Changes to accounting and auditing standards don’t take place in a vacuum. The International Auditing and Assurance Standards Board’s (IAASB) proposed changes to ISA 540, its standard on auditing accounting estimates and related disclosures, is a clear example of this.
The main reason behind the changes is the new international accounting standard on financial instruments. IFRS 9 introduces the expected loss model, in which banks need to focus on the credit risks associated with each loan. This raises the question of how auditors should deal with the estimates of expected credit losses appearing in banks’ financial statements – a question the IAASB addresses through its exposure draft.
But although it was financial instruments that triggered the need for change, the revised standard, just like the current one, will apply to all audits, no matter how big or small the company involved and whether it has anything to do with finance or not.
IAASB recognised this from the start and did consider different ways of approaching the problem. One was for less complex estimates to have a separate standard; another was to deal with expected credit losses in their own standard. However, it quickly decided that the best approach was to deal with all estimates in one standard in an attempt to please everyone.
That’s not an easy sell, says Katharine Bagshaw, technical manager for auditing standards at ICAEW. “It is a tall order for any auditing standard to cover everything from the simplest depreciation calculation to the most complex of derivative financial instruments and expected credit losses.”
The IAASB decided to stick with a single standard in part because it does not issue standards for industry-specific areas – it uses international auditing practice notes (IAPNs) to deal with those. But another reason was to make sure its proposals had the necessary clout. “IAASB wanted this to have the regulatory weight attached to a standard, not something that could be taken as guidance,” says Bagshaw.
This means the proposals will apply to every audit, regardless of the size or complexity of the company involved. As a result, the changes to this standard perhaps demonstrate the limits of what can be done within the existing IAASB structure – and may add weight to those calling for a different set of auditing standards for small audits.
WINDS OF CHANGE
The main aim of the changes is to focus on what drives the risks of material misstatement. At the moment, auditors use a three-step approach: looking at subsequent events; testing management’s processes; or developing their own estimates.
The proposed approach puts all estimates into one of two risk “buckets” – low inherent risk, or non-low inherent risk. Audit procedures on estimates in the low inherent risk bucket stay broadly the same as now, using the three-step approach.
For estimates in the non-low inherent risk bucket, auditors will need to look at three factors: the extent to which complexity affects the estimate; the need for management judgement; and the estimation uncertainty.
The proposed revisions introduce more granular requirements over the types of matter the auditor will be expected to obtain sufficient audit evidence about, says Diana Hillier, global assurance standards partner at PwC.
“These include the method used to make the estimate; the appropriateness of significant data and assumptions, and whether the data is reliable; the design of models used and appropriateness of any adjustments to model outputs; and how management has addressed estimation uncertainty.”
One issue that ICAEW has with the proposals is the three risk factors for non-low inherent risk – estimation uncertainty, judgement and complexity – will result in some very complex and possibly over-engineered analyses in some cases.
“These analyses will be cut using those three factors but also by assertion, line item and assessed risk in the financial statements, and the level of assessed risk. That’s probably not efficient or effective. And bear in mind that it applies to SME audits as well as large banks.”
In response, ICAEW has asked the IAASB to consider issuing more guidance at both ends of the size spectrum. First, it would like to see an IAPN to provide guidance on the complexities surrounding credit losses, financial instruments and the financial sector generally.
Second, it would like to see more guidance for smaller entities. While the exposure draft includes some simplistic examples of low inherent risk estimates, such as depreciation, the reality is that depreciation might not be such a low inherent risk in some SME financial statements.
“We’re asking for a more nuanced description of estimates such as stock or depreciation provisions and how they might be treated if they were low inherent risk or non-low inherent risk,” Bagshaw explains.
SAME RULES FOR ALL
This touches on what is seen as the problem with the proposals: how the proposed standard would work across audits of any size and scope. While the IAASB believes it is building scalability in by its introduction of the low inherent risk threshold, practitioners aren’t sure.
The concepts in the standard are quite complex and they don’t lend themselves to easy simplification, says Robert Stenhouse, audit director at Deloitte. “This makes scalability difficult,” he says. “Auditors may consider the need to explain simple estimates by reference to these concepts as excessive. This is another example of how hard it is to truly scale auditing standards.”
Hillier is hearing questions about whether the proposals are the best way to achieve scalability and how they will work in practice. “Just because a company is small, it may still hold complex financial instruments and have a higher risk of misstatement. Even for lower inherent risks, if choosing to obtain evidence by testing how management made the estimate, then the requirements for the other-than-low inherent risk category would be equally relevant.”
This leads to another problem: how to stop auditors from putting all the risks in one bucket. Stenhouse thinks the impetus will be for all but the simplest of management estimates to fall into the non-low inherent risk bucket. “Whether that’s right or wrong depends on the complexity of the entity and the judgement. But if auditors are concerned about being judged in hindsight, they will default to the higher level of work.”
Another issue for auditors of dual listings is in meeting two different sets of regulations. US regulator the Public Company Accounting Oversight Board (PCAOB) also issued an exposure draft on this topic this summer, addressing similar issues.
However, while the IAASB’s proposals are structured around the extent to which the estimate is affected by the risk factors, the PCAOB’s broadly similar audit considerations are presented in a way that follows the company’s process for making the estimate. This could be by evaluating the company’s methods, testing the data used, and identifying and assessing the reasonableness of significant assumptions.
Many responders are hoping that there will be greater alignment between the IAASB and the PCAOB in their final standards. And as Hillier says, “early feedback is that many find the PCAOB approach more logical”.
A RADICAL APPROACH
Bagshaw thinks the biggest overall issue with implementing the new standard will be that the changes proposed are potentially quite radical. “Changing mindsets will be difficult. This is why we think the IAASB will need to get involved in the implementation effort.”
Part of the reason for this is that accounting estimates are not just an audit issue – they are an accounting and behavioural issue as well. “The auditor makes judgements about the estimates – but we don’t make the estimates,” notes Stenhouse.
Auditors are commonly presented with what Bagshaw describes as “huge, squidgy numbers” late in the audit. “Auditors ask about the assumptions behind the figures but the evidence can be thin and the pressure is on to sign off. At the end of the day, everyone needs to remember that accounting estimates are management’s responsibility. It is for management to prove to the auditors what they have done and why they have done it, not the other way around.”
After the spate of corporate failures in the fallout from the financial crisis, investors are keen to see auditors kicking the tyres and challenging management’s judgement in making their accounting estimates.
“The revisions to ISA 540 are designed to provide a framework to guide the auditors’ approach to do just that,” says Hillier.
Stenhouse points out that management estimates can be some of the biggest financial reporting judgements in the financial statements. “They can have a huge impact and it’s important that they are appropriately reported and their reporting is robustly challenged. Audit effort and reporting should focus on these big judgements. The spirit behind the standards is clear: if users are happier around these estimates and the disclosures associated with them are more transparent and receive more attention, that’s a good thing. And that helps build trust in the whole system of financial reporting.”
The worry is that the IAASB is creating expectations that estimates can be audited very precisely – that there is a right or wrong answer. But there isn’t, says Bagshaw. “You cannot audit away uncertainty. You can have a property portfolio or a simple financial instrument and two professionally qualified valuers can come up with significantly different values.
“You can’t fix an accounting problem through the auditors. If the accounting is inherently uncertain, it can’t be tightened up. Estimates are what they say on the tin – they are just estimates.”