audit partners and staff are subsequently employed by audit
clients. In addition, for PIEs, listed companies and other engagements
where an Engagement Quality Control Review is carried out there are
new requirements regarding the timing, extent and documentation of this
process.
In respect of disclosures, ISAs (UK) have been revised to focus
auditors’ attention on disclosures throughout the audit process, including
understanding the sources of information from which disclosures are
derived and systems and controls related thereto, assessment of the
risks of material misstatement relating to disclosures and consideration of
the adequacy and presentation of disclosures in the financial statements
(including accounting policies).
In respect of other information, the standards have been revised to
widen the definition of ‘annual report’ to encompass material intended to
accompany the financial statements that may be published separately.
The auditor’s responsibilities in relation to other information are also
widened to require him to determine whether inconsistencies result from
misstatements within the other information or in the financial statements.
Uncorrected misstatements of other information will need to be reported
in the auditor’s report.
The revised standards also reflect the auditor’s responsibilities in relation to
‘statutory’ other information (directors’ report, strategic report and in some
Preface
xxxv
situations, certain aspects of a separate governance statement) where
the auditor is now required by law to provide certain opinions including
whether the information has been prepared in accordance with legal
requirements and is consistent with his knowledge and understanding;
and in respect of requirements of the Listing Rules and UK Corporate
Governance Code, where applicable. Details are set out in section 34.
New and revised ISAs (UK) make further significant changes to audit
reporting with a completely new format and standard wording for audit
reports (see section 4) and a new requirement for a separate section of
the report dealing with the auditor’s conclusions on going concern. This
clearly distinguishes consideration of the applicability of the going concern
basis from the auditor’s views on the directors assessment of the entity’s
ability to continue to apply the going concern basis for a period of at least
twelve months from the date of approval of the financial statements –
even where the auditor has nothing to report in respect of these matters
(see section 11). Where there is a material uncertainty in relation to gong
concern, and this is adequately disclosed in the financial statements, the
traditional ‘emphasis of matter’ is replaced with a similar paragraph given
greater prominence under the heading of ‘conclusions relating to going
concern’.
A requirement to report ‘key audit matters’ (KAMs) now applies not
only to those companies explaining compliance with the UK Corporate
Governance Code but also now all ‘listed’ companies including those
with a standard listing on the London Stock Exchange, AIM companies
and any other entity whose securities are publicly traded. Companies
and their auditors may also choose to report KAMs voluntarily. KAMs are
those matters that the auditor considers to be of greatest significance
in the audit, including the most significant risks of misstatement. Where
applicable the report sets outs the key matters, the auditor’s response
and certain other matters regarding audit scope and materiality.
For PIEs there are additional specific requirements both for the auditor’s
report and for an ‘additional’ report to the audit committee at the conclusion
of the audit.
The other big event of the year was of course the result of the ‘Brexit’ vote
with its immediate impacts on foreign exchange markets and economic
uncertainty. Implications will vary widely depending on the business and
the sector but going forward auditors will need to consider carefully with
their clients such matters as the need to adjust forecasts (e.g. for changes
in exchange rates or growth assumptions), the impact on asset values,
disclosures in relation to risk and uncertainties and, not least, the potential
impact on going concern assessments.
We mentioned auditor scepticism last year and this remains a hot topic
and high on the agenda for both standard setters and regulators. ISAs
(UK) contain two new explicit references to scepticism as a result of
Preface
xxxvi
the EU Directive, requiring the auditor to be particularly sceptical when
reviewing cash flow relevant to the entity’s ability to continue as a going
concern and when reviewing management estimates in relation to fair
values, the impairment of assets and provisions. The IAASB has a
separate project addressing scepticism and is focussing on scepticism
as it revises it standards. An updated ISA 540 on accounting estimates is
expected later this year (to coincide with the application of IFRS 9) with
a much greater emphasis on scepticism than before. The FRC has also
cited lack of scepticism by auditors as a criticism in regulatory file reviews
and in a number of recent disciplinary cases. Expect more scepticism in
the future!
As always, we are grateful to the many people who have contributed
over the years to the material in this book. In particular, we should like
to acknowledge the contributions of Don Bawtree, Ros Brickman, Nick
Carter-Pegg, Chris Kirton, Liz Kulczy cki, Peter Lewis, Nigel Read and
Paula Willock whose help in updating the book this year has been
invaluable.
Any suggestions as to how this publication could be further improved
would be welcome. Please e-mail your views to uk-contentqueries@
wolterskluwer.com.
Ian Connon
Helen MacNeill
v
CONTENTS
Preface xxxiii
1 The nature of auditing standards 1
1.1 Introduction 1
1.2 Limitations of standards 1
1.3 Authoritative bodies 2
1.4 International Auditing and Assurance Standards Board 2
1.4.1 Background 2
1.4.2 Structure and processes 3
1.4.3 IAASB pronouncements 3
1.5 The Financial Reporting Council 4
1.6 Development of International Standards on Auditing (UK) 6
1.6.1 Original ISAs (UK and Ireland) 6
1.6.2 IAASB’s clarity project 6
