• 25 Marks

AAA – May 2021 – L3 – Q1b – Communication with Those Charged with Governance

Evaluation of internal control weaknesses, implications for audit strategy, and governance reporting for Community Microfinance Bank.

Question:

During the audit year, on the review of the audit work done on Community Microfinance Bank (a new significant audit client), you noted the following issues:

  • At the audit strategy stage, it was agreed that the audit of loans and advances would involve reliance on the effectiveness of internal controls. However, during the test of controls, it was noted that five loans were not approved by the appropriate approving officers. Further review indicated that the loans were genuinely issued to customers but were only approved by officers whose approval limit had been exceeded.
  • During the period under review, the tax authority carried out a tax investigation and noted a significant variance between the company’s estimated tax liabilities and the tax authority’s position. From further discussion, it was noted that the previous tax computation was done by a junior staff who does not have the requisite experience and the computations were not duly reviewed by experienced senior officers of the company.
  • The company deployed a new loan disbursement software which is linked to the financial reporting software. From your review of the new software, the initiator of a transaction could approve the same transaction as long as he/she changes the designation to approving authorities after initiation. You have flagged this as a possible control risk.
  • During your review of the receivables account, a variation was noted between the amount in a customer’s receivables balance in the ledger and the client confirmation. However, the variance was considered not material and not adjusted for. During discussion with the Receivables Manager, it came to your attention that the client in focus is a family member of the Managing Director.

The team is considering the impact of the above observations on the audit.

Required:

(i) Draft a report to management evaluating the implications of the above observations on the control environment and the audit strategy/procedures. (15 Marks)
(ii) Comment on whether the issues are to be reported to those charged with governance of the entity. (10 Marks)

Part (i) – Report to Management

To: Management of Community Microfinance Bank
From: [Your Name], Audit Team Lead
Subject: Evaluation of Internal Control Weaknesses and Implications for Audit

Evaluation of Control Issues and Recommendations

  1. Approval of Loans Beyond Approval Limits:
    • Implications for Control Environment:
      The failure to adhere to the loan approval limits highlights a weakness in the approval process and oversight. This creates a risk of unauthorized transactions or fraudulent activity, which undermines the reliability of the internal control environment.
    • Implications for Audit Strategy:
      The team cannot rely on the effectiveness of controls over loans and advances. Substantive audit procedures, such as detailed transaction testing and extended sampling, will be necessary.
    • Recommendation:
      Management should reinforce adherence to approval limits and implement automated controls to flag transactions exceeding designated limits.
  2. Errors in Tax Computations:
    • Implications for Control Environment:
      The lack of proper review of tax computations by experienced staff indicates a deficiency in oversight and competence in financial reporting. This exposes the company to regulatory sanctions and financial penalties.
    • Implications for Audit Strategy:
      The tax expense and liabilities must be reassessed, and management’s estimates reviewed in detail. A focused review of prior computations may also be necessary.
    • Recommendation:
      Management should enhance training for staff involved in tax matters and establish a robust review process for critical computations.
  3. Control Risks in New Loan Disbursement Software:
    • Implications for Control Environment:
      The ability for a single user to initiate and approve transactions increases the risk of fraudulent activity and errors. This reflects a serious control deficiency.
    • Implications for Audit Strategy:
      The team will need to perform substantive procedures on loan disbursements, including tracing transactions to source documents and reviewing segregation of duties.
    • Recommendation:
      Management should configure the software to prevent users from approving their own transactions and implement segregation of duties. Regular audits of the system should also be conducted.
  4. Receivables Variance and Related-Party Connection:
    • Implications for Control Environment:
      The variance, though immaterial, coupled with the related-party relationship, raises concerns about transparency and governance. This could indicate a conflict of interest or preferential treatment.
    • Implications for Audit Strategy:
      The audit team should perform extended related-party transaction reviews and confirm the reasonableness of balances.
    • Recommendation:
      Management should adopt stricter controls over related-party transactions and ensure they are disclosed in financial statements as required by IFRS.

Conclusion

The identified issues significantly weaken the control environment and necessitate adjustments to the audit strategy. Management is advised to address these weaknesses promptly to safeguard the integrity of the company’s financial processes.

[Your Name]
Audit Team Lead

Part (ii) – Reporting to Those Charged with Governance

The issues identified have significant implications for governance and should be reported to those charged with governance for the following reasons:

  1. Loan Approvals Beyond Limits:
    • This control deficiency undermines the integrity of financial operations and should be highlighted to ensure governance oversight.
  2. Tax Computation Errors:
    • The risk of regulatory penalties and financial loss warrants the attention of those charged with governance to ensure adequate oversight of tax processes.
  3. Software Control Risks:
    • The lack of segregation of duties in the new loan disbursement system poses a high fraud risk, which should be escalated to ensure timely remediation.
  4. Receivables Variance and Related-Party Connection:
    • Related-party transactions inherently involve governance risks. The involvement of the Managing Director’s family member further necessitates transparency and oversight.

Recommendation to Governance

The issues should be formally communicated through the management letter or governance report to ensure prompt corrective action and enhance oversight of internal controls.

[Your Name]
Audit Team Lead

 

Back to all questions

Pick a Form

Professional Tutor Application Form
Academic Tutor Application Form
Student Tutor Application Form