Embed Size (px)
Citation preview
ADAA IFRS Digest Compendium 2018
ADAA IFRS Digest
Topic Issue Publication Page
Corporate Governance IFAC says focus on performance, don’t forget conformance January 1
IFAC rumbled Monitoring Group Consultation January 1
Is your Supervisory Board what you need? ESMA issues guidance. April 8
Professional skepticism Evaluation of misstatements July 12
The Practitioner’s Tale from the ICAEW is a revelation November 18
PCAOB Radical changes to audit inspections November 18
IFRS Framework Prudence is back April 8
Enforcement decisions ESMA publishes its 22nd database of enforcement decisions September 14
IFRS Health Check KPMG January 1
IASB Transparency, accountability, efficiency. Why IFRS must not be played with February 3
IIA How auditors can help fight corruption in local government May 10
Real Estate IASB Interpretations Committee tentative decisions March 6
IAS 38 IFRS Blog is Cryptocurrency an intangible asset? February 3
IFRS 9 Expected credit loss model April 8
A recap on IFRS 9 for investments
IFRS 9 and 15 Reporting non gaap measures January 1
IFRS 9, 15 and 16 Impact on interim financial statements July 12
IFRS 10 and 11 Accounting for Joint arrangements in the power and utilities sectors January 1
IFRS 15 Accounting for revenue and non-exchange will IPSAS follow IFRS? January 1
IFRS 16 PwC study predicts a median increase of debt of 24% and increase in EBITDA of 20% January 1
A tool for audit committees May 10
IPSASB disagree with the IASB and considers a right of use model for leases July 12
IFRS 17 Expected to add significant cost because of extra actuarial information required January 1
Cryptocurrencies And the current accounting requirements September 14
Block chain technology It’s a blockbuster September 14
Code of Ethics Cooling off with the IESBA April 8
IESBA code of ethics complete makeover May 10
Back Page A sorry start to the year. A look through Carillion’s financial statements January 2
Audit Quality Review UK FRC Snapshots March 7
The second of the COSO five February 4
The third of the COSO five April 9
The fourth of the COSO five July 13
The fifth of the COSO five November 19
COSO and the three lines of defence May 11
Business combinations arising from non-exchange transactions September 15
Trade receivables under IFRS 9 October 17
ADAA briefing paper Audit Quality December 2018 20
1
ADAA IFRS Digest
IFRS news, updates from ADAA, IASB and the Accounting Profession January 2018
WHAT’S NEW FROM IFAC AND THE IASB
Corporate Governance is an essential ingredient for success. IFRS Taxonomy Update for IFRS 17. Leading to extra cost and time. KPMG Illustrative Disclosures for Investment Funds. Key guidance on investment financials. KPMG IFRS Health check. Issues related to year ending 31 December 2017.
Accounting for revenue and non-exchange expenses. Will IPSAS follow IFRS? IFAC rumbled Monitoring Group Consultation. IFRS 16. Rough tide ahead.
And on the back page A sorry start to the year an insight from ADAA’s Steven Ralls
Corporate Governance is an essential ingredient for success. IFAC says Focus on performance, don’t forget conformance. Good governance principles operate inside a framework comprising two dimensions. 1) Forward looking addressing risks of non-conformance, and 2) Backward looking to ensure risk assessment, control
mitigation and outcome evaluation procedures are in place and fit for purposes. More here.
IFRS Taxonomy 2017, Update for IFRS 17. Though not effective for 3 years, insurance companies are wide-awake for IFRS 17. Expected to add significant costs because of extra actuarial information it will require.
Accounting for revenue and non-exchange expenses. With the IFRS change of revenue standard, the International Public Sector Accounting Standards Board (IPSASB) issues a webinar on preliminary views on revenue and non-exchange expenses. IFAC rumbled Monitoring Group Consultation on ‘Strengthening the governance and oversight of the International Audit-related standard setting Boards in the Public Interest.’ It sounds boring, accountants are boring, but someone is not happy. IOSCO, Basel Committee, European Commission, World Bank, issued a paper on splitting up IFAC. IFAC isn’t happy, read the IFAC-Views-and-Reactions.pdf It is quite a paper, there is a lot of emotion in there. In one sense they have a point, why change if it works? I guess because it doesn’t, does it? If listed entities are suddenly becoming insolvent something is wrong. More here.
KPMG Illustrative Disclosures for Investment Funds. The guide illustrates examples of two different funds in two appendices. Appendix I disclosures for an investment fund that is an investment entity and measures its subsidiaries at fair value through profit or loss (FVTPL) and this fund is outside the scope of IFRS 8 Operating Segments. Appendix II illustrates disclosures for a multiple-segment fund that falls in the scope of IFRS 8. Details here. KPMG IFRS Health check. KPMG IFRS Health Check.html It’s a health check. Issues related to year ending 31 December 2017. In this special edition, Deloitte sets out financial reporting issues as a result of areas of regulatory focus, economic environment or change in accounting standards. The publication focuses on possible effects of new accounting standard IFRS 15 and IFRS 9 and the reporting of non-GAAP alternative measures. Click here to read more. Accounting for joint arrangements in the power and utilities sector. EY looks at some of the challenges of applying IFRS 10 and 11. The relevant activities over which power is exercised are the current activities. They are not residual activities, because by definition residual activities do not have a material effect on return. IFRS 10 refers to power to influence return. Joint arrangements.pdf Practical matters.pdf
IFRS 16. The impact of the new lease standard “IFRS 16” is impacting all entities, including shipping and the transportation industry. A study by PwC Global Lease Capitalization predicts a median increase of Debt by 24% and a median increase of EBITDA by 20% in the industry. Most of the challenges of the new standard will be borne by the lessees not the lessors. Due to the existence of many shipping arrangement, each will have to be assessed differently, for example:
Bareboat contracts meet the new definition of a lease because the lessee has control over the use of a specific ship.
Time contracts and pool arrangements contain both a lease (the right to use a specific ship) and service components (operation and maintenance by the owner of the ship).
Voyage contracts are service contracts and thus do not meet the new definition of a lease.
Contracts of affreightment are unlikely to meet the definition of a lease, since they have characteristics indicating that they are contracts for the provision of a service rather than the use of an identified asset.
However, judgment is required to separate lease and non-lease components of a contract. Most contracts do not and some decide not to apply the separation, keeping in mind the lease obligation and the significance of the non-lease components. Leading to challenges such as the identification of events that are out of the control of the lessee leading to reassessment of the lease accounting. Further reading here.
WHAT’S NEW THIS MONTH
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
2
ADAA IFRS Digest
IFRS news, updates from ADAA, IASB and the Accounting Profession January 2018
A sorry start to the year – an insight from ADAA’s Steve Ralls
Only a few weeks in to 2018 and January has provided a nasty surprise. In the UK Carillion was put into compulsory liquidation. Not administration or receivership where time is available to find a buyer of the whole or constituent parts. But directly into liquidation. This is serious because Carillion was in some respects an extension of the public sector building schools, hospitals, prisons and highways and operating them through what is known as Private Finance Initiative (PFI) contracts. We have similar arrangements in Abu Dhabi, so if we were thinking of a financial examination what would we look at? Print off Carillion’s: Annual report 31 December 2016 and let’s look through. The clutter test The report is long split 50:50 between front and back. Management can say what they wish in the front half, the Auditor is responsible for ensuring what management says does not undermine the credibility of the IFRS financial statements in the back half (ISA 720). Management influence on revenue and profit recognition Page 38 is worth a look. “The Group delivered revenue growth and improved underlying profit from operations coupled with good cash flow conversion.” Revenue growth of 600 million UK pounds is primarily in the construction sectors. These apply percentage of completion accounting. Revenue and profit recognition in percentage of completion accounting depends on a spreadsheet, with lots of management judgements of what the outturn of a project will be. Simplistically If activity is increased, spending increased, construction revenue goes up. However, risk moves from construction to collection. Four months after the 31 December financial statements were published, in the 30 June half year statement a contract receivables impairment of 600 million is booked. Underlying profit increased 1.5 million. Did it? No adjustment was made for a (one off 2013 cited as the only other time page 132) 20 million license fee that was deemed not linked to supply contracts. It maybe, it may not but what are the payment terms? Is payment made over time or paid upfront? Net cash flow from operating activities flat at 73.3 million. As a rule of thumb, cash should equal profit plus depreciation. Anything different to this and you should question revenue recognition policies. Carillion was a business of 5.2 billion in revenues that generated cash of only 73 million, a return of 1.4%. This is somewhat different to the 4.9% reported in ‘alternative performance measures (APMs)’ and somewhat different to the industry sector of 2%. The use of APMs is always controversial because why is an IFRS measure not enough? As a result of just these few things we would expect to see on the audit file reference to heightened professional skepticism being applied. Was it? What the auditor thinks is important The audit opinion is the new one with Key Audit Matters (KAMs), KAMs are those the auditor deemed most significant in their reporting to those charged with governance (TCWG). They are not all those reported. The auditor reports just three: 1) Recognition of contract revenue, margin, related receivables &
liabilities. (Basically the whole of the contracts business is a big risk!) A business primarily based on long term contracts must operate tight internal controls over key performance indicators and service delivery and ensure its customers are in agreement with paying for performance
to date (IFRS 15.35(c) satisfying service performance obligations is a little bit different from risks and rewards (IAS 11.22). The KAM lists the procedures completed in the contract reviews. Commentators in the press identify four significant projects: Aberdeen bypass, Msheireb in Doha, Hospitals in Birmingham and Liverpool. The audit procedures are those we would expect to see, including site visits and discussion with operations. There is nothing that has obviously not been done. Therefore either what was done, was not done well, or what happened could not have been foreseen. 2) Carrying value of goodwill. IAS 36 requires an annual impairment assessment of goodwill and testing of goodwill at the level of a cash generating unit (CGU) which can be no bigger than that of an IFRS 8 defined operating segment. Carillion considers it has four operating segments and four CGUs. i.e. the operating segment is the CGU. This is unlikely given 100 or more separate legal entities and aggregation of goodwill from different acquisitions to test in the same segment is a known weakness in the accounting standard. To assess the value of goodwill, Carillion measured Value in Use (VIU) at the Net Present Value of future earnings. This means goodwill was valued based on management’s assessment of their own ability to win, extend and deliver contracts, primarily with customers in the UK Services sector. The segment reporting discloses the underlying operating profit of the sector is 182.7 million which equates to a six-year life, not unreasonable for the service sector. 3) Other revenue judgements (New risk) Only 20 million in revenue terms but is 15% of group profit. The risk is whether to recognise revenue at a point in time or over time. Because the license was entered into at the same, or around the same time as other contracts with the same counter-party. The accounting treatment is a boost to profit whether it is correct requires a better understanding of the contracts, the length, and how or if they relate by understanding business development and organization structure. Where did it go wrong? Maybe Carillion was unlucky. Four big construction projects going wrong is certainly bad luck. Maybe there was nothing that could be done earlier. Maybe the Chairman was correct in his 2016 statement that governance was strong, scrutiny applied to assessment of performance and risk management and control processes, and on constructively challenging the Executive Directors. The evidence should be on the audit file, inside the minutes of meeting of the Board, and the Audit Committee, and in the risk register listing the risk of four contracts going wrong with an appropriate strategy to deal with it happening. One would expect to see separate project committee meeting minutes for all, management accounts and communications to and from customers. What to learn from the collapse? Red flags? Auditor for 19 years. No going concern disclosure. Pension deficit. Debt increasing. Trade debtors increasing. KAMs. It cannot be under estimated the value Audit Committee and Auditors bring, by taking contra positions and examining audit evidence thoroughly.
