The risk-based audit approach

Table of Contents

Abbreviations

1. Introduction
1.1 Background
1.2 Purpose of research
1.3 Research main points and methods
1.4 Contents and structure

2. Relative theories and literature review
2.1 Relative theories of auditing
2.1.1 Relative theories for the demand and supply of audit services
2.1.2 Agency theory
2.1.3 The role of audit
2.2 Audit environment
2.2.1 The organization of the statutory audit profession in France
2.2.2 French legal aspects and obligations
2.2.3 Global legislation & guidelines for the Professional Accountant
2.2.4 The financial auditing market: the Big Four & their operations
2.3 Auditing purpose and principles defining the audit approach
2.3.1 Purpose
2.3.2 Principles
2.3.3 Overview of the auditing method & process

3. Company’s industry and economic context – Focus on the inventories’ account
3.1 Financial impact of the crisis on the global economy and on auditing
3.1.1 Financial Impact of the Financial Crisis
3.1.2 The role of the audit subjected to progress
3.1.3 The impact of the crisis on the auditing approach
3.2 Auditing in the high-tech sector
3.2.1 Overview of the industry
3.2.2 Risks associated with the industry
3.3 High risk account balance: the case of the inventories
3.3.1 Inventories – Presentation & Specificities
3.3.2 Risks associated with inventories

4. Risk-based auditing system design and practice
4.1 Risk-based auditing system design
4.1.1 Acquisition of company knowledge and internal control systems
4.1.2 Materiality’s settings and audit risk assessment
4.1.3 The audit memorandum and the audit program.
4.2 Risk-Based auditing system practice
4.2.1 Statutory audit work
4.2.2 Complementary analysis

5. Conclusion

Acknowledgement

Reference

Appendices

Abbreviations

illustration not visible in this excerpt

1. Introduction

1.1 Background

The choice of topic “The risk-based audit approach in France” comes from several concerns that arose during the studies of my Master degree. First of all, I majored in finance since my Bachelor’s degree and was able to perform a successful internship for the cabinet Deloitte during my Master degree. This experience not only enabled me to catch a first glimpse at the financial statements of different companies from various sectors, but it also stressed out the necessity to deliver reliable financial information while following strict regulation, both local and international. Secondly, the financial crisis that arose in 2007 has had tremendous impacts on numerous companies worldwide. This economic context led to more risks in the reliability of the companies’ financial statements and emphasized the crucial role the statutory auditor must adopt. Moreover, the high-tech sector representing a fast changing environment, more risks can be attributed to the companies running their business in this segment. While highlighting all these facts, this paper also attempts to solve auditing risks and issues that could arise in a high tech company, by picking a real case.

1.2 Purpose of research

The aim of this paper is to give readers a full understanding of the risk-based audit approach, with an emphasis on the French system and on the sector of high technologies, and more specifically, the account balance of inventories. Indeed, the recent context of a particularly severe financial crisis has demonstrated that almost no company has been spared of a negative impact on their financial statements and profit. Auditing firms have been pointed out for not anticipating such crisis, which led to an ongoing global demand for elevation of audit quality. The high-tech sector has not been spared from the crisis either, which had a tremendous impact on the companies’ global and complex supply chains.

The current study was thus motivated to emphasize the risk-audit based approach in France to confront new arisen risks, while integrating suggestions to solve them.

1.3 Research main points and methods

The contents of this paper come from numerous sources as well as a personal practical knowledge. The theoretical main points were extracted and computed from various academic sources in order to deliver a full judgment and illustration on the matter.

Naturally, I used a previous auditing experience as well, to complement the reader’s awareness and add some practical issues not necessarily delivered in other sources.

1.4 Contents and structure

This paper will thus include theoretical contents as well as a strong practical background.

The second part will consist of theoretical and legal elements that contribute to the audit environment. It first traces the origins of auditing, the different theories which led to the development and the necessity of the activity. It then emphasizes how the profession is organized from a legal perspective, in France but also internationally, resulting in a concentrated financial auditing market. Furthermore it highlights the main purpose and principles of audit, justifying the auditing method and process.

