Center for Board Matters Audit Committee Bulletin. Issue 4, 2017

Transcription

1 Center for Board Matters Audit Committee Bulletin Issue 4, 2017

2 Welcome to Audit Committee Bulletin, published monthly to bring you timely and important information on corporate and financial reporting matters will be a watershed year. A wave of major changes in financial reporting will impact Singapore-incorporated companies listed on the Singapore Exchange (SGX) and other affected entities. In addition to the two new major accounting standards that would be effective (i.e., revenue and financial instruments standards), the key change would be the International Financial Reporting Standards (IFRS) convergence. The impact of IFRS convergence on each company is largely company-specific and it is not going to be business as usual. While the Singapore Financial Reporting Standards (SFRS) is largely aligned to IFRS, there are still areas of differences between SFRS and SG-IFRS, such as transitional provisions, which may have an impact depending on the individual company s operations. We look at the key principles underpinning the convergence process and the potential implications. Massive volumes of data are now available inside and outside companies, and the power of new data analytics technologies are fundamentally changing the audit. We explore the possibilities and explain the key issues facing auditors as they embrace big data and analytics. We hope you have an enjoyable read. Christopher Wong Head of Assurance Ernst & Young LLP Gajendran Vyapuri Assurance Partner Professional Practice Ernst & Young LLP

3 IFRS convergence journey 2018 is going to be a watershed year. A wave of major changes in financial reporting will impact Singapore-incorporated companies listed on the SGX and other affected entities. In addition to the two new major accounting standards that would be effective (i.e., revenue and financial instruments standards), the key change would be the IFRS convergence. Scope In 2014, the Accounting Standards Council (ASC) announced that all Singaporeincorporated companies listed on the SGX will be required to apply a new financial reporting framework that is identical to the IFRS in 2018 (termed as SG-IFRS in this article). Further scope clarifications were provided by the national standard setter in November In particular, the ASC clarified that Singapore-listed companies that are required to apply the new SG-IFRS refer to Singapore-incorporated companies that have issued, or are in the process of issuing, equity or debt instruments for trading in a public market in Singapore. Essentially, companies that are within scope are not restricted to Singapore-incorporated companies with shares currently listed on the SGX, but also include companies in the process of issuing equity or debt instruments and those that have debt instruments listed on SGX. Further scope announcements were made in December 2016 and January The Monetary Authority of Singapore (MAS) and SGX also announced that all SGX-listed companies and business trusts regardless of their place of incorporation currently reporting under SFRS will be required to adopt SG-IFRS. This effectively widens the scope for companies as foreign incorporated listed entities applying SFRS are now required to apply SG-IFRS in It was also clarified that authorized collective investment schemes, including real estate investment trusts (REITS) will continue to apply RAP 7 Reporting Framework for Unit Trusts. Preparing for the change Various stakeholders including standard setters and regulators have issued clarifications and reminders over the last year on the wave of changes coming into effect in 2018, and in particular IFRS convergence. ASC and SGX have issued reminders in December 2016 to stakeholders emphasizing the need to consider the potential implications of the new accounting framework and adopting of new standards. It was also highlighted that these changes may impact both financial and regulatory ratios. The Accounting and Corporate Regulatory Authority (ACRA) has also included a reminder on IFRS convergence in its practice guidance on areas of review focus under its financial reporting surveillance program for 2016 financial statements. ASC and the Institute of Singapore Chartered Accountants (ISCA) have jointly issued a list of question and answers on full IFRS convergence to directors and Chief Financial Officers of Singapore companies listed on SGX. IFRS conversion timeline for December financial year-end company Last SFRS financial statement First 2018 IFRS-compliant financial statements (with 2017 comparatives) 1 January January December 2018 Date of transition Go live 2

