Quality of financial reports

Our findings do not necessarily mean that there is a material misstatement in the overall financial report. Rather, in our view, the auditor did not have a sufficient basis to form an opinion on the financial report.

Surveillance findings

Our findings are based on the objective of an audit, as set out in the auditing standards – which is to obtain reasonable assurance that the financial report as a whole is free of material misstatement.

The key audit areas that we review in our surveillances are generally broadly consistent from period to period, as are the key audit areas where findings are reported.

Subjectivity

The findings from our audit surveillances concern an auditor’s compliance with the principles-based auditing standards.

Audits necessarily involve the application of professional judgement, and there are some instances where different individuals will reach different judgements on whether the audit work performed was sufficient. The negative findings outlined in our public audit surveillance reports do not include instances where we consider that individuals could reasonably reach different judgements.

There are cases where auditors disagree with our findings from reviews of individual audit files. In most of these cases, the auditor asserts that the necessary work was performed but not documented, rather than disagreeing with our findings about work that should have been performed or the judgements that should have been reached.

We are open to the possibility that we do not have all the facts, that there may be differing views on the requirements of auditing standards, or differing judgements. We have extensive due process with the firms and within ASIC to address any such concerns and ensure that findings do not include matters where, for example, reasonable professionals could differ in their views.

Ultimately, the value from surveillances is for ASIC to express an informed and independent view on findings from reviews of audit files.

Disagreement by auditors with our findings can be influenced by matters such as possible impacts on remuneration and reputation, and potential liability. These factors lead to similar levels of disagreement by auditors with findings in their firm’s own quality reviews of audit files.

We may have discussions with the largest six firms – collectively and individually – about audit methodology questions and interpretations of both accounting and auditing standards. Where the standards are unclear, we refer these matters to the relevant international standard setter. We also inform the Auditing and Assurance Standards Board of areas where domestic guidance may be appropriate.

Documentation versus audit evidence

If audit work is not documented, our presumption is that the work has not been performed (in the absence of evidence to the contrary). This is the same approach applied by other audit regulators and by most firms in their internal quality review programs.

We apply professional scepticism to assertions that work has been performed but not documented by the auditor. Significant testing, analysis and challenging of estimates and accounting policy choices are generally not possible without some documentation.

Auditing standards require sufficient documentation so that another professional can understand the work performed and the basis for the conclusions reached.

Remediation

Where we identify that a firm did not, in our view, obtain reasonable assurance that the overall financial report was free of material misstatement, we expect the firm to perform additional audit work for the financial period that was the subject of the audit. We also ask firms to identify remedial actions from root cause analysis for thematic findings across audit files.

Auditors have an obligation to complete their audits to support their opinions on financial reports and to undertake the audit work that has not been performed.

This ensures that the audit report is supportable and that the market can be properly informed if any material misstatements are detected.

In a number of cases where we identify inadequate audit work, the relevant firm may perform additional audit work and not identify material misstatements in the financial report concerned.

Level of assurance

An audit is not intended to provide absolute assurance that there are no material misstatements in the overall financial report. That is, reasonable assurance implies a confidence level of less than 100% that a financial report is free of material misstatement. Our findings relate to instances where we consider that the auditor has not obtained reasonable assurance that the financial report as a whole is free of material misstatements.

Risk-based approach

Our reviews of audit files do not cover all areas of an audit engagement or all subsidiaries and divisions in a group. Generally, one to three key audit areas are identified for review and, for groups, only one major operating component is covered.

We select audit engagements and key audit areas for review in our audit surveillances using a risk-based approach. This means that we generally select some of the more complex, demanding and challenging audits, and some more significant or higher risk areas of the financial reports.

Some have suggested that this approach could result in the findings reported being greater than would be the case with random reviews. On the other hand, more experienced partners and staff are usually allocated to such audits, and there are generally more extensive firm reviews and consultation processes for these audits and the key audit areas.

Focus of surveillances

Our surveillances focus on key audit evidence and judgements.

Our file reviews concentrate on the substance of work and whether sufficient appropriate audit evidence was obtained to support the auditor’s conclusions.