3
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession February 2018
WHAT’S NEW FROM IFAC AND THE IASB
Transparency, accountability, efficiency. Why IFRS must not be played with. Must know US Tax reform – accounting under IFRS. IFRS IC decision on interest and penalties related to tax. IFRS Blog: Accounting for Crytocurrency.
ESMA issued MIFID ii why you should be interested.
And on the back page The second of the COSO five - Risk assessment an insight from ADAA’s Mahmoud Shahin.
Transparency, accountability, efficiency. Why IFRS must not be played with.
IFRS brings transparency by enhancing the international comparability and quality of financial information enabling investors to make informed economic decisions.
IFRS strengthens accountability by reducing the information gap between capital providers and the people to whom they have entrusted their money.
IFRS contributes to economic efficiency by helping investors to identify opportunities and risks across the world. “Accounting is as much of an art as a science, there is obviously a lot of room for differences of opinion on what is economic reality and how best to reflect in accounting. Consequently, accounting is subject to a lot of genuine, healthy intellectual debate. However, there are also less noble motives for debate. There is big interest at stake in accounting. Remuneration and reputations are often closely
linked to profit so there is incentive for standards that help to manage earnings…” Transparency, accountability and efficiency foster trust, growth and long-term financial stability in the global economy. Even for people who never look at financial reports, it is important that accounting standards lead to financial reporting that is both informative and trustworthy. Yes, there will always be charlatans that come and go (eventually to be locked up) who will play games with the evidence to support their desired accounting outcome. To reward themselves with bonuses, dividends, and grandeur they should not. There will be real economic booms and busts as capital flows to the most attractive markets and technology disrupts. This is natural and to be expected. IFRS (and IPSAS) brings transparency and enables prudential regulators to know when to intervene. Problems buried deeply within a company’s balance sheet are made visible by high quality accounting. In the long run cash is king. If a profit does not become cash, maybe it was never a profit at all. More here. And here.
Must know US Tax reform – accounting under IFRS. US federal tax rate reduced from 35% to 21% effective 1 January 2018 has an immediate impact of deferred tax assets and liabilities that will reverse. Alternative Minimum Tax (AMT) repealed – previously unrecognized deferred tax assets may now be recognised. Net Operating Losses (NOLs) can be carried forward indefinitely. 100% deduction for certain capex placed in service after 27 September 2017. Territorial tax regime change provides 100% dividend relieve when repatriating foreign earnings, and that’s not all! IFRS IC decision on interest and penalties related to tax. Do you apply IAS 37 or IAS 12 when accounting for interest and penalties as part an overall settlement with the tax authority? IFRS Blog: Accounting for Crytocurrency. It’s not legal tender, it’s not a cash equivalent, it’s not a contractual right to receive cash. No it’s a Bitcoin! Maybe its inventory so held at cost. But its value moves with the market. So maybe it’s an intangible asset, but then changes in value go through OCI. Accounting for Bitcoins at fair value with changes in value through the P&L would provide the most useful information but current accounting rules prevent. More on these three PWC IFRS news.
ESMA issued MIFID ii why you should be interested.
Markets in Financial Instruments Directives (MIFID ii) will bring about fundamental changes to distribution of wealth and asset management products and services in the EU. The MIFID ii has 5 core measures:
1. External controls/reporting
2. Internal controls/governance
3. Investor protection
4. Market structure
5. Market transparency
The impacts investors might feel will come from increased regulatory and client reporting requirements for all asset classes and a potential ban or limitation of marketing to retail customers. So some bonds previously sold to retail customers could not be sold again.
The above measures will be applied to all financial instruments transacted on EU trading venues with new pre & post trade transparency rules. It should lead firms to be more systematic in obtaining the best possible results for customers. With enhancedd record keeping & audit/reference trail requirements.
More here Bloomberg and EY showing effect on governance of stakeholders regarding compliance, diversity, and effect on access by third country firms.
WHAT’S NEW THIS MONTH
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please
turn the
page for
ADAA’s
monthly
accountin
g insight…
4
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession February 2018
The second of the COSO five - Risk assessment, an insight from ADAA’s Mahmoud Shahin
`ADAA IFRS Digest September 2017 reports the importance of testing effectiveness of internal controls in an audit of financial statements. Decree number 1 of 2017 requires ADAA Subject Entities to obtain as part of the audit services a separate report on the effectiveness of their system of internal control. This involves assessing design and testing the application of the internal control system. To assess the design, it has to be assessed against something. ISA 315.14 onwards includes something. It includes a framework, based on COSO. In ADAA IFRS Digest December 2017 we reported on the Control Environment. In this publication we report on Risk Assessment. Although the auditor is required to report it should not be forgotten that management is responsible for their financial statements and management is responsible for the design and effectiveness of their system of internal control. Internal Audit is a key tool for management in assessing internal controls. COSO has many useful tools and publications available on their website, some of which are utilized in preparing this publication. The five components of Internal Control:
• Control Environment
• Risk Assessment
• Control Activities
• Information and Communication
• Monitoring Activities
Component Two – Risk Assessment
Risk assessment is about prioritizing and measuring risk within predefined parameters so that risks are not over or under managed. There are four principles (of seventeen COSO principles) for the risk assessment component starting at six: 6) Specify organizational objectives with sufficient clarity to enable
identification and assessment of risk relating to objectives. It may seem obvious to assess the risk of not achieving performance, one has to identify what performance is expected. However, how often do you agree objectives for your performance?
Financial outcomes do not emanate from the Finance department, that is where they end up. Financial outcomes emanate from Operations. It doesn’t matter whether you are a Public Sector Entity (PSE) delivering roads and parking services, or a Government Business Enterprise (GBE) delivering water, electricity, oil, aircraft passenger services, or a Sovereign Wealth Fund investing to achieve capital growth. All entities have a raison d’etre and they want to be the best at it.
Let’s start with parking services.
Is the objective to have parking spaces available when a person wishes to park? Or to maximize revenue from parking spaces? Two competing performance objectives which drive different behaviour. Both require measurement of utility and quantity but then drive different operational decisions.
To maximize availability, increase the number of spaces and keep increasing spaces until there are spaces available. It’s a nice idea but in a city where space is limited so are parking spaces.
To maximize revenue, limit the number of spaces and increase prices and keep increasing prices until there is no space available.
But then increasing prices causes people not to pay, so then ticket inspectors will be required. The number of which requires consideration of the price of a ticket compared to a fine and any inconvenience factor in paying the fine, which requires assessment of collectability and of enforcing collectability, and it includes assessment of the cost of a ticket inspector and their efficiency, which includes assessment of the technology used from camera’s to ticket machines, to transport.
So was it better when there was no paid parking? No it was much worse, there were cars parked everywhere!
What we have highlighted is that clarity on the entity’s objectives drives objective decisions in operations, performance of which needs to be measured and assessed to improve operational decisions to improve the likelihood of achieving the entity’s objectives.
In COSO speak Operations objectives:
• Reflect management’s choices
• Considers tolerance for risk
• Includes operations and financial performance and goals
• Forms a basis for committing resources
Operational objectives drive internal, external, financial, non-financial and compliance reporting objectives.
7) Identify risks to achievement of objectives across the entity and analyze as a basis for determining how the risks should be managed.
The risks of not maximizing revenue include:
• Customers not being able to purchase tickets. Response multiple payment options that work; phones, ticket machines. Regular maintenance of machines. Exception and trend reporting.
• Not knowing when spaces are used. Response: data gathering of times and locations. It’s easy in a carpark that has a green light that turns red when occupied. It’s a lot less easy on the street when people pay by phone and location is not known.
• Not knowing if ticket inspectors are being effective. What to do? Measure number of tickets inspected, or number of steps walked per inspector, or number of fines issued?
• Government changes which reduces cars on roads. E.g. toll stations, congestion charging, clean air legislation. Each risk requires a response - accept, avoid, reduce, share.
•
5
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession February 2018
The 2013 Framework, with its emphasis on organizational objectives, puts a greater weight on entity-level risk.
8) Consider potential of fraud in assessing risks to achievement of objectives
There are two type of fraud: loss or leakage of cash (or other assets) and fraudulent reporting.
It is unlikely given the relative insignificance of parking charges a material loss of cash could occur from the revenue side. However, revenue is not normally where cash fraud is found. Revenue is much more susceptible to fraudulent reporting. Deloitte sample listing of fraud schemes.pdf It may be a 2009 publication but it is still relevant today. It is quite easy to book a sale early or wrap up a discount as an expense. It is quite simple to bounce debts around the sales ledger and re-age them, or hide them between subsidiaries in a consolidation.
Cash fraud is more difficult, often it requires collusion and it is likely found in payments, to a supplier not on an approved list, or to a supplier with a side agreement.
Fraud requires three things: Pressure, opportunity and rationalization. Normal people do not normally commit fraud. But if pressure comes from the top, to make the results look as good as possible (and there are too many examples to state) and there is opportunity to stretch assumptions, to push a valuation, or not book a provision, stretch the audit evidence, to keep my job, to do what the leadership wants, they know so why not. Then you have conditions for fraud.
What surprises the most is with hindsight spotting fraud is easy. So why was it not discovered at the time? The most often cited reason is because thinking it, was not thinkable.
9) Identify and assess changes that could significantly impact the system of internal control.
Change is inevitable. Stroll down the Corniche. Abu Dhabi is the change management capital of the world.
Change comes from three areas:
The external environment – from changes in the economy, changes in regulation, changes in the physical environment.
The internal environment – changes in people, processes and systems. New people bring new approaches. New processes and systems bring new ways of working. When either one of these three changes happen there is propensity for things to go wrong.
Leadership – A change in leadership brings change. A new business model. A new approach to acquisitions or divestments. A new approach to technology.
Final thoughts
Some say: the requirement for an assessment of internal control is a new thing.
Some say: the requirement for an internal control framework is a new thing.
Some say: a substantive audit approach is most cost effective.
