Cash includes cash equivalents. Cash is shown under the “current assets” of the balance sheet. These are the liquid assets of the company. The most important component for any audit is checking cash. The inherent risk and control risks are both high in the handling and management of cash.
Auditors should ask following questions while auditing the cash:
Who are authorized signatories to bank cheque?
What is the process and who prepares bank reconciliations?
Are all bank accounts reconciled?
Who and how they reconcile the bank account balances to all respective general ledgers?
How is the cut-off determined with respect to the accounting period for cash transactions?
Is there segregation of duties among persons handling cash, making payments, and reconciling the balances
Are there any cash equivalents?
How many cheques are in transit?
The inherent risk and control risk in the obligations form the risk of material misstatement with respect to cash. The risk of being susceptible to misstatement due to the nature of the cash is the inherent risk of the cash transactions. Control risk occurs when the internal control system of the client fails to prevent or detect material misstatement in the cash. Some risks associated with cash are unauthorized transactions, wrong recording of cash, and non-confirmation with cash policies of the company.
Fraud Risk in the Cash
Most of the financial frauds in the history of finance have occurred in cash. Basically, two types of cash frauds have existed. One would be stealing cash by collusion among staff and others would be to overstate cash in the balance sheet colliding with auditors. Incentive, opportunity, and rationalization form the triad of any cash fraud.
The person who does cash fraud may feel they are being paid little incentive and hence, they engage in stealing cash. When the staff is working closely with cash affairs, this provides them opportunity due to proximity to cash. Rationalization of cash fraud happens when the top management thinks it to do so. This creates an unethical company environment.
Inherent Risk for Cash
Inherent risks are outside the scope of auditors. However, auditors need to find and test controls in order to know what level of inherent risk the company is dealing with in case of cash. Cash has a high inherent risk because of its nature. The followings are the reason stating why cash is inherently risky:
Cash has the highest volume of transactions. All the business operations are done in cash. Hence, the high volume creates tilt in being more susceptible to error as compared to other items of the balance sheet.
Cash can be easily stolen and manipulated through accounting gimmicks. The staff can collude in order to steal cash from the accounts in a slow manner.
Cash is the most liquid current asset that a company can have. Hence, it is most susceptible to fraud and manipulations as it can be easily transferable from one account to another bank accounts.
Cash is received when debts are taken. Hence, it creates unnecessary pressure in the management towards handling of cash in the situation of liquidity crunch. When there is pressure, irrational decisions are high in number.
Control Risks for cash
Control risk is the risk that internal controls cannot prevent, detect, or correct material misstatement that could occur on financial statements. If the inherent risk is high, a test of controls needs to be done. Auditors need to assess the level of control risk the client has with cash. It would depend on how effective the internal controls exist in the client’s place. Control risks occur when the same person is handling cash as well as authorizing cash transactions.
It occurs when there is no proper authority in place to oversee the cash transactions that happen in the company. Control risks increase as a result of the inherent risk of cash transactions. Further, cash attracts fraud which can be observed from the history of accounting and finance.
The segregation of duties and responsibilities is the most important internal control mechanism for cash. Auditors shall try to lower the detection risk to a tolerable level. Some of the control procedures followed by auditors are:
Separate persons are hired for receiving cash, recording cash, and reconciling cash balances.
Only the person authorized to handle cash should have physical access to cash.
Authorization of cash transactions shall be done by the appropriate authority of the company.
Cash receipt journal is reconciled to accounts receivable daily
The cash receipts are pre-numbered and prepared chronologically.
Accounts receivables generally mean Trade receivables in the financial statement of large listed public companies. Accounts receivables are disclosed under the headings “Current Assets”. These are trade or non-Trade receivables that have been specified by the company or regulations and meet the criteria of being classified separately. Accounts receivables are characterized as common and significant.
Example:
The company is running an account of Accounts receivables. The company has made sales to the tune of $ 1000 to Kuman Inc. This transaction sales made on account will be recorded under Accounts receivables. Similarly, the fixed asset if sold on account, would also come under accounts receivable. However, the sales transactions on account are general and fixed assets disposal are rarely made.
Risk of material misstatement for accounts receivable
The risk for accounts receivable would be internal control risk and inherent risk. The risk of being susceptible to misstatement due to the nature of the debt is the inherent risk of the accounts receivable. Control risk occurs when the internal control system of the client fails to prevent or detect material misstatement in the accounts receivable. Some of the risks associated are unauthorized transactions, wrong recording, and non-compliance with accounting standards on assets and accounts receivables.
