Not every organisation has both an external audit and internal audit. In some jurisdictions you can get companies that have internal audit but no external audit, while in most countries you get quite a prevalent external audit with far less incidence of internal audits. Russia is a prime example of the latter case.
External audits done under ISAs are supposed to plan and carry out work in order to have a reasonable expectation of detecting fraud and other irregularities, and certainly the expectation of users has traditionally been that external auditors are responsible to find fraud.
I work both as external auditor and also I do internal audits for clients who don’t have their own departments or who do but need to be beefed up locally by brought in experts. Therefore I have no particular axe to grind, but I will say this. A lot of expected of external auditors with relation to fraud without giving them the tools to really pick fraud up.
Internal audit departments can, within reason (they cannot supercede data protection law or labour law, etc, or contravene people’s basic human rights when monitoring them) have whatever tools they like if they are within budget. I can just imagine what my clients would think if I as an external would start installing cameras, GPS trackers on company vehicles, doing spot checks for alcohol, lifestyle checks on managers, and all the other things that internals can do. And yet if you take the standards literally I have to do a job not far off that of a policeman as an external auditor.
All we are usually given as external auditors is a couple of generic questionnaires which we try to go through with the client’s management adapting it to the specifics of their business, then we have the duty and hopefully also the ability to map out and analyse the systems of the client, including the controls and to perform walk-through tests and seek to identify key controls. The way an external auditor assesses a key control and the way an internal auditor assesses a key control are also different in a number of ways, and how we define a key control for our respective purposes differs, and then the timing and frequency of checks on that control will differ. Many people who have worked only in external audit won’t know how or why they differ and therefore their ability to get the best from internal if it is even there will be in many cases limited.
Externals go on to make their control tests if they do recognise a key control (and on a worldwide scale I would hazard a guess that tests of controls are still done on only a small minority of audits, with most defaulting to the substantive route based really on lack of time or confidence with control work by the external audit team) and also the other big weapon they have in the arsenal is substantive analytical review. But SAR is only as good as the in-depth knowledge of the branch or business, so externals – especially those which are not branch specific as some Big Four externals are – don’t really have the sector knowledge that the internal audit team have and so their chance of noticing something that doesn’t stack up as they go through their analyses of ratios, or building of expectations and confronting to reality is not as good as that of the internal in many cases.
And then auditors finish every section by mopping up whatever needed assurance they could not derive from the earlier procedures by other substantive procedures based if done properly on a statistical sample, which is designed to get them from the assurance they got from less time-consuming procedures through to within their tolerable error (a function of risk and materiality from their perspective, which again differs from the internal auditor’s perspective which may not even be couched in money figures but in non-monetary terms). However the chances of getting at fraud looking through sampled accounting documents is miniscule, and here many external auditors do the bulk of their work.
So naturally if there is an internal audit team, an enlightened external auditor should be ver anxious to understand how they decided their work plan, what they did, and how many key controls have been checked thoroughly and how many risks are still open. If they want to give the organisation real value for money they will design tests that supplement, rather than duplicate the work of internal auditors.
Internal auditors will encourage this – they too will want to see that the organisation’s budget for external audit work goes on procedures that help to improve the risk heat map and the overall picture for the organisation. This call only be done when each side understands the other and “speaks their language”. Many internals have worked as external but not many are continually doing both types and therefore able to think through an assurance issue from both perspectives.
На прошлой неделе в СМИ прошла информация об аресте счетов украинских политиков и бизнесменов в Нидерландах, хотел бы Вам раскрыть технику того, как ЦБ Нидерландов устанавливает принадлежность счетов тому или иному лицу или группе лиц. Полагаю, что в большинстве европейских стран будет применяться аналогичный подход и не обязательно только в отношении Украины.
За полторы недели до этого ЦБ Нидерландов (который, помимо прочего, занимается лицензированием трастовых организаций и контролем за их деятельностью) стал обзванивать трастовых управляющих (их в стране порядка 300) и запрашивать информацию о компаниях с украинским участием – будь то бенефициары-физики или участники – украинские юрлица, информацию о реальном присутствии (substance) этих организаций в Голландии, личностях владельцев и бенефициаров.
Срок для предоставления ответа был дан одна неделя. Такие действия ЦБ вполне вписывались в действующее законодательство.
В течение нескольких дней после получения информации от трастовых управляющих ЦБ определил интересующие компании и установил, какими банковскими счетами они располагают. Дальше произошло то, о чем Вы читали в СМИ.
Таким образом еще раз хочу напомнить, что утверждение о закрытости информации о бенефициарах – утопия, не стоит особо полагаться на заманчивые обещания провайдеров оффшорных услуг о якобы высокой степени конфиденциальности, тщательно анализируйте риски владельцев бизнеса и высшего менеджмента в налоговой, валютной и иных смежных сферах контроля.
We would like to inform you that under the Cyprus Company Law and Income Tax Law provisions there is an obligation for all Cyprus companies to prepare and submit audited financial statements and tax returns to the authorities in Cyprus.
The deadline for doing this is 31 December following the company’s year-end date (unless the tax return will be submitted electronically in which case there is an additional 3 month extension to 31 March of the following year).
The Income Tax office has started contacting all companies that have not yet submitted their tax returns up to the year 2011 with a view to achieving a higher compliance rate.
Companies that fail to do this by April 2014 will face the consequences of the provisions of the Law(s) which may include the imposition of monetary penalties/fines or imprisonment of the Directors or both.
We would therefore urge you to contact us immediately for any Cyprus company/ies under your responsibility with a view of arranging the delivery of all documents and supporting documentation to us so that we can proceed with the preparation and audit of the company’s financial statements and tax returns before April 2014.
Looking forward to hearing from you soon,
Marios A. Klitou
Chief Executive Officer
Baker Tilly in Cyprus
The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog.
Here’s an excerpt:
A New York City subway train holds 1,200 people. This blog was viewed about 4,200 times in 2013. If it were a NYC subway train, it would take about 4 trips to carry that many people.
Russian Prime Minister Dmitry Medvedev has proposed a two-year tax break for entrepreneurs
registering a business for the first time, in order to stem a mass exodus to the shadow economy.
All government ministries have now approved the plan and it is expected to come into effect next year.
Due to the Russian government’s decision to double social insurance contributions, 485,000 people cancelled business registrations this year. It is believed that a large number of those entrepreneurs who cancelled their registrations have continued to operate illegally.
The country had 3.5m registered sole entrepreneurs (PBYuL) as of 1 June 2013.
The Finance Ministry has not revealed how much tax revenue will be lost to the Budget on account of the proposed two-year exemption for new businesses. However, Baker Tilly Russaudit’s expert Andrei Kirillov told Quoracy.com that the losses would be negligible given the likely stemming of outflow to the shadow economy.
The following was submitted by Baker Tilly Slovakia.
Baker Tilly Romania writes:
We continue our efforts in upgrading and enhancing our services to you, both in context and quality.
In this respect, please find enclosed the Baker Tilly Klitou Tax Alerts for June 2013, in English and Romanian. The purpose of these Tax Alerts is to inform you about the latest tax legislation changes that could have an impact on your company’s activity: changes that affect our Tax Code, any legislative changes that are announced by the Ministry of Finance and any other Romanian tax related developments.
Our tax experts are always at your disposal in answering any queries that may arise from these Tax Alerts.
52 Splaiul Independentei, 050085 Bucharest, Romania
Tel: +40-213156100 |Fax: +40-213156102