Assurance ICAEW CFAB
In this blog post, I present you a comprehensive summary of each chapter covered in my study of Assurance from the ICAEW CFAB 2019 syllabus. Consider this my notes for understanding the fundamentals of Assurance.
Here's a bit of context: I kicked off my journey into the 2019 Assurance syllabus of CFAB in March 2024, starting from ground zero. I must say, the study manual does an adequate job of covering the fundamentals of Assurance for someone completely new to the field.
Disclaimer: I want to acknowledge upfront that I might have overlooked certain content or concepts inadvertently ;-;
Now, without any more delay, let's dive right into the content.
Chapter 1
Concept of and need for assurance
Assurance engagement: a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation of subject matter against criteria
Degree of Assurance:
Key elements of Assurance:
- Three party relationship: practitioner, intended user, responsible party
- Subject matter: Data, systems or processes, behavior
- Suitable criteria: accounting standards, UK corporate governance code, published code of practice
- Sufficient appropriate evidence
- Written report
Roles in the Three-party relationship
- Mainly focuses on Practitioner (auditor) and Responsible party (company)
Benefits and Limitations of Assurance
Expectations gap arises when users think about absolute assurance while practitioners practice reasonable assurance.
- Causes:
- Users are not aware of the nature of limitations on assurance provision
- Users do not understand assurance provision
- Users believe that the assurance provider is offering a service (like guaranteeing of correctness)
- How to close the gap:
- Issue engagement letter spells out work that will be carried out and the limitations
- Regularly review the format and content of reports issued as a result of assurance work
Statutory Auditors
- Are legally required for all big companies to have an audit
- Offer true and fair view
- True: Factual information that follows standards and law; correctly extracted from the books and records
- Fair: Free from discrimination and bias in compliance with expected standards and rules; Reflect the commercial substance
- Big companies include those with more or equal than 2 criteria below:
- > 10.2 mil turnover
- > 5.1 mil total assets
- > 50 employees
- Requirements
- Individuals holding and appropriate qualification
- Individuals working in firms controlled by qualified persons [as students may not have completed the full exams for the professional certificate, but can still work under the BIG 5]
- Ineligible to work if he is officer/employee/partner of any directly connected companies
Stages of Audit
Overall Objective of Auditors
- Obtain reasonable assurance whether the financial statements as a whole are free from material misstatement to express opinion
- Report on financial statements
: Hence, auditors need to comply with relevant ethical requirements, perform with professional skepticism*, exercise professional judgement**, obtain audit evidence that is both sufficient and appropriate.
*Professional skepticism: questioning mind and critical assessment of evidence
**Professional judgement: application of relevant training, knowledge and experience in making informed decisions
Chapter 2
Obtaining an engagement
Ways to obtain engagement
- Auditors may advertise their services, within certain boundaries
- Auditors will often be invited to tender for audits
Before accepting the engagement
Auditors need to
- Ensure professionally qualified to act to prevent conflict of interest with another client
- Ensure existing resources adequate (time, staff, technical expertise)
- Obtain references if first time engagement
- Communicate with present auditors
Sources of information about new clients:
- Enquiries of other sources from bankers or solicitors
- Review of documents like annual accounts, listing particulars, credit rating
- Ask previous accountants/auditors for relevant info
- Require client’s permission to contact old auditor, and permission given to old auditor to reply with information relevant to new appointment
- Review of rules and standards
After accepting the engagement
Auditors need to
- Ensure outgoing auditors’ removal or resignation has been properly conducted (valid notice required)
- Ensure new auditors’ appointment is valid (copy of resolution passed at the general meeting)
- Submit a letter of engagement to the directors of the company
Money laundering regulations:
- Assurance firms keep certain records about clients and undertake client due diligence/identification/screening
- Applies to all companies whose single transactions >15k
- Kept for min 5 years after the cessation of relationship with clients
- The records include:
- Companies: certificates of incorporation, registered address, list of shareholders and directors, annual return
- Directors: Photo, latest utility bills, passports, or driving license
