B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

Similar documents
FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Internal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016

Speech by SEC Staff: Remarks before the 2007 AICPA National Conference on Current SEC and PCAOB Developments

Internal Control & Sarbanes-Oxley Act. ERPANET Workshop. Antwerp, April 14, PwC

Corporate Governance Principles of Auditing: An Introduction to International Standards on Auditing - Ch 14

Auditing Standard 16

Evaluating Internal Controls

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN

[RELEASE NOS ; ; FR-77; File No. S ]

February 23, Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C.

See your auditor clearly. Transparency report: How we perform quality audit engagements

SOX FOR NPO S Focus on Control. Stephen L. Kuptz, CPA

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

) ) ) ) ) ) ) ) ) ) ) ) REPORTING ON WHETHER A PREVIOUSLY REPORTED MATERIAL WEAKNESS CONTINUES TO EXIST. PCAOB Release No July 26, 2005

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

Key Elements of Antifraud Programs and Controls

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

Proposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions

COSO 2013: Updated internal control framework

Report on Inspection of PricewaterhouseCoopers Audit (Headquartered in Neuilly-Sur-Seine, French Republic)

AUDIT COMMITTEE CHARTER

Public Company Accounting Oversight Board

What does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP

) ) ) ) ) ) ) ) ) ) ) )

Internal Financial Controls (IFC) - An Overview

SAS Teleconference

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

Increasing External Auditor Reliance

Report on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board

4. Organic documents. Please provide an English translation of the company s charter, by-laws and other organic documents.

Engagement Quality Review

Report on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)

US U.S. AAM vs. DTTL AAM A Refresher Deloitte Touche Tohmatsu

Auditing Standards and Practices Council

The New COSO Framework: Avoiding Deficiencies and Driving Change

Inspection of Petrie Raymond, Chartered Accountants L.L.P. (Headquartered in Montreal, Canada) Public Company Accounting Oversight Board

For the first time in the history of corporate financial reporting and. Management Reporting on Internal Control. Use of COSO 1992 in.

Reliable Financial Reporting. Evaluating Deficiencies in Internal Control Over Financial Reporting

Report on Inspection of KAP Purwantono, Sungkoro & Surja (Headquartered in Jakarta, Republic of Indonesia)

Report on Inspection of KPMG Audit Limited (Headquartered in Hamilton, Bermuda) Public Company Accounting Oversight Board

Chapter 1. Learning Objective 1, 2. Capital Allocation. Efficient Capital Allocation. Financial Accounting and Accounting Standards

2016 INSPECTION OF BHARAT PARIKH & ASSOCIATES CHARTERED ACCOUNTANTS. Preface

Report on Inspection of Deloitte & Associes (Headquartered in Neuilly-sur-Seine, French Republic) Public Company Accounting Oversight Board

STANDING ADVISORY GROUP MEETING OCA CURRENT STANDARDS-SETTING AGENDA OCTOBER 14-15, 2009

Managing the Risk of Fraud in the Conversion to IFRS

Forum on Auditing in The Small Business Environment

Forum on Auditing in The Small Business Environment

NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)

Report on. Issued by the. Public Company Accounting Oversight Board. June 16, 2016 THIS IS A PUBLIC VERSION OF A PCAOB INSPECTION REPORT

BrightPath Early Leaning Inc. Audit Committee Charter

Sarbanes Oxley Impact on Supply Chain Management

AICPA Peer Review Program Compliance: Responding to Latest Developments

Report on Inspection of KPMG SAS (Headquartered in Bogota, Republic of Colombia) Public Company Accounting Oversight Board

Gaining Financial Integrity Through Improved Internal Controls

SAMPLING AND ERROR EVALUATION RSM US LLP. All Rights Reserved.

Auditing Standard No. 2 vs. Auditing Standard No. 5: Implications for Integrated Audits and Financial Reporting Quality

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

2013 COSO Internal Control Framework Update. September 5, 2013

LIST OF SUBSTANTIVE CHANGES AND ADDITIONS. PPC's Guide to Audits of Nonprofit Organizations

PART 6 - INTERNAL CONTROL

1. Number. Except as otherwise permitted by the applicable NASDAQ rules, the Audit Committee shall consist of at least three members of the Board.

Report on Inspection of Navarro Amper & Co. (Headquartered in Taguig City, Republic of the Philippines)

up Texas Society of ~ Certified Public Accountants

Guidance: Transition for Logbooks for RCA Applications under RG 180 Auditor registration (2016)

Audit Risk. Exposure Draft. IFAC International Auditing and Assurance Standards Board. October Response Due Date March 31, 2003

Auditing Standards and Practices Council

SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)

White Paper. Effective and Practical Deployment of COSO: Entity Level Control and Lessons Learned. July 10, 2008 THE ROBERTS COMPANY, LLC

Assurance Services. thinking strategically to your best advantage

Report on Inspection of Grant Thornton Auditores Independentes (Headquartered in Sao Paulo, Federative Republic of Brazil)

FIAT CHRYSLER AUTOMOBILES N.V. AUDIT COMMITTEE CHARTER

ASB Meeting January 12-15, 2015

AUDIT COMMITTEE CHARTER REINSURANCE GROUP OF AMERICA, INCORPORATED. the audits of the Company s financial statements;

AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)

Audit Committee Annual Evaluation of the External Auditor

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF MULESOFT, INC.

