The market and competition, including demand, capacity, and price competition.

Transcription

1 Client: Enter client name Prepared by: Date: Ref: Year End: Enter year end Reviewed by: Date: File Number: Enter file number KNOW YOUR CLIENT CHECKLIST This checklist is intended as an aide memoire for issues that should be addressed on the permanent file. Where a matter is relevant it should be addressed in sufficient detail on the file as to provide a basis for further review as part of the risk assessment or evaluation of systems. The checklist should not be regarded as exhaustive. 1. The sector in which the client operates 1.1 The market and competition, including demand, capacity, and price competition. Y, N, N/A PAF Ref 1.2 Cyclical or seasonal activity. 1.3 Product technology relating to the client s products. 1.4 Energy supply and cost. 2. The regulatory environment in which the client operates 2.1 Accounting principles and industry specific practices The legal and regulatory framework applicable to the entity and the industry or sector in which it operates. Laws and regulations having a direct effect on the determination of material amounts and disclosures in the financial statements. * Regulatory requirements. * Direct supervisory activities. 2.4 Taxation (corporate and other). 2.5 Government policies currently affecting the conduct of the client's business: * Monetary, including foreign exchange controls. * Fiscal. * Financial incentives (for example, government aid programs). * Tariffs, trade restrictions. 2.6 Environmental requirements affecting the industry and the client's business. 2.7 Procedures for ensuring compliance with relevant laws and regulations. 3. Other external factors currently affecting the client s business 3.1 General level of economic activity (for example, recession, growth). 3.2 Interest rates and availability of financing. 3.3 Inflation, currency revaluation. PAF04 Page 1 of 8 Croner-i Audit - October 2018

2 4. Nature of the client's operations Business Operations 4.1 Nature of revenue sources (for example, manufacturer, wholesaler, banking, insurance or other financial services, import/export trading, utility, transportation, and technology products and services) Products or services and markets (for example, major customers and contracts, terms of payment, profit margins, market share, competitors, exports, pricing policies, reputation of products, warranties, order book, trends, marketing strategy and objectives, manufacturing processes). Conduct of operations (for example, stages and methods of production, business segments, delivery of products and services, details of declining or expanding operations). Alliances, joint ventures, and outsourcing activities. Involvement in electronic commerce, including Internet sales and marketing activities. 4.6 Geographic dispersion and industry segmentation. 4.7 Location of production facilities, warehouses, and offices. 4.8 Key customers Important suppliers of goods and services (for example, long-term contracts, stability of supply, terms of payment, imports, methods of delivery such as justin-time ). Employment (for example, by location, supply, wage levels, union contracts, pension and other post employment benefits, stock option or incentive bonus arrangements, and government regulation related to employment matters) Research and development activities and expenditures Transactions with related parties Areas of the business where the company might be exposed under the Bribery Act 2010 including any procedures and controls implemented by management. Investments 4.14 Acquisitions, mergers or disposals of business activities (planned or recently executed) Investments and dispositions of securities and loans Capital investment activities, including investments in plant and equipment and technology, and any recent or planned changes. Investments in non-consolidated entities, including partnerships, joint ventures and special-purpose entities. Group structure major subsidiaries and associated entities, including consolidated and non-consolidated structures. PAF04 Page 2 of 8 Croner-i Audit - October 2018

3 Financing 4.19 Debt structure, including covenants, restrictions, guarantees, and off-balance-sheet financing arrangements Leasing of property, plant or equipment for use in the business Beneficial owners (local, foreign, business reputation and experience) Related parties Use of financial instruments. (a) The financial instruments to which the entity is exposed, and their purpose and risks. (b) The accounting and disclosure requirements. (c) Management s process for valuing financial instruments, including whether management has used an expert or a service organisation. (d) The evidence supporting managements assumptions. (e) The system of internal control and the information systems that ensures: (i) All instruments are completely and accurately recorded; (ii) Payments and receipts are monitored and made on time; and (iii) Financial risks are analysed and monitored. (f) The accounting policies applied and in particular any application of hedge accounting. Financial Reporting 4.24 For revenue recognition and all other material items in the accounts: (a) The accounting policy applied. (b) The accounting standards and any other requirements that are applicable. (c) An assessment of whether the accounting policy complies with accounting standards and any other applicable requirements Whether the entity has adopted accounting policies most appropriate to its particular circumstances for the purpose of giving a true and fair view. Any accounting policies that push the boundaries of what is acceptable accounting practice. Whether sufficient information is disclosed in the financial statements to enable users to understand the accounting policies adopted and how they have been implemented. Whether accounting policies adopted are reviewed regularly to ensure that they remain appropriate. (For example on moving to FRS 102.) PAF04 Page 3 of 8 Croner-i Audit - October 2018