Letter of Engagement
Purposes:
- Define clearly the extent of the firm’s responsibilities to minimize misunderstandings
- Provie written confirmation of the firm’s acceptance of the appointment
MUST include:
- Objective of the audit
- Respective responsibilities of Responsible party and Practitioner
- Scope of work, references to legislation
- Type of report to be issued
- Unrestricted access to all books of records
OPTIONAL to include
- Form of any other communication of results
- Fact that its’ test nature
- Arrangements regarding the planning
- Basis of fees
- Request to confirm terms
- Other auditors, experts, internal auditors, predecessor auditor involvement
- Restriction of the auditor’s liability
- Further agreements
When should the client receive the LoE:
- Before commencement of the 1st audit
- If there are any changes to any circumstances, reissue the Engagement Letter
Learning points from practice questions
- Company which plans to list on local stock exchange in coming years is considered as High Risk
- When predecessor auditor of clients has gone into liquidation and cannot be contacted – Can still accept the appointment
- When the managing director (not previously known) has bankruptcy order – CANNOT accept the appointment
Chapter 3
Planning the assignment
Purpose of planning: Ensure work is carried out efficiently and effectively
Audit strategy
Analytical procedures
Materiality
Materiality is a fundamental concept in audit and assurance because it helps auditors determine the significance of misstatements or omissions in financial statements.
Audit risks
Fraud
- An intentional act by one or more individuals among management to use deception to obtain unjust advantage
- Different from error
- Error is an unintentional m/s in FS, including omission of an amount or disclosure
Significant risks identified during engagement
- Factors: Risk of fraud, relationship with recent developments, degree of subjectivity in the financial information, unusual transactions, RTP transaction, complexity of the transaction
- Overtrading: expansion of business rapidly without checks on working capital i.e. cash dec, TR inc
Chapter 4
Evidence and Reporting
Evidence
Differences between test of controls and substative procedures
Sufficient and appropriate audit evidence
Financial statement assertions
- Representations by management, explicit or otherwise, that are embodied in the financial statements
- They are used by auditors to consider the different types of potential misstatements that may occur.
Detailed explanations on each assertion can be viewed here: https://www.youtube.com/watch?v=X37KHU7YDiw
Reporting
Types of opinion: Reasonable and limited levels of assurance
Auditor’s opinion:
- Give a true and fair view of the state of company’s affairs and of its profit (loss) for the year then ended.
- Have been properly prepared in accordance with IFRSs as adopted by the EU
- Have been prepared in accordance with the requirements of the Companies Act 2006.
Content in the report
Differences between auditor's report and assurance report:
Key audit matter: ‘matters of most significance’
- Areas of high risk
- Areas of significant auditor and management judgement (accounting estimates)
- Significant transactions or events
Level of assurance and the expectations gap
As briefly discussed in Chapter 1, report is usually at reasonable level of assurance, however expectations gap exists as there exists difference between the apparent public perceptions of the responsibilities of auditors on the one hand and the legal and professional reality on the other.
Misunderstandings of
- Nature of audited financial statements, e.g.
- SOFP provides fair valuation
- Amounts in FS stated precisely
- Audited FS will guarantee entity to continue to exist
- Type and extent of work by auditors
- All items in FS are tested
- Uncover all errors; detect all fraud
- Level of assurance given by auditors
- Provide absolute assurance
Chapter 5
Introduction to internal control
Internal control (IC) is defined as 'process designed, implemented and maintained to mitigates business risks and ensure the business operates efficiently and effectively'.
Company's objectives:
- Ensure it reports financial position correctly to shareholders
- Ensure it operates effectively and efficiently
- Ensure it complies with relevant laws and regulations
To achieve these objectives:
- Identify risks to these objectives not fulfilled.
- Implement internal controls (ICs) to mitigate risks
Therefore, we can conclude that the purpose of internal controls are to:
- Minimize business risks
- Ensuring the continuing effective functioning of the company
- Ensure the company complies with relevant laws and regulations
However, there still exists the limitations of internal controls:
- Human element: Humans can make mistake; risks on relying on integrity, and if they don’t understand the importance of ICs they may be less inclined to adhere to it.
