CPA Australia's Quality Review Program has revealed the most common ways members have been found to have breached the auditing standards. Many of the breaches found are the result of a lack of documentation, as per ASA 230, providing the necessary evidence that required procedures have been performed.

1. ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report

  • No evidence on the auditor's working papers that the auditor had performed any procedures to obtain reasonable assurance that the financial report as a whole is free from material misstatement caused by fraud or error.
  • No evidence on the auditor's working papers that the auditor has performed procedures that include testing management's ability to override controls.
  • No evidence on the auditor's working papers that the auditor has documented the result of the audit procedures performed to address the risk of material misstatement due to fraud at the financial report level and the assertion level to support the member's audit opinion.

2. ASAE 3000 Assurance Engagements Other than Audits or Reviews of Historical Financial Information

  • Breaches found in this section can also be found in ASAE 3100.  Commonly breaches of this standard were found in compliance audit engagements, such as trust account audits and SMSF compliance audits.
  • No evidence in the auditor's working papers that the auditor planned and performed the engagement.
  • No evidence that the auditor has obtained understanding of the client, considered materiality and assessed the risks of material misstatement when performing the engagement.
  • The report issued for the engagement has not included all the required elements required by the standard.
  • No evidence that the auditor has considered the effect of events up to the date of the assurance report (subsequent events).
  • No evidence that the auditor has requested a written representation from their clients.
  • For SMSF compliance audit engagements, no documented evidence that the auditor designed and performed procedures to check on the trustees' compliance with SIS Act and Regulations.

3. ASAE 3100 Compliance Engagements

  • Breaches found in this section can also be found in ASAE 3000.  Commonly, breaches of this standard were found in compliance audit engagements, such as trust account audits and SMSF compliance audits.
  • No evidence in the auditor's working papers that the auditor planned and performed the engagement.
  • No evidence that the auditor has obtained understanding of the client, considered materiality and assessed the risks of material misstatement when performing the engagement.
  • The report issued for the engagement has not included all the required elements required by the standard.
  • No evidence that the auditor has considered the effect of events up to the date of the assurance report (subsequent events).
  • No evidence that the auditor has requested a written representation from their clients.
  • For SMSF compliance audit engagements, no documented evidence that the auditor designed and performed procedures to check on the trustees' compliance with SIS Act and Regulations.

4. ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards

  • Lack of independence of the auditor when performing the audit engagements. This commonly found in SMSF audit engagements, where the same person is responsible for the preparation of the financial statements and the audit of the financial statements of the same clients. The auditor also breached APES 110.
  • For more guidance on the requirement of independence, please refer to the Independence Guide, released by the Joint Accounting Bodies.
  • The auditor has misrepresented their compliance with the Australian Auditing Standards in the auditor's report when the auditor was found not fully compliant with the applicable auditing standards.

5. ASA 320 Materiality in Planning and Performing an Audit

  • No evidence that the auditor has determined materiality for the financial report as a whole.
  • No evidence that the auditor has determined performance materiality.
  • No evidence on the auditor's working papers that demonstrate the amounts and factors considered in determining materiality for the financial report as a whole, the materiality levels for particular classes of transactions, account balances or disclosures, performance materiality, and any revision to these as the audit progressed.

6. ASA 570 Going Concern

  • No evidence that the auditor has considered any events/conditions/material uncertainty about the client's ability to continue as a going concern when assessing the risks of material misstatement.
  • No evidence that the auditor has concluded the appropriateness of management's use of the going concern basis of accounting in the preparation of the financial report.
  • No evidence on the auditor's working paper that the auditor has made conclusion (in the auditor's judgement) on the client's ability to continue as a going concern, based on the audit evidence obtained.
  • For SMSF compliance audit engagements, no evidence in the auditor's working paper that the auditor has evaluated the solvency of the SMSF's financial position (SIS Act section 130, SIS Reg 9.03 and Reg 9.04).

7. ASA 580 Written Representations 

  • No evidence on the auditor's working paper that the auditor has obtained written representation from the client (signed by the client).
  • Failure to include all the areas required written representation letter in accordance with the auditing standards, including management's responsibility in relation to fraud (ASA 240 para. 40).
  • Inappropriate timing of obtaining management representation letter, in which the representation letter was obtained and dated at the planning of the audit, instead of as near as practicable, but not after, the date of the auditor's report.
  • Signed representation letter was obtained after the issuance of the audit report.

8. ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment

  • No evidence on the auditor's working paper that the auditor has obtained understanding of the client and its internal control.
  • No evidence on the auditor's working paper that the auditor has performed assessments of risk of material misstatements at the financial report and assertion levels.

9. ASA 700 Forming an Opinion and Reporting on a Financial Report

  • The auditor issued the audit report in the outdated format where the audit opinion was still put at the end of the audit report and there was no basis of opinion paragraph.
  • For SMSF Audit engagements, the audit report issued did not use the ATO approved form.

10. ASA 550 Related Parties

  • No evidence on the auditor's working paper on the auditor's understanding of the client's related party relationship and transactions.
  • No evidence on the auditor's working paper their risks assessment associated with related party relationships and transactions.