Hayley Barker Hoogwerf project director for audit and assurance, Saica.
The ACCA continues to identify three components to the audit expectation gap as follows:
- The knowledge gap described as the difference between what the public thinks auditors do and what auditors do. This recognises that the public may misunderstand the role of auditors and the requirements of the auditing standards.
- The performance gap, where auditors do not do what auditing standards or regulations require due to the complexity of certain auditing standards (unclear requirements) or differences in interpretation of auditing standards or regulatory requirements between practitioners and regulators, and
- The evolution gap, where there is a need for evolution in areas of the audit where, taking into consideration the general public’s demand, technological advances, and how the overall audit process could be enhanced to add more value.
Narrowing the expectation gap
In understanding the three components of the audit expectation gap, namely the knowledge gap, the performance gap and the evolution gap, it is evident that various parties involved in the financial reporting ecosystem have a part to play in achieving an effective financial reporting ecosystem that ultimately results in the reporting of high-quality financial information.
The International Auditing and Assurance Standards Board (IAASB), being the international standard-setting body, reacted to the renewed focus on the audit expectation gap by issuing their Discussion Paper on Fraud and Going Concern in an Audit of Financial Statements
, which is aimed at exploring the differences between public perceptions about the role of the auditor and the auditor’s responsibilities in a financial statement audit in establishing a view on whether the international standards on auditing remain fit-for-purpose in the current economic environment.
This international outreach is welcomed in reinforcing the important role that the IAASB plays in bringing uniformity to the standard-setting process. Such standard-setting activities contribute positively to the performance gap in addressing the complex nature of the auditing standards or addressing any ambiguity that exists in the auditing standards. Standard-setting activities make a positive contribution to narrowing the evolution gap, by ensuring that standards remain fit-for-purpose in changing economic environments in meeting the needs of the public in relation to the audit process. Standard-setting activities are, however, going to make little or no impact on narrowing the knowledge gap. This is probably the reason why, although the International Standards on Auditing have been revised over the years, the issue of the expectation gap remains unabated.
The importance of educating and having a continuous dialogue with the appropriate stakeholder groups in an effort to close the knowledge gap cannot be emphasised enough; a task that should be undertaken by all parties involved in the wider financial reporting ecosystem. It can be argued that the knowledge gap is the main contributor to the audit expectation gap as this component is beyond the control of the profession. The mere fact that auditors are also called ‘watchdogs’ might be an indication on what the public expects from auditors compared to what auditors are really responsible to do.
Deficiencies in the overall control environment and in the design of the internal controls or failure to implement such internal controls are contributing factors to fraudulent activities. At some point, significant internal control deficiencies are usually identified by the auditor, even if it is not during the financial period when fraud occurred.
However, such deficiencies are not reported to the users of financial statements in the auditor’s report when they are initially identified. Perhaps there is room for an enhancement to the reporting requirements in the auditor’s report when it comes to deficiencies in the overall control environment and the internal controls.
Reporting on internal control deficiencies would alert the users of financial statements of areas where the opportunities to perpetrate fraud may exist due to weaknesses in the overall control environment and the internal controls. These additional disclosures in the auditor’s report should, however, not be done in isolation but off the back of enhanced management disclosures around the adequacy and effectiveness of the internal financial control environment.
The importance of a combined assurance model in achieving the ultimate objective of the reporting of high-quality financial information should also not be underestimated. Combined assurance is explained as a process of combining the activities of various parties, both internal and external to the organisation to add credibility to financial information produced. In the financial reporting ecosystem, two distinct components of the combined assurance model can be identified, namely internal assurance and external assurance. The objective of internal assurance is to prevent internal mistakes from leaking into the external assurance process.
Other parties in the financial reporting ecosystem have a key role to play in ensuring high-quality financial information is reported. These include the preparers of financial statements, including chief executive officers and chief financial officers as well as those charged with governance, such as audit committees. Corporate culture and the quality of the reporting and internal controls at the organisation have a significant impact on whether fraud will be detected even before engaging with an auditor through the external assurance process.
Therefore, explicit reporting could be required from both the preparers and those charged with governance on actions that they have undertaken to ensure that they fulfil their responsibilities in these two areas. This management responsibility needs to be given increased public acknowledgement.
In this regard, the JSE Limited recently amended the JSE Listings Requirements to require the CEO and financial director to make a positive statement attesting that the annual financial statements fairly present the state of affairs of the company and/or group, that internal financial controls are adequate and effective and that where deficiencies and any fraud involving directors have been identified, these have been disclosed to the audit committee and the auditor and the necessary remedial action has been taken.
Time to stand back
The current purpose of an audit is not to detect fraud but rather for the auditor to provide reasonable assurance about whether the financial statements are free from material misstatement, whether due to fraud or error. However, in light of the increased focus on the audit expectation gap, perhaps it is time for all parties involved in the financial reporting ecosystem to stand back and reassess whether the needs of the general public in terms of the reporting and assurance financial information are still being met.