Annual Audit Manual
COPYRIGHT NOTICE — This document is intended for internal use. It cannot be distributed to or reproduced by third parties without prior written permission from the Copyright Coordinator for the Office of the Auditor General of Canada. This includes email, fax, mail and hand delivery, or use of any other method of distribution or reproduction. CPA Canada Handbook sections and excerpts are reproduced herein for your non-commercial use with the permission of The Chartered Professional Accountants of Canada (“CPA Canada”). These may not be modified, copied or distributed in any form as this would infringe CPA Canada’s copyright. Reproduced, with permission, from the CPA Canada Handbook, The Chartered Professional Accountants of Canada, Toronto, Canada.
7533 Responses to the risks of material misstatements associated with related party relationships and transactions
Oct-2012
In This Section
Responses to significant risks associated with related party relationships and transactions
Identified significant related party transactions outside of the entity’s normal course of business
Overview
This topic explains:
-
How we respond to the risks of material misstatements associated with related party relationships and transactions;
-
How we respond to significant risks associated with related party transactions and relationships;
-
What procedures are required when we identify previously unidentified or undisclosed related parties or significant related party transactions;
-
What procedures are required when we identify significant related party transactions outside of the entity’s normal course of business;
-
What procedures are required when management makes an assertion that related party transactions were conducted on terms equivalent to those prevailing in an arm’s length transactions.
CAS Requirement
As part of the CAS 330 requirement that the auditor respond to assessed risks, the auditor designs and performs further audit procedures to obtain sufficient appropriate audit evidence about the assessed risks of material misstatement associated with related party relationships and transactions. These audit procedures shall include those required by paragraphs 21-24 (CAS 550.20).
The CAS 550 requirements in CAS 550.21-24 for responses to the risk of material misstatement associated with related party relationships and transactions are set out in the following blocks below:
-
Identification of previously unidentified or undisclosed related parties or significant related party transactions.
-
Identified significant related party transactions outside of the entity’s normal course of business.
-
Assertions that related party transactions were conducted on terms equivalent to those prevailing in an arm’s length transaction.
CAS Guidance
The nature, timing and extent of the further audit procedures that the auditor may select to respond to the assessed risks of material misstatement associated with related party relationships and transactions depend upon the nature of those risks and the circumstances of the entity (CAS 550.A31).
Depending upon the results of the auditor’s risk assessment procedures, the auditor may consider it appropriate to obtain audit evidence without testing the entity’s controls over related party relationships and transactions. In some circumstances, however, it may not be possible to obtain sufficient appropriate audit evidence from substantive audit procedures alone in relation to the risks of material misstatement associated with related party relationships and transactions. For example, where intra-group transactions between the entity and its components are numerous and a significant amount of information regarding these transactions is initiated, recorded, processed or reported electronically in an integrated system, the auditor may determine that it is not possible to design effective substantive audit procedures that by themselves would reduce the risks of material misstatement associated with these transactions to an acceptably low level. In such a case, in meeting the CAS 330 requirement to obtain sufficient appropriate audit evidence as to the operating effectiveness of controls, the auditor is required to test the entity’s controls over the completeness and accuracy of the recording of the related party relationships and transactions (CAS 550.A34).
OAG Guidance
Responses to the risks of material misstatement
-
If material related party transactions are identified, perform procedures to an extent based on the risk of material misstatement to identify whether they have been properly recorded and disclosed. (Note that qualitative aspects of materiality, including circumstances giving rise to the identification of the transactions, should be taken into account when designing the appropriate procedures.)
-
For complex and unusual transactions identified, evaluate whether their terms and the way they have been accounted for are consistent with management’s explanation of their business rationale and obtain evidence that they have been appropriately authorized and approved.
-
If relevant, consider why the related party transactions have not been identified or disclosed by management. If the non-identification or non‑disclosure appears intentional, (i) communicate this information to those charged with governance (unless all of them are part of management), and (ii) evaluate the implications on the audit.
-
To the extent that material related party transactions are identified, individually or in aggregate, determine that disclosure in the financial statements is in accordance with the applicable financial reporting framework.
Professional judgment is required in deciding whether related party transactions are material and thus require disclosure. Quantitative materiality thresholds are usually lower for related party transactions than for those that do not involve related parties, especially as to transactions considered unusual or that cannot be attributed to normal corporate business activities. . For example, while a transaction between the client and an entity owned by a controlling shareholder/officer might be insignificant to the client in the normal sense considering only the monetary amounts, we need to consider whether the nature of the transaction is information a reader would have to more fully understand the company’s operating methods and procedures.
