31 May 2024

For periods beginning on or after 15 Dec 2023 (effectively year ended 31 December 2024) there is a new standard for Group Audits. Early adoption is permitted, so we have proactively updated relevant templates for the new standard.

What has changed?

The problem with group audits is that often we are comparing apples with oranges. Some components are very different in size and flavour. The new standard attempts to make this easier by viewing the whole group through the lens of the whole fruit bowl, rather then getting overly obsessed with the spots on one of the bananas.

The new standard, like many revised standards coming through, is designed to align with the revised ISA 315 Risk standard, which introduced some major changes. It also aligns with the new Quality Management standards.

The new standard takes a pragmatic approach to work being done by other auditors – those doing work on components which may either be subsidiaries or parts of the overall job – like auditors performing stock-takes on behalf.

In the old standard components were regarded as significant (or not) based on defined parameters. In the new standard the whole group or overall entity is viewed as one, and risk is identified across the group as a whole. The group financial statements are assessed and work is done on elements that represent material risks from this perspective, rather than a rote audit of the whole of a component because it is judged as significant. The new standard does this by using a different definition of a component:

Component – An entity, business unit, function or business activity, or some combination thereof, determined by the group auditor for purposes of planning and performing audit procedures in a group audit. (para 14(b))

The standard emphasises the Group Engagements Partner’s (GEP) responsibilities for the whole job, effectively treating the whole audit group as one team for which the lead auditor is responsible. The GEP is to feed risk assessment to the sub-auditors and the sub-auditors are to advise the GEP of additional risks that they identify. All risk is framed in terms of ISA 315 (Revised 2019).

The standard also gives a strong nod to ISA 220 (Revised) on focussing on the resources needed for the engagement and the direction and supervision required.

How do we approach an audit that involves components?

A high level overview is as follows:

  • Identify the components.
  • Make a preliminary assessment of what sort of work will likely be required.
  • Communicate with Governance regarding the work likely to be undertaken and their involvement.
  • Identify the regulatory framework for the group.
  • Identify the organisational structure and business model.
  • Identify the group controls.
  • Assess the risks that pertain to group as a whole including risks pertaining to the consolidation process.
  • Assess Group Performance Materiality and a threshold above which misstatements identified in the component financial information are to be communicated by the component auditor to the GEP.
  • Work is then assigned to the component auditors
  • They report back on their overall findings and conclusions, plus reporting instances of material non-compliance with laws or regulations, corrected and uncorrected misstatements, indicators of possible bias, any deficiencies in the system of internal control, identified fraud or suspected fraud, and any other significant matters.
  • The GEP then assesses whether the work is adequate, discusses and records any matters that require clarification and then assesses the work of the component auditor in relationship to the group as a whole.

Conclusion

The new standard represents a common sense approach to group audit work, however there may be some changes and adjustments required by firms adopting this fresh approach for the first time.

The Requirements portion of the standard is mercifully brief (11 pages) so I suggest you read it to familarise yourself with the content. The Application and Other Explanatory Material is also easy enough to follow. Good work IAASB on what seems to be another sensible standard that will hopefully stand the test of time.