ISA 315 only requires the auditor to “identify and assess the risks of material misstatement…through understanding the entity and its environment, including the entity’s internal control” What constitutes an ‘understanding’ can be a very nebulous thing.
ISA 330 only requires the auditor to “design and perform tests of controls to obtain sufficient, appropriate audit evidence as to the operating effectiveness of relevant controls if the auditor’s assessment of risks of material misstatement at the assertion level includes an expectation that the controls are operating effectively…or substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion level.”
Management do not rely on a third party valuation in making a keep, sell or purchase decision. Management do not rely on a customer confirmation in assessing credit risk. Management do not rely on the audit report of a subsidiary auditor to tell them what is wrong. Management do not rely on substantive audit procedures.
Management relies on management information to make management decisions. Management relies on high quality accurate budgeting and forecasts based on historical and market trends. Management relies on informed, careful management and an ongoing analysis of actual incomes and spends. Management relies on a full and detailed assessment of risks and thought through responses that they could apply.
Management relies on:
Setting the right Control Environment including tone from the top.
Performing an insightful Risk Assessment and developing appropriate responses to risk.
Implementing appropriate control activities.
Gathering appropriate information and communicating it.
Applying appropriate monitoring activities.
Management relies on the Socratic approach of COSO of asking what’s not right and could be better. Should your auditor not do so too?
6
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession March 2018
WHAT’S NEW FROM IFAC AND THE IASB
Interpretations Committee open items. Tentative Agenda Decisions for real estate developers.
Will your auditor soon be a robot? With Cambridge Analytica
and Facebook in the news EY’s Forensic Data Analytics survey
results requires examining.
IASB Update. Business combinations and Rate-regulated activities creeping up the agenda. SEC issues interpretive guidance on cybersecurity. Clearer and more robust disclosures by public companies. VAT Is Here. And it is a good thing. And on the back page Audit Quality Review - an insight from ADAA’s Steven Ralls
Interpretations Committee open items. Tentative Agenda Decisions. We don’t normally do this but these four decisions are key and you have the opportunity to comment.
Presentation of interest revenue for particular financial instruments.
Revenue recognition in a real estate contract.
Revenue recognition in a real estate contract including the transfer of land.
One performance obligation or two performance obligations? And when to recognise profit? A surprising answer.
Right to payment for performance completed to date. When a customer breaks a contract and the constructing entity has the right to recover lost profits and costs of resale from the original customer, it does not meet the IFRS 15.35(c) requirement of payment for performance to date. Developers take heed! IC project page here.
IASB Update. Business combinations under common control are currently scoped out of IFRS 3. IASB tentatively decides to use the acquisition method in IFRS 3 as the starting point. Not surprising really. IFRS 14 Regulatory deferral accounts only applies to first time adopters. Issued 2014 it enabled Canada (mainly) to adopt IFRS. The IASB said it was not a fan of industry specific standards however with IFRS 6, 9, 14, 16 (lessors) and 17 is that not the path it is on? Rate-regulated activities accounting appears to cater for both cost plus and rate capped regulatory regimes. The unit of account is the individual timing difference that create incremental rights and obligations arising from the regulatory agreement. The present right – to charge a rate increased by an amount as a result of an event, meets the asset definition in the IFRS Framework. The present regulatory obligation - to provide goods or services at a rate reduced by an amount as a result of past events, meets the definition of a liability. Is this storing impairment problems for cost plus regimes and smoothing opportunities for rate capped? More here.
Will your auditor soon be a robot? Billions wiped off Facebook’s market value last week as the ‘theft’ data storm gathers pace. Know your customer procedures are a legal requirement for banks. Knowing as much about your customers as possible is a commercial or social necessity for other entities to effectively target consumers with customized products and services. Technology creates new opportunities to gather more and more data. As it does so it creates more risks. May 2018 new UAE law governing General Data Protection Regulations apply. The Facebook Cambridge Analytica story perfectly evidences the new risks entities face. If you have a data leak, it is an event, the settlement of which, might be expected to result in an outflow of economic benefits. It is a liability. If the amount to settle cannot be measured reliably, it is a contingent liability. Forensic data analytics combined with artificial intelligence, machine learning and automation increases risks of legal, compliance and fraud. It is a difficult read from EY but worth it. Forensic data analytics survey here.
SEC issues interpretive guidance on cybersecurity. The increasing number and severity of cybersecurity incidents has led the Securities and Exchange Commission (SEC) to issue interpretive guidance to promote clearer and more robust disclosures by public companies in relation to their cybersecurity risks and incidents The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences. More here
VAT Is Here. And it is a good thing. A surprising observation you might consider as a supplier or a consumer. VAT is a revenue tax. From 1 January 2018 IFRS 15 applies. Prior to that IAS 18 applied. Some entities applied IFRS 15 early primarily to bring forward revenue recognition. Does early adoption of IFRS 15 have VAT implications? We suggest you ask the auditors. So why is VAT a good thing? Two reasons: 1) It will reduce the temptation to bring forward revenue recognition –
because VAT will be payable. VAT assists in deferring fraud. 2) The quality of infrastructure and therefore the ability of potential
investors to operate effectively in the target country, is of greater importance than low tax rates. VAT facilitates government spending on infrastructure. Read more from the ICAEW here.
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
7
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession March 2018
Audit Quality Review UK FRC Snapshots - an insight from ADAA’s Steven Ralls
Quite a lot of acronyms but we accountants like that. AQR (AUDIT QUALITY REVIEW), UK (UNITED KINGDOM), FRC (FINANCIAL REPORTING COUNCIL). Your audit is coming to a close, it is time for the Audit Committee to assess the quality of the financial reporting process. What should you look for? These snapshots taken from UK FRC’s AQR’s provide a brief insight into the assessment of the quality of audit work, policies and procedures supporting audit quality at firms which audit PIEs (PUBLIC INTEREST ENTITIES). Each year they publish their findings. https://www.frc.org.uk/auditors/audit-quality-review/audit-firm-specific-reports. We chose just one but the themes seem common to all. Our observations in red. Good practices identified
Interaction of the audit team with both audit firms and management’s specialists, including robust reporting by firm’s specialists to audit teams in areas of judgement. Vital in areas such as: tax, pensions, property valuations, unlisted investments, purchase price allocations.
Extent of group auditor involvement in, and evaluation of, component auditor’s work, including improved communications and exchange of audit information (partly due to new software). The audit of consolidated financial statements is not an adding up exercise.
Improvement in the testing of IT and other controls to conclude on whether they were operating effectively. Effective application of ISA 315 and 330 in particular for ITGC. These are not substantive only audits.
Key findings requiring actions and the firm’s response
In relation to the assessment of goodwill and other assets for impairment, there was insufficient challenge of whether management’s cash flow forecasts appropriately reflected the expected timing and duration of important contracts and whether short term growth rates could be achieved. The AQR is not saying the VIU (VALUE IN USE) model is wrong, but it could be. If the assumptions are wrong the answer is...
In relation to the valuations of investments, there was insufficient evidence of challenge of whether management had the appropriate information to support the more subjective valuation of certain investments. Level 2 and 3 valuations require great care.
Firm’s actions
2017 RCA (ROOT CAUSE ANALYSIS) indicates teams did not always appreciate what was required in order to convey the level of challenge and rigour they had applied. We also concluded that in some cases, teams did not step back to consider the completeness of their evidence and whether it would enable an experienced auditor, having no prior connection with the audit, to understand the full extent of the work carried out. 2016 training included training on applying and evidencing professional skepticism in the audit of valuations and impairment assessments. We will incorporate into our 2017 training further emphasis on this areas reflecting the results of our RCA. This will include training on the rigour required when challenging estimates and assumptions.
The firm’s RCA indicates it is a documentation problem, i.e. ‘convey’ and ‘completeness.’ However, the training response indicates it is an audit procedure i.e. ‘Professional skepticism’ and ‘rigour.’
What should Audit Committees expect? Continue to improve the quality of written communications with Audit Committees on significant findings Insufficient detail was reported to Audit Committees on certain significant findings:
Did not include the impact of management’s assumptions for certain contracts on the goodwill impairment assessment and the recognition of deferred tax assets. It is critical Audit Committee discuss the impact a small and big change in management’s assumptions could have.
Reproducing the risks section of the auditor’s report in the written communications to the Audit Committee was not an appropriate substitute for reporting the auditor’s findings on the significant risks. ISA 701 requires KEY AUDIT MATTERS (KAMs) to be selected from the significant matters discussed with the Audit Committee, not to equalize those matters. Does the KAM disclose the level of detail required for an Audit Committee to conclude management’s judgement is appropriate?
Insufficient detail was provided to the Audit Committee on the rationale for, and effect of, valuing investments using assumptions that were more conservative that those used for similar third parties. Faithful representation requires neutrality, which means free from bias. IFRS 13 Fair Value Measurement and IAS 36 Impairment contain requirements to use entity’s own data bench marked against market participant’s data. There are very few situations where this cannot be done.
Make enhancements to staff appraisal process Staff performance appraisals, including assessment against relevant objectives, are important to ensure that individuals understand how they contribute to achieving high audit quality and other strategic priorities set by the firm. The firm should improve the effectiveness of its staff appraisal process by:
Strengthening the link between the assessment of audit quality and overall performance for staff. In the sample of staff appraisals we reviewed, audit quality did not appear to have a direct impact on the appraisal process. This could be improved by taking account of the results of internal and external quality reviews on staff performance and having a clearer linkage between the overall appraisal rating, the achievement of quality objectives and remuneration.
A significant number of staff had not completed their objectives three months after the firm’s deadline and, in the sample we reviewed, a number of audit quality objectives set by staff were either too brief or not specific.
We identified that key information was not always included on staff appraisal forms, such as comments from appraisers, a detailed self-assessment and relevant references to adverse internal and external inspection quality ratings.
Until AI (ARTIFICIAL INTELLIGENCE) takes over, audits will include humans. Humans are preprogrammed to maximise their return from the efforts they expend. As a friendly CEO once said: “If you measure the wrong things you will get the wrong answer. What you measure gets done. What you don’t measure doesn’t.”
8
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession April 2018
WHAT’S NEW FROM IFAC AND THE IASB
Prudence is back! Revised IFRS Framework. Clearer concepts. IFRS 9’s expected credit loss model. The effect is significant. Cooling off with the IESBA. New Audit Partner Rotation Rules.
Global IPO. Great results in Q1 2018. Is your Supervisory Board what you need? The European Securities Market Authority issues guidance. And on the back page The third of the COSO five –control activities, an insight from ADAA’s Ahmed Al Mazrouei
Prudence is back! Revised IFRS Framework. Clearer concepts. Plus, the Framework’s purpose is extended:
To assist preparers to develop consistent accounting policies when no standard specifically applies or when a standard allows a choice of accounting policy.
