REVISITING AUDITING STANDARDS

Background to Auditing Standards

As mentioned earlier, section 143(9) of the Companies Act states that ‘Every auditor shall comply with the Auditing Standards’. This is followed by section 143(10) which clarifies that the Institute of Chartered Accountants of India, in consultation with the National Financial Reporting Authority (NFRA) would recommend Auditing Standards for adoption by the Central Government. Till that time, the Auditing Standards issued by the ICAI would have to be followed.

The ICAI has issued 40 Auditing Standards segregated into seven different areas:

These standards cover an eclectic variety of areas and are comprehensive in their coverage to enable auditors of any type of entity to discharge their duty with confidence. The standards within the above broad areas are detailed below:

General principles and responsibilities

The nine Auditing Standards on general principles and responsibilities lay down the foundation for the Auditing Standards on other topics. These Standards cover an eclectic array of areas such as the terms of the audit engagement, quality control, documentation and the auditor’s responsibilities relating to fraud. In addition, they also provide guidance on consideration of other laws and regulations, communicating with Those Charged With Governance (TCWG) and communicating deficiencies in internal control. These are considered to be the general responsibilities of the auditor. While the terms of the audit engagement are best left to the auditor and the client, there should not be a situation where there is no engagement entered into at all just because of familiarity. In a similar vein, both the quality and quantity of the audit documentation maintained are equally important for the audit.

Risk assessment and response to assessed risks

One of the greatest risks in the preparation and presentation of financial statements is that of material misstatement. The six Auditing Standards on risk assessment and response to the risks that have been assessed by the auditor mandate planning the audit of financial statements and understanding the entity and its environment to assess risks of material misstatement. Since no audit can cover a comprehensive review of all transactions, one of the Auditing Standards covers the concept of materiality. It is also important that the auditor conduct some procedures as a response to the risks that he has assessed. The auditor would also have to evaluate the action to be taken on misstatements that have been identified during the audit.

Audit evidence

The importance of reviewing and retaining evidence that has been gathered during an audit can never be over-emphasised. The series of Auditing Standards on audit evidence describes what is audit evidence and provides specific considerations for specific items. External confirmations (such as bank balances and balances of trade receivables) would have to be obtained. As there would be a lot of audit evidence available regarding the entity being audited, the auditor has to use analytical procedures and sampling techniques to ascertain the quantum of evidence that he would need. The set of Auditing Standards on audit evidence provides guidance on transactions with related parties, subsequent events, assessing the going concern concept and obtaining written permissions.

Using the work of others

Many a time during an audit, the auditor has to use the work of other auditors such as Internal Auditors, Concurrent Auditors and Stock Auditors. It is also possible that the auditor may have to use the work of experts such as fair valuers for land and building and financial assets. These areas have been covered in the three Auditing Standards on using the work of others.

Audit conclusions and reporting

The finished product or the end result of an audit assignment is the issuance of the Audit Report. The Audit Report contains different paragraphs such as forming an opinion and reporting on the financial statements, communicating Key Audit Matters in the independent auditors’ report, communicating matters that in the opinion of the auditors need emphasis (Emphasis of Matter) and modification to the opinion in the Independent Auditors’ Report. All of the above areas have been covered in separate Auditing Standards.

Specialised areas

Often, auditors are engaged to attest financial statements prepared in accordance with special purpose frameworks. For example, the Securities and Exchange Board of India (SEBI) mandates auditors to attest the financial statements presented in the draft red herring prospectus that precedes an IPO. The 800 series of Auditing Standards provides guidance on how these should be conducted and reported.

Standards on review engagements

On some occasions, auditors are asked to review historical financial statements and review interim financial information. SEBI requires auditors to perform a limited review of the quarterly results of listed companies. The standards on review engagements have been issued with the intention of enabling auditors to carry out these engagements. Since the review engagements are not audits, it is necessary that the Audit Report states these facts – these and other matters have been covered in the standards on review engagements.

The opinion of the auditors in their Audit Report is based on their conducting the audit on the basis of Auditing Standards prescribed by section 143(10) of the Companies Act, 2013.

In the present environment where business transactions are becoming complex and technology drives almost everything, the task of auditing becomes riskier. Recently, Regulatory investigations and interventions have also focused on compliance with Auditing
Standards.

IS THERE A CHANGE IN THE EXPECTATIONS OF AUDITORS FROM USERS OF FINANCIAL STATEMENTS?

