What is an Audit in Accounting?
A financial audit is an independent examination of financial information of any entity by a qualified professional to express an opinion and ensure that there are no material misstatements.
[ez-toc]
A financial audit includes an objective examination of the authenticity of a company’s financial records to ensure that its financial position aligns with its financial statements and that there is no material misstatement. Financial audits use three main financial statements to provide a reasonable assurance:
- Income Statements, also known as the profit and loss (P&L) statement or the statement of revenue and expense
- Balance Sheet
- Cash Flow Statement
The term ‘reasonable assurance’ is worth emphasizing because auditors cannot ensure that the numbers are 100% accurate. An auditor’s opinion allows for a certain degree of error, which we call materiality. This acceptable margin of error is not an absolute value. Rather, it varies with the size of the company under audit.
“Material” is an error or omission that would affect the user’s decision and can indicate the possibility of fraud by the company. The auditor should decide the materiality threshold by considering the size of the business and the generally accepted auditing standards (GAAS).
Companies hire firms of practicing accountants to conduct a financial statement audit. While audited financial statements are important for many firms to establish credibility and transparency and attract investors, some companies get financial statement audits for internal controls.
Standards for external audits performed in the United States, called the generally accepted auditing standards (GAAS), are set out by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA).
A separate set of international standards, called the International Standards on Auditing (ISA), were set up by the International Auditing and Assurance Standards Board (IAASB). These international standards are principle-based, and the American standards of auditing fall in line with these, except for their prescriptive, rule-based nature.
Scope of Financial Audit
A financial audit aims to form an opinion regarding the “reasonable, true, and fair” representation of financial information and disclosures relating to and materially relevant to the financial statements.
An external auditor needs to make sure that all the financial and related aspects of the enterprise are covered and that the source data (from which the financial statements are made) contains reliable and accurate data.
The auditor has to ensure that the accounting policies and statutory requirements (GAAP, IFRS, SEC guidelines & mandates) are followed and all the relevant information is disclosed along with the financial statements.
The auditor evaluates and ensures that the internal controls, accounting policies, and guidelines are followed and implemented and documents any deviations from them.
The auditor verifies internal processes and source documents and tests accounting procedures.
Verification of assets, liabilities, authenticity, validation of transactions, verification of titles and asset values, checking arithmetical accuracy, etc.
Audit Opinion
An audit opinion is an honest and professional report on the reasonable assurance of a company’s financial statements, whether they carry misstatements. There are four main types of audit opinions:
- Unqualified opinion: A clean report indicates that the auditors are satisfied with the company’s financial reporting.
- Qualified opinion: The auditor is not confident enough to give a clean audit report.
- Disclaimer of opinion: The auditor provides a disclaimer with an audit report when the company limits its access to sufficient evidence and financial statements.
- Adverse opinion: According to the GAAS protocol, adverse comments on the audit report indicate misstatements and errors.
An Audit is not a Review
An audit provides “reasonable assurance”, while a review provides “limited assurance”. Review is a lower level of assurance as compared to audit.
For obtaining sufficient appropriate evidence, an audit includes extensive procedures, while the review is less cumbersome.
Audit provides “reasonable conclusions” based on the evidence, while review provides “limited conclusions.”
Types of Audits
- Internal Financial Audit
- External Audit
- IRS Tax Audit
- Compliance Audit
- Operational Audit
- Financial Statements Audit
Internal Financial Audit
Internal audits evaluate a company’s internal controls, including its corporate governance and accounting processes. It is a consultation designed to add value and improve an organization’s operations.
Internal auditors are the ones employed by the company to conduct a thorough review of the financial situation, internal controls, and record-keeping of a business. By definition, the auditor should ideally be an independent third party. And that is why an external auditor’s appraisal is more credible than an internal auditor’s approval of the financial statements. But internal audits serve some other very important purposes.
Internal audits use the standards and rules of the employer company instead of the national and international standards to examine the company’s financial statements. Small businesses hire internal auditors to compensate for their lack of resources for having an in-house certified accountant.
A business would hire an internal auditor before an imminent external audit to address any possible inconsistencies. Internal financial auditing can help make the company’s internal controls more efficient and transparent, ensure compliance with the governing rules, and timely financial reporting.
External Audit
The main difference between internal and external audits is independence. When an external audit finds no material misstatements in a company’s financial records, the audit report is called a qualified opinion or a ‘clean report.’ A clean report is the ultimate token of confidence for anyone using the audit opinion for a decision or legal approval because external auditors have no conflict of interest with the company under audit.
Audits conducted by independent third parties are admissible for business loans, legal requirements, and court proceedings. External audits also provide a more unbiased, candid review of a company’s financial situation, discrepancies, and internal controls for internal managerial purposes.
External audits employ a set of standards different from those of the company for the financial examination. These are most important for the authenticity of public companies on exchanges such as the U.S. Securities and Exchange Commission (SEC). The qualified audit opinion allows stakeholders to make better-informed decisions.
IRS Tax Audit
IRS Audits can be conducted for organizations as well as individuals. The objective of the IRS Tax Audit is to ensure that the financial information and disclosures are correct and compliant with tax laws and to verify the tax reported by the taxpayer.