To assist all parties to understand and interpret standards. This is big news because when interpreting a standard, the focus is not just on what the standards says. The standard must be interpreted in the context of the Framework. Before 2010 the Framework identified the exercise of prudence as a factor that makes financial information useful. Prudence was described as the inclusion of a degree of caution in the exercise of judgements needed in making the estimates required under conditions of uncertainty. However, the term was interpreted in different ways, so prudence was removed because of its inconsistency with neutrality. The Board is now
persuaded that prudence helps achieve neutrality and clarity in selecting and applying accounting policies. We agree. Removing prudence licensed aggressive accounting. Stewardship is back too! It was removed, the Board say, because of translation difficulties. Which seems like a nonreason. Stakeholders argued for an explicit acknowledgement that the assessment of management’s stewardship was part of the objective of financial reporting. Of course it is. The IASB clarifies resource allocation decisions are not just management’s. They are also shareholders in exercising their right to vote, or otherwise influence management’s actions that affect the use of entity’s economic resources. As well as decisions to buy or sell the equity. Measurement uncertainty moves to! From relevance to faithful representation. Sometimes the level of measurement uncertainty is so high it is questionable if the estimate provides a sufficiently faithful representation. The IFRS Framework is only available online to IFRS subscribers. However access Six facts and the feedback statement here.
IFRS 9’s expected credit loss model. KPMG discuss how disclosures of expected credit losses have been tackled by around the world. Incorporating future looking information based on probabilities specific to a certain instrument poses a challenge. There is also a wide range of credit risk factors including macroeconomic ones required to be incorporated into credit risk calculations. More here. Cooling off with the IESBA. New Audit Partner Rotation Rules. ADAA SAAR Rules currently say if you are the Audit Partner for 4 years the cool off period for the Audit Firm and Partner is 4 years. The IESBA have updated their code of ethics, effective 2019. It has 50 more pages than it did in 2012. That’s 33% more ethical pages. So your auditor is 33% more ethical than 9 years ago. Apparently not, the IESBA has increased the cool off period for the Key Audit Partner to 5 years. It’s not always quite as simple as that, as you can read here and there is no Audit Firm rotation rules, as there are in SAAR. Probably a bit too much to expect the member’s professional bodies to sign up to that! The cool off applies to all Public Interest Entities.
Global IPO.A flying performance in the first three months of 2018 ensured a strong results to start the year. Global IPO markets raised US$42.8b in Q1 2018, a 28% year-over-year (YOY) increase on Q1 2017. Usually the first quarter of the year is the slowest. However, IPO proceeds outpaced deal numbers in a relatively strong first quarter. Driven by larger transactions, despite a decline in deal numbers. As a result, the outlook remains high in many markets around the world and IPOs are expected to continue. The Middle East saw a 17% increase in proceeds with former state owned enterprises and family owned and PE backed businesses expected to drive activity. More here
Is your Supervisory Board what you need? The European Securities Market Authority issues guidance. Weaknesses in corporate governance, including inadequate oversight by and challenge from the supervisory function of the management body in a number of credit institutions and investment firms contributed to excessive risk taking in the financial sector, which led to failure and systemic problems. This report is a quite a read. If you can get through it, it provides valuable reference material to benchmark your corporate governance functions and management roles against. Click here.
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
9
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession April 2018
The third of the COSO five - control activities, an insight from ADAA’s Ahmed Al Mazrouei
ADAA IFRS Digest September 2017 sets out the importance of testing effectiveness of internal controls in an audit of financial statements. Decree number 1 of 2017 requires ADAA Subject Entities to obtain as part of the audit services a separate report on the effectiveness of their system of internal control. Why you might ask? ISA 315.13 requires: “when obtaining an understanding of controls that are relevant to the audit, the auditor to evaluate the design of those controls and determine whether they have been implemented by performing procedures in addition to inquiry…” This involves assessing design and testing the application of the internal control system. So testing controls is already part of the audit. However, ISA 330.8 only requires extended (operating effectiveness) testing of internal controls when “substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion level.” Therefore, if the auditor is not relying on controls how much understanding and evaluation in IAS 315.13 is required? You will have noticed on the front page, the IASB is bringing back the assessment of management’s stewardship as an objective of IFRS. Assessing and testing controls helps assess management’s stewardship. ISA 315 is a relatively new auditing standard. It was first issued in 2003 (post Enron and SOX) and was the result of a joint project between the IAASB and the USASB. No surprise then ISA 315 is based on the COSO framework for internal control assessment. There is a difference though. Both SOX and ADAA’s decree require an opinion on the effectiveness of the internal control system. Which requires a certain level of assurance testing. ISA 315 requires “procedures in addition to inquiry” which also means a test. The difference in scope is in the amount of documentation and testing required. Which when SOX first came out was a lot. Which led to SOX LITE. How much additional testing is required to comply with ADAA’s decree? It depends, on how much reliance on controls your auditor has previously placed. In December 2017 we covered Control Environment, and in February 2018 we reported on Risk Assessment. In this issue we will be discussing Control Activities. The five components of Internal Control: • Control Environment • Risk Assessment • Control Activities • Information and Communication • Monitoring Activities Component Three – Control Activities Control activities are actions established through policies and procedures that ensure management’s directives to mitigate risks to the achievement of objectives are carried out. Control activities are performed at all levels of the entity, at various stages within business processes, and over the technology
environment. There are three principles (of seventeen COSO principles) for the Control Activities component starting at ten: “10. The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.” The principle covers entity nature, and understanding the relevant business process and evaluating the different controls around them (manual and automated controls, and preventive and detective controls) at different levels of the entity and how it addresses segregation of duties, and whether those controls integrate with a risk assessment that address and mitigate risks, or not. “11. The organization selects and develops general control activities over technology to support the achievement of objectives. This deals with the dependency between the use of technology in business processes and technology general controls.” Assessing the technology infrastructure control activities helps ensure: completeness, accuracy, and availability of technology processing, and the security management process control activities, and whether the technology acquisition, development, and maintenance process control activities aid in achieving management’s objectives “12. The organization deploys control activities through policies that establish what is expected, and in procedures that put policies into action.” The focus in this principle is how the entity establishes policies and procedures to support deployment of management’s directives, and how it allocates the responsibility, and accountability for executing policies and procedures. Whether control activities are performed in a timely manner and by competent personnel, and if corrective action is taken. Periodically policies and procedures are assessed to determine their continued relevance. In summary COSO Principles 10 and 11 select and develop control activities and controls over the information technology. Principle 12 covers formalizing the control activities and their effectiveness. Final thoughts COSO first published its Integrated Framework in 1992. Before ISA 315, auditors applied an audit risk model focused on three risks. Inherent risk (risk something is wrong without considering controls). Control risk (risk an appropriately applied internal control system fails). Detection risk (risk appropriately applied audit procedures fail). The COSO framework may articulate the components of internal control better now. The auditing standard may be clearer now. Computers may be more prevalent and more controls automated. However, without an appropriate control environment and risk assessment, the best control activities in the world will not prevent your system of internal control from failing.
10
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession May 2018
WHAT’S NEW FROM IFAC AND THE IASB
ris
A tool for audit committees. Preparing for the new leases accounting standard. How auditors can help fight corruption in local government. Auditors (internal & external, financial & non-financial) enhance quality and transparency of government financial management with support, and robust challenge.
A recap on IFRS 9 for investments. Refresher for 2018 audits. Law No (1) of 2017 Concerning the Financial System of the Government of Abu Dhabi. And IFRS 15. IESBA code of ethics complete makeover. Any change? And on the back page COSO and the three lines of defense, an insight from ADAA’s Fatema Lari.
A tool for audit committees. We may only be in May of 2018 but 2019 can’t come fast enough for some. Why? It’s 1994 all over again. IAS 17 introduced substance over form into leasing and the lawyers went bananas. Literally. Overnight leases were on the balance sheet. Hurrah. But the lawyers boxed clever and a structure that looked like a finance lease, operated like a finance lease and quacked like a finance lease…suddenly became an operating lease, and off the balance sheet it went! Why? Because one man’s perception of risks and rewards of ownership, differs from another. It’s taken 25 years and this time the IASB has been smart. They have deleted the concept of operating leases for the lessee. IAS 8 requires an entity to report known impacts of new standards, or state the entity doesn’t know. So most entities in 2016, 2017, and still, in 2018 are reporting they don’t know. Which is a failure of good corporate reporting.
The Centre for Audit Quality, an organization sponsored by the AICPA, published a tool for Audit Committees to help guide them through the implementation. Asking questions such as: What are the key judgements? Do those making them have the appropriate knowledge and resources? What is the impact on systems and controls? It would be a shame to not get it right this time. More here. A recap on IFRS 9 for investments. In her paper, the IASB Vice Chair Sue Lloyd discusses:
IFRS 9 on long-term investment.
Reporting value changes in P&L provides better information of value creation over time.
Recycling can provide a confusing presentation of performance.
Debt investments are different.
Prohibiting recycling avoids complexity related to impairment.
Developing a new impairment model for equity investments is not easy.
Prevalence of AFS equity investments applying IAS 39. Full paper here
How auditors can help fight corruption in local government. According to the OECD, local and regional government entities manage 40% of public spending and 59% of public investment. Bringing government closer to consumers has many benefits as long as local institutions are strong and subject to robust oversight. Auditors enhance quality and transparency of government financial management with support, and robust challenge. The CEO of the IIA outlined 9 risk areas: Geography. Hiring & employment procedures. Political finance contributions. The giving and receiving of gifts to and from politicians and officials. Entertainment. Information technology. Procurement procedures. (Especially for infrastructure projects). Senior Management, the higher up an official, the higher the risk. The OECD reported 10-30% of the investment may be lost in a publicly funded construction project due to mismanagement and corruption. To guard against requires “strong legislative and regulatory bodies and managers, bureaucrats and public servants who set the right ethical tone and are prepared to hold people to account.” Read the full article here.
Law No (1) of 2017 Concerning the Financial System of the Government of Abu Dhabi. And IFRS 15. Article 36 of the Law requires issuance of half yearly financial statements. With regards to applying IFRS 15; IAS 34 ‘Interim Financial Reporting’ requires disclosure of the recognition or reversal of an impairment loss from assets arising from contracts with customers, as an additional example of the events and transactions for which disclosures would be required. Whether IAS 34 applies to you or does not, if Law No (1) does you will be reporting on IFRS 15 in July this year. See PWC IFRS news.