Adjustments

There will be instances where auditors detect material misstatements during the audit process and ensure these are corrected before a financial report is completed and released.

A key aspect of the auditor’s role in conducting an adequate audit is to ensure that material misstatements are detected and addressed.

Due to the nature of the audit process, it can be difficult to distinguish between adjustments resulting from a company’s own processes and those resulting from the audit process.

Key audit areas

A key audit area is an area of an audit selected for review by ASIC on a risk basis. It is generally a section of the audit work (or closely related sections of the audit work) that would require significant audit effort and that is distinct from other audit areas.

Key audit areas often correspond to a section of the audit file. They typically involve separate risks, business characteristics, systems and processes, and distinct audit procedures.

Although we do not review every working paper on an audit file, evidence or explanations of the audit approach on other parts of the audit file are taken into account in reaching our findings. This is covered through our reviews of audit planning documents and discussion of findings with engagement partners and firms.

What is measured?

Negative findings are cases where in our view the auditor did not obtain reasonable assurance that the financial report as a whole was free of material misstatement.

Negative findings do not include findings on audit planning, understanding the business, risk assessment, reliance on internal controls, non-substantive analytical procedures, supervision and review, auditor independence, firm quality control systems, training of partners and staff, related party transactions, journal entry testing, reviews of legal expenses and legal representation letters, and subsequent event reviews. In our view, findings in these areas could have resulted in material misstatements in financial reports not being detected by the auditor. However, these can be important areas for improvement by firms.

Where we consider that a risk of misstatement would not be material to the overall financial report, or where the risk that it is material to the overall financial report is remote, the finding is not classified as a negative finding.

Number of procedures and findings

There may be a number of audit procedures in a key audit area. Negative findings are reported where there was only one instance of the auditor not performing an audit procedure in any given key audit area, if that meant the auditor did not obtain reasonable assurance that the financial report as a whole was free of material misstatement.

Where there are multiple separate negative findings in a key audit area, that is reported as one key audit area with negative findings.

Other national and network firms

The level of reported negative findings for firms outside the largest six firms may change between public reports – we inspect different firms in each period.

We may review audit files at each of the largest six firms in each 12-month period to 30 June.

Enforcement action

We may consider whether to take enforcement action in connection with a negative audit surveillance finding. 

ASIC process to settle findings

Our audit surveillances focus on key audit evidence and judgements.

Our file reviews concentrate on the substance of audit work conducted and whether sufficient appropriate audit evidence was obtained to support the auditor’s conclusions.

All findings from surveillances of individual audit firms are discussed with the firm to ensure we have fully understood all relevant facts and have taken into account all relevant audit work.

Our audit surveillances are subject to quality review by a second experienced reviewer who also attends key meetings with the relevant firm to discuss any findings.

An ASIC Senior Manager also oversees each surveillance. Where the Senior Manager overseeing a surveillance is not also the quality reviewer, that Senior Manager provides a further level of review of the findings. There is consultation with relevant experts within ASIC.

Findings are discussed with the audit partner and generally with the firm’s audit quality team.

Our draft comment forms on individual file reviews and drafts of our 12-monthly reports to surveilled audit firms enable those firms to challenge our preliminary findings and to undertake remedial action addressing those findings. In some cases, firms may escalate concerns with findings for review by ASIC’s Chief Accountant.

ASIC review processes and the form of communication with an auditor may differ where ASIC is considering enforcement action.

External panel

We consult with an external panel on the method of measuring and reporting aggregate findings from our surveillances.

The panel also discusses the conclusions reached on a small number of our more challenging surveillance findings where significant judgement is required. The identities of the audit firms and audited entities are not provided to the panel. It is not the panel’s role to review audit working papers or engage with the auditor. The panel is provided with the auditor’s written response to our findings. ASIC makes the decisions on individual findings, and audit firms are not made aware of which matters were discussed by the panel.

Consistency with foreign audit regulators

The findings reported from our audit surveillances are consistent with those reported by foreign audit regulators. We have:

• discussed our methodology for classifying findings with other regulators and the approach to particular types of findings
• conducted joint surveillances with international regulators.