- Collusion: More people working together to override segregation of duties
- Unusual transactions: ICs unable to detect mistakes, as normally or routine stuff is regulated
- Costly
The risk of ICs' limitations is higher for smaller companies, as they have fewer employees -> high human element, unable to have segregation of duties
Components of Internal Controls
Internal control comprises 5 components: Control environment, Company risks assessment process, Information system, Control activities, Monitoring controls
Control activities - Information processing controls
*the annotation of [6] means 6 points to remember
In essence, general control governs the 'access to the IT environment' and application control 'prevents misstatements in the IT system'.
For detailed explanation: https://www.youtube.com/watch?v=bafb1IyUKUU
Cyber security risks
- Human threats, Fraud, Deliberate sabotage, Viruses, Malware, Denial of Service (DoS) attack
How to combat these risks?
- Good communication
- Organisational structures to define responsibility and accountability for cyber security
- Board-level
- Non-executive directors and audit committees
Information about controls
Sources of information about company’s system:
- Company procedures manual
- Internal audit function’s system notes
- Inquiries made of company staff
Recording of controls:
Once the auditors have documented the ICs that are present, they should check that their understanding of these controls is correct by performin walk-through procedures.
Walk-through procedure: tracing a few transactions through the financial reporting system
- To test the auditor’s understanding of the control (instead of being a test of controls)
Chapter 6
Revenue System – Ordering, Dispatch and invoicing, Recording, Cash collection
Summary of controls in the sales system
Learning points from practice questions
- Control procedure to ensure that customers are invoiced for goods received
- Matching of dispatch records with sales invoices
- To test for completeness for reported sales of a manufacturing company
- Auditor should start from Goods dispatch records
Chapter 7
Purchase System – Ordering, Goods inward and recording of invoices, Cash payments
Overview of the purchase's process
Summary of test of controls on purchase system
Substantive procedures on purchase system
This section is not explicitly stated in the study manual, however I felt it is necessary to understand how substantive procedures can be carried, other than test of controls.
Learning points from practice questions
- How to avoid paying invoices for goods that had been returned as faulty OR unauthorised purchases be made for personal use
- Matching of purchase invoices with orders
Chapter 8
Employee costs - Calculate, Record and Payment
More specific risks and controls required
Overview of the payroll system and the substantive procedures
Learning points from practice questions
- Clock in and out ensures correct recording of hours, but it has no bearing on rate of pay
- Employees may be paid in the wrong amount if
- They are not given a personnel file
- Overtime work but no system for authorizing levels of overtime claimed
- Scenario: Reperform sample of calculations performed by payroll package is to ensure correct payment made, but no knowledge if it’s correct employee
Most effective ways to ensure payment made to correct employee- BACS list is reviewed by chief accountant together with supporting payroll documentation
- Print out from bank is agreed to the BACS list and any discrepancies investigated
- Ways to reduce risk of unauthorized disclosure of payroll data
- Access controls
- Encryption of data
- To ensure wages paid accurately
- Employees should be interviewed by production manager and a responsible personnel official
- Hours paid should be reconciled to timesheets
- The payroll master file would not contain details cumulative statutory deductions to date – these would be included on monthly payroll instead.
- If no central records kept for changes in personnel and pay rates
- Company may pay employees who have left
Chapter 9
Internal audit
Internal audit function: an appraisal activity established to the entity.
Functions include examining, evaluating, monitoring the adequacy and effectiveness of internal control.
- Achieve corporate objectives
- Maintain good systems of internal control
- Key role in assessing and monitoring IC policies
Other ways of assisting the boards
- Acting as auditors for board reports not audited by external auditors
- Experts in field of auditing and accounting standards, assisting in implementation of new standards.
- Liasing with external auditors
- Check that external auditors are reporting back to the board everything they are required to under auditing standards
What does internal audit function do?