1.6.3 UK adoption of clarified ISAs 6
1.6.4 EU audit directive and regulation 7
1.6.5 Other changes to ISAs 8
1.6.6 Application of ISAs (UK) 8
1.7 Other FRC guidance 9
1.7.1 Practice Notes 9
1.7.2 Bulletins 9
1.7.3 Standards 10
1.7.4 Statements of Recommended Practice (SORPs) 10
1.8 Other guidance 10
1.9 Conventions 10
1.10 Accounting framework 10
2 Audit regulation and ethics 13
2.1 Introduction 13
2.1.1 Ethical standards for auditors 14
2.1.2 Audit regulations 15
2.2 Qualification 15
2.3 Control of audit firms 15
2.4 Fit and proper person 15
2.5 ICAEW code of ethics 16
2.5.1 Background 16
2.5.2 The fundamental principles 16
2.5.3 Threats and safeguards 17
2.5.4 Conflict resolution 18
2.5.5 Conflicts of interest and confidentiality 19
Contents
vi
2.5.6 Control of confidentiality and independence 20
2.5.7 Receipt of information in confidence by auditors 20
2.6 The FRC’s Revised Ethical Standard 2016 21
2.6.1 Scope 21
2.6.2 Contents of the Revised Ethical Standard 23
2.6.3 Ethical Standard – Introduction and Section 1 – Integrity,
Objectivity and Independence 26
2.6.4 Ethical Standard – Section 2: Financial, Business,
Employment and Personal Relationships 30
2.6.5 Ethical Standard – Section 3: Long Association with
the Audit Engagement 34
2.6.6 Ethical Standard Section 4: Fees, Remuneration and
Evaluation Policies, Litigation, Gifts and Hospitality 36
2.6.7 Ethical Standard Section 5 – Non-Audit Services
Provided to Audited Entities 38
2.7 Section 6 – Provisions available for small entities 39
2.7.1 Background 39
2.7.2 Non-audit services 40
2.7.3 Economic dependence 41
2.7.4 Partners and other persons joining an audit client 41
2.7.5 Audit report wording 42
2.8 Technical standards 43
2.8.1 Acceptance of appointment and reappointment 44
2.8.2 Quality control 44
2.9 Maintaining competence 44
2.10 Meeting of claims 45
2.11 Other areas 45
2.12 Oversight of the profession 45
2.13 Audit quality monitoring 46
2.14 Reports by registered auditors 46
2.15 Other international developments 46
3 Quality control for audit work 49
3.1 Introduction 49
3.2 ISQC (UK) 1 (Revised June 2016) 50
3.2.1 Basic requirement 50
3.2.2 Elements of a system of quality control 51
3.2.3 Leadership 52
3.2.4 Ethical requirements 52
3.2.5 Client acceptance and continuance 53
3.2.6 Human resources 56
3.2.7 Engagement performance 57
3.2.8 Engagement documentation 61
3.2.9 Monitoring 62
3.2.10 Complaints 65
3.2.11 Documentation of quality control system 65
Contents
vii
3.3 ISA (UK) 220 (Revised June 2016) Quality Control for an Audit of
Financial Statements 66
3.3.1 General requirement 66
3.3.2 Leadership responsibilities for quality 67
3.3.3 Ethical requirements 67
3.3.4 Acceptance and continuance 67
3.3.5 Assignment of the team 68
3.3.6 Engagement performance 68
3.3.7 Monitoring 69
3.3.8 Documentation 69
3.4 FRC audit quality framework 70
3.4.1 Background 70
3.4.2 Promoting audit quality 71
3.4.3 Factors outside the auditor’s control 73
3.5 International developments 73
4 The auditor’s report 77
4.1 Introduction 77
4.2 Standards and guidance 77
4.2.1 Other guidance 78
4.3 Contents of this section 79
4.4 Forming an opinion 79
4.5 Contents of an audit report 80
4.5.1 Entities that report on application of the code 81
4.5.2 Public interest entities 82
4.6 Title 82
4.7 Addressee 82
4.8 Auditor’s opinions 82
4.9 Basis for opinion 84
4.10 Going concern 84
4.11 Key audit matters 85
4.11.1 Determining key audit matters 86
4.11.2 Communicating key audit matters 86
4.11.3 Circumstances in which a key audit matter is not
communicated 87
4.11.4 Interaction between key audit matters and going
concern matters included in the auditor’s report 87
4.11.5 No matters to report 88
4.11.6 Communicating other planning and scoping matters 88
4.11.7 Communication with those charged with governance 89
4.11.8 Documentation 89
4.12 Other information 90
4.13 Opinion on other matters 90
4.14 Reporting by exception 91
4.15 Responsibilities for the financial statements 92
4.16 Responsibilities of the auditor 92
Contents
viii
4.17 Entities that report on application of the code 94
4.18 Public interest entities 95
4.19 Name of engagement partner 95
4.20 Signature 96
4.20.1 Audit regulation 96
4.20.2 Senior statutory auditor 96
4.20.3 Signing 97
4.20.4 Joint auditors 97
4.21 Auditor’s location 98
4.22 Date 98
4.23 Unmodified auditor’s reports examples 99
4.24 Directors’ responsibility statements 109
4.25 Small companies 111
4.25.1 Smaller entities and FRS 105 111
4.25.2 The small companies regime 115
4.25.3 Micro-entities 116
4.26 Reporting on the directors’ remuneration report 117
4.26.1 Introduction 117
4.26.2 Companies affected by the rules 117
4.26.3 The ‘auditable part’ of the directors’
remuneration report 118
4.26.4 Reporting on the directors’ remuneration report 118
4.27 Electronic publication of audit reports 118
4.27.1 Background 118
4.27.2 Electronic publication of audit reports 118
4.28 The Bannerman case 119
4.28.1 Introduction 119
4.28.2 Auditor’s responsibilities 120
4.28.3 Recommended wording 120
4.28.4 Engagement letters 120
4.28.5 Further developments 120
5 Modified auditor’s reports 123
5.1 Introduction 123
5.2 Modifications 123
5.3 Circumstances when a modification to the auditor’s
opinion is required 124
5.3.1 Financial statements not free from
material misstatement 124
5.3.2 Inability to obtain sufficient appropriate audit evidence 124
5.3.3 Imposed limitation of scope 125
5.4 Types of modified opinion 126
5.4.1 Adverse opinions or disclaimers of opinion 127
5.5 Form and content of the audit report when opinion is modified 127
5.5.1 Opinion paragraph 127
5.5.2 Qualified opinion 128
5.5.3 Adverse opinion 128
Contents
ix
5.5.4 Disclaimer of opinion 128
5.5.5 Basis for modification paragraph 129
5.5.6 Description of auditor’s responsibilities when
the auditor disclaims an opinion 130
5.5.7 Other considerations when the auditor
disclaims an opinion 130
5.5.8 Other implications of modified opinions 131
5.6 Examples 131
5.6.1 Modifications to opinions on other matters 136
5.7 Emphasis of matter 136
5.8 Other matter paragraphs 138
5.9 Placement 139
5.10 Communication with those charged with governance 139
6 Other reports on financial information 141