An unauthorized transaction is a case where someone other than a person authorized and responsible for accounts receivable deals with the related matters either within the entity or with outsiders. Such risks generally create the risk of fraud which is itself material misstatement. The audit client shall correctly record debtors as per applicable accounting standards.
The proper classification of debtors shall be done. Further, the breach of Sales terms and conditions may lead to material misstatements. Hence, the auditor needs to clearly understand the sales arrangements and check if they are complied with within time and in full.
Inherent Risk for Accounts Receivable
The inherent risk in the case of accounts receivable is high. Auditors need to perform a test of control as well for accounts receivable to get a clearer picture of the inherent risk of accounts receivables. The inherent risk for accounts receivable would relate to nature, size, and the complexity of the business of the auditee.
If the business is more inclined towards financial or special situations like hire purchase business, the inherent risks would be higher in such a scenario. The susceptibility of accounts receivable to misstatement is basically an inherent risk. Some of the scenarios that are inherent risks and procedures to be followed for accounts receivables are as follows:
The non-existence of accounts receivables. For instance, fictitious invoices are generated to increase sales, and receivables are recorded on the current year when they are actually made after the year-end
Accounts receivables do not reflect true economic value. This generally happens during the creation of allowance for doubtful accounts based on probabilities and aging analysis.
The auditee has no control over receivables. This scenario happens when the accounts receivables notes are pledged as collateral for loans from banks are given to financial institutions on factoring arrangements.
Accounts receivables are based on contingent events. This happens if the company does not follow the guidelines issued by their accounting bodies such as IFRS and GAAP or regulatory authorities.
Aging analysis is not correct and does not signify the true picture of the certainty of receivables.
Control Risks for accounts receivables
The risk that internal control cannot prevent or detect material misstatement in financial statements is called control risk. Control risk for accounts receivable is related to control procedures of accounts receivable which is not able to prevent or detect a misstatement that can occur in accounts receivable. In case the inherent risk is high, the auditors carefully assess the internal control procedures in such a case. In such cases, control risks are minimized due to initial work is done.
Auditors would however need to perform tests of controls to obtain assurance of sufficient appropriate audit evidence to support their assessment if they assess that control risk is low. Further, if auditors think otherwise that control risk is high, tests of controls need not be performed.
Auditors would directly perform substantive audit procedures taking on bigger samples. Some of the scenarios that are control risks and procedures to be followed for accounts receivables are as follows:
Accounts receivable should be recorded alongside sufficient supporting documents. Supporting documents include customer purchase order, letter of lading, and sale invoice to ensure the existence of accounts receivables
Reconciliation of accounts receivables by tracing supporting documents and invoices with beginning and closing balances.
Ensuring that documents purchase order, bill of lading, and sales invoice are serially or prenumbered. This is useful to avoid omission.
Computation of allowance for doubtful accounts is made properly.
The risk of material misstatement is the susceptibility of the financial statements, accounts, and assertions to material misstatement, and the risk that the client’s current internal controls would be ineffective in proactively identifying and correcting the misstatements. The inherent risk and control risk in the obligations form the risk of material misstatement. The risk of being susceptible to misstatement due to the nature of the debt is the inherent risk. Control risk occurs when the internal control system of the auditee fails to prevent or detect a material misstatement.
To name some risks, unauthorized transactions, wrong recording of debt, and non-confirmation with accounting standards are material misstatements. An unauthorized transaction is a case where someone other than a person authorized and responsible for transaction-related affairs deals with either within an entity or with outsiders.
Such risks generally create the risk of fraud which is itself material misstatement. The audit client shall correctly record transactions as per applicable accounting standards. The proper classification shall be done. Further, the breach of policies and covenants would also lead to material misstatements.
This risk is assessed by auditors at the following two levels:
At the assertion level: This is further divided into inherent risk and control risk. Inherent means the transaction already would be vulnerable to threats.
At the financial statement level: This would mean risk on the company as a whole. The risk of going concerned about being impacted and not disclosed may fall under this.
Risk of Material Misstatement at the financial statement level
Such risks mean that that certain risks can affect financial statements as a whole and potentially have a major impact on several assertions. Various factors affecting the risk of material misstatement include incompetent management, Inadequate accounting systems and records, Operation in a rapidly changing industry, and poor governance by the board of managers.