- Monitor ICs
- Examine Fin and Op information (e.g. review accounting system, carry out ToD)
- Review economy, efficiency, and effectiveness of operations (include non-financial controls)
- Review compliance with laws, regulations
- Conduct special investigations, suspected fraud
- Evaluate significant exposures to risk, contribute to improvement of risk management and control systems
- Assess the governance in its accomplishment of objectives
Risks of business can’t be eliminated, but need to be managed via IC system, hence internal audit function has a two-fold role in risk management
- Monitor company’s overall risk management policy to ensure efficient operations
- Monitor strategies implemented to ensure efficient operations
Internal audit DON’T ASSIST IN DEVELOPMENT OF SYSTEM to retain objectivity, hence also NOT INVOLVED IN OPERATIONAL ACTIVITIES
- Only monitor the overall process and provide assurance that the systems meet objecives and operate effectively
- Termed operational audits when carry out work on controls
- Ensure policies are adequate and work effectively
- Via reading and discussing with members of department
- Assess adequacy, possibly advise for improvement
- Examine effectiveness by testing them
- Undertake special investigations like fraud
- Can function like traditional financial audits
Chapter 10
Documentation
Purpose of Documentation
All assurance must be documented. It provides:
- Evidence for auditor’s basis for conclusion about the achievement of the overall objectives of the auditor
- Evidence that the audit was planned and performed in accordance with ISA and other requirements
Documentation must be prepared in timely basis.
- Audit documentation = working papers. It is not legal but part of professional requirements. It contains:
- Record of procedures performed
- Relevant evidence obtained
- Conclusions the auditor reached
Other functions for the documentation
- Assist planning and performing of audit (not the developing of strategies)
- Direct and supervise work
- Enable accountability in the audit team
- Retain matters of continuing significance to future audits
- Enable experienced auditor to carry out quality control reviews, conduct external inspections in accordance with legal requirements
Auditors can also include
- Summary of all significant matters, and how they were addressed
- Facilitates efficient reviews
- Assist consideration of significant matters
Form and Content
Working papers should be sufficiently complete, but it cannot record everything. General rule is to include:
- NET of audit procedures performed to comply with ISAs
- Results, audit Evidence, Significant matters arouse, Conclusions reached (+ judgements) [RECS]
Form and content are affected by:
- Size and complexity of entity
- Nature of audit procedures performed
- Identified risks of material m/s
- Significance of audit evidence obtained
- Nature and extent of exceptions identified
- Need to document basis for conclusion not readily determinable
- Audit methodology and tools used
Working papers should show:
- Name of client, preparer and reviewer
- Date of reporting, preparation and review
- File reference
- Subject
- Objective of work done; include the Source of information
- How any sample was selected, and determination of sample size
- Work done
- Cross-referencing
- Results
- Analysis of errors
- Other significant observations
- Conclusions
- Key points highlighted
Automated and electronic working papers
Automated: automatically cross referenced, adjusted and balanced by computer
But all big firms use electronic working papers which do not involve automatic calculations. They can be cross-referenced within the program, and signed off electronically.
Filing working papers
Safe custody and retention of documentation
- For ICAEW: keep all audit working papers at least 6 years from the end of accounting period
Ownership of and right of access to documentation
Firm may show working papers to the client at their discretion. It shouldn’t be made available to third parties without the permission of client.