IESBA code of ethics complete makeover. Any change? It is 46 pages longer at 200 pages. The fundamental principles of: Integrity. Objectivity. Professional competence and due care. Confidentiality. Professional behavior. Remain the same. The recognition of a distinguishing mark of the accountancy profession is its acceptance of the responsibility to act in the public interest. Remain the same. The difference is in clarification, increased application guidance, and easier to apply. Will it change anything? No because people are the same. That said, the new application material on professional skepticism and professional judgement make it easier to identify when the Professional Accountant in Public Practice (PAPP) or in Business (PPIB) has crossed a line. http://www.ifac.org/publications-resources/final-pronouncement-restructured-code
WHAT’S NEW THIS MONTH
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
11
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession May 2018
COSO and the three lines of defence –an insight from ADAA’s Fatema Lari
It is very likely by now you are familiar with the COSO cube (did we mention it’s in ISA 315 too). If not, you are behind the curve. You may have a project team currently documenting and testing (auditing) your responses (organization structure, people, processes, systems) to the five COSO principles. If not, you should have soon. If you think when you have done COSO you are done. You are mistaken. COSO outlines components, principles and factors to effectively
manage risks through the implementation of internal controls. However, it is silent on who. Who is quite important. Because although mechanical equipment fails through design or metal fatigue, and computers get bugs. It is people who are the source. In July 2015 the Institute of Internal Auditors (IIA) published a research paper commissioned by the Committee of Sponsoring Organisations of the Treadway Commission (COSO) entitled “Leveraging COSO across the three lines of defence” The three lines of defence are:
1) Own and manage risk and control. 2) Monitor risk and control in support of management. 3) Provide independence assurance to the Board.
First line of defence: Operational management The business and process owners whose activities create and/or manage the risks that lead to success or failure of achieving the entity’s objectives are the first line of defence. They are identifiers, assessors, and managers of risk and control activities aligned with the strategy and risk appetite. A formula 1 team builds a new race car every year. It develops the current race car during the year. Toro Rosso swapped engine suppliers to Honda last year. McLaren to Renault. Mercedes and Ferrari make their own. Who makes the decision to switch finite resources from in year development to next year’s development? Who makes the decision to switch engine suppliers or develop engines in house? What knock on effects do those decisions have on maintenance, tooling, fuel, sponsors? Have you noticed it is ‘Aston Martin Red Bull’ this year? Individuals in the first line of defence have significant responsibilities in COSO related to the principles of Risk Assessment, Control Activities and Information and communication. What to avoid?
Lack of accountability for decision making.
Ambiguous understanding of function’s role, authority and responsibility.
Wrong tone from the top can encourage wrong risk taking. Second line: Internal monitoring and oversight functions This line is not less important than core operations, but should always come in support of the core operation, and should not at any stage replace it. These functions ensure risk and control are effectively managed by the first line,
and usually are of high expertise in the areas of risk management, compliance, fraud, and finance. They are the quality inspectors, the Reassures, in legal, compliance, information security, health and safety. They provide ongoing, real time monitoring and confirmation of operational decisions being optimal, and legal, and in line with standards. This line reports to senior management, but also require a degree of independence such as reporting to a risk committee so their outputs are not controlled by the first line. What to avoid?
Absence of coordination.
Non value adding operations done for documentation purpose only.
Dealing with first line’s role
Limited use of data and technology Third line: Internal audit Internal audit is a means of oversight of the board and senior management’s performance. The role has been misunderstood to be one over the whole of an internal control framework, when it actually is the final link in the chain of an internal control system. The IIA defines internal auditing as an “independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and assess the effectiveness of risk management, control and governance processes.” Internal Audit is the final resort for risk and control management. This role is about communicating assurance on the effectiveness (or otherwise) of the risk management internal control system framework as implemented by the first two lines to both the board and senior management. Internal Audit must be independent and objective, appropriately focused and resourced. What to avoid?
Forgetting their purpose and trying to be the second line.
Forgetting their requirement to be independent and aligning with management.
Not providing appropriate, relevant, tools and resources. Final thoughts The whole organization is responsible in some way for the system of internal control. However, a system of internal control is just one way to achieve an entity’s objectives. The board of directors could choose a different system or a different way. However, what is true from history, from Maxwell through Enron and Worldcom, and unfortunately others in the future. Tone from the top, and management override, have a huge part to play.
12
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession July 2018
WHAT’S NEW FROM IFAC AND THE IASB
ris
Blockchain technology. It is a blockbuster! IFRS 9, 15, and 16 impact interim financial statements. Are you prepared? What is expected of the board of directors? A reminder to the independents and those charged with governance.
IPSASB disagree with the IASB. Proposal for a single right-of-use model. COSO releases a supplement to ERM. Guidance to those in need. Evaluation of misstatements. What is expected from the auditor And on the back page The fourth of the COSO five – Information and Communication, an insight from ADAA’s Hasina Al Adawi.
Blockchain technology. Seismic changes to accounting don’t happen often. Colossus invented in 1941 enabled cryptanalysts to decipher intercepted radio teleprinter messages that had been encrypted using an unknown device. Blockchain uses that same technology, combines it with peer to peer sharing and the result is seismic. The technology is mostly known for its use in cryptocurrencies, such as Bitcoin. However, it is being increasingly experimented with in the world of finance. Blockchain serves as a platform for digital agreements, tokens if you like, representing real world assets, or currency, or property. Blockchain automates transactions and controls via self-executing smart contracts. Consider the possibility of a manufacturing plant where robots receive sales orders from the retailer’s computer when a customer
removes a product from a shelf, replacement product is manufactured and dispatched, and settlement is via Blockchain. And the process repeats, and repeats. This is not Star Wars technology, it is here and now and the possibilities are incredible. Read more here. IPSASB disagree with the IASB. IFRS 16 replaces IAS 17. Normally IPSASB reviews a new standard from the IASB, concludes it is very sensible, and issues an update to IPSAS accordingly. This time they didn’t. IPSASB is concerned at retaining lessor accounting from IAS 17. The problem arises when lessor and lessee are part of the same economic entity but separate records need to be maintained for the underlying asset and lease receivable. Both end up with an asset. Therefore, the IPSASB is considering applying the right-of-use model for lessors. Makes a bit more sense doesn’t it. Details here
IFRS 9, 15, and 16 impact on interim financial statements. Government of Abu Dhabi financial law number 1 of 2017, requires entities to prepare a half yearly financial statements. IAS 34 requires the application of new standards during the year, if they apply to the year-end reporting. IAS 34 requires a description of the nature and effect of the change, as well as the following disclosures:
(1) The new accounting policy adopted, that would not have been included in the preceding annual financial statements,
(2) Transitional methods deployed to apply the new accounting policies,
(3) Key judgments and estimates applied, (4) Quantitative effects on the financials, and (5) Standard specific disclosures:
For IFRS 15, significant impairment of contracts assets should be disclosed, as well as a disaggregation of revenues,
For changes resulting from IFRS 9: changes in fair value measurement of financial assets and liabilities should be disclosed. Click here
What is expected of the board of directors? Following ADAA’s decree on internal control, ADAA hosted training with guest speakers from GT USA on internal control and financial reports.
The control environment is the foundation for success of an internal control framework. Tone from the top. The setting of behaviours and attitudes and activities for what is expected of the Board, management and employees is vital when aiming for an effective framework. The board, management, and employees should understand the role of the board, what different stakeholders expect from them, and how vital the board’s engagement with stakeholders is, in order to have an effective internal control framework. Look into Grant Thornton’s 2018 International Business Report
COSO releases a supplement to ERM. The compendium, authored by PwC under direction of COSO, offers examples across a variety of industries with real-world advice about how to put an Enterprise risk management framework to use. More here Evaluation of misstatements. The auditor has a duty to apply professional skepticism throughout the audit. Sometimes even, it is heightened! What does this mean? It means obtaining evidence that supports and considering evidence that does not. It also means recording the evidence effectively. “If it is not documented then it’s not done” how else to prove the point? The majority of historic frauds stemmed from management collusion and poor quality audit evidence. An article published by ACCA discusses the auditor’s responsibility through the International standard of Auditing 450 to evaluate misstatements.
WHAT’S NEW THIS MONTH
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
13
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession July 2018
The fourth of the COSO five - Information and Communication an insight from ADAA’s Hasina Al Adawi
In ADAA IFRS Digest September 2017 we highlighted the importance of internal controls in the context of an audit of historic financial statements. Published in the Official Gazette 15th August 2017 is Decree number 1 of 2017. The decree requires Subject Entities to obtain from the Statutory Auditor (as part of the audit service) a separate report, on the effectiveness of the Subject Entities system of internal control. Although the decree is framework neutral, COSO is one framework that might be applied and is the one in ISA 315 is based on. In our previous publications we highlight the first three out of five components, in this we go through the fourth component “Information and communication.” It is stating the obvious that without appropriate information, communicated timely and effectively, it is impossible to have an effective system of internal control system. The five components of Internal Control:
• Control Environment • Risk Assessment • Control Activities • Information and Communication • Monitoring Activities
Component Four – Information and communication The information and communication component explores internal and external uses of information. It considers the relevance, timeliness and accuracy of the information transmitted by the information systems to support the functioning of its internal control. Communication is a process necessary to obtain and share the information throughout the organization in an efficient manner. There are three principles (of seventeen COSO principles) for this component:
13) The organization obtains or generates and uses relevant, quality information to support the functioning of internal control. An organization needs to have an effective information system in place that captures, combines and stores all data that aims to support the efficiency of operations, management and decision-making in line with the organizational objectives. Auditors are required by ISA 315.18 to “obtain an understanding of the information system, including the related business processes, relevant to financial reporting, including the following areas….” In addition, ISA 315.19 states, “The auditor shall obtain an understanding of how the entity communicates financial reporting roles and responsibilities and significant matters relating to financial reporting….” This is an overwhelming principle for both organizations and auditors. It involves:
obtaining and processing relevant information and maintaining quality throughout the process to reach appropriate conclusions in the preparation of financial statements.
People who understand the objectives, risks and controls of the information flows necessary for accounting transaction.
14) The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control. Stakeholders communicate their vision and strategic objectives to management; management have a responsibility to ensure the oversight of these objectives being carried out at the operational level through policies and procedures. Internal control is a way to accomplish objectives leading to success of the organization. Organizations should assess whether there are any gaps in the communication process which could lead to risks not being detected and weaknesses in internal controls not found. The compliance question has to be addressed too. Does the Board communicate in a downward mechanism that gets its relevant instructions to the compliance function? Does the compliance function communicate upwards what they are finding appropriately with the Board? 15) The organization communicates with external parties regarding matters affecting the functioning of internal control. Technology outlines and controls the parameters of these external relationships and helps ensure information gets to people who will assess and take appropriate actions, if needed. In an era where sophisticated technology is in place the possibility of unintentional or perhaps intentional information leakage is at its peak, which results in a need for internal controls to ensure that only appropriate and accurate information is shared externally. Information can cause great damage if not managed or reported accurately, take the Volkswagen car manufacturer scandal that cheated on emissions testing as an example. This was an obvious example of poor communication of risks, but may also highlight serious problems with tone at the top according to US prosecutors in a recent indictment. What could they have differently that might not have cost USD 7.3 billion to fix? Final thoughts Information and communication has significant implications for all the other components in the framework. If the quality of information and effectiveness of communication are not good enough wrong and incomplete transactions could be processed (or not). Decision making based on wrong information leads to disaster.