4 Implications of IFRS convergence The impact of IFRS convergence is largely company-specific and it will not be business as usual for companies. While SFRS is largely aligned to IFRS, there are still areas of differences between SFRS and SG-IFRS such as transitional provisions, which may have an impact depending on the individual company s operations. An exclusive accounting standard, IFRS 1 First Time Adoption of International Financial Reporting Standards will have to be applied when moving to SG-IFRS. The default accounting treatment is to apply all standards retrospectively unless transitional relief is specifically provided in SG-IFRS 1. As these transitional reliefs may differ from those applied under SFRS, there may be adjustments to the opening balance sheet on transition to SG-IFRS and comparative information even where there is no difference between SFRS and SG-IFRS. Further, IFRS 1 sets out certain optional exemptions which can be applied by first time adopters of IFRS. For instance, companies have the option to zerorize its cumulative foreign currency translation reserves on the date of transition to SG-IFRS. Companies applying this option will exclude the zerorized cumulative translation differences from the gain or loss that will be recognized on the subsequent disposal of those foreign entities. Entities should analyze all the reliefs and exemptions thoroughly to ascertain the ones that can be applied on transition to SG-IFRS. Companies could take the opportunity of IFRS convergence to revisit their accounting policies. This can be done to the extent that they reflect faithfully the economic substance of the transactions. For instance, companies that have elected the fair value model to account for its investment property can revisit its accounting policy and have the option to elect either the cost model or the fair value model when moving to the new framework. What s next? If your company has not commenced a diagnostic exercise on the impact, start now. The effects of IFRS convergence and the application of the new standards have to be reflected in Q interim financial statements for companies that are publishing quarterly announcements. The importance that the audit committees (AC) and boards place on this process is significant. Both the ACs and boards will need to ensure that their companies are ready to announce IFRS compliant numbers by Q This will indubitably place additional pressure on the finance team in the coming months. The decisions on the adoption of the standards and convergence will have a critical impact on financial statements for many years to come. It cannot be emphasized enough that ACs and boards need to be fully engaged as these decisions are made. Engage external professional assistance to ensure that appropriate and complete considerations have been accorded on such decisions and more importantly, implementation solutions are fully explored to assure companies that the decisions translate to the right outcomes. How EY can help Our Financial & Accounting Advisory Services (FAAS) teams provide assistance on critical accounting and related issues, including management and implementation of the new revenue standard, complex accounting and reporting issues, GAAP conversion support, accounting processes and controls support. In addition to addressing the impact of IFRS convergence, companies have to grapple with two new major accounting standards which are also effective in These new standards introduce major changes that could have a wide-ranging and significant impact across many industries. Questions on the application of these new standards, including disclosure requirements are already beginning to emerge as we draw closer to Contact us Ronald Wong Partner Financial & Accounting Advisory Services Ernst & Young LLP ronald.wong@sg.ey.com linkedin.com/in/ronaldwongkw 3

5 How data analytics is transforming the audit In today s business environment characterized by constant disruption, slow growth and uncertainty, boards face more challenges than ever in creating a risk-aware corporate culture and establishing sound risk governance and controls. Terms like big data and analytics have become boardroom hot topics around the world in the last few years. Historically, data was something you owned and was generally structured and human-generated. However, technology trends over the past decade have broadened the definition, which now includes data that is unstructured and machine-generated, as well as data that resides outside of corporate boundaries. Big data is the term used to describe this massive portfolio of data that is growing exponentially. The general view is that big data will have a dramatic impact on enhancing productivity, profits and risk management. But big data in itself yields limited value until it has been processed and analyzed. Analytics is the process of analyzing data with the objective of drawing meaningful conclusions. Major companies and organizations have recognized the opportunity that big data and analytics provide, and many are making significant investments to better understand the impact of these capabilities on their businesses. One area where we see significant potential is in the transformation of the audit. To keep pace with today s increasingly complicated governance and risk management landscape, progressive external audit firms are beginning to use technology to revolutionize the way audits are conducted. town 8 inches dog Tuesday rain 10 minutes DATA is numbers and words without relationship INFORMATION is numbers and words with relationship On Tuesday, 8 inches of rain fell in 10 minutes Rainfall of such magnitude is likely to cause flooding and landslides KNOWLEDGE comprises inferences derived from information 4