4 Industry-specific significant categories (for example, loans and investments for banks, accounts receivable and inventory for manufacturers, research and development for pharmaceuticals). Accounting for unusual or complex transactions including those in controversial or emerging areas (for example, accounting for share-based payments) 4.31 Financial statement presentation and disclosure. Accounting Estimates 4.32 The requirements of the applicable financial reporting framework relevant to accounting estimates, including related disclosures How management identifies those transactions, events and conditions that may give rise to the need for accounting estimates to be recognised or disclosed in the financial statements. For example consider: - Provision for doubtful debts; - Stock obsolescence; - Warranty obligations - Depreciation method or asset useful life - Carrying value of investments - Outcome of long term contracts - Costs arising from litigation - Share based payments - Financial instruments not traded in an active and open market. How management makes the accounting estimates, and an understanding of the data on which they are based, including: i) The method, including where applicable the model, used in making the accounting estimate; ii) Relevant controls; iii) Whether management has used an expert; iv) The assumptions underlying the accounting estimates; v) Whether there has been or ought to have been a change from the prior period in the methods for making the accounting estimates, and if so, why. vi) Whether and, if so, how management has assessed the effect of estimation uncertainty. 5. Objectives, strategies and related business risks How does the client addresses industry, regulatory and other risk factors relating to, for example: Industry developments (a potential related business risk might be, for example, that the client does not have the personnel or expertise to deal with the changes in the industry). New products and services (a potential related business risk might be, for example, that there is increased product liability). Expansion of the business (a potential related business risk might be, for example, that the demand has not been accurately estimated). PAF04 Page 4 of 8 Croner-i Audit - October 2018

5 New accounting requirements (a potential related business risk might be, for example, incomplete or improper implementation, or increased costs). Regulatory requirements (a potential related business risk might be, for example, that there is increased legal exposure). Current and prospective financing requirements (a potential related business risk might be, for example, the loss of financing due to the client s inability to meet requirements). Use of IT (a potential related business risk might be, for example, that systems and processes are incompatible). Effects of implementing a strategy, particularly any effects that will lead to new accounting requirements (a potential related business risk might be, for example, incomplete or improper implementation). How the client: a) Identifies business risks relevant to financial reporting objectives? b) Estimates the significance of those risks? c) Assesses the likelihood of their occurrence? d) Decides about actions to address those risks? e) Deals with the results of the above process? 6. Measurement and review of the client s financial performance 6.1 Key ratios and operating statistics. 6.2 Key performance indicators. 6.3 Employee performance measures and incentive compensation policies. 6.4 Trends. 6.5 Use of forecasts, budgets and variance analysis. 6.6 Analyst reports and credit rating reports. 6.7 Competitor analysis. 6.8 Period-on-period financial performance (revenue growth, profitability, leverage). 6.9 Methods used by management in determining segment information. Consider the following: Sales, transfers and charges between segments, and elimination of intersegment amounts. Comparisons with budgets and other expected results, for example, operating profits as a percentage of sales. The allocation of assets and costs among segments. Consistency with prior periods, and the adequacy of the disclosures with respect to inconsistencies. PAF04 Page 5 of 8 Croner-i Audit - October 2018

6 7. Accounting Systems The client's systems should be documented to include the following areas: The classes of transactions in the client s operations that are significant to the financial statements. The procedures, within both IT and manual systems, by which those transactions are initiated, recorded, processed, corrected as necessary, transferred to the general ledger and reported in the financial statements. The related accounting records, supporting information and specific accounts in the financial statements that are used to initiate, record, process and report transactions; this includes the correction of incorrect information and how information is transferred to the general ledger. How the information system captures related party transactions. This should include those controls in place for the approval, authorisation and identification of related party transactions and transactions outside the normal course of business. How the information system captures events and conditions, other than classes of transactions, that are significant to the financial statements. The financial reporting process used to prepare the client s financial statements, including significant accounting estimates and disclosures. Controls surrounding journal entries, including non-standard journal entries used to record non-recurring, unusual transactions or adjustments. 7.8 Financial reporting roles and responsibilities and significant matters relating to financial reporting, including: a) Communications between management and those charged with governance; and b) external communications, such as those with regulatory authorities. Service Organisations 7.9 Where the entity uses a service organisation: a) The nature of the services provided by the service organisation and the significance of those services to the user entity, including the effect thereof on the user entity's internal control; b) The nature and materiality of the transactions processed or accounts or financial reporting processes affected by the service organisation; c) The degree of interaction between the activities of the service organization and those of the user entity; d) The nature of the relationship between the user entity and the service organisation, including the relevant contractual terms for the activities undertaken by the service organisation; e) How the entity's use of a service organisation affects the user auditor's reporting responsibilities in relation to accounting records arising from laws or regulations Controls at the user entity that relate to the services provided by the service organisation, including those that are applied to the transactions processed by the service organisation. PAF04 Page 6 of 8 Croner-i Audit - October 2018

7 8. Control environment? Do we have notes on the attitude of the company to the following matters Communication and enforcement of integrity and ethical values. Commitment to competence. Participation by those charged with governance. Management s philosophy and operating style. Organisational structure. Assignment of authority and responsibility. Human resource policies and practices. 9. Risk of Fraud Do we have notes on the following matters Management s assessment of the risk that the financial statements may be materially misstated due to fraud. Management s process for identifying and responding to the risks of fraud, including any specific risks of fraud that management has identified or account balances, classes of transactions or disclosures for which a risk of fraud is likely to exist. Management s communication, if any, to those charged with governance regarding its processes for identifying and responding to the risks of fraud in the entity. Management s communication, if any, to employees regarding its views on business practices and ethical behaviour. How those charged with governance exercise oversight of management s processes for identifying and responding to the risks of fraud in the entity and the internal control that management has established to mitigate these risks. 10. Control activities For areas where there is a risk of material misstatement do we have notes on relevant control activities? Control activities include: * Authorisation/Performance reviews * Information processing * Physical controls * Segregation of duties and as a minimum would include those within the main transaction cycles. Are there any particular issues arising from the use of IT that require documenting? 11. Monitoring of controls For areas where there is a risk of material misstatement do we have notes on how the client monitors the operation of controls and control activities in those areas including: a) the sources of the information used in the entity's monitoring activities; PAF04 Page 7 of 8 Croner-i Audit - October 2018

8 b) the basis upon which management considers the information to be sufficiently reliable for the purpose; c) how the entity initiates remedial actions to deficiencies in its controls; d) the nature of the internal audit function's responsibilities and how the internal audit function fits in the entity's organisational structure; and e) the activities performed, or to be performed, by the internal audit function. For example monitoring by management or a separate internal audit function. 12. Groups Sufficient understanding of the group to enable assessment of the risk of material misstatement due to fraud or error. In particular: d) Instructions issued by Group Management to the components including accounting policies to be applied, identification of related party transactions, identification and treatment of intra group transactions, balances and unrealised profits. 13. Related Parties a) Identification of components of the group that are likely to be significant. b) Group wide controls including any internal audit function. c) The consolidation process including; i) matters relating to the financial reporting framework; ii) matters relating to the mechanics of the consolidation process; iii) matters relating to consolidation adjustments. Ascertain from management/ those charged with governance their assessment of whether there are any individuals (in addition to the directors) or entities which should be treated as related parties. a) Identify changes from the previous periods. b) Ascertain the nature of the relationship. c) Update details on PAF06 or elsewhere on the permanent file as appropriate. PAF04 Page 8 of 8 Croner-i Audit - October 2018