Chapter 11
Evidence and Sampling
Evidence: Sufficient and Appropriate
- Sufficient: Quantity
- Appropriate: Quality & Reliability
- External > Internal
- Direct from auditor's > Indirect
- Entity - for control systems operation
- Written > Oral
- Originals > Photocopies/facsimile
Procedure to gather evidence
A reminder from Chapter 3:
Analytical procedures must be used in
- Planning: To identify risks
- Completion of report: As financial statements reflect the auditor's opinion
Optional in Evidence gathering stage; only if it’s fast (proof-in-total) and reasonable testing
Computer assisted audit techniques
Data analytics
- Science & Art of discovering & analyzing patterns, deviations and inconsistencies
- Extract useful info for analysis modelling and visualization
- Do not need to create a tailor-made software
- Generate intuitive visualizations of complex data
- Useful to analyze
- ALL transactions, Reperform calculations;
- Match transactions;
- Assist in SoD testing;
- Compare entity data to externally obtained data;
- Manipulate data to assess impact of diff assumptions
- Analyses of revenue trend;
- Matches of order to cash and purchase to payments;
- 3-way matches between invoices, GRN/Dispatch document, Purchase/Sales orders
Directional testing
Audit of accounting estimates
Risk: Management may be biased in the judgements when calculating estimated figures
Procedures:
- Test the process of management used to estimate the figure and the data on which it is based
- Use a point (independent) estimate
- Review subsequent events
- Obtain written representations
Sampling
Audit sampling:
- Testing less than 100% of items within population
- All sampling units have a chance of selection
- Auditor has a reasonable basis to draw conclusions (Reasonable/limited level of assurance)
What is NOT SAMPLING:
- Testing all items; Testing with certain characteristics (High value, Over certain amount, To obtain info)
- ▶️ DOES NOT REPRESENT THE ENTIRE POPULATION
Statistical sampling: Random selection + Use of probability theory to evaluate sample results, including the measurement of sampling risk
Design of the sample
ISA 530: consider the purpose of the audit procedure and the characteristics of the population from which the sample will be drawn when considering the sampling and selection methods.
Methods of sampling
- (S) Random: Use random numbers to select samples
- (NS) Haphazard: Imitate random sampling; 'go for the feeling'
- (NS) Block/Sequence: Entire block of data is selected [cut-off]
- (S) Systematic: Constant interval (need to ensure that no hidden patterns)
- (S) Monetary Unit Sampling (MUS): Use computers & concept of ‘every £ is given on equal opportunity to be selected’, based on aggregated figures
Sampling risks
- Risk that samples chosen are not representative of the population
- 'If I test the entire population, the result will be different' 🤔
Non-sampling risks: Misinterpret or use incorrect procedures to obtain evidence
Factors influencing sample sizes
How to draw conclusions from sampling
If errors are identified:
- Extrapolate error
- Compare extrapolated error to materiality level
- Below materiality ▶️ Draw conclusions
- Over materiality ▶️ Extent testing
For example:
- Materiality = £50k, Error identified = £48k ▶️ Extend
- Materiality = £50k, Error identified = £500 ▶️ Draw conclusion
However, Qualitative Materiality, e.g. Director's transactions, is valid no matter how insignificant the identified error is compared to materiality.
Only refer to senior if Anomaly error is discovered
- One-off and Not representative of the population
Occasions that are not error:
- Short timing difference
- Mispost of account but within the same balance (did not change the total number)
Therefore, Do not extrapolate.
Evaluation of misstatements (m/s)
Auditor needs to evaluate effect of
- identified m/s on audit
- any uncorrected m/s on financial statements (FS)
Auditor needs to communicate all m/s on timely basis to management, request them to correct m/s, request a written representation from management whether they believe the effect is immaterial to the FS
IF management refuses to correct some or all of m/s, auditor shall:
- Obtain management’s reasons
- Determine whether uncorrected m/s are material
- Communicate individual uncorrected m/s to those charged with governance and request to be corrected, mentioning any effect on the opinion of auditor’s report
- Request a written representation from management that m/s is immaterial to FS
Auditor MUST CONSIDER size, nature and circumstances of m/s (regulatory requirements, debt covenants)
Chapter 12
Written representations
Written representations:
- Piece of audit evidence
- Made by senior management of client’s company to the auditor
- Not made by all client staff
- Must corroborate with other evidence; on its own 🟰 JUNK
- Cannot act as substitute for other evidence
Reliability of written representations depends on: Competency; Integrity; Ethical values; Diligence of management
Timing: Must obtain the written rep ON or BEFORE date of audit report.
Disclaimer: Although written representation is a letter from the client's management team, but in reality Auditor prepares and Client acknowledges.