14
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession September 2018
WHAT’S NEW FROM IFAC AND THE IASB
ESMA publishes its 22nd database of enforcement decisions. 245 times Auditors and IFRS Reporters got it wrong. IFRS 9, IFRS 15 and IAS 29. Must know news from PWC. Cryptocurrencies and the current accounting requirements. Those issuing, acquiring or holding them, are you ready!
Is accounting information relevant to investors? IASB member Ann Tarca explores the issue from the viewpoint of various research. Distinguishing between liabilities and equity. Have your say! IAS 21 Interpretation. Insight for foreign currency transactions. And on the back page Business combinations from non-exchange transactions, an insight from ADAA’s Fatema AlMarzooqi
ESMA published its 22nd database of enforcement decisions. 245 times in 13 years for more than 6,000 IFRS reporters might seem a decent hit rate. It would if it were true. ESMA publish enforcement decisions if they meet four criteria – Complex. Widespread. Inconsistent. No standard. This issue:
The IFRS 5 one-year condition is a bright line in football.
IAS 36.132 and IAS 1.125 combine to require quantitative disclosure of long-term price assumptions.
IFRIC 17 common control transaction measure at fair value.
Due to the evolving technologies, intangibles are no longer immortal, thus “indefinite life” claim is to be reconsidered.
IAS 38 suggests “componentization” to come up with proper amortization of intangibles with multiple cash flow streams. Read more cases in the extract.
Is accounting information relevant to investors? What’s the relationship between accounting information and share prices? Have current accounting practices and changes in the economy diminished the role of accounting information? What are the ways the IASB is exploring to keep accounting information relevant? These were the three main questions IASB member Ann Tarca discussed when she delivered the CPA Philip Brown annual lecture at the University of Western Australia in Perth. The lecture discusses old as well as new research examining the effects of earnings, revenue, expenses and summary measures like EBITDA on share prices. Furthermore, it discusses the emerging importance of intangible assets and disaggregated amounts in the financial statements as providing investors with indicators of a company’s future potential. Read the full lecture here.
IFRS 9, IFRS 15 and IAS 29. Law no (1) of 2017 requires every Government Entity, Institutions and Company to prepare and issue half yearly financial statements. For 2018 this means IFRS 15 is in play. The same is true for IFRS 9. It is not just recognition and measurement that are a problem, disclosure is too. PWC Blogger Chris Wood leads the debate on why be sensitive about sensitivities. And if you have a business in Argentina, you will not be surprised to hear the economy recently passed the tests in IAS 29 of identifying as a hyper-inflationary economy. Read more in PWC’s monthly newsletter.
Cryptocurrencies and the current accounting requirements. Deloitte’s publication ‘thinking allowed’ presents a readable explanation of the progress of cryptocurrencies since Bitcoin’s creation in 2008. Cryptocurrency values are not underpinned by government regulations and laws. They are underpinned by the confidence in the currency and their algorithm. Accounting for cryptocurrencies is more difficult than it seems, and with several thousand now in existence, it is likely you will trip over them soon. More here.
Distinguishing between liabilities and equity: The IASB has published a discussion paper (DP) Financial Instruments with Characteristics of Equity (FICE) that seeks to improve IAS 32 by:
establishing clearer principles for classifying financial instruments as either financial liabilities or equity;
improving the clarity and consistency of the classification requirements for the more complex financial instruments that create a challenge in practice – e.g. derivatives on own equity; and
enhancing the presentation and disclosures about financial liabilities and equity. More here.
IAS 21 Interpretation. IFRIC 22 addresses foreign currency transactions or parts of transactions where the circumstances in which consideration is received or paid in advance of the recognition of the related asset, expense or income exists. The Interpretations Committee came to the conclusion that the date of the transaction, for the purpose of determining the exchange rate, is the date of initial recognition of the non-monetary prepayment asset or deferred income liability and, if there are multiple payments or receipts in advance, a date of transaction is established for each payment or receipt. More here.
ADAA’s
hot topics
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
15
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession September 2018
Background IFRS 3 applies to a transaction or event that meets the definition of a business combination. It scopes out joint arrangements, the acquisition of assets that do not comprise a business, and a combination of entities or businesses under common controls. This is a problem if you are a government entity. Widening the scope IPSAS 40, effective 1 January 2019, addresses combinations arising from non-exchange and exchange transactions in the public sector. Catering for the specific needs of government organizations when accounting for various combinations of entities and operations.
What will it bring to the table? Gaining control of a party’s operations by another party in the combination is an essential element of an acquisition, but is not sufficient in itself, to determine whether a combination is an acquisition. An acquisition requires an acquirer to be identified. In other words, one of the parties to the transaction is deemed to have obtained control of any net assets/liabilities transferred. Usually, an acquisition requires the voluntary participation by the parties involved. This is not always true of public sector combinations, where a combination can be a result of a government reorganization decision. IPSAS 40 thus has two types of combination.
Classification
Amalgamation: modified pooling of interest method The combination may be an amalgamation where:
A public sector combination is imposed by a third party without any party to the combination being involved in the decision-making process.
A combination of operations under common control.
Consideration is paid for reasons other than to compensate those with an entitlement to the net assets of a transferred operation, consideration is not paid, or consideration is not paid because there is no-on with an entitlement to the net assets.
Under the modified pooling of interest method, the identifiable assets and liabilities of the combining operations are measured at their carrying amounts in the financial statements of the combining operations at amalgamation date, apart from limited exceptions for licenses, or similar rights, income taxes and employee benefits. The modified pooling of interest method takes place at the date of an amalgamation, consequently no comparative information is required. An entity could voluntarily choose to present prior period information without any restatements, with explanation of the basis on which the information is presented. Acquisition If not an amalgamation, then the transaction must be an acquisition. For acquisitions, IPSAS 40 requires the application of acquisition accounting applying the same approach as in IFRS 3. This requires intangibles to be identified, and fair values ascribed. Final thoughts IPSAS 40 is a helpful step forward. Previously, IPSASs did not provide guidance on how to account for public sector combinations. IPSAS 3 simply stated guidance can be found in other international, or national accounting standards. With IPSAS 40 public sector combinations will be accounted for consistently, and applying accounting that makes sense. The spotlight is now on IFRS reporters with the IASB playing catch-up with IFRS 3. Will the IASB follow the IPSASB and conclude common control transactions should apply the pooling of interest method? Or will they leave these transactions scoped out? If they do you could always apply IAS 8.10 and turn to IPSAS 40.
Does one party to the public sector combination gain control of
operations?
Is the economic substance of the public sector combination that of
an amalgamation?
Acquisition (assets and liabilities
measured at their fair value)
Amalgamation (assets and liabilities
measure at their carrying amounts)
No Yes
Yes No
Business Combinations arising from non-exchange transactions - an insight from ADAA’s Fatema AlMarzooqi
16
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession October 2018
IPSASB issue a new standard. The IPSASB just replaced IPSAS 29 with IPSAS 41 Financial Instruments. So what’s the difference? More than US$11b of financial penalties fails to deter global bribery and corruption, EY survey. IFRS 16 KPMG survey is surprising
United, connected and aligned: How internal audit and finance drive good governance. PWC IFRS talks Episode 33 IFRS 10 accounting for investments. Guardians of trust in the digital age. And on the back page Trade Receivables under IFRS 9, an insight from ADAA’s Ebrahim Al Shaikh Ali.
IPSASB issue a new standard. By replacing the rule based IPSAS 29 with a more principle based IPSAS 41 the new standard provides the users of financial statements with more useful information. It does this by applying: 1) A single classification and measurement model to financial
assets that considers the characteristics of the asset’s cash flows and the purpose for which the asset is held.
2) A single forward looking expected credit loss model that is applicable to all financial instruments subject to impairment testing.
3) An improved hedge accounting model that broadens the hedging arrangements in scope of the guidance.
More here.
United, connected and aligned: How internal audit and finance drive good governance. Every organization wants good governance. How is it achieved? Is it a finance role? An internal audit role? The role of the board of directors? Or executive management? Different responsibilities and different skills are required to achieve good governance. IFAC and the Institute of Internal Auditors present insights from governance experts to examine how the complementary roles of finance, and internal audit functions drive good governance. Effective communication between different roles and competencies are key. Interviewees concerns include: Influence of tone at the top. Encouraging performance and conformance. Communication and emotional intelligence. The interviews are very interesting and we encourage you to read more of their thoughts here.
More than US$11b of financial penalties fails to deter global bribery and corruption. 15th EY Global Fraud Survey of 2,550 executives across 55 countries reports, despite unprecedented level of enforcement activity and introduction of new corporate criminal liability laws, the scale of bribery and corruption has shown no improvement since 2012.
38% say corruption occurs widely in business.
Levels of bribery and corruption in emerging markets still twice that of developed markets.
25% of respondents under the age of 35 would justify cash payments to win or retain business. More here.
IFRS 16 KPMG survey is surprising. Asia seems a lot less worried than the Americas and Europe! Collecting lease data, gathering a complete population, and resourcing are 50% less worrisome in Asia! More than half those surveyed don’t yet know what transition method they will apply. Of those that do modified retrospective is most popular, which means no comparatives. Determining the lease term. Determining between a lease, or a service contract. Assessing whether variable payments are in substance fixed payments and assessing contingent lease payments are deemed difficult areas by those surveyed.
PWC IFRS talks Episode 33 IFRS 10 accounting for investments.
IFRS 10 focuses on the concept of control. Control over the relevant activities. AGM voting rights are important, but other things such as shareholder agreements can overturn voting rights. If holding is 50:50, is control shared? Probably. There will be activities that require unanimous agreement to proceed. And when unanimity is not reached arbitration proceedings are applied. Arbitration proceedings are usually a good indicator of joint control. Although sometimes even with arbitration, if it fails, there can be a point where one party has the right to make the final decision, indicating control. There are two types of Joint Arrangements:
Joint venture which is a separate legal entity, and
Joint operations where parties have rights over certain assets and liabilities.
Equity account the former and consolidate your assets and liabilities and revenues and costs in the latter. Episode 33 and more podcasts here. Guardians of trust. In the digital age, trusted analytics will be a critical source of competitive advantage. Full KPMG report here.
ADAA’s
hot topics
WHAT’S NEW FROM IFAC AND THE IASB
WHAT’S NEW FROM THE IASB?