CAS Guidance
Examples of substantive audit procedures that the auditor may perform when the auditor has assessed a significant risk that management has not appropriately accounted for or disclosed specific related party transactions in accordance with the applicable financial reporting framework (whether due to fraud or error) include (CAS 550.A32):
-
Confirming or discussing specific aspects of the transactions with intermediaries such as banks, law firms, guarantors, or agents, where practicable and not prohibited by law, regulation or ethical rules;
-
Confirming the purposes, specific terms or amounts of the transactions with the related parties (this audit procedure may be less effective where the auditor judges that the entity is likely to influence the related parties in their responses to the auditor);
-
Where applicable, reading the financial statements or other relevant financial information, if available, of the related parties for evidence of the accounting of the transactions in the related parties’ accounting records.
If the auditor has assessed a significant risk of material misstatement due to fraud as a result of the presence of a related party with dominant influence, the auditor may, in addition to the general requirements of CAS 240, perform audit procedures such as the following to obtain an understanding of the business relationships that such a related party may have established directly or indirectly with the entity and to determine the need for further appropriate substantive audit procedures (CAS 550.A33):
- Inquiries of, and discussion with, management and those charged with governance.
- Inquiries of the related party.
- Inspection of significant contracts with the related party.
- Appropriate background research, such as through the Internet or specific external business information databases.
- Review of employee whistle-blowing reports where these are retained.
OAG Guidance
Examples of further procedures that we may perform when we have identified a significant risk that management has not identified, appropriately accounted for or disclosed related party relationships or transactions include:
-
Conducting a detailed review of accounting records for transactions with (a) specific characteristics, such as terms that deviate significantly from known market terms, or (b) unusual patterns or trends, such as regular advances to a third party, paying particular attention to transactions recognized at or near the end of the reporting period;
-
Investigating the entity’s relationships with major suppliers and customers, such as inquiring of them as to whether they are related, reading their financial statements or inquiring of relevant information sources regarding their ownership;
-
Review confirmations of compensating balance arrangements for indications that balances are or were maintained for or by related parties;
-
Performing substantive analytical procedures on specific classes of transactions, such as lease expense or sales, to identify unusual relationships;
-
Review confirmations of loans receivable and payable for indications of guarantees. Where guarantees are indicated, determine their nature and the relationships, if any, of the guarantors to the reporting entity;
-
Performing background searches using, for example, internet resources.
CAS Requirement
If the auditor identifies arrangements or information that suggests the existence of related party relationships or transactions that management has not previously identified or disclosed to the auditor, the auditor shall determine whether the underlying circumstances confirm the existence of those relationships or transactions (CAS 550.21).
If the auditor identifies related parties or significant related party transactions that management has not previously identified or disclosed to the auditor, the auditor shall (CAS 550.22):
(a) Promptly communicate the relevant information to the other members of the engagement team;
(b) Where the applicable financial reporting framework establishes related party requirements:
i) Request management to identify all transactions with the newly identified related parties for the auditor’s further evaluation; and
ii) Inquire as to why the entity’s controls over related party relationships and transactions failed to enable the identification or disclosure of the related party relationships or transactions;
(c) Perform appropriate substantive audit procedures relating to such newly identified related parties or significant related party transactions;
(d) Reconsider the risk that other related parties or significant related party transactions may exist that management has not previously identified or disclosed to the auditor, and perform additional audit procedures as necessary; and
(e) If the non-disclosure by management appears intentional (and therefore indicative of a risk of material misstatement due to fraud), evaluate the implications for the audit.
CAS Guidance
Communicating promptly any newly identified related parties to the other members of the engagement team assists them in determining whether this information affects the results of, and conclusions drawn from, risk assessment procedures already performed, including whether the risks of material misstatement need to be reassessed (CAS 550.A35).
Examples of substantive audit procedures that the auditor may perform relating to newly identified related parties or significant related party transactions include (CAS 550.A36):
-
Making inquiries regarding the nature of the entity’s relationships with the newly identified related parties, including (where appropriate and not prohibited by law, regulation or ethical rules) inquiring of parties outside the entity who are presumed to have significant knowledge of the entity and its business, such as legal counsel, principal agents, major representatives, consultants, guarantors, or other close business partners.
-
Conducting an analysis of accounting records for transactions with the newly identified related parties. Such an analysis may be facilitated using computer-assisted audit techniques.
-
Verifying the terms and conditions of the newly identified related party transactions, and evaluating whether the transactions have been appropriately accounted for and disclosed in accordance with the applicable financial reporting framework.