6.1 Introduction 141
6.2 Revised financial statements and reports 142
6.2.1 Legal background 142
6.2.2 Guidance 142
6.2.3 Types of revision 142
6.2.4 Procedures 148
6.3 Preliminary announcements 150
6.3.1 Background 150
6.3.2 Guidance 150
6.3.3 Terms of engagement 150
6.3.4 Procedures 152
6.3.5 Alternative performance measures 154
6.3.6 Management commentary 154
6.3.7 Directors’ approval 154
6.3.8 Modification of the auditor’s report 155
6.3.9 Reporting 155
6.3.10 Announcements not agreed 156
6.4 New small companies regime 156
6.4.1 Legal background 156
6.4.2 Auditor’s report 157
6.4.3 Guidance 158
6.5 Summary financial statements 158
7 Other statutory reports by auditors 161
7.1 Introduction 161
7.2 Distributions 161
7.2.1 Legal background 161
7.2.2 Distributions made by reference to annual accounts 162
7.2.3 Distributions made by reference to ‘interim’ accounts 165
7.2.4 Distributions made by reference to ‘initial’ accounts 165
Contents
x
7.3 Purchase and redemption of own shares 167
7.3.1 Legal background 167
7.3.2 Guidance 167
7.4 Re-registration of companies 168
7.4.1 Legal background 168
7.4.2 Guidance 169
7.5 Allotment of shares otherwise than for cash 174
7.5.1 Legal background 174
7.5.2 Guidance 175
7.6 Transfer of non-cash assets to a public company by
one of its members 176
7.6.1 Legal background 176
7.6.2 Guidance 176
8 Compilation reports on accounts
prepared by accountants 179
8.1 Introduction 179
8.2 Guidance 179
8.2.1 Professional ethics 179
8.3 Incorporated entities 180
8.3.1 Terms of engagement 180
8.3.2 Directors’ responsibilities 182
8.3.3 Accountants’ procedures 183
8.3.4 Misleading financial statements 183
8.3.5 Approving financial statements 184
8.3.6 Accountants’ reports 184
8.4 Unincorporated entities 186
8.4.1 Scope of guidance 186
8.4.2 Accounting basis 186
8.4.3 Terms of engagement 186
8.4.4 Client’s responsibilities 188
8.4.5 Planning 188
8.4.6 Procedures 189
8.4.7 Misleading financial information 189
8.4.8 Approval of financial information 189
8.4.9 Accountants’ reports 189
8.5 Companies claiming audit exemption 190
8.5.1 Ineligible companies 190
8.5.2 Requirements when a company becomes exempt 191
8.5.3 Engagement letters 191
8.5.4 Resignation procedures 191
9 Reports to financial regulators 193
9.1 Legal background 193
9.1.1 Entities in the financial services sector 193
9.1.2 Public interest entities 193
Contents
xi
9.2 Types of report 194
9.3 Auditing standards and guidance 194
9.4 Financial services – auditor’s responsibilities 195
9.5 Client assets 195
9.5.1 Background 195
9.5.2 Determining whether a client assets report is required 196
9.5.3 Scope of permissions 198
9.5.4 The CASS rules 198
9.5.5 Scope of the assurance standard 201
9.5.6 Accepting the engagement 202
9.5.7 Assurance procedures 202
9.5.8 Planning the engagement 204
9.5.9 Statutory and non-statutory trusts 205
9.5.10 Reconciliations 205
9.5.11 Custody arrangements 206
9.5.12 Insurance intermediaries 206
9.5.13 Debt management firms 207
9.5.14 Mandates 207
9.5.15 Using the work of the internal audit function 208
9.5.16 Using the work of an expert 208
9.5.17 Reporting 208
9.6 Special ad hoc reports – financial services entities 217
9.6.1 Auditing standards and guidance 217
9.6.2 Right and duty to report 218
9.6.3 ‘Material significance’ 219
9.6.4 Procedures 221
9.6.5 Reporting 225
9.6.6 Form of report 227
9.6.7 Communication by the regulator 227
9.6.8 Relationship with other reporting responsibilities 228
9.7 Public interest entities 230
10 Communicating with management and those
charged with governance 231
10.1 Introduction 231
10.2 Determining those charged with governance 232
10.3 Aims of reports to those charged with governance 233
10.4 The communication process 234
10.4.1 Establishing expectations 234
10.4.2 Form of communication and documentation 234
10.4.3 Addressees 235
10.4.4 Form of reports 236
10.5 Adequacy of communications 237
10.6 Matters to be communicated 237
10.6.1 Overview 237
10.6.2 Auditor’s responsibilities 240
10.6.3 Planned scope and timing 240
Contents
xii
10.6.4 Significant findings from the audit 241
10.6.5 Integrity, independence and objectivity 243
10.7 Communication with audit committees 245
10.7.1 Companies applying the UK Corporate
Governance Code 245
10.7.2 Public interest entities 245
10.8 Groups 247
10.9 Third parties 247
10.10 Communicating deficiencies in internal control 248
10.10.1 Identifying and reporting deficiencies 248
10.10.2 Significant deficiency 248
10.10.3 Reporting of significant deficiencies 249
10.10.4 Reporting of other deficiencies 250
11 Going concern 251
11.1 Introduction 251
11.2 Auditing standards and other guidance 252
11.3 General requirement 253
11.4 The entity’s responsibilities 253
11.5 The auditor’s responsibilities 255
11.6 Risk assessment procedures and related activities 255
11.6.1 Significant doubt about the entity’s ability to
continue as a going concern 255
11.7 Evaluating the entity’s assessment of going concern 257
11.7.1 Possible audit procedures 258
11.7.2 Borrowing facilities 259
11.8 Events after the period considered by those charged
with governance 260
11.9 Additional procedures when events or conditions
are identified 261
11.10 Auditor conclusions 261
11.10.1 Entities applying the UK Corporate Governance Code 262
11.11 Adequacy of disclosures 263
11.11.1 Adequacy of disclosures when events or
conditions have been identified and a
material uncertainty exists 263
11.11.2 Adequacy of disclosures when events or
conditions have been identified but
no material uncertainty exists 264
11.12 Implications for the auditor’s report 264
11.12.1 Auditor’s conclusions 264
11.12.2 Going concern basis of accounting inappropriate 264
11.12.3 Going concern basis of accounting is appropriate
and no material uncertainty has been identified 265
11.12.4 Use of going concern basis of accounting is
appropriate but a material uncertainty exists 265
11.12.5 Other considerations 266
Contents
xiii
11.12.6 Small and micro-entities 266
11.12.7 Entities applying the UK Corporate Governance Code 266
11.12.8 Key audit matters 266
11.12.9 Other information 267
11.13 Entity unwilling to make or extend its assessment 267
11.14 Communication with those charged with governance 267