6 Transforming the audit As we continue to operate in one of the toughest and most uneven economic climates in modern times, the relevance of the role of auditors in the financial markets is more important than ever before. Audit firms must continue their robust audits to serve the public interest by increasing quality on a continuous basis and delivering more insights and value to the users of financial statements. Professional skepticism and a continued focus on the quality of audit evidence are required throughout an audit. Meanwhile, companies are expecting an enhanced dialog with their auditors and more relevant insights. While the profession has long recognized the impact of data analysis on enhancing the quality and relevance of the audit, mainstream use of this technique has been hampered due to a lack of efficient technology solutions, problems with data capture and concerns about privacy. However, recent technology advancements in big data and analytics are providing an opportunity to rethink the way an audit is executed. The transformed audit will expand beyond sample based testing to include analysis of entire populations of audit relevant data (transaction activity and master data from key business processes), using intelligent analytics to deliver a higher quality of audit evidence and more relevant business insights. Big data and analytics are enabling auditors to better identify financial reporting, fraud and operational business risks and tailor their approach to deliver a more relevant audit. While we are making significant progress and are beginning to see the benefits of big data and analytics in the audit, we recognize that this is a journey. Today, we are moving data from our clients to EY for use by auditors. We are providing audit analytics by processing large client data sets within our environment, integrating analytics into our audit approach and getting companies comfortable with the future of audit. What we really want is to have intelligent audit appliances that reside within companies data centers and stream the results of our proprietary analytics to audit teams. The transition to this future won t happen overnight. It s a massive leap to go from traditional audit approaches to one that fully integrates big data and analytics in a seamless manner. Barriers to integration There are a number of barriers to successful integration of big data and analytics into the audit, though they are not insurmountable. The first is data capture. If auditors are unable to efficiently and cost effectively capture company data, they will not be able to use analytics in the audit. Companies invest significantly in protecting their data, with multi-layered approval processes and technology safeguards. As a result, the process of obtaining client approval for provision of data to the auditors can be time consuming. In some cases, companies have refused or been reluctant to provide data, citing security concerns. Moreover, auditors encounter hundreds of different accounting systems and in many cases, multiple systems within the same company. Data extraction has not historically been a core competency within audit, and companies don t necessarily have this competency either. This results in multiple attempts and a lot of back and forth between the company and the auditor on data capture. Today, extraction of data is primarily focused on general ledger data. However, embracing big data to support the audit will mean obtaining sub ledger information, such as revenue or procurement cycle data, for key business processes. This increases the complexity of data extraction and the volumes of data to be processed. While it is reasonably easy to use descriptive analytics to understand the business and identify potential risk areas, using analytics to produce audit evidence in response to those risks is a lot more difficult. One problem with relying on analytics to produce audit evidence relates to the black box nature of the way in which analytics works, with algorithms or rules used to transform data and produce visualizations or reports. When the auditor gets to this stage, they need to find the appropriate balance between applying auditor judgment and relying on the results of these analytics. The value of integrating big data and analytics into the audit will only be realized when used by auditors to influence the scope, nature and extent of the audit. This will require them to develop new skills focused on knowing what questions to ask of the data, and the ability to use analytics output to produce audit evidence, draw audit conclusions and derive meaningful business insights. It requires a ground up initiative to better understand and influence the education students get at universities and colleges, enhance learning and development programs, and establish the appropriate implementation and enablement programs to support audit teams to effectively integrate big data and analytics into the audit. 5