The following are some of the pervasive risks at financial statement level:
Absence of financial reporting expertise
Absence of segregation of duties and safeguarding assets
The decision to terminate or curtail the plan
Absence of oversight and monitoring of plan operations and service providers
Absence of communication about plan events between the preparer of the financial statements
Changes in key personnel
Plan transfers (plan mergers, spin-offs, or other transfers)
Risk of material misstatement at the assertion level
The various risks related to assertion level include the following:
Completeness
The financial transaction has been incurred and recorded up to date of reporting
Cut-off
Business transactions have been differentiated as per the accrual system and recorded in the proper accounting period.
Accuracy
Events are recorded accurately for the amount
Occurrence
The expenses, assets and liabilities have been actually incurred and related to the business.
Classification
The assets, liabilities, expenses, and income have been properly classified into their various sub-divisions. Assets need to be divided into current and non-current assets.
Existence
On the date of balance sheet, all the assets and obligations of the company have been reported.
Valuation
The balances of the assets and liabilities accounts correctly reflect the actual economic value.
Rights and obligation
The company owes sum of money on the date of reporting of balance sheet.
Presentation and disclosure
The applicable accounting standards are being followed to disclose all the transactions.
Let’s take a short example of how risks can be materially misstated in the case of accounts receivable. The risk for accounts receivable would be internal control risk and inherent risk. The risk of being susceptible to misstatement due to the nature of the debt is the inherent risk of the accounts receivable.
Control risk occurs when the internal control system of the client fails to prevent or detect material misstatement in the accounts receivable. Some of the risks associated are unauthorized transactions, wrong recording, and non-compliance with accounting standards on assets and accounts receivables.
An unauthorized transaction is a case where someone other than a person authorized and responsible for accounts receivable deals with the related matters either within the entity or with the outsiders. Such risks generally create the risk of fraud which is itself material misstatement. The audit client shall correctly record debtors as per applicable accounting standards. The proper classification of debtors shall be done. Further, the breach of Sales terms and conditions may lead to material misstatements.
There are two major risks of material misstatement associated with accounts receivables. The first would be the non-existence of accounts receivables. For instance, fictitious invoices are generated to increase sales, and receivables are recorded in the current year when they are actually made after the year-end. Another risk would be that accounts receivables do not reflect true economic value. This generally happens during the creation of allowance for doubtful accounts based on probabilities and aging analysis.
Internal control refers to all of the policies and procedures management uses to achieve the objectives of the organization. Internal controls ensure to provide timely, accurate, and complete information with respect to books of accounting in order to report business operations to users of financial statements. It also helps to ensure that the company complies with all the relevant company guidelines, relevant laws, regulations, and practices. It provides the framework on how the internal activities need to be done to strengthen the control of the organization.
Deviation from internal control
Deviation from internal control occurs when the company differs from the path it designed at the beginning of the accounting period. The client also takes transactions that may be outside the regular nature of operations. Such one-off transactions should be carefully audited especially if a large amount of money is involved. These transactions do not pre-defined guidelines on who to authorize and who shall be responsible. The board minutes should be looked up to know if any sanction for such transaction is made and procedures if any has been devised. This will require separate planning and audit performance.
Internal control helps to minimize risk and achieve the goals of the entity. It segregates the tasks into various responsibilities and affixes these tasks with authorization procedures. Hence, the designing of internal control would need special attention. The deviation from internal control includes the following:
business transaction that occurred that was not expected to occur
business transaction that was expected to happen did not happen
a control exists but did not operated effectively. It means internal control has not prevented or detected or made the necessary correction
absence of internal controls
Let’s take an elaborate example of deviation from internal control:
Sinra Inc supplies raw materials within the borders of the country. It has not dealt with any transaction beyond borders and does not plan to do so. With the increase in scale and popularity of quality of raw materials of Sinra Inc, a foreign company Kuman Inc held talks with officials of Sinra Inc.
In this scenario, the management of Sinra Inc does not have an established plan or internal control guidelines on how to proceed with transactions. So, they have to prepare new guidelines, report it under board minutes, authorize the personnel to handle the deal, and proceed.
The auditor would also need to look upon this carefully as new transactions previously out of the scope of client business have occurred. The auditor would need to prepare new planning and determine the extent of nature and timing of the transaction. Further details on auditing aspects are shown below.