The third part relates to the studied company’s industry and economic context with an emphasis of the inventories’ account balance. It stresses out the financial impact of the crisis on the economy worldwide and the consequences that followed on the role of the financial auditor. It then emphasizes the high-tech sector specificities and the impact it can produce for the financial auditor.

The fourth part focuses on the risk-based auditing system design & approach. The risk-based system design is supported by a strong understanding of the company’s business and its internal control activities, conditioning the settings of materiality threshold and risk assessment that will be included in the audit program. Audit evidence then commonly obtained from a mix of tests of control and substantive procedures. This practice, alongside additional potential analyses, enables the auditor to give an audit opinion on the financial statements in order to deliver its audit report.

The fifth part concludes this paper.

2. Relative theories and literature review

Theories for the requisition of auditing procure a general framework for auditing, or at least enable to understand it. Not only theories provide a full knowledge of the purpose of the audit process in the communication between a company and its environment, but they also help to explain the auditing approach and its cyclical activity, correlated with the need to comply with the legislation.

Hence, in this section, we will first study the relative theories which help to explain the development of auditing, with an emphasis on the agency theory and the consequent role of auditing. Secondly, we will identify the audit environment and the legal aspects surrounding the profession on a national and on an international scale. Finally, we will focus the purpose and principles of auditing which derived from the theories and have a direct impact on the elaborated auditing method.

2.1 Relative theories of auditing

As mentioned in the introduction, audits provide a significant purpose in encouraging confidence and reinforcing trust in financial information. But one can question why a demand exists to supplement the financial information stated by a company’s management. Several theories have emerged to explain the demand and supply of audit services. However, agency theory appears to be the crucial economic theory of accountability to explain the development of audit and its vital role in today’s economy.

2.1.1 Relative theories for the demand and supply of audit services

Several theories exist to support the demand for audit services. While some of them are popular in research, some of them remain based on perceptions. They can all provide an explanation for the demand and supply of audit services but all represent results of fragmented scientific research. The five following theories are mainly based on the work of Hayes, Schilder, Dassen and Wallage (1999) in their book “Principles of Auditing: An International Perspective”.

The policeman theory

The policeman theory argues that the auditor is accountable for searching, disclosing and preventing fraud. In this sense, the auditor must act as a policeman and focus mainly on arithmetical accuracy, with the aim of detecting fraud. Nonetheless, while this theory was the most widely held until the 1940s (Hayes et al., 1999), the focus of auditors has shifted since then to provide a reasonable assurance, a verification of truth as well as a righteousness of the financial statements. The detection of fraud still mobilizes concerns about the auditor’s responsibilities but does not embody the major purpose. Hence, the policeman theory seems to have lost much of its explicative power as auditing has more functions nowadays, such as procuring an overall more consistent credibility to the financial statements.

The lending credibility

The lending credibility theory advances that audit’s primary function is an additional credibility to the financial statements provided by a company. In this sense, the service the auditor sells to the customer is credibility, Audited financial statements could then be considered to have supplementary elements which enlarge the users’ confidence in the figures presented. According to this theory, the users gain benefits from the increased credibility, which has a direct impact on the quality of investment decisions as they are based on reliable information. Conforming to Hayes et al. (1999), financial statements are frequently viewed as having a function of authenticating messages which were previously issued. However, several authors have concluded that investors do not consider audited information as their principal support for investment. Furthermore, this theory itself does not address the other functions the investors expect the auditor to embrace regarding his attestation function.

The moderator of claimant’s theory

In line with the moderator of claimant’s theory, and in relation with Adam Smith’s theory of the firm, all vital actors in an organization must continue to contribute to the organization’s output. In order to maintain these contributions, each group shall believe it receives an even share of the company’s income. Under this theory, there is a need for audit to give an opinion on the numerous and heterogeneous interests within a company. In this sense, the auditor’s opinion does not necessarily have an impact on general public opinion but rather within the company itself. However, the theory does not explain the other aspects of the attestation function. (Hayes et al., 1999)

Quasi-judicial theory

Under this theory, the auditor is considered as a judge in the financial distribution process. Nonetheless, Hayes et al., (1999) points out several issues which counter balance these first premises. First of all, the fact that auditor’s decisions and decision process are not publicly accessible. Indeed, as we will study later in this paper, only the final audit opinion approving the financial statements is publicly available. Secondly, the principle of precedence is not guaranteed in auditing. Finally, the auditor’s independence cannot be considered as equal as a judge’s independence as a different reward system is involved (Salehi, 2011). However, the auditor’s independence is nowadays guaranteed by an elaborated legal framework which gives the auditor a certain degree of authority.

