Following a revision to ISA (UK) 700 (Revised January 2020), for audits of financial periods commencing on or after 15 December 2019, auditors are required to explain in the auditor’s report to what extent the audit was considered capable of detecting irregularities, including fraud.
This was already a requirement for auditors of public interest entities (PIEs) in ISA (UK) 700.
Irregularity is not defined in UK legislation. We can however turn to a corresponding definition in ISA (UK) 250A (Revised November 2019) relating to ‘non-compliance’ which defines this as ‘Acts of omission or commission intentional or unintentional, committed by the entity, or by those charged with governance, by management or by other individuals working for or under the direction of the entity, which are contrary to the prevailing laws or regulations’.
Changes in the Revised ISA (UK) 700
The revisions to UK auditing standards extend the requirement to include an explanation of the extent to which the audit was considered capable of detecting irregularities, including fraud, to all audit reports (not just PIEs).
What is included in the auditor’s report?
The FRC has suggested some wording in the section of the auditor’s report which describes the auditor’s responsibilities for the audit of the financial statements. The FRC also states that the auditor considers how this is tailored to each entity’s individual circumstances. The auditor needs to ensure that such an explanation reports matters of significance clearly and concisely, without the use of boilerplate text. The explanation would be expected to cover how the auditor has assessed the risk of material misstatement in respect of irregularities, including fraud (and non-compliance with laws and regulations (NOCLAR)), and the auditor’s approach to responding to those risks as part of the audit.
The level of detail required will depend on the specific circumstances of the entity and the significance of the irregularities in the context of the financial statements as a whole.
During the COVID-19 pandemic, from the list below, fraud, money laundering, and insolvency processes and procedures are likely to be key considerations. Public health and safety is also likely to be of great public interest.
- insolvency processes and procedures;
- fraud, corruption and bribery;
- money laundering, terrorist financing and proceeds of crime;
- securities markets and trading;
- banking and other financial products and services;
- data protection;
- tax and pension liabilities and payments;
- environmental protection; and
- public health and safety.
The COVID-19 working environment increases the inherent risk of fraud. ISA (UK) 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements discusses fraud risk factors, being events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud, areas to be considered are:
- Going concern risk, including pressure to meet covenants;
- Government supports schemes fraudulently being claimed;
- Potentially more opportunities for fraud with more remote working; and
- Public health threats, for example PPE sold under fraudulent schemes.
Of course, many more areas may be appropriate too.
Where auditors are assessing fraud risks and performing testing remotely, there may be additional difficulties. Therefore, when the auditor describes the extent to which the audit was capable of detecting irregularities, including fraud, and describes procedures carried out as part of the audit response, the wording should be sufficiently tailored to describe changes to the audit approach due to the current environment.
If you have any questions, you can call us on 01243 782 423 or head to our contact page and we will be in touch!