International group audits: common challenges
Besides improvement of communication, we daily face all kind of challenges when performing group audits. In my previous article on international group audits I clarified the international standard for (international) group audits (ISA 600) and the necessary future revisions to force improvement of communication and eventually smoothen group audits. Although I strongly believe that an open communication between a group auditor and component auditors will contribute in achieving your goals, some challenges seem to be recurring in performing group audits. What are these common challenges when performing international group audits?
One of my favorite recurring challenges we face in group audit is the definition of corruption. In 2016 the Authority for the Financial Markets (AFM), which is responsible for the public oversight on audit firms, sent a letter to the audit firms to request for attention on risk regarding corruption. I strongly encourage the focus on this subject, but when it comes to the definition of corruption, the first challenge is born. For example: according to Dutch Law there is no difference between “obvious” corruption and so called “facilitation payments”. Such payments, which are basically small payments to smoothen a process, are defined as a criminal offense by Dutch Law, but internationally those are often excluded. And although The Netherlands has a high rank on the Corruption Perceptions Index 2017, the majority of countries are making little or no progress in ending corruption.
Reliability of computer processed data
Another challenge that has grown the last couple of years is the focus on the reliability of computer processed data. A recurring comment of the AFM in The Netherlands (based on quality reviews on audit files of audit firms), is that auditors perform no or limited procedures on IT General Controls and Application Controls, however do rely on the output of the system of the client. Although I do see the importance to improve the documentation surrounding this subject, the majority of the countries have not yet found the urge to push auditors to enhance this.
Fraud on revenue recognition
When auditing the revenue recognition, an auditor must act on the assumption that there are risks of fraud in the revenue recognition, since fraudulent financial reporting is usually associated with intentional reporting of incorrect or incomplete revenue. Especially the completeness of the revenue recognition has a strong focus of the AFM in The Netherlands when performing quality reviews on audit files of audit firms. In the majority of the countries, component auditors would perform limited procedures on the completeness of revenue recognition and generally focus on the accuracy of the revenue recognition, without explanatory instructions.
Overcome the common challenges
So how do we overcome these common challenges? As a group auditor it is our responsibility to direct, supervise and perform the group audit engagement. Understanding the group, its components and their environments is crucial before sending instructions to component auditors. Instructions should be tailor made to the client and not just a 99% template questionnaire.