The Financial Reporting Council (FRC) has released a report on the audit quality of major local audits in 2021-2022. The report assesses six accounting firms’ audits of health bodies, local government councils and local authority pension funds that met the following criteria:
- total income or expenditure of at least £500m for a health body and local government council;
- 20,000 members in a pension scheme or gross assets in excess of £1,000m ($1,278.17) for a local authority pension scheme.
The audits conducted involve the review of financial statements as well as scrutinising the arrangements in place to secure Value for Money (VfM). The process has become more important against the backdrop of public bodies facing significant funding and financial pressure and also progressively engaging in more commercial activity to generate funding. The importance of audit accuracy and integrity has been, in the recent past, highlighted by several high profile corporate failures (eg Carillion) that occurred despite the companies being given a clean bill of health by their auditors.
The FRCs inspections revealed two key areas of concern, namely poor timeliness of audits as well as inconsistency in audit quality. An interesting case concerning documentation and archiving policy is cited as a particularly egregious failure in the latter.
Quality improved
The FRC report concluded that audit quality has generally improved, with 70% of financial statements audits requiring only limited improvement and with good practice examples in execution, completion, reporting and risk assessment highlighted. However, inadequate or ineffective procedures remain a problem and, in the case of three audits inspected, auditors “failed to ensure that primary statements were free from material errors.”
However, also noted was the fact that 91% of major local audits were not completed by their target date and that 19% of audits due on 31 March 2020 remained incomplete by 30 September 2021. The audit firms attribute the lack of audit timeliness to several factors including:
- resourcing constraints (lack of specialist auditors);
- increased complexity of financial statements;
- delays caused by local government management; and
- unresolved accounting issues.
The increase in complexity of financial statements is due not only to the rules being ever more complicated, but also to the increasing complexity of local body operations. This also means that deep specialism on the part of the accounting firms, and some specialism along with good organisation and management on the side of the local body, is required in order to produce audits that are both timely and accurate. The resourcing constraints identified in the report are severely affecting sectors where specialist knowledge and skills are required. Because specialist skills take time to acquire, the constraints are unlikely to be addressed in the short term.
Audit metric
The auditing metric of VfM audits is to ensure that the local body “has put in place proper arrangement to secure value for money in its use of resources”. While the audit quality in this area was deemed high by the FRC, with 93% of the audits being good or requiring only limited improvement, one audit at BDO was assessed as “requiring significant improvement”.
It is standard practice to archive all audit files following the conclusion of an audit. Archiving such files means that evidence, documentation and auditor conclusions contained in them can no longer be accessed by the firm’s staff and are simply maintained for future reference.
A policy in place at BDO did not explicitly require VfM audit files to be archived. As a result a member of staff was able to make changes to the VfM audit files after the firm had been notified that these would be inspected.
Isolated incident
The FRC noted that the issue appeared to be isolated, an inference supported by the BDO’s own forensics team which reviewed all the firms VfM engagements and found “[n]o concerns of inappropriate conduct”. The member of staff responsible was suspended and then dismissed after the internal investigation had been completed.
This is an instructive case on how important documentation policies and procedures can be in any environment that is regulated and where records need to be maintained. Whether it is audit evidence, documentation or communications between staff members for which content integrity is essential, getting the basics right by applying the right policies and rules can mean the difference between being protected and being exposed to regulatory action.