Financial auditing is the process of examining an organization’s (or individual’s) financial records to determine if they are accurate and in accordance with any applicable rules (including accepted accounting standards), regulations, and laws.
External auditors come in from outside the organization to examine accounting and financial records and provide an independent opinion on these records. Law requires that all public companies have their financial statements externally audited.
Internal auditors work for the organization as internal employees to examine records and help improve internal processes such as operations, internal controls, risk management, and governance.
Three Main Types of Financial Audits
Nearly all companies get an audit of annual financial statements like cash flow, balance sheet, and income statements. Some businesses conduct an audit to meet industry regulations or because it is a legal requirement. Stakeholders or potential investors may also require an audit. Regardless of the reason, it does not have to be a stressful and negative experience. Financial audits are classified into different types.
Internal Audit
An internal audit is typically done in-house, focusing on process assessments, control assessments, the safety of assets, and legal compliance. It is designed to improve an organization’s operations and add value to the company. The business leader initiates the exercise, which is then performed by an audit team. The audit’s scope is determined by directors with equivalence authorization or the audit committee.
An internal audit report is issued to the management teams. The results facilitate improvements in internal controls and trigger managerial changes. Suppose a company does not have in-house auditors. In that case, it is necessary to bring in consultant auditors who conduct internal audits based on the specific company’s standards rather than separate procedures and standards.
External Audit
An external audit is carried out by an independent party, such as a tax agency or the IRS, following standards that differ from the company’s. Using a third-party to do a financial audit eliminates certain biases, providing an honest and candid assessment of different situations within a company without affecting colleagues’ relationships and the work environment.
Similar to internal audits, an external audit’s main objective is to gauge the accounting records’ accuracy. Lenders and investors usually need external audits to confirm that the company’s data and financial data and information are fair and accurate.
Internal Revenue Service (IRS) Audits
The IRS performs routine audits to verify a taxpayer’s specific transactions and returns. Getting audited by the IRS is usually accompanied by a negative implication and viewed as evidence of wrongdoing. However, being chosen does not automatically mean you did something wrong.
The selection formula for IRS audits is based on random statistics that assess and compare a taxpayer’s returns to similar returns. A person can also be chosen if they’re associated with a company or individual whose audit uncovered tax errors.
What About Forensic Audits?
A forensic audit assesses and evaluates a person’s or company’s financial information to obtain facts to support a legal case. Forensic audits handle a wide array of investigative work to obtain the necessary evidence to facilitate a successful prosecution of various financial crimes. Forensic auditors can also be expert witnesses during trials. A forensic audit requires planning the investigation, collecting the evidence, and reporting the findings.
Example
Hypothetically, Susan has been the project manager of company X for 10 years, helping the company complete significant projects during that time. However, during a recent project, she submitted fraudulent invoices for tenders awarded to her relatives. A forensic auditor can uncover the truth by examining the books and following the money in such a situation.
Reasons to Perform a Forensic Audit
Different circumstances can call for a forensic audit, including corruption cases, asset misappropriation, financial statement fraud, due diligence during Mergers and Acquisitions, and property theft. A forensic auditor is likely to check bribery, extortion, and conflict of interest in corruption cases. When investigating a financial statement fraud, the auditor will look for the transaction or relevant information omission and intentional accounting records forgery.
Regular audits help businesses understand their operations better. It is essential for small and big companies and should be done by a qualified and objective expert.
Auditing Standards
The Public Company Accounting Oversight Board (PCAOB) maintains external auditing standards for public companies (issuers) registered with the Securities and Exchange Commission (SEC).
As of 2012, PCAOB has 15 permanent standards approved by the SEC and a number of interim standards that reflect generally accepted auditing standards, as described in standards issued by the Auditing Standards Board (ASB), which is part of the American Institute of CPAs (AICPA).
The ASB also issues Statements on Auditing Standards (SASs) that apply to preparing and releasing audit reports for nonissuers (companies not required to register with the SEC). AICPA members who audit a nonissuer are required by the AICPA Code of Professional Conduct to comply with these standards. As of 2012, there are more than 60 active standards.
For internal auditing, the Institute of Internal Auditors provides a conceptual framework called the International Professional Practices Framework (IPPF) that provides guidance for internal audits. Some of the guidance is mandatory, while others are considered strongly recommended, but not required by law.
Audit Planning
Audit planning includes deciding on the overall audit strategy and developing an audit plan.
Auditing Standard No. 9 from the PCAOB describes an external auditor’s responsibility and the requirements for planning an audit. According to standard No. 9, an audit plan is expected to describe the planned nature, extent, and timing of the procedures for risk assessment and the tests to be done on the controls and substantive procedures, along with a description of other audit procedures planned to ensure the audit meets PCAOB standards.
For internal auditing, the Institute of Internal Auditors provides guidance for audit planning. Planning starts with determining the scope and objectives of the audit.
Internal auditors need to understand the business, operations, and unique characteristics of the department/unit being audited and to develop an audit plan that defines the procedures needed to do an efficient and effective audit.