IRS tax audits generally include upto 3 years of tax returns filed by the taxpayer. In case of any substantial error, the number of years can be added, but generally does not go beyond 6 years.
Individuals and organizations can be selected for IRS Tax Audit on the following basis:
- Random Selection and computer screening based on a statistical formula.
- Related Examinations – If the return of the tax-related has transactions that are related to the parties who were also selected for audit.
There is a common misconception that a “tax refund” can be a cause for IRS Tax Audit. This is not so.
On being selected, the taxpayer is informed about the tax audit by mail and not by telephone.
IRS conducts audits in the following ways:
- By mail (electronically)
- In-person interview
- Office Audit (IRS Office)
- Field Audit (Home, place of business, or accountant’s office of the taxpayer)
IRS follows Audit Techniques Guides (ATGs) that provide industry-specific guidance regarding issues and accounting methods. These guides are also helpful for tax professionals and small business owners to prepare their returns.
Possible conclusions of IRS Tax Audit:
- No Change: When all the items that are under review are substantiated.
- Agreed: When the IRS proposes changes and the taxpayer agrees.
- Disagreed: Where the IRS proposed the changes and the taxpayer disagrees with them. Then, the taxpayer can request a conference with an IRS manager or can file an appeal. IRS also offers mediation.
Compliance Audit
A compliance audit is an independent examination and is an outward-facing audit that ensures that the company follows external rules, regulations, corporate bylaws, and codes of conduct. Compliance audits are not just financial; they can also relate to processes like IT Policies, data storage, data authentication procedures, validation mechanisms, safety protocols, etc.
Compliance audits verify professional, ethical, safety, HR Policies, Quality management principles, operating standards, etc., where is some cases, ISO certifications are also allowed. A non-compliance can result in revocation of certificates or imposition of penalties, fines, etc.
Federal Sentencing Guidelines Act contains several penalties and fines where some of the provisions of Sarbanes-Oxley Act (SOX) are not complied with.
Compliance audits also include examining the effectiveness of internal controls. The burden of proof of compliance rests with the board of directors.
Operational Audit
Operational audit refers to examining the efficiency, effectiveness and the manner in which a company conducts its business operations. Generally, the operational audit is done by the company as a preemptive and proactive measure to iron out any lags, irregularities, and inefficiencies.
Operational audits can be investigative as well as compliance-based or can also be a follow-up of previous recommendations received after an audit.
An operational audit can focus on a single department, function, process, etc., or multiple departments to analyze the workflow.
Financial Statements Audit
Generally, auditors are appointed by the shareholders of the company, and legally, they report to the shareholders either directly or via an audit committee and other corporate governance bodies. A qualified external auditor examines and reviews all the aspects of financial statements and their related disclosures. The company/ entity prepares the financial statements is accordance to the principles and guidelines given by GAAP.
The external audit lends credibility and enhances the confidence in those financial statements, by giving opinion regarding any material misstatement in the statements or the reasonable, fair and true representation of facts.
While conducting an audit, the auditors follow GAAS guidelines and other auditing standards established by national or international organizations and those implemented by law in their country.
Audit Process
The auditor’s opinion is not a guarantee, but it is a professional judgment. Due to the inherent limitations of an audit, there cannot be an absolute assurance that there are no material misstatements in the financial statements. There are plenty of assumptions, subjective decisions, and a degree of uncertainty in the case of accounting estimates.
Any uncertainties or assumptions that can impact the auditor’s opinion must be disclosed to the stakeholders. To ensure that the audit is comprehensive and professional, a typical audit process has the following 7 stages:
- Defining the scope of engagement and establishing objectives of the engagement: The first step is to decide the level of engagement, i.e., engagement for “reasonable assurance” or “limited assurance.” Based on the level of engagement, the “audit independence requirements,” “compliance verification requirements,” and audit teams are formed. Determine the timing, extent, and nature of the audit.
- Risk Assessment: Auditors should use their professional judgment, which comes from industry-specific knowledge
- Planning for audit (overall audit strategy and an audit plan): An audit plan is a part of an overall audit strategy. The audit strategy decides the scope, timing, and nature of the audit, while actionable items are determined under the audit plan covering the implementation of the audit strategy.
- Preparing a written audit program: An audit plan contains detailed instructions for audit procedures covering sequential verification processes to obtain audit evidence.
- Gathering audit evidence: Examining and evaluating source documents, internal controls, verification procedures, financial records, and documentation, and applying professional skepticism and judgment, the auditors maintain documentation and other records that act as the input for forming an opinion.
- Control testing and substantive audit testing: Control testing refers to examining the process flow and controls of financial software and automation. It is to ensure the effectiveness, reliability, and working of these systems. Further, substantiated testing is done through physical testing, examining records, feedback taken from third parties, checking arithmetical accuracy, counting assets, etc.
- Finalization: The auditors examine the audit evidence, source documents, and audit notes to form a conclusion, give a professional opinion, and challenge management’s assumptions and assertions regarding financial procedures and related disclosures.
