Introduction to Outsourced Finance and Accounting Functions
Outsourcing is the use of external suppliers as a source of finished products, components or services. It is also known as ‘sub-contracting’. The use of the services of such an external supplier does not diminish the ultimate responsibility of the directors for conducting the business of the entity.
The advantages of outsourcing are as follows: it frees time for the employees. it allows the entity to take advantage of specialist expertise rather than investing in these facilities itself and under-utilising them. services may be performed more quickly and to a higher standard. it may be cheaper, once time savings and opportunity costs are taken into account. However there are a number of disadvantages Outsourced Finance: there is no guarantee that the service will be performed to the organisation’s satisfaction. it may be more expensive than providing the service in-house. by performing services itself the organisation retains or develops skills that may be needed in the future and will otherwise be lost. commercially sensitive data may get into the wrong hands. there may be opposition from employees if outsourcing involves redundancies.
Audit considerations relating to entities using service organisations
A “service organisation” is an entity that provides services to another. They undertake a wide variety of activities such as: information processing maintenance of accounting records facilities management maintenance or safe custody of assets; and initiation or execution of transactions on behalf of the other entity Service organisations may undertake activities on a dedicated basis for one entity, or on a shared basis, either for members of a single group of entities or for unrelated customers.
Impact on the audit planning
At the planning stage, the auditor should determine the significance of the service organisations to the client and relevance to the audit. They should also obtain an understanding of the contractual terms which apply and the controls in place. These should be documented for the audit file. The auditor would consider the following: whether the terms contain an adequate specification of the information to be provided to the entity and responsibilities for initiating transactions relating to the activity undertaken by the service organisation the way accounting records are maintained whether the entity has rights of access to the accounting records prepared by the service organisation whether the terms take proper account of any applicable regulations concerning the form of records to be maintained, or access to them the nature of relevant performance standards whether the service organisation has agreed to indemnify the entity in the event of performance failure and whether the auditor will be able to access sources of evidence
Audit procedures
The auditors should assess the effect of the service organisation activities on their assessment of risk of material misstatement. The following factors will be relevant to inherent risk: the nature of services provided the degree to which authority is delegated to the service organisation the arrangements for ensuring quality of service whether the activities involve assets with a high risk of loss or misappropriation and the reputation and integrity of those managing the service organisation. The auditors will also need to assess the controls operated by the entity over information given to the service organisation. They should also review the actual experience of adjustments to, and errors in, the information received from the service organisation. If a service organisation maintains all or part of the entity’s accounting records, the auditors should assess whether the arrangements affect their reporting responsibilities in relation to accounting records. The auditors should: assess whether sufficient appropriate audit evidence concerning the relevant financial statement assertions is available from records held at the entity and, if not determine effective procedures to obtain necessary evidence for the audit, either by direct access to the records kept by the service organisation or through information obtained from the service organisation or their auditors. The auditors would normally perform the following procedures: inspect records and documents held by the entity establish the effectiveness of controls obtain representations to confirm balances and transactions from the service organisation perform analytical review procedures on records maintained by the entity or on returns received from the service organisation inspect records and documents held by the service organisation request the service organisation auditor or the entity’s internal auditors to perform specified procedures review information from the service organisation and its auditors concerning the design and performance of control systems When an entity is using a service organisation, the auditor should: increase their focus on whether to include the service organisation’s audit report as audit evidence when carrying out risk assessment, the auditor should perform procedures to ensure that the service organisation’s controls are operating effectively obtain a report on the description, design and operating effectiveness of the controls in place at the service organisation this involves a report prepared by the management of the service organisation, and a reasonable assurance report by the service organisation’s auditor the auditors will need to satisfy themselves about the competence and independence of the service organisation’s auditor, and that the service organisation’s auditors’ report provides sufficient appropriate evidence about the effectiveness of the entity’s controls
Leave a Reply
You must be logged in to post a comment.