11.14.1 Public interest entities 267
11.15 Significant delay in the approval of financial statements 268
11.16 Example report extracts 268
11.17 Regulated entities 273
11.18 Groups 273
11.19 Preliminary announcements 273
11.20 Bulletin 2008/10 273
11.20.1 The need for guidance 273
11.20.2 General principles 274
11.20.3 Detailed considerations 274
11.20.4 Availability of finance 275
12 Documentation 277
12.1 Introduction 277
12.2 Purpose of documentation 277
12.3 Form and content 278
12.3.1 Factors affecting form and content of working papers 279
12.3.2 Documenting characteristics of items tested 280
12.3.3 Judgment areas 281
12.3.4 Documentation of departures from ISAs (UK) 282
12.3.5 Identification of the preparer and reviewer
of documentation 282
12.3.6 Specific documentation requirements 282
12.4 Assembly of the final audit file 283
12.5 Changes to audit documentation 283
12.6 Other documentation requirements 284
12.7 Confidentiality, custody and ownership of working papers 286
12.8 Retention of working papers 287
12.9 Access to working papers 288
12.9.1 Working paper ownership and access 288
12.9.2 Further explanations 297
12.9.3 Access for other parties 298
12.9.4 Investigating accountants from the same
firm as the auditor 300
12.9.5 Change of auditor 300
13 Planning 301
13.1 Introduction 301
13.2 Planning the work 301
Contents
xiv
13.3 Preliminary engagement activities 302
13.4 The overall audit strategy 302
13.5 Audit plan 305
13.5.1 Disclosures 306
13.6 Documentation 307
13.7 Initial audit engagements 307
13.8 Changes to planning decisions during the course of
the audit 308
13.9 Direction, supervision and review 308
13.10 Communications with those charged with governance 308
14 Engagement letters 309
14.1 Introduction 309
14.2 Purpose 310
14.3 Preconditions for an audit 310
14.4 Contents 311
14.4.1 Recurring audits 319
14.4.2 Groups of companies 320
14.4.3 Changes in terms 320
14.4.4 Disengagement 321
14.5 Liability limitation 321
14.5.1 Background 321
14.5.2 FRC guidance 321
14.5.3 Liability limitation agreements 322
14.5.4 Liability limitation – other services 322
14.6 Small companies and micro-entities 323
15 Materiality and the audit 325
15.1 Introduction 325
15.2 Materiality 325
15.3 Materiality in the audit 326
15.4 Setting materiality 327
15.4.1 Overall financial statement materiality 327
15.4.2 Performance materiality 328
15.5 Revision to materiality assessments 329
15.6 Evaluation of uncorrected misstatements 329
15.6.1 During the audit 330
15.6.2 At the completion phase 331
15.6.3 Disclosures 332
15.7 Documentation 333
15.8 Communication of misstatements 333
15.9 Written representations 333
15.10 FRC thematic review 333
Contents
xv
16 Fraud and error 335
16.1 Introduction 335
16.2 Definitions 335
16.2.1 Fraud 336
16.2.2 Error 337
16.3 Responsibilities of those charged with governance 337
16.4 Responsibilities of the auditor 338
16.4.1 Professional scepticism 338
16.4.2 Engagement team discussion 339
16.4.3 Risk assessment 340
16.4.4 Identification and assessment of fraud risk 342
16.4.5 Responses to fraud risk 343
16.5 Evaluating audit evidence 347
16.6 Auditor unable to continue the engagement 347
16.7 Management representations 348
16.8 Communication with management and those
charged with governance 348
16.8.1 Public interest entities 349
16.9 Communication with the authorities 349
16.9.1 Public interest entities 350
16.10 Documentation 350
17 Consideration of laws and regulations 351
17.1 Introduction 351
17.2 Legal and regulatory framework 351
17.3 Management responsibility 352
17.4 Responsibility of the auditor 353
17.5 Consideration of compliance 355
17.5.1 Laws with a direct effect on the financial statements 355
17.5.2 Laws affecting the operations of the entity 356
17.6 Money laundering 356
17.7 Non-compliance 356
17.8 Reporting 358
17.8.1 Reporting to those charged with governance 358
17.8.2 Reporting in the auditor’s report 359
17.8.3 Reporting to third parties 359
17.8.4 Public interest entities 360
17.9 Resignation 361
17.10 International developments 361
18 Money laundering 363
18.1 Introduction 363
18.2 Principal requirements 364
18.3 Practice Note 12 (revised) 364
Contents
xvi
18.3.1 Introduction 364
18.3.2 What is money laundering? 364
18.3.3 Procedures 365
18.3.4 Tipping off 372
18.3.5 Reporting to the MLRO and NCA 372
18.3.6 Privilege reporting exemption 373
18.3.7 The auditor’s report on the financial statements 375
18.4 Future developments 375
19 Initial engagements, opening balances
and comparatives 377
19.1 Introduction 377
19.2 Initial engagements 377
19.3 Opening balances 378
19.3.1 Modifications to the predecessor auditor’s report 381
19.3.2 Public interest entities 381
19.4 Comparatives 383
19.4.1 Qualified reports 384
19.4.2 Prior period financial statements issued by a
predecessor auditor 388
19.4.3 Prior period financial statements not audited 388
20 Related parties 391
20.1 Introduction 391
20.2 Auditing standards 392
20.3 General requirement 392
20.4 Materiality 393
20.5 Risk assessment 393
20.5.1 Enquiries 394
20.5.2 Understanding of controls 394
20.5.3 Team discussion 394
20.5.4 Remaining alert 395
20.5.5 Assessment of risk 396
20.6 Response to risk 397
20.6.1 Arm’s length transactions 398
20.7 Control disclosures 398
20.8 Representations from those charged with governance 398
20.9 Communication with those charged with governance 399
20.10 Documentation 399
20.11 Reporting 399
20.12 The audit of related parties in practice 400
20.12.1 Introduction 400
20.12.2 The five-point action plan 400
Contents
xvii
21 Audit risk assessment and the auditor’s response 405
21.1 Introduction 405
21.2 General overview 406
21.3 Identifying and assessing risks 406
21.3.1 Requirements 406
21.3.2 Risk assessment procedures and related activities 407
21.3.3 Engagement team discussion 408
21.3.4 Understanding the entity and its environment,
including the entity’s internal control 409
21.3.5 Internal control 415
21.3.6 Identifying and assessing the risks of
material misstatement 422
21.3.7 Communicating with those charged with governance 426
21.3.8 Documentation 427
21.4 Responses to assessed risks 427
21.4.1 Overall responses 427