Content
Must include:
- Acknowledge client's responsibility in the preparation of the FS
- Disclosed all info and explanations; Auditors have full access to them
- FS records & reflected all transactions
- Uncorrected m/s, when aggregated, remains immaterial; have included list of uncorrected m/s
May include:
- Accounting policies
- Plans or intentions that affect the carrying value of A&L
- Actual and contingent liabilities
- Title to assets, liens on assets
- Aspects of laws, regulations and contractual agreements
- Have communicated all aware deficiencies in ICs
- Required by other ISAs
- Support for management’s judgement or intent in relation to a specific assertion
What happens if written representation is inconsistent with other evidence?
- Auditor performs other audit procedures to resolve this matter
- If remains unresolved
- Reassess reliability of the written representation
Areas usually covered by written representation
Chapter 13
Substantive procedures
C = Completeness; R = Rights & Obligations; V = Valuation; E = Existence; Acc =
Before moving on to the substantive procedures, let's understand the concept of positive and negative confirmation when approaching third parties.
When selecting balances for confirmation, avoid disregarding small, negative or nil balances.
Circularize information: Auditor send the confirmation out, then respondent replies directly back to the auditor not through the client.
Confirmation process: After 2 weeks no response -> Issue a 2nd confirmation letter, 2 weeks no response -> Obtain permission from client to communicate with the respondent, 2 weeks no response -> Appoint an independent individual from the department to gather the confirmation.
Non-current assets (CRVE)
Intangible non-current assets
Risks:
- Existence: Expense being capitalized as non-current asset
- Valuation: Wrong cost
- Inflating cost
- Charging inappropriate amortization
- Impairment reviews not carried out properly
Sources of evidence:
- Accounting standards of intangible assets
- Purchase invoices or documentation
- Client calculations and schedules
- Specialist valuations
Inventory (CRVE but VE has bigger role)
Sources of evidence
- Company’s control over inventory counting
- Auditors’ attendance at inventory count
- Cfm with third parties holding the inventory
- Purchase invoices, work-in-progress records for inventory
- Post-year-end sales invoices, price lists and sales orders
For perpetual inventory system:
- Need to perform inventory count ANNUALLY
- Adequate inventory records
- Satisfactory procedures
- Corrects ALL material differences
Cost vs Net Realisable Value (NRV)
NRV < Cost when:
- Inc in costs/ fall in selling price
- Physical deterioration
- Obsolescence
- Marketing decision
- Errors in production or purchasing
Receivables
Auditor needs to pay special attention on
- Old unpaid accounts
- Account written off
- Account with credit balances
- Account settled by round sum payments
- Account with nil balances
- Account paid by date of examination
Frequent reasons on disagreement between client and third parties
- Dispute
- Cut-off problems
- Wrong account posted (not counted as misstatement)
- Net off balances by suppliers
- Teeming and lading
Cash at Bank (CRVE)
Sources:
- Cash book
- Confirmation from bank
- Bank statements
- Bank reconciliation carried out by client
Payables
Sources of evidence
- Auditor compares supplier statements with payable ledger balances.
- Normally adhere to 'Negative response' when asking suppliers
- However, auditor requires 'Positive response' when
- Incomplete supplier statements
- Weakness in internal controls
- Client deliberately understate payables
Long term liabilities
Statement of profit or loss (C)
What should be reported to senior staff?
- Conclusions of audit procedures performed. Especially if negative conclusion
- Exceptional items and unusual accounting entries
- Indications of possible money laundering, especially for industry with large cash flow
- Issues to be discussed with client
- Anything unsure about or does not understand
Chapter 14
Codes of professional ethics
Why do we need ethics?
- People rely on accountants
- Gives protection to accountants as individual cannot be accused of acting differently
- Maintain the reputation of the professional for the public
Differences between rules-based and principle-based ethics
IESBA Code (Also followed by ICAEW)
Fundamental Principles
- Integrity: Straightforward and honest
- Objectivity: No bias
- Confidentiality: Not disclose without proper and specific authority
- Professional behaviour: Comply with relevant laws and regulations
- Competency and Due Care: Maintain professional knowledge and skills
Auditors shall not:
- Exaggerate claims for services, qualifications, and experience
- Disparage references and unsubstantiated comparisons to work of others
*Independence is not part of fundamental principle but auditor needs to be independent of their clients.