The theory of inspired confidence

Also called the theory of rational expectations, this theory promoted by Theodore Limperg in the late 1920s (Hayes et al, 1999) is directed to both the demand and the supply for audit services. Limperg stated that the demand for an audit intervention is the direct consequence of the involvement of third parties in the company, such as external stakeholders. These third parties require accountability from the management, including the disclosure of the financial reports, in exchange for their investments in the company. Because information provided by the executives might be misrepresented, it potentially alters from the interests of outside stakeholders’ own interests who have no direct means of monitoring. Such a situation requires an audit to allow the information to be accurate. In his theory, Limperg specifies that the role of the auditor must be suitable with the public expectations regarding the level of audit assurance provided. Hence the establishment of the auditing system design as well as the auditing practice should be executed in definite way so that the confidence of outsiders is not hindered.

These relative theories provide an explanation for the demand of auditing and/or the supply of audit services. However, a considerable complement to these theories is represented by the agency theory, formerly an economic theory that can be applied to accounting. The agency theory itself is vital in understanding how the audit has developed throughout the decades.

2.1.2 Agency theory

What is an agency theory?

By definition, agency theory addresses a relationship where one party (the principal) delegates work to another party (the agent).

An agency relationship therefore occurs when one or more principals such as the owner engage another person as their agent to complete a task on their behalf. In order to be effective, this task implies the delegation of some decision-making authority to the agent. This appointment of responsibility by the principal and the resulting division of labor contribute to a proficient and productive economy. But such delegation involves an undisputed trust from the principal to the agent to act in his best interests. Notwithstanding, agents are likely to have different motives to principals. They might be impacted by other factors such as financial rewards or labor market opportunities that are not directly congruent with the principals ‘motivation. The Encyclopedia Britannica enumerates several agents’ interests in its financial agency theory’s definition such as the manipulation of “ short-term earnings at the expense of long term performance in order to receive a bonus ”. The Audit Quality Forum by the Institute of Chartered Accountants in England & Wales (2005) refers to other cases in the same manner with a “ tendency for agents to be more optimistic about the economic performance of an entity of their performance under a contract than the reality would suggest ”. What is more, agents are likely to be more risk averse than principals. Correspondingly of these differing interests, agents can be encouraged to distort information flows. Moreover, principals may also formulate concerns about information asymmetries in which agents possess information to which principals do not have access (Forum, 2005).

The Audit Quality Forum (2005) thus concluded than a simple agency model involves that, “ as a result of information asymmetries and self-interest, principals lack reasons to trust their agents and will seek to resolve these concerns by putting in place mechanisms to align the interests of agents with principals and to reduce the scope for information asymmetries and opportunistic behaviour ”.