21.4.2 Responses at the assertion level 428
21.4.3 Presentation of the financial statements 433
21.4.4 Evaluating audit evidence 433
21.4.5 Documentation 434
22 Service organisations 435
22.1 Introduction 435
22.2 Understanding the services provided by a service
organisation, including internal control 436
22.2.1 Using a type 1 or type 2 report 439
22.2.2 Accounting records 440
22.3 Responding to the assessed risks of material misstatement 441
22.4 Subservice organisations 442
22.5 Fraud, non-compliance with laws and regulations and
uncorrected misstatements 442
22.6 Reporting 442
23 Audit evidence 445
23.1 Introduction 445
23.2 The nature of audit evidence 446
23.2.1 Concept of audit evidence 446
23.2.2 Sufficient appropriate evidence 446
23.2.3 Sources of evidence 448
23.2.4 Using assertions to gather audit evidence 448
23.2.5 Audit procedures 448
23.2.6 Selection and sampling of items for testing 450
23.2.7 Dealing with inconsistent or potentially
unreliable evidence 451
23.3 Management’s experts 451
Contents
xviii
23.3.1 Using the work of a management’s expert 451
23.3.2 Evaluating the expert’s competence, capabilities and
objectivity 452
23.3.3 Obtaining an understanding of the expert’s work 452
23.3.4 Evaluating the appropriateness of the expert’s work 453
23.4 Specific considerations 453
23.5 Attendance at stocktaking 453
23.5.1 Introduction 453
23.5.2 Assessment of risks and internal controls 454
23.5.3 Audit evidence 454
23.5.4 Audit procedures before, during and after the stocktake 455
23.5.5 Work in progress 457
23.5.6 The use of experts 457
23.5.7 Stock held by third parties 457
23.6 Enquiries about litigation and claims 458
23.6.1 Audit procedures 458
23.6.2 Written representations 462
23.7 Segment information 462
23.8 External confirmations 462
23.8.1 Use of external confirmations 462
23.8.2 Debtors’ confirmations 464
23.9 Auditor scepticism 467
23.9.1 Background 467
23.9.2 A sceptical mind 467
23.9.3 Throughout the audit 468
23.9.4 The growing importance of scepticism 469
23.9.5 Difficulties for audit firms 470
23.9.6 Improving auditor scepticism 470
24 Bank confirmations 475
24.1 Introduction 475
24.2 Guidance 475
24.3 Authority 475
24.4 Disclaimers 476
24.5 Bank confirmation process 476
24.5.1 Timing of requests 477
24.5.2 Information required 477
24.5.3 Type of report 478
24.5.4 Where to send the request 484
24.5.5 Acknowledgement letters 485
24.5.6 Other issues 485
24.5.7 Non-BBA banks 485
24.5.8 Online confirmations 485
24.6 Confirmation of ongoing facilities 485
24.6.1 Procedures 486
24.6.2 Level of reliance to be placed on reply 487
Contents
xix
25 Analytical procedures 489
25.1 Introduction 489
25.2 What is meant by analytical procedures? 489
25.3 Problems in practice 491
25.4 Use of analytical procedures in risk assessment 492
25.5 Analytical procedures as a substantive procedure 492
25.5.1 Suitability of analytical procedures 493
25.5.2 Reliability of data 493
25.5.3 Precision of expected results 494
25.5.4 Acceptable differences 494
25.6 Analytical procedures near the end of the audit 494
25.7 Investigating variances 495
26 Audit sampling 497
26.1 Introduction 497
26.2 Use of sampling 497
26.3 Risk assessment 498
26.3.1 Sampling risk 498
26.3.2 Non-sampling risk 499
26.4 Design of the sample 499
26.4.1 Deciding whether to sample 499
26.4.2 Designing the sample 500
26.5 Sample size 501
26.6 Selecting the sample 503
26.7 Performing audit procedures 504
26.8 Deviations and misstatements 504
26.8.1 Tolerable misstatement/deviation 504
26.8.2 Expected error 505
26.8.3 Projecting errors 505
26.9 Evaluating results 506
26.10 Statistical and non-statistical sampling 507
27 Audit of accounting estimates 509
27.1 Introduction 509
27.2 Accounting estimates 509
27.3 Risk relating to the use of accounting estimates 510
27.4 Audit procedures 511
27.4.1 Significant risks 512
27.4.2 Testing management’s methods 512
27.5 Evaluation of results 513
27.6 Disclosure 514
27.7 Indicators of possible management bias 514
27.8 Written representations 515
27.9 Documentation 515
27.10 International developments 515
Contents
xx
28 Auditing fair value 517
28.1 Introduction 517
28.2 Guidance 517
28.3 Understanding the entity’s process 518
28.4 Evaluating the entity’s approach 519
28.5 Using the work of an expert 520
28.6 Audit procedures 521
28.6.1 Testing the entity’s assumptions, model and data 521
28.6.2 Independent fair value estimates 523
28.6.3 Subsequent events 523
28.7 Disclosures 523
28.8 Communication with those charged with governance 524
28.9 Complex financial instruments 524
28.9.1 Background 524
28.9.2 General considerations 524
28.9.3 Responsibilities 525
28.9.4 Understanding the entity 526
28.9.5 Reliance on controls 528
28.9.6 Audit procedures 529
28.9.7 Evaluating audit evidence 531
28.9.8 Management representations 532
28.9.9 Considerations in difficult market conditions 532
29 The audit of retirement benefits 535
29.1 Introduction 535
29.2 Guidance 535
29.3 Respective responsibilities 536
29.4 Planning 537
29.4.1 Risks of material misstatement 537
29.4.2 Communication 539
29.5 Audit evidence 541
29.5.1 Understanding the schemes involved 541
29.5.2 Scheme assets 541
29.5.3 Using the work of the scheme auditor 542
29.5.4 Multi-employer schemes 543
29.5.5 Scheme liabilities 543
29.5.6 Competence and objectivity of the actuary 543
29.5.7 The actuary’s work as audit evidence 544
29.5.8 Actuarial assumptions 544
29.5.9 Assessing the results of the actuary’s work 545
29.5.10 Valuation of scheme liabilities and materiality 546
29.5.11 Disclosures 546
29.5.12 Going concern 546
29.5.13 Distributable profits 547
29.5.14 Management representations 547
29.6 Smaller entities with insured schemes 548
Contents
xxi
30 Audits of group financial statements 551
30.1 Introduction 551
30.2 Auditing standards and guidance 551
30.3 Definitions 552
30.4 Responsibilities 553
30.5 Acceptance and continuance 553
30.6 Overall audit strategy and audit plan 554
30.7 Understanding the group, its components and their environments 554
30.8 Understanding the component auditor 555
30.9 Materiality 557
30.10 Responding to assessed risks 557
30.10.1 Involvement in the work performed by
component auditors 560