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please
turn the
page for
ADAA’s
monthly
accountin
g insight…
17
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession October 2018
Before IAS 39, hedge contracts were not accounted for, investments were accounted for at cost, and calculating provisions for impairment of financial assets was something of a dark art. IAS 39’s journey began in 1988 when the IASC (forerunner to the IASB) began a joint project with the Canadian Institute of Chartered Accountants. Development of IAS 39 thus had a strong North American lead. In 1998 IAS 39 was published. It replaced IAS 25, which allowed cost, lower of cost or market, or fair value. IAS 39 focused on fair value which was why for measurement of impairment provisions on financial assets it deployed an incurred loss model. Although much maligned, IAS 39 survived for twenty years, including ten since the Financial Crisis 2008, following which its impairment criteria for financial assets was heavily criticized. To be fair to IAS 39, capital markets are not perfect. They price in to shares known, and thought to become known, knowledge, but not unknown knowledge. They can’t, it’s not known! So when the risks attached to the collateralized debt obligations (CDOs) of the subprime mortgage holders that were thought to be known, became really known, capital markets fell fast, and far. Forty years on we have new IFRS 9: Financial Instruments. It is effective for periods beginning on or after January 1st 2018 and replaces IAS 39. It would be a mistake to think it affects only financial institutions. It doesn’t. The standard affects all entities that account for trade receivables, contract assets and/or lease receivables.
So what are the changes if you are not a financial institution? IAS 39 was very rules based. IFRS 9 marks a step closer to a principles based world. One big change relates to trade receivables and the manner in which impairment assessment (it used to be called a bad debt provision) is made. IAS 39 used an incurred loss model. IFRS 9 requires the use of a model based on ‘expected credit losses.’ This requires quantification of the loss from those customers who are expected to default and an impairment included in the measurement of those financial assets. Entities need to use forward looking information to predict future losses. The standard sets out two ways to do this:
The ‘general approach’
The ‘simplified approach’ A choice can be made when the trade receivables have a finance component. If they do not, then the standard requires use of the ‘simplified approach’. We will focus on the ‘simplified approach’ as the majority of trade receivables do not have a finance component to them. The standard deems trade receivables that are expected to be settled within 1 year of their original inception date as trade receivables without a finance component. The simplified approach can be applied by following the following steps: 1) Group trade receivables into categories of shared credit risk
characteristics. There is no specific guidance on this however it can be done by customer type i.e. government, individual, or company. It is important to group entities with similar credit characteristics as this will ultimately effect the loss rate to be calculated in step 3. Entities will apply higher loss rates for groupings with higher credit risk.
2) Determine historic loss rate periods for which to collect data and base estimates on. Again, no specific guidance exists however the period should be reasonable. The number of years that an organization will rely on will involve significant judgement to determine what is relevant to the future outlook.
3) Determine the historic loss rate. This entails looking at actual incurred losses throughout the determined historic period set out in step two. For each year of the historic period the actual loss percentage on overdue receivables on an aged basis is determined. For example, this can be done for the prior year by taking the actual loss which was unpaid and written off and dividing it by the total receivables at last year’s reporting date. This provides the loss rate for receivables which were not overdue. Then for the next ageing grouping divide the total actual loss which was unpaid and written off by the total of that specific ageing group. This would result in the loss rate for that specific ageing group. The same is repeated for each ageing group to get the remaining loss rates. The end result is loss rates that increase as receivables age.
4) Consider macroeconomic factors to adjust the expected loss rates. For example, if a significant downturn in the economy is expected this could potentially increase loss rates by up to 10 percent. On the other hand, if a specific sector’s outlook was significantly positive it may decrease the loss rates to be applied to entities from that sector. This step involves significant judgement to apply appropriately. It goes without saying that any adjustments to the loss rates need to be justifiable to auditors and regulators.
5) Finally, apply the different loss rate percentages on the different trade receivable groupings determined in step one on an ageing wise basis.
You may be thinking these steps seem similar to my pre IAS 39 practice’ so what is really new? The answer is precision and disclosure. You may recall pre IAS 39 in your local GAAP you may have applied 1% to receivables 3 months overdue, 10% to receivables 6 months overdue, and 100% to receivables one year over due. This sounds similar to the simplified approach. It is. However, IFRS 9 mandates how those percentage loss rates are calculated. Loss rates need to be significantly analyzed by customer and be based on actual historical data. IFRS 7.7 requires disclosure of “…information that enables users of its financial statements to evaluate the significance of financial instruments for its financial position and performance.” This is a qualitative statement and users, not reporters will determine whether the requirements are met. The enhanced disclosure requirements for credit risk will mean entities should start preparing now for 2018 financial statements.
Trade Receivables under IFRS 9 – an insight from ADAA’s Ebrahim Al Shaikh Ali
18
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession November 2018
New ‘pS focus’ from the IAASB. This is a new publication on professional skepticism and what the IASB is doing to encourage and embed in ISAs.
Skepticism: The Practitioners Take from the ICAEW.
Radical changes to audit inspections from the PCAOB. Maybe not radical but the PCAOB shows no letup.
IFRS 16 changes. What changes? Despite the IAS 8 requirements we are still waiting to find out.
IFRS 3 amendments. Detailed guidance on what constitutes a business. New requirements in-line with the control principles of IFRS 9.
And on the back page The fifth of the COSO five – Monitoring Activities, an insight from ADAA’s Dawood Alhammadi.
New ‘pS focus’ from the IAASB. It is difficult to decide how to react to this new two-page “communiqué” from the IAASB. We like the format (tea leaf). We like the topic. It just feels like the profession is defending on the back foot rather than attacking on the front, (cricketers amongst you will understand). That said…
Skepticism: The Practitioners Take from the ICAEW is a revelation. Fifteen pages, fifteen interviewees, packed with insightful observation. So what does the Audit Firm think?
“Professional skepticism is at the heart of what auditors do. Without it the audit has no value…The idea of skepticism is not easy to pin down and the urge to use it or rather the lack of it, as a catch all classification for anything that is wrong in auditing or financial reporting should be resisted. Not everything is the result of a lack of skepticism. A better quality conversation needs to go beyond superficial analysis.” The consensus view from the auditors are: 1) Structural changes are needed within the firms to methodologies,
working practices, training, recruitment, if exercising skepticism is
to survive contact with the first reporting deadline.
2) All participants, particularly preparers of financial statements in the financial reporting supply chain must practice the skepticism they preach. Not just the auditors. (Is this not akin to the gamekeeper telling the poacher to respect the rights of the animals?)
3) Skepticism is about quality, not quantity. It is about asking the few right questions, not lots of poor ones.
4) Firms should not send mixed messages. Skepticism should not be preached in the classroom and unprofitable lines of inquiry discouraged in the field.
5) IAASB to consider including in ISAs the requirement to actively seek out contrary or conflicting evidence. (This seems highly unlikely to succeed).
6) To be skeptical the tension between the demands of independence and the need to understand the business in detail must be managed. Specialist knowledge and intimate knowledge of a business can lead to groupthink, but without the knowledge, how can management be challenged?
Radical changes to audit inspections from the PCAOB.
Inspection:
Increased focus on the audit firms’ system of quality control. Effective quality control systems prevent audit deficiencies (Under Sarbox management and the auditor sign off on the effectiveness of the entity’s system of internal control. No one signs of on the effectiveness of the audit firm’s system of internal control).
The PCAOB observe increased audit quality where firms emphasize strong root cause analysis, thoughtful engagement management, careful assignment of personnel, and risk focused client acceptance and retention processes. These will be targeted in firm wide reviews.
Observations from thematic reviews performing targeted procedures on specific areas will be shared in public.
Interactions with Audit Committees are set to increase because well informed and engaged audit committee members are effective force multipliers.
Enforcement:
No significant change. “effective audits unquestionably require auditors to exercise substantial judgement (over when audit evidence
is enough to support the accounting-Ed)…judgements made in good faith guided by the sound application of auditing standards, auditors should feel empowered to make…However when auditors refuse to see the obvious, choose to turn a blind eye, or fail to carry out their duties lower costs, including failing to support their audit opinions or failing to exercise appropriate professional skepticism we will not hesitate to hold them accountable.” The PCAOB is talking the talk. More here.
IFRS 16 changes. What is the effect of applying IFRS 16 on your financial statements? Are you prepared? Superseding IAS17, IFRIC 4, SIC-15 and SIC-27, IFRS 16 will have an impact. Operating leases are no more. Both liability and asset are on the balance sheet. Establishing if an arrangement is a lease is done on signing the lease not on inception of the lease. This means there are disclosure requirements for leases signed but not yet started. Deloitte IFRS model financial statement appendix focuses on the changes introduced by the requirements in IFRS 16. Enhance your understanding of the changes here.
IFRS 3 amendments. The IASB recently released amendments to IFRS 3 to better define what constitutes a business combination. The new amendments come with a narrower definition which will help overcome some of the problems faced by issuers of financial statements in the past. Particularly property companies when a property, for tax purposes, might have been held in a separate legal entity. With new amendments of course comes new complexities. Read more here.
WHAT’S NEW THIS MONTH
ADAA’s hot
topics
WHAT’S NEW FROM IFAC AND THE IASB
WHAT’S NEW FROM THE IASB?
The IASB
is located
in Cannon
Street,
London
WHAT’S NEW FROM THE ACCOUNTING PROFESSION
And finally
please turn
the page
for ADAA’s
monthly
accounting
insight…
19
ADAA digest
IFRS news, updates from ADAA, IASB and the Accounting Profession
November 2018
ADAA IFRS Digest September 2017 emphasized the importance of testing effectiveness of internal control in an audit of financial statements. Decree number 1 of 2017 requires Subject Entities to obtain from the Statutory Auditor, as part of the audit service, a separate report on the effectiveness of the Subject Entity’s system of internal control.
To assess design effectiveness of the internal control system, a framework is required to benchmark the Subject Entities internal control system against. ISA 315 includes in the application guidance five components based on the COSO framework. It’s a 2009 standard and is being revised by the IAASB. INTOSAI GOV 9100 also provides ‘Guidelines for Internal Control Standards for the Public Sector’ based on COSO, together with examples.
Previously we highlighted four of the five components, in this publication we report on the last Monitoring Activities.
Unmonitored controls become weaker over time. Monitoring helps ensure internal control continues to operate effectively. Over time, effective monitoring can lead to organizational efficiencies and reduced costs associated because problems are identified and addressed in a proactive, rather than reactive manner.
The five components of Internal Control:
Control Environment
Risk Assessment
Control Activities
Information and communication
Monitoring Activities
Component five – Monitoring Activities
Monitoring Activities improve the control environment and provide a more efficient and effective oversight function. Ongoing evaluations, separate evaluations, or some combination of the two, are applied to discover if each component of internal control is functioning appropriately. There are two principles (of the seventeen COSO principles) for this component starting at sixteen.