Instruments to adjust interests

Diverging motivations and information unevenness lead to concern about the reliability of information, which has a direct impact on the level of trust that principals have in their agents. Numerous mechanisms can be established to attempt to align the interests of agents with those of the principals, as well as to allow principals to assess and monitor the behavior of their agents, as a mean to reinforce trust in agents. For instance, remuneration packages and incentives might constitute an efficient instrument. Another effective intervention could be the influence of the board of directors which can control the corporation, and thus hire and fire personnel of the management as they wish. On a more general basis, the less trust the principal has in an agent, the more plausible the principal will opt for a performance-related pay measures and incentives that will adjust interests. But another relevant monitoring instrument resides in the audit. As Richard Brown stated in his book (1905): “ Whenever the advance of civilization brought about the necessity of one man being entrusted to some extent with the property of another the advisability of some kind of check upon the fidelity of the former would become apparent.” An audit indeed offers an independent check on the work of agents and of the information implemented by an agent, which helps to perpetuate confidence and trust. An audit can thus enable to solve, at least partially if not fully, the issues raised by the agency theory between agents and principals, but not only. Indeed, the theory perceives the company as a web of contracts, involving other third parts’ groups notably bankers, suppliers, customers, employees etc., all making some sort of contribution for a given “price”. The role of the management is to organize these different parties and contracts, while optimizing them. Salehi (2011) refers to a low price for purchased supplies, a high price for the goods sold, low interest rates for loans contracted, high share prices, as well as low wages for employees as an optimization of the company’s operations. This network of relationships puts the management as the agent, trying to acquire contributions from principals (suppliers, bankers etc.). The role of the auditor in the agency theory appears as the interest of all parties previously mentioned regarding the demand for audit services, but can also be used to elucidate the supply side of audit. The benefit of an audit to third parties is essentially driven by the assumption that the auditor will detect errors or irregularities in the financial reports, and will be compliant to report them, even against the auditee’s wish (Hayes et al, 1999).

Hence, while many theories participate in explaining the demand and supply of audit services, the agency theory can be considered as the most extended and widely used theory in the field. Complementary with the theories previously mentioned, and to a certain extent interrelated, Wallace (1980) offers three hypotheses accounting for the role of audit in free and regulated markets.

2.1.3 The role of audit

In consonance with Wallace’s work, three assumptions can emphasize the role of audit in free and regulated markets, which can include different aspects according to the various environments.

The monitoring hypothesis

While delegating decision-making power to one party such as cited in the agency theory, the agent agrees to be monitored only if the benefits from such activities overtake the related costs. This hypothesis includes all relationships present in any organization, including for instance collaborating relationships between creditors and shareholders, or even government and taxpayers (Wallace, 1980).

While public disclosures represent a way of controlling the monitoring hypothesis, the information asymmetry between the participants might interfere with their valuable interpretation, thus requiring an external audit to reduce the withholding of information.

Because auditors and the board of directors indubitably build some sort of relationships, which participate to increase the monitoring ability of the board of directors, independent audit committees can be considered as an additional tool to secure the auditor’s independence and thus guarantee an effective audit engagement.

What is more, the regulating framework governing the auditing activity encourages more and more monitoring influences from the auditors, by requiring for instance the issuance of internal control reports. Such disclosure empowers the monitoring role of auditors over management.

The information hypothesis

A proposal for the demand of audited financial statements is the necessary procurement of information for investments’ decisions. Investment decision models mainly value a company by calculating the net present value of future cash flows, cash flows which are highly correlated with the financial statement information. In this sense, the audit participates as a means of improving the quality of financial information from an investor’s perspective (Wallace, 1980).

The access of information can have several beneficial aspects. First of all, it reduces risk, or at least it facilitates its measurement. Investors have indeed a tendency to be risk averse, and will thus require a higher return for higher levels of risk taken. Secondly, more information facilitates the improvement of decision-making. Indeed, auditors raise management issues by finding errors or inaccurate data for example. An audit can thus support management’s decision making by pointing out inefficiencies, which will then impact employees’ activities and performance.

The third benefit of information is associated with the earning of trading profits. If we refer to the efficient market hypothesis, asset prices reflect all publicly available information. Hence, the information benefit of profits from trading is only realized by investors with private access to new information. By making the announcement of audited information publicly available, the law guarantees a potential price adjustment and confirms investors’ expectations and existing market valuations (Ittonen, 2010).

The insurance hypothesis

Finally, the third hypothesis refers to the liability exposure of the auditor. Indeed, if the management (auditee) and the auditor are jointly liable to third parties for losses determinable by defective financial statements. Therefore, by transferring financial responsibility for reported data to the auditor, third parties as well as managers lower their expected loss from potential litigation.

These different theories and hypothesis participate in understanding the necessity of auditing and how it has drawn the legislator’s attention to encircle the activity with legal aspects and obligations. Therefore, an explanation of the audit environment and its legal framework will contribute in assimilating how the financial auditing market has formed.

