ASIC slams auditors over risk failings

by |

Too many auditors fail to cut the mustard, putting Australian organisations at risk, says ASIC.

According to ASIC chairman Greg Medcraft, the regulators audit inspection report shows a “disappointing” decline in audit quality.

The report for the 18 months to 30 June 2012 covered inspections of 20 Australian audit firms and, worryingly, found that 18% of the 602 audit areas reviewed did not perform all of the procedures necessary to obtain reasonable assurance that the audited financial report was not “materially misstated”. The figure for the previous 18 months was 14%.

According to ASIC, while the financial reports audited may not have been materially misstated, the auditor had not obtained reasonable assurance that the financial report as a whole was free of material misstatement.

“We are disappointed that there has not been an improvement in audit quality since our last report for the 18 months to 31 December 2010. Our risk-based reviews have shown an increase in instances where auditors did not perform all of the procedures necessary to obtain reasonable assurance that the audited financial report was not materially misstated,” said the Audit inspection program report for 2011–12.

Medcraft added that auditors are “gatekeepers that play a critical role in ensuring that Australian investors can be confident and informed”.

“These results are disappointing. Audit firms need to increase their efforts to improve audit quality and the consistency of audit execution,” he said.

Other findings included:

  • In many of the audit files we reviewed, ASIC had concerns about the adequacy of the audit procedures undertaken and the level of professional scepticism applied by the auditor in assessing whether the entity’s going concern assumption was appropriate, particularly where the entity operated in an environment of significant environmental and political risk.
  • In many instances, it was found that the auditor had not discussed with management, or those charged with the governance of the audited entity, the risks of fraud that could have a material impact on the financial report.
  • Other instances were found where the auditor did not adequately consider the risk of fraud in relation to revenue recognition, which might be considered a heightened risk in the current economic environment.
  • Better auditors appropriately balance commercial pressures with risks and maintaining audit quality. They ensure that they understand the audited entity’s business model, its internal and external risks, and how these factors affect the nature and extent of audit procedures.
  • In the better audits, engagement partners brought their knowledge and experience to the process of assessing the audited entity’s business model, its internal and external environment and risks, and how these factors affect the nature and extent of audit procedures.

Ongoing monitoring

ASIC has stated that it will work with firms and the audit profession more generally on how they can improve audit quality.

“We will monitor the implementation and execution of any plans to improve audit quality, and their effectiveness,” said the report, which highlighted three key areas needing improvement:

  • the sufficiency and appropriateness of audit evidence obtained by the auditor;
  • the level of professional scepticism exercised by auditors; and
  • the extent of reliance that can be placed on the work of other auditors and experts.

It added that audit quality comes down to three key points:

  • the likelihood of material misstatement;
  • the likelihood that the audit detects misstatement; and
  • whether the auditor does anything about it.

When it comes to business models and risk assessment, the report noted that one of its top 10 focus areas would be:

“The adequacy of an auditor’s understanding of the business model of the entity and risk assessment for individual engagements, and the auditor’s interaction with the audit committee to ensure that key areas of risk are included in the audit strategy.”

Do you agree with ASIC? Have your say by commenting below.

Corporate Risk & Insurance forum is the place for positive industry interaction and welcomes your professional and informed opinion.

Name (required)
Comment (required)
By submitting, I agree to the Terms & Conditions