The Necessity to Audit Financial Statements
Financial audits are important for all companies and even small businesses. They can help a business operate better, benefiting the business owners, board members, and shareholders. Depending on the category of a company, an audit of the financial statements can be a requirement of the concerned governing body.
In March 2022, the SEC flagged five giant state-owned companies for not meeting the U.S. auditing standards. The law and regulations for companies have been made stringent by the U.S. government, especially following the financial scandals in the early 2000s.
Summing up, an audit of the financial statements is important in the following major ways:
Business Loan Requirements
Banks often demand a high level of assurance that the data in financial reporting has been fairly stated. Small businesses require audited financial statements for borrowing business loans. For higher assurance levels, these businesses hire independent certified public accountants (CPA) who adhere to the generally accepted auditing standards by the AICPA.
U.S. Securities and Exchange Commission (SEC) Requirements
Companies enlisted on the U.S. Securities and Exchange Commission (SEC) are subject to stringent rules and regulations that ensure accurate and transparent financial reporting. So, adherence to the SEC rules and regulations is another reason small and medium businesses need independent financial statement audits.
Any concealed information that could affect an investor’s decision is a misstatement. SEC also entitles the listed companies and their independent auditing firms to adhere to the GAAS and other international auditing standards to be acceptable.
Establish Credibility for Attracting Investors
Investors rely on the audit to provide an objective and independent opinion on whether the financial information presented by management is fair and accurate. In the absence of public audits by an independent auditor or accounting firm, a company’s ability to price securities is called into question.
Sarbanes-Oxley (SOX) Act of 2002 imposes strict regulations for publicly traded companies and financial auditors regarding record-keeping requirements. This set of laws protects the decision of the investor by ensuring the trustworthiness of the corporate financial statements. So, credibility and investor confidence are important reasons for auditing financial statements.
Internal Controls
Financial audits help to detect and prevent management fraud. Businesses must regularly conduct financial audits and spot operating inefficiencies. As part of their audit opinion, auditors point out inefficiencies and bugs in the internal controls, which helps businesses reduce risk and rectify control weaknesses.
Accountability of the Managers and Employees
Besides all other objectives and purposes of financial audit statements, annual or regular auditing can help managers and other parties meet their financial responsibilities. Knowing that an independent party will review and test the financial records, concerned parties will focus more on dependable financial accounting and management.
Companies and businesses conduct internal audits to hold the parties concerned with accounting and handling finances accountable. Section 802 of the SOX Act of 2002 deals with the three rules of record keeping that mainly involve the managerial and accounting staff:
- The first deals with the destruction and falsification of records
- The second rule defines the retention period for storing records
- The third rule states the specific records that must be stored and kept intact, such as electronic communication
Audits can have various types depending on the audit area, such as operational and performance audits. Financial audits can be classified into two main types:
Features of Financial Audit
Financial audits are not just data tabulation and cross-checking with the relevant paperwork and contracts. Auditing firms use a standard auditing procedure to give a reliable opinion on the audit objective and internal control procedures. A financial audit has six standard protocol features:
1. A Systematic Process
An audit is a systematic process of obtaining and evaluating financial evidence while considering its objectives. Audits use a logical and well-structured step-by-step process involving the following steps:
- Planning of the audit program
- Notifying the concerned departments of the date of the audit
- Discussing the audit scope, purpose, and plan with the company personnel
- The auditors conduct interviews with the appropriate department staff
- A draft report is made after the fieldwork of interviews
- The audit report is submitted to the management of the audited department for their response
- Management responds with an action plan for any misstatements or errors
- The audit report and the management’s response are discussed in a closing meeting
- The final audit report goes to all the departments and the board of directors of the company
- The auditing firm may conduct a follow-up
2. A Three-Component Relationship
In compliance with the International Standard on Assurance Engagements (ISAE), an audit process is a three-party relationship. This triad involves the auditor, the manager of the department or the area under the financial statement audit, and the company’s board of directors.
3. Subject Matter
The subject matter for an audit engagement can vary considerably. It can be for financial information, operations, data, systems, or processes. It is an important feature of an audit, as it should be identifiable and measurable against a certain criterion. The subject matter of a financial audit helps clearly define the scope of the audit.
4. Evidence
An auditor has sufficient and reliable evidence to examine and audit a certain subject matter and give an opinion on the objective of the financial audit. Important financial evidence includes bank statements, receipts, payroll, invoices, and management accounts. Here are the two important characteristics of good evidence:
- It comes from a reliable source
- Contains relevance to the subject matter
5. Established Criterion
An audit criterion is a set of standards against which a process’s financial accuracy or performance and effectiveness are evaluated. Standard accounting policies, audit procedures, laws and regulations, published standards, client agreements, and generally acknowledged best practices help establish a dependable audit criterion.
If you are a great businessman but not that good of an accountant, Akounto is your one-stop destination for all your accounting needs.
Whether invoicing or making profit and loss statements, Akounto is an easy-to-use accounting software that takes care of everything. It is versatile, intuitive, and extremely adaptable for any kind and size of business.
Get started with Akounto today and end your financial audit-related woes.