30.11 The consolidation process 560
30.12 Subsequent events 561
30.13 Communication with the component auditor 562
30.14 Evaluating the sufficiency and appropriateness of audit evidence 563
30.15 Communication with those charged with governance of the group 564
30.15.1 Public interest entities 566
30.16 Documentation 566
30.16.1 External monitoring 567
30.16.2 Examples 567
30.17 ICAEW practical guidance 569
30.18 International developments 570
31 Reliance on others 571
31.1 Introduction 571
31.2 Internal audit function 571
31.2.1 Auditing Standards 571
31.2.2 Understanding the internal audit function 572
31.2.3 Use of the work of the internal audit function 573
31.2.4 Using the work of the internal audit function 575
31.2.5 Direct assistance 577
31.2.6 Documentation 577
31.3 Auditors’ experts 578
31.3.1 Auditing standards 578
31.3.2 Definition of an auditor’s expert 579
31.3.3 Determining the need for an auditor’s expert 579
31.3.4 The nature, timing and extent of audit procedures 579
31.3.5 Competence, capabilities and objectivity of the expert 580
31.3.6 Understanding the expert’s field of expertise 581
31.3.7 Agreement with the auditor’s expert 581
31.3.8 Evaluating the adequacy of the expert’s work 581
31.3.9 Reference to the expert in the audit report 582
31.3.10 Documentation 582
Contents
xxii
32 Management representations 583
32.1 Introduction 583
32.2 Requirement to obtain written representations 583
32.3 Acknowledgement of directors’ responsibilities 584
32.4 Other written representations required by ISAs 585
32.5 Additional written representations 587
32.6 Representations by management as audit evidence 587
32.7 Reliability of representations 588
32.8 Refusal to provide written confirmation 588
32.9 Example representation letter 589
32.10 Audit 4/02: Management representation letters 593
32.10.1 The case 593
32.10.2 Increasing the usefulness of representation letters 593
33 Subsequent events 595
33.1 Introduction 595
33.2 Subsequent events 595
33.3 Before the date of the audit report 596
33.4 Before the financial statements are issued 598
33.4.1 Directors make the required amendments 598
33.4.2 Failure to amend financial statements 598
33.5 Revising or withdrawing financial statements 599
34 The auditor’s responsibilities in relation to other
information 601
34.1 Introduction 601
34.2 Auditing standards 602
34.3 The auditor’s consideration of other information 602
34.3.1 Other information 602
34.3.2 The auditor’s responsibility 603
34.3.3 Obtaining an understanding 604
34.3.4 Obtaining the other information 604
34.3.5 Reading and considering the other information 604
34.4 Responding to inconsistencies and misstatements 605
34.4.1 Responding when a material misstatement of the
other information exists 606
34.4.2 Responding when a material misstatement in the
financial statements exists or the auditor’s
understanding needs to be updated 607
34.5 Timing 607
34.6 Reporting 607
34.6.1 All entities 607
34.6.2 Directors’ report and strategic report 608
34.6.3 Separate corporate governance statement 608
34.7 UK Corporate Governance Code reporting 609
Contents
xxiii
34.7.1 Statement on the directors’ assessment of the
principal risks that would threaten the
solvency or liquidity of the entity 610
34.8 Modified audit reports 611
34.9 Documentation 611
34.10 Electronic publication 611
35 Data analytics 613
35.1 Introduction 613
35.2 Guidance 613
35.3 Use of data analytics in external audits 614
35.3.1 Audit quality 615
35.3.2 Common data analytic routines 616
35.3.3 ICAEW papers 616
35.3.4 Audit quality thematic review 617
35.4 Future developments 618
36 The audit of small businesses 619
36.1 Introduction 619
36.2 Guidance 620
36.3 Characteristics of small businesses 620
36.4 The relationship between small businesses and their auditors 621
36.5 Responsibilities 622
36.5.1 The auditor’s responsibilities relating to fraud 622
36.5.2 Consideration of laws and regulations 623
36.5.3 Going concern 623
36.5.4 Agreeing the terms of the engagement 624
36.5.5 Subsequent events 624
36.6 Planning, controlling and recording 624
36.6.1 Planning an audit of financial statements 624
36.6.2 Identifying and assessing risks of material misstatement 625
36.6.3 Materiality 625
36.7 Accounting systems and internal control 626
36.7.1 Identifying and assessing risks and the auditor’s
responses to them 626
36.7.2 Service organisations 627
36.8 Evidence 627
36.8.1 Audit evidence and external confirmations 627
36.8.2 Analytical procedures 628
36.8.3 Audit sampling 629
36.8.4 Written representations 629
36.8.5 Initial audit engagements and comparative information 630
36.8.6 Estimates and fair values 630
36.8.7 Related parties 630
Contents
xxiv
36.9 Reporting 631
36.9.1 The independent auditor’s report on
financial statements 631
36.9.2 Communication with those charged with governance 631
36.10 Practice Note 26 and documentation 632
36.10.1 Background 632
36.10.2 The purpose of audit documentation 632
36.10.3 Special considerations for smaller entities 633
36.10.4 Audit documentation requirements in the ISAs 635
36.11 International guidance 635
37 Other operational issues 637
37.1 Introduction 637
37.2 The auditing implications of FRS 102 637
37.2.1 Guidance for auditors 637
37.2.2 Ethical considerations 639
37.2.3 Potential problem areas 639
37.3 XBRL tagging of information in financial statements 641
37.3.1 Background 641
37.3.2 Auditor’s involvement 641
37.3.3 Technical Release AAF 04/10 642
37.4 Computer-assisted audit techniques 644
37.5 Paid cheques 645
37.5.1 Existing guidance 645
37.5.2 Audit evidence 645
37.5.3 Cheques Act 1992 646
37.5.4 Obtaining paid cheques 646
37.6 Auditing when financial market conditions are difficult 646
37.7 Auditing implications of Brexit 647
38 Change of auditor 649
38.1 Introduction 649
38.2 Procedures on cessation of office as auditor 650
38.2.1 The Companies Act 2006 requirements 650
38.2.2 All companies 651
38.2.3 Non-public interest companies 651
38.2.4 Section 519 statement 652
38.2.5 Notifications – non-public interest companies 653
38.2.6 Public interest companies 654
38.2.7 Legal advice 656
38.3 Access to information by a successor auditor 663
38.3.1 Requirements of the Act 663
