Week 1: lecture 1: demand for independent auditing
Assurance definition:
AICPA: independent professional services that improve the quality of information for users
IFAC: an engagement in which a practitioner aims to obtain sufficient, appropriate evidence
in order to express a conclusion designed to enhance the degree of confidence of the
intended users other than the responsible party about the subject matter information.
ISAs: international standards on auditing
ISREs: international standards on reviews
ISAEs: international standards on assurance engagements e.g. internal control of
sustainability
ISRSs: international standards on related services
Audit: opinion by an independent auditor on whether financial statements are in all
material aspects present fairly in accordance with GAAP (generally accepted audit
principles) e.g. IFRS, USGAAP, DAS (Dutch audit standards) Historically, the guidance
on how to carry out an audit was called GAAS (Generally Accepted Auditing Standards)
- Why: improve information quality
- What: obtain sufficient and appropriate evidence
- How: independent auditors using ethical and professional standards (e.g. ISA)
Objectives ISAs:
- Reasonable assurance that financial statements as a whole are free from material
misstatements.
- Use of materiality
, - Exercise professional judgment
- Requires: Independence, Professional skepticism, Professional judgment,
Compliance with all ISAs
Types of audits:
1. GAAS audit: auditing standards to audit financial statements
2. Integrated audit: on top of GAAS audit you also have to write a report about
effectiveness of internal controls over financial
reporting e.g. audit on documents e.g. firms
listed on NYSE after the Sarbanes-Oxly act
External users: e.g. shareholders get reports from the other
parties (financial statements and the audit report)
Accountable party: e.g. management
Auditor: e.g. EY or KPMG
Exogenous audit demand: If the demand for audit and assurance is imposed as a result of
outside intervention e.g. government intervention or a statutory audit
- Government legislation requires that assertions be subjected to assurance
engagements
- Audits: mainly about protecting the investment of shareholder in a firm
stewardship function
- required by regulator over management’s financial statement assertions
- Attestation: give extra info about you financials using quantitative objective data to
support it
- e.g. government intervention, a statutory audit, government grant with condition or
environmental agency that requires pollution report
Endogenous audit demand: If the demand for audit and assurance arises within the
economy itself, without outside intervention stock-market demand
- Audits: mainly about valuation and predicting future cashflows
- Focus on profitability
- Agency theory: conflict of interests between two parties due to differences in
incentives and reflects information asymmetry between two parties to a
transaction effects of incentives:
- Adverse selection: principal has a great difficulty in distinguishing between
good and bad alternatives not the same information as agent
- Moral hazard: agents’ actions not observed, but are incentivized principal
has difficulties in determining whether the agent worked hard enough
- Independent audit: high quality report that ensures truth about agent’s true
work (endogenous)
The firm is a nexus of contracts: Different contractual arrangements provide different
incentives for opportunistic behavior enforcement of contracts through bonding or
monitoring
,Agency costs = bonding cost + monitoring cost + residual loss
Agency cost: principal engages the agent to perform service on their behalf that involves
delegating some decision making authority
Bonding cost: cost for agent to align interest between principal and agent (out-of-pocket)
Monitoring cost: cost for principal to align agents interest to own interest and monitor the
actions of of the agent (out-of-pocket cost)
Residual loss: losses despite bonding and monitoring arrangements (opportunity costs)
1200s: merchant guilds independence through fine and reputation, unregulated
1500s: regulated companies independence through fine and reputation, unregulated
1600s: joint stock companies independence through fine and reputation, unregulated
Audit existed endogenous in the early development of organizations, but institutionalized to
exogenous because of the first English companies act in 1850 monitoring is crucial and
ensures the long-term survival of firms right now: independent, regulated,
fines/reputation
Rise of audit firms:
- Because of the industrial revolution and the exogenous legislation for audits
- Increase in demand for these independent audits because of fast growing economy
and internationalization cost efficient response of audit firms (e.g. 1890 NIVA:
nederlands instituut voor accountants)
Independence of the ISAs
- Independence of mind: the state of mind that permits the provision of an opinion
without being affected by influences that compromise professional judgment,
allowing an individual to act with integrity, and exercise objectivity and professional
skepticism.