7 Analytics dilemmas A further issue is how auditing standards and regulations can be aligned with the use of data analytics. In general, the auditing profession is governed by standards that were written in a completely different technological era and did not contemplate the ability to leverage big data. Below are four areas that require further consideration. 1Substantive analytical procedures These examine the reasonableness of relationships in financial statement items, to uncover variations from expected trends. However, the standard doesn t cover using big data based analytics to provide substantive evidence. One of the key differences with analytics techniques is that the procedures are used to identify unusual transactions or misstatements, based on the analysis of the data, and usually without the auditor establishing an expectation. Big data and these analytics techniques did not exist when the standard was conceived, so were not considered as a source of audit evidence. The gap creates uncertainty regarding the relevance and applicability of analytics in providing anything more than indicative evidence. 2Validating the data used for analytics As auditors receive information from the client, they determine its clerical accuracy and completeness, and whether it is appropriate as audit evidence. This applies whether they receive printed documents (such as contracts) or electronic data. But audit analytics do not use or rely on reports generated by the system; instead, relevant master and transaction data is extracted directly from the underlying databases. Procedures are then performed to validate the accuracy and completeness of the data, and it is reconciled with system-generated reports. The auditor is then confident that their analysis is based on the same data the company uses to produce its financial information. While the standards provide some guidance in this area, they could not have anticipated the type and volume of data that auditors are extracting. Inevitably, there are limitations on the extent to which auditors can derive evidence from the procedures that may be performed in relation to such data. 3Defining audit evidence The standards provide a hierarchy of evidence, with third party evidence at the top and management inquiries at the bottom. However, the standards do not indicate what type of evidence analytics provides. It is possible to relate some of these types of tests to the current framework in the standards, but not all. Without a proper description of the type of evidence that analytics provides, auditors are reluctant to claim it as evidence, thus negating the benefits. 4 Precision An audit is designed to detect a material misstatement. When companies record revenues amounting to billions of dollars and users of the financial statements expect them to be free of material misstatements, what level of precision do auditors require of their data analytics? The standards need to provide more guidance in this area. Ultimately, the audit of the future could look quite different from the audit of today. Auditors will be able to use larger data sets and analytics to better understand the business, identify key risk areas and deliver enhanced quality and coverage while providing more business value. Not only can the integration of big data and analytics into the audit help mitigate compliance and reputational risks, it can also lead to better financial reporting and insights. This ultimately drives better decisions and actions within an organization to create strategic value. To achieve this transformation, the profession will need to work closely with key stakeholders, from the businesses they are auditing to the regulators and standard setters. In the future issues of Audit Committee Bulletin, we will look at how companies that leverage big data and analytics stand to uncover a treasure trove of valuable insights that help drive growth while enhancing risk management. Next steps Please speak to your audit team about data analytics and the potential it has for your audit, as well as key next steps for data capture. 6

8 The board s role Boards and AC can be proactive by having discussions early with its external auditors regarding the scope and use of data analytics in the risk assessment process and audit. Questions related to external audit Resources: What resources and technologies do the external auditor have in place to capitalize on big data and analytics? Does the external auditor have programs in place to develop the right talent and technical competencies to appropriately leverage big data and analytics? How is the external auditor coordinating with the management to use data analytics tools? Strategy: How is the external auditor leveraging analytics in the audit today, and what are the plans for doing so in the future? Data capture: Data capture is often a key barrier in the big data and analytics process. Can the company s external auditor determine the scope of data currently being captured? How can the company s internal IT function work with the external auditor to streamline the data capture process? Cybersecurity: Effective use of big data and analytics for audits usually requires external auditors to access internal corporate data. But many companies have invested heavily in protecting their data with multi-layered approval processes and technology safeguards. How can the company give external auditors access to data while still maintaining data security? Capturing the data EY has a robust data capture process to prepare your data, ready for use in our analytics. 1 Plan data capture and delivery process Define scope of analytics (business units, date ranges) Identify relevant data Define and agree data capture method Agree on responsibilities between EY and your team Agree on dates for delivery of data to EY 2 Capture and transfer data Capture data based on agreed scope Transfer data to secure EY environment, based on identified security protocols 3 Validate data and transform data load into our tool Conduct first stage of data validation data integrity Transform data into the EY common data model Load data into the EY analytics tools 4 Perform our audit using analytics Complete a data quality review Perform the audit using analytics 7

9 EY Assurance Tax Transactions Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we playa critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com Ernst & Young LLP. All Rights Reserved. APAC No ED None Ernst & Young LLP (UEN T08LL0859H) is a limited liability partnership registered in Singapore under the Limited Liability Partnerships Act (Chapter 163A). This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax or other professional advice. Please refer to your advisors for specific advice. ey.com