Guidance
- Identify threats
- Evaluate significance
- Apply safeguards to eliminate or reduce them to an acceptable level. If no safeguard available, it is only appropriate to
- Eliminate the interest of threat
- Decline the engagement
Independence of mind: state of mind not affected by influences that compromise professional judgement
Independence of appearance: avoidance of facts and circumstances which are so significant that a reasonable and informed third party would be likely to conclude that a firm's, or an audit team member's, integrity, objectivity or professional scepticism has been compromised.
Threats to objectivity
ICAEW:
- Self-interest: have financial interest in client
- Self-review: audit FS prepared by the firm
- Advocacy: promote client’s position by dealing in its shares
- Familiarity: have family in client co
- Intimidation: threats of replacement
FRC
- Management: doing work that should be carried out by management
Safeguards
Chapter 15
Integrity, objectivity and independence
Integrity: Being straightforward and honest
Objectivity: State of mind
Independence: Circumstances surrounding the situation
Threats to objectivity
- Self-interest threat
Motives:
- To preserve investment/ relationship
- In fear of losing client
- Stand to gain non-financially
- Advocacy
- Seen by an independent third party to be promoting client's position or products
There will be no safeguard to follow if any of the above situation occurs, and the objectivity of the firm will be impaired immediately.
- Self-review
- Rely too heavily on colleague's work or fail to criticize any shortcomings
- Intimidation
- In fear of losing the client or feel threatened
- Familiarity
- Too trusting and apply less scepticism
- FRC ethical code: Management
- Making decisions on behalf of client; align towards their interests
- Very much like self-review
- Safeguard: establish Informed Management
Accept new clients
- If integrity of management is doubtful, consider resignation as last resort
- However, if there is a change in management, accept the engagement while applying safeguards
- Obtain commitment from those charged with governance that they will improve their management
Resolve ethical conflicts
Accountant should consider:
- Facts, parties, ethical issues involved
- Fundamental principles related
- Established internal procedures and alternative course of action
Chapter 16
Confidentiality
One of fundamental principles of ICAEW Code of Ethics; so that the auditor gains trust to receive all info and explanations required from client.
Safeguards against accidental breach of confidentiality:
- Do not discuss client’s affairs in public places
- Should not leave files unattended or in unsecured places or devices
Accountant should not use the knowledge gained for personal reasons but can use the EXPERIENCES gained from previous employment
Disclosure of confidential information:
- May disclose when: Consent from client; public duty
- Change in auditors, confirmation, sued for negligence
- Must disclose when: Legal/professional duty
- Client involved in terrorism and money laundering
Money laundering
- Make or save money from non-compliance with laws and regulations
- E.g. Asking customers to bank in to its own account to prevent tax
- Conceal the origins of proceeds which is usually obtained from criminal activities
Responsibilities of auditors
- Report to Money Laundering Compliance Principal (MLCP)
- MLCP consider reporting to NCA
- Avoid tip-off
- Report based on suspicion
Conflicts of interests
- Unable to act in the best of interests of both parties OR
Unintentional/Intentional leakage of confidential info arise if we have clients within the same industry - Principles at threat: Confidentiality and Objectivity
So, can a firm audit 2 competing clients? 🤔
Yes, provided:
- Establish Informed Management
- Establish information barrier (physical separation of team and control reviewer, and physical control over data)
- Confidentiality agreement with team members
- Independent partner to review
The End
Finally
I hope you'll find this overview of the 300-page Assurance CFAB study manual and my insights from tackling the practice questions informative. Once again, please note that certain details might have been overlooked, and I welcome any feedback or corrections from fellow professionals. Happy studying~
A big shoutout to my sister's friend for providing her notes to aid in my studies 📓