- Independence in appearance: the avoidance of facts and circumstances that are so
significant that a reasonable and informed third party, having knowledge of all
relevant information would reasonably conclude a firm’s integrity, objectivity or
professional skepticism had been compromised.
- Conclusion: The significance of independence in the work of the independent
auditor is so well established that little justification is needed to establish this
concept as one of the key cornerstones of audit theory paper: independent
baseball card graders don’t have a larger market share, while market is dominated
by the graders that cross-sell (e.g. audit + consulting)
Week 1: lecture 1: audit risk
Business Risk: a threat to an organization that reduces the likelihood that the organization
will achieve on or more of its objectives e.g. covid-19 lowers traveling and revenue loss
response to risk:
, 1. Risk assessment: identify measure prioritize
2. Risk management: control it, share/transfer it or diversify/avoid it
3. Risk monitoring: on process level, activity level or entity level
Management perspective:
- Risk assessment: Identify and evaluate risks with negative impact on organization
- Risk management: avoid, accept, insure or reduce risks.
- Risk monitoring: design information systems, review of performance information,
and the response of management to performance data
Auditor perspective:
- Risk assessment: completeness and accuracy of risk assessment by management
- Risk management: assess whether management responses are effective
- Risk monitoring: assess the reliability of information processing and reporting,
assess management’s control of risk, and judge whether the management has the
ability and willingness to react to changes
Audit risk: the auditor expresses an inappropriate audit opinion when financial statements
are materially misstated
- Type I error: the auditor states that there are errors while in reality there is no error
- Type II error: the auditor states that there is no error while in reality there are errors
- Auditor accepts 4-5% of their audits to have type II errors
Audit risk model: AR = f(RMM, DR)
- Risk of material misstatement: Risk that financial statements are misstated prior to
the audit e.g. business risks, internal control limitations, judgement risks or
manipulation risks
- Detection Risk: risk that auditor won’t detect a material misstatement e.g. auditor
sample, selection of ineffective audit procedures, wrongly applied procedures or
results evaluated incorrectly Wirecard case: EY applied the procedure
wrong because they didn’t receive the bank confirmations from the bank
Components of audit risk:
1. Inherent risk: RMM that comprises of all risk in the organization
2. Internal control risk: RMM that the risk is not detected by internal
controls
3. Detection risk: risk that the auditor doesn’t detect the material risk
Houston, Peters and Pratt [1999, TAR]:
,Engagement Risk: loss due to client relationships of auditor
- Litigation: the degree to which users rely on the client’s financial statements, the
more people to sue you when auditing the FS wrongfully privately
- Regulatory penalties: when having to pay the authorities a penalty publicly
- Loss of reputation: Individually and for the firm potentially less business in future
- Lack of profitability: Likelihood that the client will have financial difficulties after the
report has been issued and you don’t get paid
Conclusion paper:
- Audit risk model dominates the business risk model when the likelihood of error is
high no risk premium so errors due to undetected material misstatements
- Business risk model dominates the audit risk model when the likelihood of
irregularity is high risk premium so due to other factors than undetected
misstatements
Difference between irregularity and errors!!
Kin-Yew Low [2004, TAR]:
Auditors with industry experience:
- Execute more modifications of audit procedures
- Execute modifications of audit procedures that results in higher quality
Week 1: lecture 3: Building blocks of auditing fraud risk
Intentional misstatements: An intentional act by one or more individuals among
management, those charged with governance, employees, or third parties, involving the use
of deception to obtain an unjust or illegal advantage irregularity fraud
- Fraudulent reporting: manipulation, falsification, alteration of records or
misapplication of accounting policies
- Misappropriation of assets: theft or cash embezzlement
Unintentional misstatement: errors in the risk assessment errors
Fraud triangle: consists of
Opportunity: e.g. in a company with a lot of cash transactions you can steal more
Attitude: justification for unethical behavior
Incentive: rational people economic incentive of individuals
Auditor response to fraud: passive not a bloodhound, but a watchdog
- ISA 240: The primary responsibility for the prevention and detection of fraud rests
with both those charged with governance of the entity and management
- ISA 315: The auditor should obtain an understanding of the entity and its
environment, including its internal control, sufficient to identify and assess the risks
of material misstatement of the financial statements whether due to fraud or error,
and sufficient to design and perform further audit procedures secondary!