One of the contexts in which the importance of Auditing Standards needs to be viewed is whether there is a change in the expectations of auditors from users of financial statements. In 1896, Justice Lopez ruled in the case of Kingston Cotton Mills that the auditor is a watchdog and not a bloodhound. Those days are long gone. To take an analogy from cricket, auditors these days are more like an umpire who needs to report on anything that needs to be reported by the laws or regulations without fear or favour. Auditing Standards are the tools that the auditor will use to report. Although there is a vast array of Auditing Standards, the users of financial statements cannot expect the auditor to detect well-conceived fraudulent transactions. However, the auditor would be able to sensitise the users of financial statements on areas that are of concern to him. It is up to the management to take note of these and ensure that corrective action is taken. Using Key Audit Matters, Emphasis of Matter and other paragraphs permitted by Auditing Standards, the auditor should be able to red-flag issues that could snowball into a crisis later.

AUDIT RISKS

In the present environment, audit risks have increased manifold. Over the last decade or so, most Regulators all over the world have had to issue negative comments on auditors who failed to report on entities that were deteriorating rapidly and ultimately had to either apply for bankruptcy or be sold at a bargain. A leading real estate company in the UK and a company in the infrastructure development and financing space in India are cases in point. In both these cases, auditors were auditing these companies for a very long time and hence were aware of the pain points. Yet, they failed to report on these. An extract from the report of the NFRA on the auditors of one of the companies reads:

‘This AQR has the objective of verifying compliance with the Requirements of Standards on Auditing (SAs) by the audit firm relevant to the performance of the engagement. The AQR also has the objective of assessing the Quality Control System of the audit firm and the extent to which the same has been complied with in the performance of the engagement.’

As a part of the conclusion, the report states:

‘The instances discussed below of failure to comply with the requirements of the SAs are of such significance that it appears to the NFRA that the audit firm did not have adequate justification for issuing the Audit Report asserting that the audit was conducted in accordance with the SAs. In this connection, the NFRA wishes to draw attention to Response 12 in the ICAI’s Implementation Guide on Reporting Standards (November, 2010 edition) that says that “A key assertion that is made in this paragraph is that the audit was conducted in accordance with the SAs”; and that “If during a subsequent review of the audit process, it is found that some of the audit procedures detailed in the SAs were not in fact complied with, it may tantamount to the auditor making a deliberately false declaration in his report and the consequences for the auditor could be very serious indeed”. It bears emphasis that the very serious consequences referred to would ensue irrespective of whether such non-compliance was or was not associated with a proved financial reporting misstatement. Failure to comply with any of the requirements of applicable SAs indicates that the audit firm has failed to achieve the central purpose of the audit and that there was not an adequate basis to issue the report that it did.’

Even if we assume that such cases should be treated as an exception, the conclusions reached by the NFRA should be a matter of concern to the auditing fraternity.

An issue that needs to be discussed is whether Regulators and Government agencies should be given the power to prescribe Auditing Standards and also review whether auditors have followed these standards. Auditing Standards are a part of the Companies Act, 2013 and auditors who do not comply with these Standards are violating the Act. The Act itself has a number of penal provisions for non-compliance. Hence, getting other Regulators also to penalise auditors would not only result in multiplication of roles but also cause confusion as to who takes the action first. Auditing Standards are best left to the Institute of Chartered Accountants and taking action for non-compliance is best left to the Companies Act.

COVERAGE OF AUDITING STANDARDS

As can be seen from the list tabulated above, Auditing Standards cover an eclectic variety of topics from audit risks to documentation to sampling. If applied in toto, the present set of Auditing Standards should be able to cover all risks that an auditor may face during the audit – the standards would also enable auditors to minimise their risks. However, since Regulators seem to be raising their expectations from the auditors, auditors would need to take extra care to ensure that the audit team has followed all Auditing Standards.

CONCLUSION

From the above discussion it can be concluded that auditors need to focus their attention on the applicability of Auditing Standards to the entity under audit and how they have documented the manner in which the requirements of the particular Auditing Standard have been carried out. The Public Company Accounting Oversight Board (PCAOB) in the United States carries out regular inspections in accordance with the provisions of the Sarbanes Oxley Act. A cursory analysis of their reports reveals that auditors have two options to prove that they have followed all Auditing Standards in an audit:

•  Maintain and produce documentary evidence that they have followed all auditing standards; and

•  Produce persuasive other evidence, other than oral assertions and explanations.