Question

For each of the following independent situations, you are in the planning phase of the audit and have come across with the following information:

1. B&S is a merchandising company. The company has been doing business in Australia for the last 20 years. The accountant of B&S has been notorious for finding gaps in the legislations in order to make its clients’ financial statements look presentable as desired by the clients themselves. In the past few years, B&S has always been required by the Australian Tax Office to provide additional supporting information after the lodgement of its tax returns.

2. Zen runs a chain of superstores in Australia. Zen is highly dependent on the IT system to run its transaction processes with the suppliers. Moreover, to save time, each of Zen’s individual stores can raise their own inventory requisition without any authorisation from the central purchase department.

3. Neptune manufactures generators for domestic users. Seven years ago Neptune manufactured a generator far superior to any of its competitors at half the price. It has therefore dominated the market over the past few years. However, recently one of Neptune’s main competitors introduced a new generator to the market. It can produce electricity at twice the amount of Neptune’s generator by spending same amount of fuel and hence is superior to Neptune’s generator. However, Neptune’s CEO is quite optimistic about the whole situation. He told you that a pricing strategy will soon be implemented to defeat the respective competitor with a lower price.

4. Thomson has planned to close an inefficient factory in country New South Wales before the end of current year. It is expected that the redeployment and disposal of the factory’s assets will not be completed until the end of the following year. However, the financial controller is confident that he will be able to determine reasonably accurate closure provisions.

5. To help achieve the budgeted sales for the year, Richardson is about to introduce bonuses for its sales staff. The bonuses will be an increasing percentage of the gross sales made, by each salesperson, above certain monthly targets.

Required: For each of the scenarios above, explain how the components of audit risk (inherent, control or detection risk) are affected.

Answer 1

Audit Risk
Audit risk is the risk that the financial statements of a Company are materially misstated but the audit opinion is unqualified, in other words, the auditor gives a clean opinion.
It mainly consists of 3 types of risks:

Audit Risk = Inherent risk x Control risk x Detection risk
Inherent risk and Control risk are together called Risk Of Material Misstatement (ROMM)

Before we go further, understand that the phrase 'materially misstated' means that there is a significant error or omission in the financial statements that affects its reliability and can change the perception of various stakeholders regrading the financial performance and position of the Company.

Inherent Risk
It refers to the risk of material omission or error in the financial statements that are NOT due to failure of controls. For example, a Company dealing in IT services may have a greater inherent risk compared to your local supermarket. It depends on the nature of transactions, extent of estimates made by management on various financial variables and managerial judgement to name a few.

Control Risk
The risk that an existing control fails to prevent, detect and correct a material error or fraud. Here, the control is said to be weak. For example, the maker- checker process is an essential control but if it doesn't exist in let's say approval of purchase orders then fake orders can be generated which is a risk.

Detection Risk
This risk is related to the Auditor unlike the other two risks. It is the risk that the auditor's procedures were not able to identify a material misstatement in the Financial Statements. This can be due to improper audit planning, inadequate testing of procedures and controls etc.

For the scenarios given above,

1. There is an inherent risk in B&S. It's accounts are handled by an accountant who finds loopholes in regulation. There is a risk of tax evasion or fraud and it may cost B&S large sums of money to rectify the same if caught. This also points at a weak or abscense of an essential control - management authority and independence. The management has to keep a professional accountant as an employee. In this case, the management is not overseeing the accountant. For an auditor, since ROMM is high, and moreover, The Australian Tax Office scrutinises this Comapany's accounts more carefully, the auditor needs to increase testing to ensure he doesn't omit any error or fraud.

2. All IT related risks (eg. hacking into the system to steal records) is an inherent risk. Transactions with suppliers is an important business function. Moreover, there is a major control lapse: branches can independently raise Purchase Orders without the central purchasing dept.'s authorisation. This means there is no limit placed on purchases and no check to ensure that high value or wasteful purchases are made by branches. To reduce detection risk, Auditors will have to conduct an ITGC testing, ie. IT General Controls testing. The software used by the Company should have strong firewalls that don't compromise data. Authorization is mandatory for all purchases beyond a certain limit from head office.

3. In Neptune's case, there is competitive pressure from a market player. A major indicator of inherent risk is the judgement made by managers, which should be rational and not biased. If Neptune's competitor's product take off it may make Neptune's generators obsolete, leading to major losses. This needs to be considered by management. There is a risk that the manager blinded by defeating the competitor by reducing costs can understate costs or overstate revenue in the financial statements. The auditor's procedures must look into costing of products and completeness and accuracy of sales to reduce detection risk.

4. With respect to Thomson, the inherent risk is that in the urge to close down quickly, correct lawful procedures may not be followed. A check has to be placed on the qualification of liquidator who will dispose of assets and settle liabilities. Whether liabilites settlement is fair and as per law. Shareholders have to be paid any surplus towards their capital resulting from liquidation. Appropriate testing procedures need to be set by the auditor to detect any form of malfunctioning. Auditor has to check valuation of assets with an acturial to ensure that fair disposal takes place.There is a control risk in the fact that the financial controller will be handling closure of business. He is part of management and therefore there is a risk of management override of controls.

5. In the case of Richardson. there is an inherent risk of overstating sales or understating costs to reach budgeted figures. To reduce detection risk for this specific case, the auditor has to look carefully at payroll details; the salespersons details, sales achieved by them and calculation of bonuses. Misappropriating of revenues is also possible by creating fake employees and crediting bonuses in their salary accounts. HR related controls must be strong. While HR manages salespersons count and contribution stats, the same should be verified by accounts team before releasing bonuses.