Impact of deviations to the auditor
In the initial auditing stage, the auditor would require to understand the complications of the business operations of the client. They need to validate the process, understand it, and devise how internal control shall work and the way management has done and found out deficiencies that may happen. The auditor would test the controls to obtain sufficient and appropriate audit evidence to minimize substantive audit procedures as much as possible.
The auditor needs to assess the impact of such transactions on business and the amount of money involved. As the internal control may not be effective, the probability of misstatement impacting financial statements goes high. Auditors need to gather evidence to support his opinion on financial statements. The auditor would also need to test further the likelihood of similar transactions in the future so that when it happens, internal controls are in place and working effectively.
Talking about the above example, the auditor has to scrutinize any instances the company has faced in the past and what actions were taken. The auditor shall also determine the internal controls to be devised based on its professional experience and judgment. The auditor shall start checking major components of the transaction as authorization, recording, safeguards, and verification. The auditor shall study the board minutes to know who is responsible for the business transactions and the supporting documents aiding it.
They also need to know what authority is recording in the books of account and how they are being ratified later on. In case of assets deal related to physical nature, the auditor shall check if the proper safeguards have been employed by the management. The auditor may also need to physically verify the asset in case it is tangible in nature. If any issues exist, the auditor may raise this matter in a management letter to show the internal control weakness and provide proper recommendations.
There is no specific definition of materiality under U.S. Generally Accepted Accounting Principles (GAAP). However, the gist as per the Conceptual Framework for Financial Reporting under International Financial Reporting Standards states that information is to be considered material if it influences decisions of stakeholders who are depending on the financial information of the reporting entity. Materiality varies on nature or magnitude, or both, of which information relates to.
The materiality in the context of audit shall include:
Misstatements that can influence the decision of users of balance sheet
Professional judgement based on the nature and size of misstatement.
Determining the benchmark for materiality
The benchmark for materiality shall be based primarily on professional judgment. Some auditing bodies have prescribed recommendations for setting up benchmarks related to materiality. Then the general benchmark is basically an amount exceeding 5% of profit before tax from continuing operations for profit-oriented manufacturing business and 1% of total income or expenses in case of a not-for-profit entity. It does stress that higher or lower.
Auditors tend to use various ranges based on their personal experience. However, these ranges are more or less the same in the industry. Auditors base their decisions on the basis of the economic value of transactions.
Specific levels of materiality for individual balances, classes of transactions, or disclosures
Under select cases, balance, class of transaction, or disclosure in the financial statements would warrant a lower level of materiality is based on the amount, the users can be persuaded to make a different decision, one that may not be rational or without complete knowledge. The following factors need to be considered in order to assess materiality in the audit:
If all the relevant laws affect the expectations of users
Disclosure requirement in certain industries like research and development in pharmaceutical industries
Disclosure requirements in case of business combinations
Example:
The total value of investments in Equity scheme offered by the government is $ 100m and the total contributions receivable from active members is only $ 50,000.
In this case, applying any kind of percentage won’t be useful for such an investment company. Auditors shall determine materiality by setting a lower amount for such member contributions and similar debtors and creditors.
Determining performance materiality
“Performance materiality as the amount set by auditors at below overall materiality to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements exceeds overall materiality.” – Standards on Auditing 320
It serves two basis purposes as to reduce aggregation risk and providing some security against risk of internal control not detecting irregularities. The audit techniques require performance materiality to be as a percentage of overall materiality. The higher would be the level of assessed risk and lower the percentage. Performance materiality is used by auditors in two ways.
It can be used in the early auditing schedule to identify areas of special focus and how much time needs to be allocated thereon. The other would be to use it midway through the audit where necessary based on the judgment of the auditor. This would include sampling and how many items to include in the sampling. If lower materiality is set for some accounts and balances, auditors would also need to lower performance materiality in such cases.
Assessing materiality of misstatements
The auditor shall assess every misstatement and their impact on relevant classes of transactions, accounts balances or disclosures. This shall also include if materiality level that has been set has been included by such transaction.
The auditors need to assess if misstatements are material according to their size and nature. Auditors need to consider qualitative assessment, balance sheet classifications, disclosure of misstatements, and impact on prior period financial statements while assessing the materiality of misstatements.