- Overall response: more experienced personnel to engage in the case
, - Assertion level response: change nature, timing and extent of audit work (detection
risk)
- Update RMM: more audit risk because it is recurring every year
The fraud triangle is about the perpetrator that can perform a crime, but is not about the
act itself and the probability that it will occur anti-fraud efforts reduce fraud probability:
G. Becker [1968, JPE]: no mathematical things needed to know, but know relevant aspect to
each variable in the model
Criminals also make a cost-benefit trade off in their rational minds
L = L (D, C, bf, 0)
L = social loss of offences
D = economic damage of crime:
assumes that the harm for
society is bigger than the gain for
offenders
C = cost of apprehension and
conviction: policy/court activity is
even with the function of total
manpower, materials and capital
bf = social cost of punishment
0 = supply of offences: is a
function of the probability of
offences, the disutility when
convicted (e.g. when behind bars) and the expected utility from committing offences
Paper adds C(k) to the equation, which represents private costs (instead of only C = public
costs like the police or the court) represents auditors
Takeaways:
- Entry into illegal activities have a same model of choice as the model that looks at
entering legal activities but, offenders are more risk takers
- !!!Optimal policies to combat illegal behavior are part of an optimal allocation of
resources how many resources allocated to preventing crime from happening?
- Auditors always under pressure
, -
Archetypes of bonds regarding crime (motives):
1. Individualistic: short relation with co-offender ”they rob as well”
2. Collectivistic: short relation with co-offender ”we do what we have to do”
3. Relational: long standing relationship with co-offender “loyalty” e.g. maffia
Week 2: lecture 1: Materiality
Materiality: The magnitude of an omission or misstatement of accounting information that
makes it probable that the judgement of a reasonable person relying on the information
would have been changed or influenced takes a user perspective (just as IFRS)
- Difference with materiality in ISA: in standards relates to the materiality assessment
of management in making the FS, right now it means the assessment that auditor
makes
1. Determine overall materiality: about the economic decisions users get influenced by
and if they would have made other decisions about whole set of FS
2. Determine performance materiality and clearly trivial: low materialitye.g. 80 and 3
3. Allocate materiality to segments:
4. Evaluate segment audit findings
5. Evaluate combined audit finding at financial statement level
Performance materiality: Amount set by the auditor at less than materiality to the financial
statements as a whole to reduce to an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements exceeds materiality for the
financial statements as a whole
Clearly trivial: are clearly inconsequential, whether taken individually or in aggregate and
whether judged by any criteria of size, nature or circumstances small errors not of any
importance
Quantitative: e.g. 5% of profit
Qualitative: nature of misstatements or specific user needs e.g. flip loss and profit (lower
materiality to avoid small profit to become small loss)
Zuber, Elliot and Kinney 1983, JoA
Linking preliminary materiality to audit procedures using a method is important:
- Look at preliminary size, nature of operations and transactions NOT look at
information that is obtained during the audit period
- Influence nature, timing and extent of audit procedures holding other planning
considerations constant lower preliminary materiality increases audit scope
- Practical: allocate materiality to components of financial statements
- Tolerable error: maximum monetary amount that can exist without FS being
materially misstated danger: estimate is greater than the true unknown error
-
- Affected by: cost of procedures and variability in the balance
Glover and Tiljegren, 2008, JOA
,Group audit: multiple locations or components (subsidiaries) with separate audits of
financial information in one set of financial statements
- Reduce risk that the aggregate of the undetected misstatements exceeds group
materiality Overall materiality should exceed the component materiality
- You want to have different materiality levels for different components
- Component materiality is no normal allocation requires judgement
Example:
Component audit risk : 5%
Aggressive: (1-0.95)^5 = 23%
Conservative: (1-0.995)^5 = 2.4%
MACM: multiple applied to
component materiality:
- the higher the number of components, the relatively
