Please enable JavaScript.
Coggle requires JavaScript to display documents.
Session 1 - Audit profession - Coggle Diagram
Session 1 - Audit profession
Origins of the audit
Latin: “AUDIRE” (Listen; Check; Advise)
Roman: term designating a control of the management of the provinces at the request of the emperor
Late 19th century: 1st financial audit firm created by the Anglo-Saxons (private at first; Industrial Revolution; Stock Market)
Different types of audit
Due diligence
CSR Audit
Internal Audit
Social Audit
Financial audit
Fraud Audit
Acquisition Audit
Statutory auditor
Different auditing goals
Compliance Audit
- Provide assurance on the proper functioning of a system (regulatory & legal compliance)
=> ensures that an organization is following external laws, rules, & regulations or internal guidelines
Often conducted by int. or ex. auditors
Ex: A company that is subject to the Health Insurance Portability and Accountability Act (HIPAA) may conduct a compliance audit to ensure that it is protecting the privacy of its patients' health information.
Operational Audit
- Improve the functioning of a system and the performance of the company, & determine whether internal controls are in place and operating effectively to mitigate risks and ensure that organizational goals and objectives are met
Often conducted by int. or ext. auditors
Ex: A company may conduct an operational audit of its manufacturing process to identify any areas where the process can be made more efficient.
Financial Audit
- Provide assurance on the financial information by analyzing a company's financial records and determining if they are accurate and have no mistakes
Often conducted by ext. auditors
Ex: A company that is required to file its financial statements with the Securities and Exchange Commission (SEC) must have its financial statements audited by an external auditor.
Encompasses all types of audits that examine the financial records & operations of a company
(includes statutory audits, but it also includes contractual audits, operational audits, and fraud audits)
Expectations
Objectivity
(impartial attitude that allows auditors to accomplish their mission without any compromise)
Reliability
(results of the audit are error-free and consistent with reality)
Relevance
(audit results & recommendations made are meaningful to the users of the audit results)
Auditors in the
Governance of a Limited
Company (Société Anonyme)
Governance
= how power is organized in a company
Organization
Statutory auditors + Internal audit reports to Audit committee
General meeting
Elects statutory auditors
Vote meeting for all shareholders
Main body of the company
Decisions taken in
Annual General Meeting
Approval or rejection of the annual financial statement
Allocation of the company’s annual net income/loss
Appointment and dismissal of the Board of Directors
Appointment of the Statutory Auditors
Approval of any modification of the statutes
Agenda & resolutions proposed by the
Board of Directors
Board of directors
= at least 3 members (max nbr set by the statutes)
Appointed by the
Annual General Meeting
for a max of 6 years
(re-eligible)
Revocable ad hoc by an EGM (Extraordinary General Meeting)
Monitors the Executive Management's actions & is kept informed of
significant events
(sales, investments, financing)
Appoints the members of the
Executive Management
Ensures the quality of the info provided to
Shareholders
(including the company's annual accounts)
Prepares a report on corporate governance for shareholders
Audit committee
Composed of Board members
Appointed by the Board
Independent from Management
Reports to board of directors
Validates the internal audit program and receives internal audit reports
Validates the work of the Statutory Auditors and Internal Auditors
Executive Management
Assumed under the responsibility:
Chairman of the Board of Directors
(CEO) OR by another person appointed by the Board of Directors
(and who takes the title of
Chief Executive Officer
)
Role
Represents the Company in its relationships with third parties
Executes the deliberations of the Board of Directors or the General Assembly
Responsible for the preparation of the annual report for shareholders
Daily management of the company
Statutory audit
Statutory audit
Financial statement = report that summarizes the financial performance and position of an organiation at a certain period of time
Reduce information asymmetry between insiders & outsiders of an organization
Mandatory audit required by the local law for certain types of entities, such as publicly traded companies and large corporations
Focuses on the accuracy & fairness of financial statements
Mandatory in France when:
PIC
companies (Public Interest Company)
• Company listed on a European market (stocks or bonds)
• Bank or Insurance, Mutual
For
non PIC
companies =>
• Balance sheet total > 4 mios EUR
• Total turnover excl. tax > 8 mios EUR
• Average number of employees > 50
Explicitely required in the
Articles of Incorporation
Large non profit organisation or
NPO receiving subsidies or
donations > 153KEUR
Statutory auditors appointment in France
appointed by the
General Meeting
on the proposal of the
Board of Directors
or by the
Commercial Court
(if fight between shareholders)
appoitement for 6 years
Fees regulated by the Commercial Code (depending on the size of the balance sheet & the turnover of the audited company)
CAC
Audit commiittee) = Strengthen the degree of confidence of outsiders in the quality of the financial info communicated by the Management and the Board of Directors
Financial auditor
-> Key responsibility = to assure that there is no misstatement in financial statements
Contractual auditor
non-mandatory audit requested by the company’s governing bodies
non-mandatory but optional audit that is agreed upon between a company and an auditor & conducted to meet specific needs or requirements of the company or its stakeholders
(internal controls; comply with regulatory requirements...)
