1. Obtain general understanding of the legal and regulatory framework applicable to the entity and the industry, and how the entity is complying with the framework.
❖ HOW TO OBTAIN THE UNDERSTANDING:
– Use the auditor’s existing understanding of the industry.
– Update the auditor’s understanding of the laws and regulations that directly determine reported amounts and disclosures in the financial statements.
– Enquire of management on laws and regulations that may have fundamental effect on the entity’s operations.
– Enquire of management on the entity’s policies and procedures regarding compliance laws and regulations.
– Enquire of management on policies or procedures adopted for identifying, evaluating and accounting for litigation claims.
2. Inquire of management and those charged with governance as to whether and how the entity is in compliance with such laws and regulations.
3. Verify compliance by reviewing correspondence with the appropriate licensing or regulatory agencies.
4. Remain alert to the possibility that other audit procedures applied may bring instances of non-compliance to the auditor’s attention.
5. Obtain written representation from the directors that they have disclosed to the auditors on all events of which they are aware, which involve possible non-compliance with the actual or contingent consequences that may arise from such non-compliance.
AUDIT PROCEDURES WHEN NON-COMPLIANCE IS IDENTIFIED:
1.) Inquire with management about penalties to be imposed.
2.) Inspect correspondence with regulatory authorities to identify the consequences.
3.) Inspect board minutes for management discussions on actions to be taken regarding the non-compliance.
4.) Inquire with the company’s legal department on the possible impact of the non-compliance.
INVESTIGATING THE NON-COMPLIANCE
1.) The auditor must understand the nature of the act and the situations in which it has occurred.
2.) Obtain further information to evaluate the possible effect on the financial statements.
COMMUNICATING AND REPORTING NON-COMPLIANCE:
1.) The auditor should communicate non -compliance with management except prohibited by law ISA 250.
2.) If the auditor believes the non-compliance is intentional and material,the matter must be communicated with those charged with governance.
3.) If auditor suspects those charged with governance are involved, it must be communicated to the audit- committee or supervisory board.
4.) If non-compliance has a material effect on the financial statement, a qualified or adverse opinion must be issued.
5.) The auditor must consider if they have legal, regulatory or ethical responsibilities to report non-compliance to third parties like regulatory authorities.
POSSIBLE REASONS FOR ENGAGEMENT WITHDRAWALS:
Reasons why external auditor could withdraw audit engagement that is, resign as auditor are: If
1.) Management or directors do not take remedial action that the auditor considers inappropriate or
2.) Non-compliance arouse doubt about the integrity of management or those charged with governance.
Ethical requirements may require a predecessor auditor to provide information on compliance to an incoming auditor.