The requirements and guidance in CAS 240 regarding the auditor’s responsibilities relating to fraud in an audit of financial statements are relevant where management appears to have intentionally failed to disclose related parties or significant related party transactions to the auditor. The auditor may also consider whether it is necessary to re-evaluate the reliability of management’s responses to the auditor’s inquiries and management’s representations to the auditor (CAS 550.A37).
OAG Guidance
Examples of transactions which may be indicative of previously unidentified related parties include:
-
Transactions which lack an apparent logical business purpose.
-
Transactions which have abnormal terms of trade, such as non-market prices, interest rates, guarantees, and repayment terms.
-
Transactions in which substance differs from form.
-
Transactions processed in an unusual manner.
-
High volume or significant transactions with certain customers or suppliers as compared with others.
-
Unrecorded transactions such as the receipt or provision of management or any other services at no charge.
-
Equity transactions, such as corporate restructurings or acquisitions.
If management’s procedures for identifying, monitoring, and disclosing transactions with related parties are not formally documented, recommend that the company clearly establish guidance in its Code of Conduct or similar policies and procedures document. Related parties include transactions with entity’s directors, officers, management, or other highly compensated individuals.
Discuss the related party transactions that have come to our attention during the audit, with an emphasis on (a) material items that have been disclosed in the financial statements and (b) transactions (other than normal compensation and benefits) with officers and directors regardless of materiality and/or disclosure in the financial statements. Where financial statement disclosure of those related party transactions has not been made, communicate our understanding of management’s reasons for excluding them.
CAS Requirement
For identified significant related party transactions outside the entity’s normal course of business, the auditor shall (CAS 550.23):
(a) Inspect the underlying contracts or agreements, if any, and evaluate whether:
i) The business rationale (or lack thereof) of the transactions suggests that they may have been entered into to engage in fraudulent financial reporting or to conceal misappropriation of assets;
ii) The terms of the transactions are consistent with management’s explanations; and
iii) The transactions have been appropriately accounted for and disclosed in accordance with the applicable financial reporting framework; and
(b) Obtain audit evidence that the transactions have been appropriately authorized and approved.
CAS Guidance
In evaluating the business rationale of a significant related party transaction outside the entity’s normal course of business, the auditor may consider the following (CAS 550.A38):
-
Whether the transaction:
-
Is overly complex (for example, it may involve multiple related parties within a consolidated group),
-
Has unusual terms of trade, such as unusual prices, interest rates, guarantees and repayment terms,
-
Lacks an apparent logical business reason for its occurrence,
-
Involves previously unidentified related parties,
-
Is processed in an unusual manner.
-
-
Whether management has discussed the nature of, and accounting for, such a transaction with those charged with governance.
-
Whether management is placing more emphasis on a particular accounting treatment rather than giving due regard to the underlying economics of the transaction.
If management’s explanations are materially inconsistent with the terms of the related party transaction, the auditor is required, in accordance with CAS 500, to consider the reliability of management’s explanations and representations on other significant matters.
The auditor may also seek to understand the business rationale of such a transaction from the related party’s perspective, as this may help the auditor to better understand the economic reality of the transaction and why it was carried out. A business rationale from the related party’s perspective that appears inconsistent with the nature of its business may represent a fraud risk factor (CAS 550.A39).
Authorization and approval by management, those charged with governance, or, where applicable, the shareholders of significant related party transactions outside the entity’s normal course of business may provide audit evidence that these have been duly considered at the appropriate levels within the entity and that their terms and conditions have been appropriately reflected in the financial statements. The existence of transactions of this nature that were not subject to such authorization and approval, in the absence of rational explanations based on discussion with management or those charged with governance, may indicate risks of material misstatement due to error or fraud. In these circumstances, the auditor may need to be alert for other transactions of a similar nature. Authorization and approval alone, however, may not be sufficient in concluding whether risks of material misstatement due to fraud are absent because authorization and approval may be ineffective if there has been collusion between the related parties or if the entity is subject to the dominant influence of a related party (CAS 550.A40).
OAG Guidance
A plan for testing other than routine or recurring intercompany transactions and balances will ordinarily include the following:
-
A review of the entity’s procedures for the authorization and control of intercompany transactions.
-
A review of the basis of intercompany pricing and terms with consideration given to sensitive areas and tax implications.
