A group of people are working on a financial success plan on a table.
A person is typing on a laptop computer with a graph on the screen.
September 13, 2024

Group Audits Should Be Far More Common Than They Actually Are

Now new rules are adding complexity with ‘referred-to’ auditors and a risk-based approach to planning and performing a group audit

Group audits are needed far more often than you may think.

 

And now, the new group audit rules are coming, bringing with them a whole new class of “referred-to” auditors.

 

The American Institute of Certified Public Accountants’ (AICPA) Auditing Standards Board (ASB) SAS No. 149 revises the definition of a “component auditor” and takes an updated risk-based approach to planning and performing a group audit.

 

But before we get into that, it’s important to say that far too many auditors see a single business or single business line and say, “this is a regular audit” when what’s really required to be a group audit.

 

Determining what is and what isn’t a “component” can be simple, but it is not always obvious. Depending on how the company runs its operations, you can have a single entity, and yet have multiple business activities inside of it that requires a group audit.

 

Too often, auditors miss that if they are dealing with a single entity — if they don’t have a consolidation of two or more subsidiaries staring them in the face. The key is to look at business activities first and determine if they are significant in terms of dollar amounts, or materiality, or if there’s a high risk in that part of the operations. Follow the flow of the numbers!

 

You have to stop and ask yourself, does the company have multiple product lines, service lines, branches, or anything else where the CFO and the CEO of a company manage their operations by tracking the performance of those multiple product or service lines? Are there multiple locations or divisions?


 

Auditors are required to use professional judgment to determine whether a business activity represents a component, regardless of whether it is a separate legal entity.

 

Enter the new standards

 

The new part of what’s going on is adding a twist to group audits. Along with the work of component auditors cited — for whose work the group auditor is responsible — there’s a new category: Referred-to Auditors

 

At the simplest level, referred-to auditors are in effect secondary auditors, brought in to issue their own opinion on a particular part of the operations that the group auditor will reference in their work. The new group audit standards make clear that the work of the referred-to auditor is relied upon in the final group audit, but was not done by the group auditor.

 

Referred-to auditors are not component auditors under the terms of SAS No. 149, Special Considerations — Audits of Group Financial Statements (Including the Work of Component Auditors and Audits of Referred-to Auditors) .

 

In effect, it tells group auditors to say very clearly, “Hey, we didn’t look at this part of the operation” but we are referring to and relying upon the opinion.

 

SAS No. 149 also revises the definition of component auditors to make clear that they are part of the engagement team, whereas referred-to auditors are not.

 

Issued in March 2023, SAS 149 goes into effect for audits of group financial statements for periods ending on or after December 15, 2026.

 

Getting Risky

 

That’s not the only change. The most significant change ushered in by SAS No. 149 is that it provides an updated risk-based approach to planning and performing a group audit.

 

The existing standard requires a group engagement team to identify significant components at which to perform audit work.

 

However, SAS No. 149 directs the group auditor to use professional judgment in determining the components at which to perform procedures, based on assessed risks.

 

Just as they are required to use professional judgment in determining what should or shouldn’t be a group audit.


Collemi Consulting leverages nearly three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.

Testing of Non-Standard Journal Entries to Identify Questionable Transactions

By Jennifer Ruf March 24, 2025
As audit season is in high gear, it’s important for auditors to step back and plan how they are going to audit a client’s books and records. What are the red flags you’re looking for when it comes time to throw open the books and look through a huge swath of journal entries to pluck out the ones that are questionable, and need to be questioned? First off, it’s important to understand how journal entries are created at the company being audited. For an auditor, that means looking at the internal control environment to understand how a journal entry is created: Who’s authorized to create one and who can create one. You have to understand the process. How does it start and how is the entry eventually recorded onto the financial reporting system? Once you know that, you can determine whether someone can come in and override the system, or if someone can pretend to be someone else and start recording journal entries onto the system. That will help you figure out what to look for to decide what entries to pull out and ask management to get back up information to support and validate those entries. Finding the needle The key here is not to just go through the mechanics, but to really go through the exercise so you can determine if management is playing games in the recording of those transactions. You have to be able to get comfortable with that, and that means you need to be able to document what you’re looking for. Because what the auditor is really doing is looking for a “needle in the haystack”, to identify the transactions that don’t look right, that don’t make sense in the ordinary course of business. For example, if the business is not open on weekends, are transactions being posted on a Saturday or Sunday, or even on holidays? If you see rounded numbers or accounts that are seldom used, those can be red flags as well. Sometimes it can be as simple as asking managers and others like accounting, data entry and IT personnel if they’ve observed any unusual accounting entries. Depending on the size of the company and scope of the work, you might need to use computerized audit software program — some of them with AI built in — that can scan the entries to identify anomalies. Red flags When an auditor is looking for evidence of management override of controls, they can look for some of these 12 red flags indicators: ● Top-side entries ● Entries made to unrelated, unusual or seldom-used accounts ● Entries made by individuals who typically don't make entries. ● Entries recorded at the end of the period ● Post-closing entries with no explanations ● Entries made before or during the preparation of financial statements with no account numbers ● Entries that contain rounded numbers or a consistent ending number ● Entries processed outside the normal course of business ● Accounts that contain transactions that are complex or unusual in nature ● Accounts that contain significant estimates and period-end adjustments ● Accounts that have been prone to errors in the past ● Accounts that contain intercompany transactions When testing non-standard journal entries and other adjustments, you should look for documentary evidence indicating that they were properly supported and approved by management. Finally, remember that while most fraudulent entries are made at the end of a reporting period, you shouldn't ignore the rest of the year  Collemi Consulting leverages nearly three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.

It’s Time For Year-End Audits

December 20, 2024
Are you prepared?
A woman's hands holding a microphone

Shake It Off

December 9, 2024
Conquer your fear of public speaking and present like a pro
Man with hand by his ear straining to listen.

Hear, Hear!

December 4, 2024
Boost your business by becoming adept at active listening.
More Posts
Share by: