Practical Steps for Auditors in Light of COVID-19

While financial reporting teams continue to evaluate the impacts of COVID-19 on their disclosures, companies and auditors are running into difficulties when preparing accounts and carrying out audits. 

The increasingly uncertain economic outlook in the wake of the pandemic has consequences for companies proposing to report results in the coming months. Given international, local and company restrictions on travel, meetings and access to company sites, many auditors must quickly develop new methods of gathering sufficient, appropriate audit evidence.

The Financial Reporting Council (FRC), which previously published guidance for companies on disclosure of risks and other reporting consequences arising from the COVID-19 pandemic, has now published guidance for auditors. 

In short: the FRC isn't giving anyone a break. Audits should continue to comply fully with required standards, according to the guidance. If extra time is needed, "it is important that this is taken, even at the risk of delaying company reporting," the FRC wrote. 
 
With this is mind, here are eight immediate steps auditors can take to maintain accounting and audit controls.

1. Activate business continuity planning (BCP) protocols

If you haven't already, prepare and activate your business continuity planning (BCP) protocols. This includes reviewing key process and controls documentation and user guidance manuals.

Where appropriate, process documentation should be fully tested such that the user manuals accurately reflect how the process is delivered. Offline files (we’re all guilty of it) should be immediately moved from local drives to the cloud, with appropriate permission settings to make them easily discoverable by colleagues. 

Ensure process documents and user manuals are readily accessible, wherever staff may be. Place them in an easy-to-find network drive, intranet site, or centralised workspace in the cloud that teams can access, even if they're working from home. Users of the Workiva connected reporting and compliance platform also can use blacklines, permission settings and workspaces to manage documentation authoring and audit trails.

2. Plan for reduced staff availability

A lack of staff availability may impact segregation-of-duties controls, permissions-based approvals or complex process delivery. Review Delegation of Authority letters in the event they require amendment at short notice. 

Concentrate any remaining offline or local staff functions into the cloud, supported by permissions-based controls, to enhance process standardisation and reduce the risk of staff downtime. 

3. Move the gathering of audit evidence to the cloud

Moving the collection of audit evidence to cloud platforms enables auditors to remotely gather sufficient, appropriate audit evidence. The planned audit approach may need to change and alternative procedures be developed, particularly in group audit engagements or where travel to client sites may not be possible. The Workiva platform allows users to attach audit requests at a document, section or cell level in support of client PBC requests.

Cloud platforms rapidly accelerate evidence gathering to be able to report or consider modifying the audit opinion. This allows companies with significant operations in countries affected by COVID-19 to mitigate delays in receiving requested audit evidence for consolidated financial statements.

4. Centralise work performed by other auditors

Centralising the audit engagement on a cloud platform allows group auditors to review the work of component auditors to meet the requirements in standards, including considering whether alternative procedures can be used, if travel is restricted. 

Workiva workspaces can be configured separately for both primary and component auditor access rights to facilitate this, with financial preparers working in their own workspaces.

5. Assess management estimates, going concern

Connecting risk registers and risk control matrices (RCMs) to management and business reviews in the cloud allows the assessment of going concern of an audited company in near real time. This allows for real-time impact assessment of management estimates (IAS37–Accounting for Contingencies & Provisions (IFRS), AS 2501: Auditing Accounting Estimates) (US GAAP) on the statutory financial statements particularly in high-risk industries (e.g., airlines, transport, hospitality) where the assessment of going concern may change abruptly or require frequent unscheduled review.

6. Connect parent and subsidiary financial statement disclosures

Linking shared information allows you to connect parent and subsidiary financial statement disclosures made by management about the impact of COVID-19 on the company and its outlook. Both group and subsidiary disclosure notes update concurrently, and users of the financial statements are properly informed, even in highly uncertain, rapidly changing circumstances. 

Companies should consider their disclosure obligations regarding business risks related to the impacts of COVID-19 within the context of their local regulatory requirements. Disclosures should be specific to individual circumstances, avoiding broad or generic language. This applies particularly to IFRS10 Consolidated Financial Statements and to both FRC and ESMA Audit Enforcement Policies.

7. Reassess key audit risks in real time

Connecting business owners, regulatory guidance and the governance provided by management reviews within a connected reporting platform allows the auditor to reassess key aspects of audits quickly. This assessment will take place right up to the point of signing the auditor’s report and may need additional evidence and information from management.

Where the current circumstances have had a significant impact on the delivery of the audit, the auditor will need to consider how to explain this in their report, for example, by reporting this as a key audit matter and supporting it through blacklining and change log reviews.

8. Take steps to avoid delayed reporting, filings and communications

Connecting financial statements to audit committee working papers, board of directors packs and management memorandum cuts down on secretarial and administrative overhead ahead of annual general meetings. Failure to follow regulations and meet filing deadlines may have consequences, unless specific agreements are in place with regulators.

Connecting documents reduces the need to postpone the scheduled annual general meeting and keeps investors informed of any changes. To save even more time, streamline workflows with tasks and certifications.

We're in this together

Companies and their audit committees understand it is vital that auditors have sufficient time and support to carry out their work to an appropriate standard, including reassessing work done to reflect changed circumstances.

While auditors may be accustomed to working remotely, working from home as COVID-19 spreads may be a new experience. The internal audit program manager for Workiva, Ruth Nouanesengsy, shared six tips for audit teams working remotely. 

If you’re not yet a Workiva customer, we're still here for you. Check out our solutions, or let us know how we can help.