lower the multiple risk aversion
- With multiple components, the risk that we over
allocate increases, therefore the multiple can be
reduced
- Example: multiple of 2,5 with 5 group materiality so
you have 12,5$ to allocate each component 2,5$
Proportional allocation: 60/200 * 2.5 = 0.75m
Weighted allocation:
- Group materiality > component materiality
- Aggregate component materiality for the largest components is generally kept within
the benchmark multiple for that number of components
Vance 2011 Jar
Materiality is broadly defined as an amount that would make a user change his or her mind
about the company. Since this is subjective, it is no surprise that individual materiality
,decisions are widely dispersed different users have different beliefs about what is
material
Week 2: Lecture 2: audit evidence
Risk: auditor can never be 100% certain that assertions are entirely free of misstatements
Materiality: the significance of financial statement information to decision makers
Evidence: information that gives the auditor an indication
whether an assertion is true (or not)
Given audit risk (5%), given RMM and given materiality, the
auditor designs an audit response to lower factors
The audit program details which evidence is needed and
what audit procedures need to be carried out gathered evidence will reduce audit risk
and support audit opinion
Evidence should be sufficient (quantity) and competent (quality) inverse relationship
- Quantity: greater risk of material misstatement requires higher quantity of audit
evidence higher quality results in lower quantity
- Quality: captures reliability and depends on the circumstances under which evidence
is gathered: - independent source more reliable
- auditor direct observation is more reliable
- evidence from client with strong internal controls more reliable
- degree of relevance
- degree of objectivity/ambiguity
Salterio and Koonce AOS 1997
Standard lag development: current standards do not
cover all new transactions and contracts, so before new
standards are designed, the old ones should be used to
asses’ new transactions and contracts
- The extent to which the collected evidence is persuasive is a matter of professional
judgement
- In situations where there is no clear set of standards, how the persuasiveness affects
the professional judgement is important
- Auditors look for pervasive precedents: look for similarities of new transactions with
old transactions and look at the number of sources
- Paper: similarity number of sources judgement
- If client position in line with precedent, then auditors rely on precedent
results:
- Higher similarities result in higher judgement
- Number of sources is no mediator
- When client position is in line with precedent, the auditors rely on this precedent
Appelbaum and Nehmer, JETA, 2017
See a role for drones in sectors with large assets that are hard to measure
, Information captured: camera’s (e.g. infrared cameras that see how strong concrete is),
GEO-location and RFID trackers (tracks goods)
Minimal change: drone only used for e.g. inventory count
Substantive change:
Week 2: Lecture 3: Ethics and Biases
Two visions on human nature:
1. Unconstrained vision: improve social conditions and remove artificial constraints
2. Constrained vision: need external constraints (law, institutions, traditions) for
individuals to behave well Adam Smith (self-interest) auditor in this group
Ethics: a set of moral values or principles which underlie all decisions and actions taken by
an individual and by which a person judges the acceptability of specific behavior includes:
being honest, keeping you promises and evaluation of the effect of misstatements
- Second most important theme for the IFIAR
- Ethical judgement: auditor judgement becomes ethical in nature when a conflict
between the auditor’s own self-interest and the auditor’s duty to society arises
duty to society: constrain managers to behave according to the law
- Example: Anderson fell after Enron scandal: he invoiced a million dollar a week so he
was very dependent on the firm to keep viable
Institutional forces contribute to ethical dilemmas
- Audit firms contract with client you control them, but they pay you
- Audit firm reward system you are rewarded based on technical knowledge and on
client management
Institutional forces also punish unethical behavior
- Regulatory intervention: e.g. through AFM, SEC or politicians
- Legal liability: you can have to pay damages
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller patrickvb97. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $6.44. You're not tied to anything after your purchase.