Reassessing materiality during the audit
Auditors need to be proactive as well as reactive. They need to set the benchmarks at the beginning and when circumstances arise where it would be necessary to change the benchmark, they need to be reactive as well. Auditors should revise overall materiality during audit if they are aware during the audit procedures that is being carried on.
This may happen when they realize they have set a different benchmark with respect to the amount. This happens if the materiality is determined prior to year-end information. If the auditors realize that lower materiality is set than required in the present scenario, they have to reassess the materiality. Auditors would then revise performance materiality considering the impact on nature, time, and extent of audit procedures.
The company operates in a business environment and strives to obtain higher and higher profits each year. The net profit is obtained by deducting the expenses from the revenues. These net profits are appropriated to reserves and surplus.
Such profits when transferred to reserves and surplus after paying off the dividend to equity and preference shareholders. Retained earnings are shown under reserves and surplus under the equity side of the balance sheet. It is also reported in the statement of changes in equity of the entity at the end of the reporting period.
Meaning of dividends
Dividend depicts the payment of earnings as a distribution of its earnings. Preference shareholders have coupons attached to them and they are paid dividends firstly before equity shareholders.
Common shareholders are paid the dividend and then all the earnings after equity dividends are transferred to retained earnings.
The relation between dividends and retained earnings
Dividends and retained earnings are closely related to each other through net profit as :
Particulars
Amount ($)
Net Profit
XXX
Less: Dividend
XX
Earnings transferred to retained earnings
XXX
The earnings that are retained are transferred to Retained Earnings. The proportion dividend paid to net profit is called dividend payout ration. The proportion of earnings retained to net profit is the retention ratio.
Both dividend and retained earnings form part of the same coin. Hence, these items should be audited in tandem and not separately.
Audit assertions for retained earnings and dividends
The audit workings regarding the retained earnings and dividends would be about the review and analysis of the statement of changes in retained earnings.
These come from two transactions as when net income is transferred from profit and loss statement to the retained earnings after payment of dividend if any. Hence, dividends should be audited as part of the bigger picture that would be auditing the retained earnings. The audit assertions would be completeness, existence and presentation, and disclosure.
Assertion
Description
Completeness
The transactions that are related to retained earnings such as dividends paid to equity shareholders or preference shareholders and all other prior year adjustment items should be recorded.
Existence
The dividends that arise out of deduction of retained earnings shall be approved and declared in the board meetings.
Presentation and disclosure
The appropriate disclosures should be made with respect to restrictions on retained earnings, dividend preference, dividend rate, dividends in arrears in the notes to financial statements.
Risks for retained earnings and dividends
The inherent risk and control risk occur in presentation and disclosure which forms the risk of material misstatement. The risk of being susceptible to misstatement due to the nature of the dividend payout is the inherent risk related to dividends.
Control risk occurs when the internal control system of the client fails to prevent or detect material misstatement in the statement of changes in retained earnings.
To name some risks, unauthorized transactions without approval by board meetings, wrong recording of retained earnings, and non-confirmation with accounting standards and company regulations in case of buybacks and other corporate announcements are some material misstatements.
Unauthorized transaction rarely happens in case of retained earnings. Since retained earnings are reserve which can be manipulated carefully in order to carry out corporate announcements such as dividends and buybacks and rights issue, the auditor needs to carefully check if all the items related to retained earnings are properly approved in board minutes.
Audit procedures for retained earnings and dividends
The audit procedures with respect to audit assertions are explained briefly below:
Assertions
Audit Procedures
Completeness
Taking note of each of the board minutes of the client. Inspecting the supporting documents for declaration of dividend Tracing the dividend declaration to the general ledger. Tracing back all the prior period items with supporting documents with respect to retained earnings. Verifying that dividends are recorded in the current accounting period
Existence
Verifying all the dividend transactions declared and paid through bank accounts that occur in the accounting period. Vouch for all those dividend transactions to board minutes for the evidence of approval and declaration. Verifying that dividends are recorded in the current accounting period
Presentation and disclosure
Ensuring that retained earnings are disclosed under the headings reserves and surplus under liabilities side of the balance sheet. The disclosures with respect to various restrictions placed on retained earnings by the client’s bank, bondholders, or creditors shall be made in the notes as an integral part of the financial statements. Examine the restrictions placed and the nature of the restrictions on retained earnings. The disclosures with respect to dividend rate, preference dividend, and arrears of dividend shall also be made in the financial statements.