Insiders of a company
Have access to information about the company's operations, financial performance, and future prospects
Information is often not publicly available = an advantage over outsiders in making investment decisions
Outsiders of a company
Rely on publicly available info to assess the company's financial health & performance, and form their opinions about the company based on news reports, analyst recommendations, and word-of-mouth
Internal audit
Potential risks a company can face
4 categories (+1)
Strategy risk
A company's business strategy is not aligned with its financial goals or that it is not able to effectively execute its strategy (problems can be poor financial performance, decreased shareholder value etc.)
Operations risk
Risk of losses, increased costs, decreased productivity, and reputational damage because of failed internal processes including errors or fraud
Reporting risk
Financial statements are not accurate or complete, or that they do not comply with applicable accounting standards
(can lead to regulatory penalties, investor lawsuits, & a loss of investor confidence)
Compliance risk
A company's not in compliance with applicable laws & regulations
(can lead to regulatory penalties, fines, and even criminal charges)
Financial risk
Company's financial statements are not presented fairly in accordance with
Generally accepted accounting principles
(GAAP) or
International Financial Reporting Standards
(IFRS)
Risk Management Systems conceptualization
The
3 lines model by IIA
(see table) => framework for effective governance, risk management, and internal control
(Internal audit; Management; Governing body)
First line
(Management) = Products/services delivery to clients of the organization
Second line
(Compliance; Internal control; Management control; IT security) = help first line in managing risks by providing supplementary expertise, support, monitoring
Third line
(Internal audit) = Strengthen company risk management & Improve the functioning and efficiency of the organization
Joint audit assignments with 3rd parties. Ex: CAC or Regulator
Optional except in certain sectors (e.g. Bank, Insurance)
Planned over 3 to 5 years
Linked to major risks, but also to the strategic orientations of the
company
Annual presentation of assignments to be carried out by the Internal Audit Department to General Management and/or the Audit Committee for validation
Each mission is framed by a mission letter which defines its scope, schedule and objectives
Types of missions
o The “classic” missions
Compliance audits (laws/regulations, Group processes, etc.)
Operational audits
o Specialized missions
Information system
Fraud investigation (Sapin 2 Law)
Respect for the privacy of individuals (GDPR regulations)
Coso Cube 2
Diagram that shows the relationship among all parts of an internal control system & used to establish internal controls to be integrated into business processes
Compliance or Operational audit
Interactions between the Statutory
Auditors & Internal Audit
Statutory auditors
have the possibility of using the work of
internal audit
in their audits.
For this, the statutory auditor has 2 obligations:
•
Evaluate the organisation
, the skills of the auditors and the objectivity of the
work of the internal audit
•
Evaluate the scope of the work carried out
, their documentation and the consistency of the reports
Example of
"delegation"
in the context of a financial audit:
•
Internal control tests
related to the accounting process
•
Circularization of banks, customers and suppliers
Framework of an audit
Auditor
Other missions
Distribution of
Interim dividend
= dividend payment made to shareholders by a company before the end of its financial year
= Distributing a portion of its profits to shareholders on a provisional basis, rather than waiting until the end of the year
Verification of contributions in kind made by shareholders
Contribution in kind
= non-monetary donation or contribution offered to an organization (involves the transfer of goods, services, or property but not cash)
Who usually exercises the profession of auditor in France?
Big Four Audit Firms (Deloitte, EY (Ernst & Young), KPMG, and PricewaterhouseCoopers (PwC)); Public Sector Auditors)
All auditors must be licensed by the French Autorité des Normes Comptables (ANC):
How to ensure that the results of an audit are reliable, relevant & objective ?
Communicate effectively with stakeholders; Update audit procedures regularly etc.
Assists the external auditor in conducting the annual audit
a person authorized to review and verify the accuracy of financial records and ensure that companies comply with tax laws
Provides assurance services to help organizations achieve their business objectives, are responsible for examining/evaluating the financial statements of a company to ensure that they are presented fairly and in accordance with generally accepted accounting principles (GAAP). Also asses internal control
Controls the audited process
Issues an audit opinion: audit opinion provides investors/stakeholders with assurance about the reliability of the financial statements
Stakeholders
= int/ext indiv./groups who have an interest in the outcome of a company’s audit
(int: CEO; employee; board of directors – ext: Investors; Creditors; Regulators; General public)
Provide feedback to auditors on the quality of their work
Audit
= examination of an organization's financial statements, records, and operations to ensure that they are accurate, complete, and compliant with applicable laws and regulations