Consideration of Laws and Regulations in an Audit of Financial Statements

CAS 250

Consideration of Laws and Regulations in an Audit of Financial Statements

General
  • Management is responsible for complying with laws and regulations
  • The auditor is not responsible for preventing non-compliance with or to detect non-compliance with laws
The Auditor's Consideration of Compliance with Laws and Regulations
  • As part of obtaining an understanding of the entity and its environment obtain a general understanding of the laws and regulations applicable to the entity and how the entity is complying with those laws and regulations
    • Use your own knowledge of business and inquire management to figure this out
  • Obtain sufficient appropriate audit evidence regarding compliance with laws and regulations that have a direct material effect on the financial statements
    • Examples: compliance with income tax act, non-compliance with laws leading to fines, litigation
  • Perform the following two audit procedures to help identify instances of non-compliance with laws that have a material impact on the F/S
    1. Inquiring of management and those charged with governance, as to whether the entity is in compliance with such laws and regulations; and
    2. Inspecting correspondence with regulatory authorities
  • During the audit, remain alert to the possibility that other audit procedures may bring instances of non-compliance; therefore, be alert when:
    • Reading minutes;
    • Inquiring management and the client’s lawyers regarding litigation, claims and assessments
    • Performing substantive tests of details
  • Request management and those charged with governance to provide written representations that all known instances of non-compliance or suspected non-compliance with laws and regulations that affect the F/S have been disclosed to the auditor
    • written representations do not provide sufficient appropriate audit evidence on their own (you can only use it to corroborate evidence obtained via other procedures)
Audit Procedures When Non-Compliance Is Identified or Suspected
  • If the auditor aware of non-compliance or suspected non-compliance, the auditor should:
    • Get an understanding of the nature of the act and the circumstances in which it occurred; and
    • Get further information to evaluate the effect on the F/S (i.e. financial consequences of non-compliance (fines), required disclosures)
  • Some indications of possible non-compliance include
    • Unauthorized transactions or improperly recorded transactions
    • Unusual transactions with companies registered in tax havens
    • Investigations by regulatory organizations and government departments or payment of fines or penalties
  • If the auditor suspects non-compliance, he/she must discuss with management and those charged with governance. If mgm’t doesn’t provide information that demonstrations that they are in fact in compliance, and if the non-compliance will have a material impact on the F/S, the auditor needs to get legal advice on whether a law has been broken, the legal consequences, the possibility of fraud, and how the auditor should proceed
  • If sufficient information about suspected non-compliance cannot be obtained, the auditor may have a scope limitation (and may need to provide a disclaimer of opinion or qualified opinion)
Reporting Non-Compliance to Those Charged with Governance
  • Communicate with those charged with governance concerning matters involving non-compliance with laws and regulations that come to the auditor’s attention (if non-compliance is intentional and material do this ASAP)
  • If auditor suspects intentional non-compliance by management or those charged with governance, always report one level above (i.e. the audit committee)
Reporting Non-Compliance in the Auditor's Report on the Financial Statements
  • If the non-compliance has a material effect on the F/S , and has not been adequately accounted for in the F/S express a qualified opinion or an adverse opinion
  • If the auditor is precluded by management from obtaining sufficient appropriate audit evidence to evaluate whether non-compliance that may be material to the F/S has occurred, there is a scope limitation; therefore, express a qualified opinion or disclaim an opinion on the financial statements
Reporting Non-Compliance to Regulatory and Enforcement Authorities
  • Determine whether the auditor has a responsibility to report the identified or suspected non-compliance to parties outside the entity
    • Auditor’s professional duty to maintain the confidentiality of client information may prevent reporting identified or suspected non-compliance
    • Note that the duty of confidentiality may be overridden by statute, the law or courts of law
    • It is best to get legal advice to determine the appropriate course of action
Documentation
  • The auditor’s documentation of findings regarding identified or suspected non-compliance with laws and regulations may include, for example:
    • Copies of records or documents
    • Minutes of discussions held with management, those charged with governance or parties outside the entity.

Spread the Word!

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on email
Email
Share on whatsapp
WhatsApp