2.2 Audit environment

The audit environment is legislated by a strong willingness from national governments to guarantee their local laws and regulations, as well as a general global attitude to direct the activity towards rules which could be applied in numerous countries. Indeed, multinationals are implemented worldwide, which involves the need to have an increase portion of mutual rules of statutory auditing. This requirement also had an impact on the auditing market itself, resulting in a more concentrated, competitive environment for the audit agencies, as well as a necessity to establish global networks.

2.2.1 The organization of the statutory audit profession in France

According to a French dictionary of Law, the statutory auditor “Commissaire aux Comptes” or “CAC” can be defined as a person performing a regulated profession, in which his or her role is to control the regularity of companies’ accounting entries and the veracity of their objection if they arise, while documenting his or her work (Braudo). The French website “L’expert-comptable” (2010) expresses the necessity for a CAC to study 8 years. However, there are four different paths to obtain the statutory auditor’s degree, all including three years of internship of as a statutory auditor.

As reported by the website of the “Compagnie Nationale des Commissaires aux Comptes” (CNCC) (2013), France counted 14 500 statutory auditors in 2011. In France, the entire profession is organized throughout hierarchical levels in order to be efficiently represented. The requirement of statutory audit relates to specific companies, all having different competent bodies capable to nominate the statutory auditor.

Le Haut Conseil du Commissariat aux Comptes

The French superior council of statutory auditors, the “Haut Conseil du Commissariat aux Comptes”, also referred as “H3C”, embodies an external control authority over the activity thus representing the supervisory body for statutory auditors in France. The H3C participates in providing a better transparency of the CAC’s function and in reinforcing its control. To do so, the superior council has two main missions. First, it must guarantee the supervisory of the activity. Secondly, it shall ensure the respect of ethics and codes of conduct, and notably of the CAC’s independence. Finally, it has the jurisdiction to ensure potential competency’s judgments as it represents the Appellate Body of the regional chambers in disciplinary and enrollment matters.

La Compagnie Nationale des Commissaires aux Comptes

The main responsibilities are nonetheless mainly attributed to the « Compagnie Nationale des Commissaires aux Comptes », the “CNCC”, national board of statutory auditors, established precisely to promote a proper exercise of the profession practice and its monitoring according to the articles 1, 28 & 88 of the decree of August 12th 1969 (www.legifrance.gouv.fr, 2013). Starting in 1971, the CNCC elaborated a first series of recommendations regarding the performance of the missions of the statutory auditor. Indeed, at this time, financial and stock markets strongly developed, in line with globalization. The necessity for the French normative referential system of the CNCC to comply with the one of the IFAC, International Federation of Accountants, became vital, while still taking into account several specificities related with the statutory auditor in France. The CNCC’s norms are grouped in the compendium “Référentiel normatif et déontologie de la compagnie des commissaires aux comptes », which incorporates the codes of conduct a statutory auditor must adopt.

The CNCC includes 33 regional chambers, all representing the superior entity at a local level. These regional chambers help to maintain direct and regular links with the legal, political and regional economic environment.

Companies concerned

The French legislation requires the audit of financial statements in specific entities. First of all, the law requires the intervention of at least one CAC in the following companies in any case:

- All public limited companies (“Sociétés Anomymes” or “SA”)
- All associations receiving annual public subsidies exceeding €153 000

Secondly, the legislation obligates the audit of the financial statements of the following companies only if certain thresholds are experienced:

- All general partnerships (“Société en Nom Collectif” or “SNC”), limited partnerships ( “Société en Commandite Simple” or “S.C.S”) and limited liability companies ( “Société à Responsabilité Limitée” or “SARL”)
- All economic interest groups (« Groupements d’Intérêt Economique » or « GIE ») issuing bonds or having at least 100 employees at the fiscal year-end
- All non-trading private legal entities undertaking an economic activity
- All governmental public institutions performing an industrial or economic activity

All these entities are required by law to have their financial statements audited if at least two of the following thresholds are met:

- The balance sheet structure shows a total exceeding M€ 1,550
- The total revenue excluding tax is superior to M€ 3,100
- The average number of employees surpasses 50

Finally, the French regulation specificities request a financial audit from two different auditing agencies for all companies publishing consolidated accounts.

[...]