38.3.2 Technical Release AAF 01/08 664
Contents
xxv
39 Review of interim financial information 673
39.1 Introduction 673
39.2 Guidance for the auditor 674
39.3 General principles 674
39.4 Assurance provided 674
39.5 Engagement letters 675
39.6 Planning 677
39.7 Procedures and evidence 679
39.8 Documentation 680
39.9 Subsequent events 681
39.10 Going concern 681
39.11 Comparative periods 681
39.12 Management representations 682
39.13 Other information 684
39.14 Evaluating misstatements 684
39.15 Communication 684
39.16 Reporting 685
39.16.1 Modification of the review report 686
39.16.2 Prior period modifications 688
39.16.3 Date of review report 688
39.17 Complete set of interim financial information 689
39.18 Requests to discontinue an interim review engagement 689
40 Reports for special purposes and to third parties 691
40.1 Introduction 691
40.2 Development of guidance 692
40.3 General guidance 693
40.3.1 Accepting an engagement 693
40.3.2 Managing professional liability 694
40.3.3 Agreeing the terms of the engagement 694
40.4 Duties to lenders 695
40.4.1 Case law 695
40.4.2 Duties of care for the statutory audit report 695
40.4.3 Draft accounts 696
40.4.4 Disclaimer of responsibility 696
40.4.5 The Contracts (Rights of Third Parties) Act 1999 697
40.4.6 Separate engagements to provide specific
assurances to lenders 697
40.5 Covenants in agreement for loans and other facilities 698
40.5.1 Common financial and non-financial covenants 698
40.5.2 The lender’s requirement for evidence of covenant
compliance 699
40.5.3 The firm’s duty of care 701
40.5.4 The firm’s consideration of acceptance of
the engagement 703
Contents
xxvi
40.6 Engagements to report on covenant compliance 704
40.6.1 Scope of work performed 704
40.6.2 The report 705
40.7 Reports on internal controls of service organisations 707
40.7.1 Background 707
40.7.2 Responsibilities of the service organisation 708
40.7.3 Accepting the engagement 709
40.7.4 Reporting accountant’s procedures 713
40.7.5 Reporting 713
40.8 Reports to other third parties 716
40.8.1 Introduction 716
40.8.2 TECH 10/12AAF: Reporting to third parties 716
40.8.3 Requests for references on clients’ financial status 724
40.9 Audit liability: Claims by third parties 726
40.9.1 Potential investors 727
40.9.2 Creditors and lenders 728
40.9.3 Regulators and trade bodies 728
40.9.4 Affiliates or associates of the audit client 728
41 Other engagements 731
41.1 Introduction 731
41.2 Review engagements 733
41.2.1 Guidance 733
41.2.2 Features of a review engagement 733
41.2.3 Accepting the engagement 734
41.2.4 Reliance by third parties 737
41.2.5 Performing the engagement 737
41.2.6 Written representations 738
41.2.7 Reporting 738
41.3 Agreed upon procedures 739
41.4 Auditor’s reports on special purpose financial statements 740
41.4.1 Special purpose frameworks 741
41.4.2 Reports on a single financial statement or
a specific element 745
41.5 Assurance on non-financial information 748
41.5.1 Non-financial information 748
41.5.2 Current practices and guidance 748
41.5.3 Considerations for practitioners 750
42 Corporate governance 753
42.1 Background 753
42.1.1 Corporate governance framework 753
42.1.2 Directors’ remuneration 754
42.1.3 Disclosure and transparency rules 755
42.2 Guidance 755
Contents
xxvii
42.2.1 FRC – companies and investors 755
42.2.2 FRC – auditors 756
42.3 Terms of engagement 757
42.4 Auditor’s responsibilities for the ‘comply or explain’ statement 757
42.5 Provisions of the UK Corporate Governance Code 758
42.6 Procedures 761
42.6.1 Statement of compliance 761
42.6.2 Specific procedures – the verifiable code provisions 761
42.6.3 Non-compliance with the code 767
42.6.4 Going concern 767
42.7 Other disclosures and reporting requirements 769
42.7.1 Disclosures under the ‘Disclosure Rules and
Transparency Rules’ 769
42.7.2 Standard listed companies 772
42.8 Audit committees and the external auditor 772
42.8.1 Role and responsibilities of the audit committee 772
42.8.2 FRC guidance on audit committees 773
42.8.3 Communication between the auditor and the
audit committee 776
42.9 Monitoring 778
42.10 Future plans 778
43 Charities 779
43.1 Legal background 779
43.1.1 General 781
43.1.2 Independent examination 782
43.1.3 Whistle-blowing duties for auditors and examiners 782
43.2 Audit guidance 783
43.3 Background 783
43.4 Overall conduct of an audit in accordance with ISAs 784
43.5 Agreeing the terms of audit engagements 784
43.6 Quality control for an audit of financial statements 785
43.7 The auditor’s responsibilities relating to fraud 785
43.8 Consideration of laws and regulations 786
43.8.1 Laws relating directly to the preparation of financial
statements 786
43.8.2 Laws central to a charity’s conduct of business 787
43.9 The auditor’s right and duty to report to regulators 788
43.10 Communication with those charged with governance 789
43.11 Communicating deficiencies in internal control 789
43.12 Planning an audit of financial statements 789
43.13 Identifying and assessing risks of material misstatement 790
43.13.1 Risk of misstatement 791
43.13.2 Control environment 792
43.13.3 Control activities 793
43.13.4 Accounting policies 793
Contents
xxviii
43.14 Materiality in planning and performing an audit 794
43.15 The auditor’s responses to assessed risks 794
43.15.1 Completeness of income 795
43.15.2 Overseas operations 795
43.15.3 Restricted funds 796
43.16 Audit considerations relating to an entity using a
service organisation 797
43.17 External confirmations 797
43.18 Initial audit engagements – opening balances 797
43.19 Analytical procedures 798
43.20 Auditing accounting estimates, including fair value
accounting estimates, and related disclosures 798
43.21 Related parties 800
43.22 Subsequent events 800
43.23 Going concern 800
43.24 Written representations 802
43.25 Audits of group financial statements 802
43.26 The auditor’s report on financial statements 803
43.27 Other information 804
43.28 Summarised financial statements 805
44 Pension schemes 807
44.1 Introduction 807
44.2 Legal background 807
44.3 Accounting guidance 810
44.4 Schemes exempt from audit 811
44.5 Appointment and resignation 811
44.6 Considerations of fraud 812
44.7 Control activities 813