16) The organization selects, develops, and performs ongoing and or separate evaluations to ascertain whether the components of internal control are present and functioning.
Organizations naturally change and evolve over time. Employee turnover, entering or leaving distribution channels, introducing or discontinuing product lines, technological change, and regulatory change can drive change. These changes affect the internal control environment. Effective monitoring through ongoing and separate evaluations must be in place to identify and respond to these changes.
Evaluation of the internal control system involves a mixture of:
Periodically reviewing the mix of monitoring activities.
Establishing baselines.
Identifying and using metrics.
Designing and implementing a dashboard.
Different and new technologies.
Conducting separate evaluations.
Using Internal audit.
17) The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.
The main function of internal controls is to ensure an organization achieves its strategic objectives. Addressing deficiencies in a timely manner increases the likelihood of success. This requires an effective feedback mechanism so that the deficiencies identified should be addressed by taking corrective actions in due time. A good example of this is often Internal Audit’s reporting.
Management should not wait for a project to finish or a report to be drafted or issued. Deficiency remediation timeliness is important and there should be a realistic timeframe for completing.
Final thoughts:
It is not likely that your organization does not already have many of the aspects of an effective system of internal control. How do we know this? Because as an organization you would be failing to deliver your mandates. Success is not achieved by accident. It requires planning and effective execution of the plan.
It is likely that you have not documented fully your system of internal control.
It will have been documented originally when it was designed and put in place.
Advancements in technology, management techniques, and organizations’ outputs ensure internal control and related monitoring processes need to change over time.
However, the fundamental concepts of monitoring, outlined in COSO Monitoring Guidance stand the test of time (you will need to pay a small fee for copies).
We encourage you to read them and consider what has been done, and what needs to be done.
We suggest employees with appropriate skills (which might mean training), authority and resources should be charged with addressing four fundamental questions:
1. Have we identified the meaningful risks to our objectives, for example, the risks related to producing accurate, timely and complete financial statements?
2. Which controls are “key controls” that will best support a conclusion regarding the effectiveness of internal control in those risk areas?
3. What information will be persuasive in telling us whether the controls are continuing to operate effectively?
4. Are we presently performing effective monitoring that is not well utilized in the evaluation of internal control, resulting in unnecessary and costly further testing?
A final observation. As Peter Drucker purportedly said “what gets measured gets managed” or rather “what gets measured gets done.” Concluding positively on the effectiveness of the internal control system requires:
Concluding the design is effective.
Gathering data that it is operating effectively through regular testing (or measurement).
If you measure the wrong matters you will get a wrong conclusion. If your focus is on achieving a positive assessment you have missed the point. Computers are binary. So are computer controls. They either work every time, or they don’t work every time. People are not binary, and manual controls are not guaranteed to work the next time because they worked the last time. An unfavorable business outcome does not mean a control was not working. Just as a favorable business outcome, does not mean a control was working. We hope you have enjoyed the five back page articles on COSO and the September 2017 introductory article on ISA 315, 330 and COSO and wish you success in your implementation and testing of your systems of internal control.
The fifth of the COSO five – Monitoring Activities an insight from ADAA’s Dawood Alhammadi
20
ADAA briefing paper
Audit Quality by ADAA’s Amna Huwail November 2018
Background
An auditor did an audit of a corner shop: They reported “It has four corners”! A bad joke maybe, but if our goal is a continuous improvement to audit quality, how can we measure the effectiveness of an audit, or “audit quality”?
For many things it is simple to measure quality. The effectiveness of a McLaren P1 LM can be measured by its time around the Nürburgring (6:43.2). In the world of big data we live in, statistics can be found for almost anything. This year’s winners in the Royal Statistical Society’s ‘Statistics of the Year’ awards were the number of US citizens killed on average in lawnmower accidents each year (69), and the proportion of land area in the UK that is densely built up (0.1 %).
For audits, quality is hard to measure and there is an element of subjectivity. For an external audit to fulfill its objective the users must have confidence that the auditor has worked to a suitable standard and that “a quality audit” has been performed. Audit output is only seen usually as an unqualified (clean) opinion, or if the entity is listed, key audit matters summarized by the auditor. Only regulators and the audit firm themselves (via hot and cold reviews) actually see an audit file and can assess the quality of the audit.
Recently more emphasis has been put on measuring audit quality, especially by regulators and this paper aims to give a brief overview of how audit quality can be measured. Approaches vary, for instance ADAA does not grade individual audit files, but gives a classification to each comment (red, yellow and gray, see ADAA’s annual report for further details).
Framework
The International Auditing and Assurance Standards Board (IAASB) acknowledged that the term “audit quality” is frequently used, but no one seems to agree what it means because opinions vary on the measurements of quality.
So in 2014 the IAASB published ‘A Framework for Audit Quality: Key Elements that Create an Environment for Audit Quality’. It includes the factors that contribute to audit quality at the engagement, audit firm and national levels. The IAASB’s goals were to:
Raise awareness of the key elements of audit quality.
Encourage key stakeholders to explore ways to improve audit quality.
Facilitate greater dialogue between key stakeholders on the topic.
The framework distinguishes the following elements:
Inputs
The values, ethics and attitudes of auditors which are influenced by the internal culture of the audit firm. The knowledge, skills and experience of auditors and the time allocated for them to complete the audit.
Inputs to audit quality will be influenced by the context in which an audit is performed. The auditees attitude for example.
Process
Quality audits involve auditors applying a rigorous audit process and quality control procedures that comply with laws, regulations and applicable standards. The quality attributes of the process factor are described for engagement, firm and national levels.
Outputs
Outputs include reports and information that are formally prepared and presented by one party to another, as well as outputs that arise from the auditing process that are generally not visible to those outside the audited organization. These may include improvements to the entity’s financial reporting practices and internal control over financial reporting, that may result from auditor findings.
The outputs from the audit are often determined by the context, including legislative requirements. While some stakeholders can influence the nature of the outputs, others have less influence. For some stakeholders, such as investors in listed companies, the auditor’s report is the primary output.
Key Interactions within the Financial Reporting Supply Chain
While each stakeholder in the chain plays an important role in supporting high-quality financial reporting, the way in which the stakeholders interact have a particular impact on audit quality. Interactions will be influenced by the context in which the audit is performed and allow a dynamic relationship to exist between inputs and outputs.
Contextual factors
There are a number of environmental – or contextual – factors, such as laws and regulations and corporate governance, which have the potential to impact the nature and quality of financial reporting and, directly or indirectly, audit quality. Where appropriate, auditors respond to these factors when determining how best to obtain sufficient appropriate audit evidence.
The IAASB depicts the framework as follows:
21
ADAA briefing paper
Audit Quality by ADAA’s Amna Huwail December 2018
Audit quality encompasses the key elements that create an environment which maximizes the likelihood that quality audits are performed on a consistent basis.
A quality audit will likely be achieved by an audit team that: Exhibited appropriate values, ethics and attitudes; Was sufficiently knowledgeable, skilled, and experienced and had sufficient time allocated for the audit; Applied a rigorous audit process and quality control procedures that complied with applicable standards; Provided useful and timely reports; and interacted appropriately with relevant stakeholders.
The responsibility for performing quality audits rests with auditors. However, audit quality is best achieved in an environment where there is support from, and appropriate interactions among, participants in the financial reporting supply chain.
The Framework is aimed at raising awareness of the key elements of audit quality, thereby encouraging auditors, audit firms and other stakeholders to challenge themselves
about whether there is more they can do to increase audit quality in their particular environments.
The Framework is not a substitute for ISQC 1.
The Framework is not sufficient by itself for the purpose of evaluating the quality of an individual audit. Consideration needs to be given to matters such as the nature, timing and extent of audit evidence obtained in a particular entity, the appropriateness of the relevant audit judgments made, and compliance with relevant standards.
So what are the measurements?
Now we have a framework, what next? In 2016 the Federation of European Accountants (FEE) published a paper setting out audit quality indicators (AQIs) developed by nine different organizations worldwide, including regulators, professional bodies and audit firms. AQIs are pointers that can be used to compare different audits, and different audit firms.
AQIs can be used by those charged with governance and audit committees in the audit selection processes. Audit firms can use AQIs to demonstrate their value.
AQI initiatives vary, some are rule based, some are based on principles.
Information on firm level AQIs could be made public, but some indicators at the engagement level could be sensitive.
Different approaches to formulating indicators: some quantitative, some qualitative.
Most popular AQI is training hours per person, but does more popular mean better? Or are inputs easier to measure than outputs?
The FEE highlight the following AQIs from their research:
Training hours per audit personnel.
Internal engagement quality views (reviews).
External inspections.
Number of audit staff per audit partner.
Years of experience.
Partner workload.
Industry expertise of audit personnel.
Staff workload.
Investment in development of audit methodology and tools.
Staff turnover.
Independence.
Technical resources support.
Staff satisfaction survey.
External investigations.
Tone at the top.
Conclusion
The annual reports issued by IFIAR and the consistency in the findings, demonstrate making improvements to audit quality is not easy, and requires continuous efforts from all stakeholders.
ADAA issued Rule No 1 in 2017 regarding the approach auditors take to audit internal controls. This could be a game changer for audit quality in Abu Dhabi, and we hope this paper is useful in the process of measuring your audit quality.
ADAA IFRS digest
IFRS news, updates from ADAA, IASB and the Accounting Profession
Sara Al Sajwani
Hasina Al Adawi
Hanan Al Harati
Amna Huwail
Fatema Lari
Ebrahim Al Shaikhali
Dawood Al Hammadi
Mahmoud Shahin
Ahmed Al Mazrouei
Richard Wright
Steven Ralls
Head of Accounting and Auditing Standards
Property of:
Abu Dhabi Accountability Authority, United Square Building, Abu Dhabi, P.O. Box: 435 - Phone:
+971 2 639 2200 Fax: +971 2 633 4122
www.adaa.abudhabi.ae
ADAA EDITORIAL TEAM
ADAA publications are written by the Accounting and Auditing Standards Technical Service Team of the Financial Audit and Examinations Group of
the Abu Dhabi Accountability Authority (ADAA). All rights reserved:
• The publications considers recent auditing and accounting content, updates, amendments and exposure drafts issued by IFAC and the IASB and
the accounting profession. All content is intended as information for the reader only and none of the content is intended as accounting advice.
Entities should refer to ADAA direct if advice is required for a particular issue.
• Any references to third party articles or websites are only intended for information purposes and should not be considered as an ADAA
endorsement.
• Publications are intended primarily for the use of the clients of Abu Dhabi Accountability Authority.
• Abu Dhabi Accountability Authority accepts no responsibility for loss or damage caused to any party who acts or refrains from acting in reliance
on this publication, whether such loss is caused by negligence or otherwise.