We may find it difficult to obtain sufficient appropriate evidence over the substance of the transactions by reviewing supporting documentation from within the audited entity alone and there may be merit in requesting the counterparty to confirm that their understanding of the nature of the transaction is the same as ours. By receiving a confirmation from the counterparty that they have the same understanding of the transaction, and that there are no side agreements or other significant aspects that are not known to the counterparty, we can obtain further assurance that our understanding is adequate for the purpose of the audit.
If we do not receive an adequate response from the counterparty, we carry out further investigation of the matter, as the evidence already obtained may not be sufficient to support conclusions in the audit report.
If knowledge about the counterparty is limited, consider using other available sources of information, including external data and internet searches.
Related party transactions may represent possible illegal acts. For example, loans to directors or executive officers of a Public Company may be prohibited by securities laws and regulations.
See OAG Audit 7513 for guidance on responses required when we become aware of information concerning a possible illegal act.
CAS Requirement
If management has made an assertion in the financial statements to the effect that a related party transaction was conducted on terms equivalent to those prevailing in an arm’s length transaction, the auditor shall obtain sufficient appropriate audit evidence about the assertion (CAS 550.24).
CAS Guidance
Although audit evidence may be readily available regarding how the price of a related party transaction compares to that of a similar arm’s length transaction, there are ordinarily practical difficulties that limit the auditor’s ability to obtain audit evidence that all other aspects of the transaction are equivalent to those of the arm’s length transaction. For example, although the auditor may be able to confirm that a related party transaction has been conducted at a market price, it may be impracticable to confirm whether other terms and conditions of the transaction (such as credit terms, contingencies and specific charges) are equivalent to those that would ordinarily be agreed between independent parties. Accordingly, there may be a risk that management’s assertion that a related party transaction was conducted on terms equivalent to those prevailing in an arm’s length transaction may be materially misstated (CAS 550.A42).
The preparation of the financial statements requires management to substantiate an assertion that a related party transaction was conducted on terms equivalent to those prevailing in an arm’s length transaction. Management’s support for the assertion may include (CAS 550.A43):
-
Comparing the terms of the related party transaction to those of an identical or similar transaction with one or more unrelated parties.
-
Engaging an external expert to determine a market value and to confirm market terms and conditions for the transaction.
-
Comparing the terms of the transaction to known market terms for broadly similar transactions on an open market.
Evaluating management’s support for this assertion may involve one or more of the following (CAS 550.A44):
-
Considering the appropriateness of management’s process for supporting the assertion.
-
Verifying the source of the internal or external data supporting the assertion, and testing the data to determine their accuracy, completeness and relevance.
-
Evaluating the reasonableness of any significant assumptions on which the assertion is based.
Some financial reporting frameworks require the disclosure of related party transactions not conducted on terms equivalent to those prevailing in arm’s length transactions. In these circumstances, if management has not disclosed a related party transaction in the financial statements, there may be an implicit assertion that the transaction was conducted on terms equivalent to those prevailing in an arm’s length transaction (CAS 550.A45).
OAG Guidance
If management is proposing to include an assertion that “related party transactions were conducted on terms equivalent to those prevailing in an arm’s length transaction in the financial statements”, discuss with them at an early stage to explain what it may or may not be possible to say and the type of evidence they will need to provide us to support this assertion.
Procedures to determine if transactions are at arm’s length
For routine transactions, it may be possible to compare to similar transactions with counterparties who are not related parties (e.g., in an oil and gas company, whether petrol sold to a subsidiary is sold at the same price as petrol is sold to external clients). But, for example, if the volume of transactions with the related party is much greater than with those other parties, the terms agreed with the other parties may not properly reflect what the terms would be for that volume of transaction if negotiated with other arm’s length parties. The terms and conditions include not only the price, but lots of other aspects of the transaction such as credit terms, specific charges, contingencies. In addition, if it is a unique transaction, determining “market conditions” becomes challenging and we consider if an external expert is required to determine the market value and to confirm the market value and market terms and conditions for the transaction.
If we identify transactions in the course of our audit that in our judgment were not conducted on an arm’s length basis, consider if related parties are involved and the implications of these transactions on our audit.
A preface to a disclosure such as “Management believes that” or “It is the Company’s belief that” does not change management’s responsibility to substantiate the representation.
If we are unable to substantiate the representation, comment on this scope limitation in the audit report and issue a qualified opinion or disclaim an opinion. If it is concluded that the representation is misleading or inaccurate, insist that it be corrected and, failing this, issue a qualified or adverse opinion (due to a departure from the relevant financial reporting framework), depending on materiality.
Related Guidance:
See OAG Audit 3090 for guidance on the use of experts.