44.8 Communication with trustees 816
44.9 Other information 817
44.10 Reporting 818
44.10.1 Key audit matters 821
44.11 Contributions 822
44.12 Schemes in the process of winding up 826
44.13 Other reporting situations 827
44.14 Whistle-blowing responsibilities 827
44.15 Non-statutory audits 828
44.15.1 Appointment and removal 828
44.15.2 Engagement letter 828
44.15.3 Reporting to the Pensions Regulator (TPR) 828
44.15.4 Auditor’s statement about contributions 829
44.15.5 Termination of appointment 829
44.15.6 Trustees’ responsibilities statement 829
44.15.7 Auditor’s report 829
Contents
xxix
45 Solicitors’ Accounts Rules 831
45.1 Background 831
45.1.1 Summary of recent changes 831
45.1.2 Compliance with the rules 832
45.1.3 Objective 834
45.2 Engagement letter 835
45.2.1 ‘Whistle-blowing’ 836
45.2.2 Termination of appointment 838
45.2.3 Independence 838
45.3 Procedures 838
45.3.1 The role of the reporting accountant 841
45.4 Common breaches 842
45.4.1 Debit balances 842
45.4.2 Client confidentiality 843
45.4.3 ‘Without delay’ 843
45.4.4 Receipt and transfer of costs – the ‘14 day rule’ 843
45.4.5 Reconciliations 843
45.4.6 Prompt return of client money and residual balances 843
45.4.7 Providing bank facilities 844
45.5 Reporting 844
45.6 Future developments 845
46 Investment businesses 847
46.1 Introduction 847
46.2 Rules and reporting requirements 847
46.3 The audit of financial statements 850
46.3.1 Overall objectives of the auditor and the
conduct of an audit in accordance with ISAs 850
46.3.2 Agreeing the terms of the engagement 850
46.3.3 The auditor’s responsibilities relating to fraud 851
46.3.4 Consideration of laws and regulations 851
46.3.5 Planning an audit of financial statements 853
46.3.6 Identifying and assessing risks of material
misstatement 853
46.3.7 The auditor’s responses to assessed risks 855
46.3.8 Audit considerations relating to an entity using a service
organisation 856
46.3.9 Analytical procedures 857
46.3.10 Auditing accounting estimates, including fair
value accounting estimates, and related disclosures 857
46.3.11 Going concern 857
46.3.12 Written representations 858
46.4 High level standards and conduct of business rules 858
46.4.1 Impact on the audit 859
46.4.2 Audit approach 859
46.5 Review reports on interim profits 861
Contents
xxx
46.6 CREST 862
46.6.1 Understanding the business 863
46.6.2 Evaluating internal controls 863
47 Registered Providers of Social Housing 865
47.1 Existing audit guidance 868
47.1.1 Practice Note 14 868
47.2 Background 869
47.2.1 The nature of Registered Providers 869
47.2.2 Responsibilities of the board 871
47.2.3 Responsibilities of audit committees 872
47.2.4 Financial reporting requirements 873
47.2.5 Responsibilities of the auditor 874
47.2.6 Features of social housing audits 875
47.2.7 The auditor’s relationship with the Regulators 879
47.3 Audit engagement letters 879
47.4 Quality control 886
47.5 Responsibilities relating to fraud 886
47.6 Laws and regulations 887
47.6.1 ISA (UK) 250A (Revised June 2016)
Section A – Consideration of Laws and
Regulations in an Audit of Financial Statements 887
47.6.2 ISA (UK) 250B (Revised June 2016) 889
47.7 Communication with those charged with governance 891
47.8 Identifying and assessing risks of material misstatement 891
47.9 Materiality 892
47.10 Responses to assessed risks 893
47.11 Using a service organisation 893
47.12 Audit evidence 894
47.13 External confirmations 895
47.14 Analytical procedures 895
47.15 Auditing accounting estimates 896
47.16 Related parties 897
47.17 Subsequent events 897
47.18 Going concern 898
47.19 Written representations 899
47.20 Using the work of internal auditors 899
47.21 Using the work of an auditor’s expert 899
47.22 The auditor’s report on financial statements 900
47.22.1 UK Corporate Governance Code and enhanced audit
reporting 904
47.23 Other information 905
47.24 Miscellaneous reports 906
47.25 Service charge audits 906
Contents
xxxi
48 Public sector audits 909
48.1 Introduction 909
48.2 The role of the public sector auditor 909
48.3 Quality control 910
48.4 Overall objectives of the auditor and the conduct of an audit 911
48.5 Agreeing the terms of audit engagements 911
48.6 Quality control 912
48.7 The auditor’s responsibilities relating to fraud 912
48.8 Consideration of laws and regulations 913
48.8.1 Consideration of legislation on corruption 914
48.8.2 Money laundering regulations in the public sector 914
48.8.3 Reporting non-compliance 914
48.9 Communication with those charged with governance 914
48.10 Identifying, assessing and responding to risks 916
48.11 Materiality in planning and performing an audit 917
48.12 Using a service organisation 918
48.13 Evaluation of misstatements 918
48.14 Opening balances 918
48.15 Accounting estimates 920
48.16 Related parties 920
48.17 Subsequent events 921
48.18 Going concern 921
48.18.1 The auditor’s other responsibilities relating to
going concern 921
48.18.2 Circumstances affecting going concern 922
48.18.3 Consideration of the foreseeable future 922
48.18.4 The auditor’s responsibilities in considering
going concern 922
48.18.5 Entities that prepare their financial statements
on a cash basis 923
48.18.6 Auditors’ responsibilities for reviewing and
reporting on an entity’s arrangements for
securing value for money 923
48.19 Written representations 923
48.20 Audits of group financial statements 923
48.21 Using the work of internal auditors 924
48.22 Using the work of an auditor’s expert 924
48.23 Forming an opinion and reporting on financial statements 924
48.24 The auditor’s responsibilities relating to other information
in documents containing audited financial statements 926
48.25 Regularity 926
48.26 Grant claims 927
49 Regulated entities 929
49.1 Introduction 929
49.2 Duty of care and engagement contracts 930
Contents
xxxii
49.2.1 Tri-partite engagement contracts 930
49.2.2 Bi-partite engagement contracts 930
49.3 Reporting 931
49.4 Materiality 931
49.5 Working with independent experts 932
Appendix 1 933
Existing guidance at 30 April 2017 933
Appendix 2 939
Specific ISA requirements relating to statutory audits of
public interest entities 939
Appendix 3 941
Glossary 941
Index 943