COSO Internal Control Integrated Framework Proposed Update

OFFICE OF THE CHIEF AUDITOR STANDARD-SETTING AGENDA MARCH 2012

MINDEN BANCORP, INC. AUDIT COMMITTEE CHARTER

PROFESSIONAL LEVEL PART-A: OVERVIEW OF AUDITING AND ASSURANCE

Report on Limited Inspection of Deloitte & Touche LLP. Public Company Accounting Oversight Board

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF PAM TRANSPORTATION SERVICES, INC.

REPORT 2016/033 INTERNAL AUDIT DIVISION

Audit Committee Oversight of Auditors

New Role of Audit Committee: A Post-Financial Crisis Analysis

Reporting on an Examination of Controls at a Service Organization Relevant to User Entities Internal Control Over Financial Reporting

Report on Limited Inspection of KPMG LLP. Public Company Accounting Oversight Board

Audit and Advisory Services Integrity, Innovation and Quality. Audit of Internal Controls over Financial Reporting

Audit Committee Material Weaknesses in Smaller Reporting Companies

Optimizing the value of audit quality indicators Lessons we have learned

Post-Conference Auditing and Investigating Fraud Seminar

SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER

Implementing the new revenue guidance in the manufacturing industry

Chapter 4. Risk Assessment. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin

Report on Inspection of Deloitte, S.L. (Headquartered in Madrid, Kingdom of Spain) Public Company Accounting Oversight Board

Transcription:

B S R & Co. LLP Reporting on Internal Controls over Financial Reporting An Overview Sarbanes Oxley Act (SOX) 28 December 2013

Agenda Sarbanes Oxley Key Sections COSO Framework Management Approach to ICOFR Audit Approach to ICOFR

What does Sarbanes-Oxley address? The legislation addresses the following key areas: Internal Controls over Financial Reporting (ICOFR) Auditor independence Corporate responsibility and independence Enhanced financial disclosures Conflicts of interest Branch of SEC, Public Company Accounting Oversight Board (PCAOB) was created to oversee accounting for public companies Corporate tax returns Fraud and accountability penalty enhancements New standards for corporate accountability! 3

Applicability and enforcement Applicable to issuer of a security listed on the Securities and Exchange Commission (SEC). Consequently, it applies to Indian Companies Listed on Exchanges regulated by the SEC On July 30, 2002 Sarbanes Oxley Act 2002 became a law in the United States 4

Sarbanes Oxley Key Sections (1) Form 20-F filed by a Foreign Private Issuer with the Securities and Exchange Commission ( SEC ) contains an internal control report which states management s responsibility for maintaining proper internal control structure for financial reporting; and contains an assessment as at the end of most recent financial year on the effectiveness of the internal control structure Management (CFO and CEO) have to sign on the internal control report External auditors will have to attest internal control reporting (PCAOB Standard No. 5) Interpretation: In 404, the focus is more on Internal control over financial reporting and it requires management to benchmark controls evaluation against a control framework (e.g. COSO, as it is the most widely used control framework) 5

Sarbanes Oxley Key Sections (2) Management Responsibilities Accept responsibility for the effectiveness of the company s internal control over financial i reporting Evaluate the effectiveness of the company s internal control over financial reporting using suitable control criteria Support its evaluation with sufficient evidence, including documentation Present a written assessment about the effectiveness of the company s internal control over financial reporting as of the end of the company s most recent fiscal year Independent auditor must attest on the internal controls over financial reporting in accordance with the standards d issued by the PCAOB Inadequate documentation of the design of internal control or evidence to support management s assessment could also represent a material weakness, which would require the auditor to issue an adverse opinion 6

Sarbanes Oxley Key Sections (3) S 302: Principal executive officer/s and principal financial officers or person performing similar functions are required to in each annual or quarterly report under 13(a) and 15(d) of SEC Act, mention that: signing officer has reviewed the report; based on officers knowledge, the report does not contain any untrue statement; financial statements are fairly presented in all material respects; the officers are responsible for maintaining i i internal controls and they have evaluated the effectiveness of internal control as of the balance sheet date. 7

Sarbanes Oxley Key Sections (4) The officer has disclosed to the auditor and the Audit Committee, all weaknesses in design and operation of internal controls Disclose details of any frauds whether significant or not in which management, officers or other employees having significant role in internal control are involved Subsequent changes to the internal controls which might have possible adverse impact in future is to be disclosed. Signing officer to also state the remedial action to mitigate the risk Interpretation: In 302, the focus is more on disclosure controls and it deals with management responsibility statement 8

Agenda Sarbanes Oxley Key Sections COSO Framework Management Approach to ICOFR Audit Approach to ICOFR

COSO s Control Components Control Environment the control environment sets the tone of an organization, influencing the control consciousness of its people Risk Assessment every entity faces a variety of risks from external and internal sources that must be assessed both at the entity and the activity level Control Activities these policies and procedures help ensure management directives are carried out Information and Communication pertinent information must be identified, captured and communicated in a form and timeframe that supports all other control components Monitoring i internal control systems need to be monitored a process that assesses the quality of the system s performance over time Section 404 addresses internal control over financial reporting 10

Definition of Internal Control In the US, the most common reference is to COSO s report, Internal Control Integrated Framework Internal control is a process effected by an entity s board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in the following categories: reliability of financial reporting; effectiveness and efficiency ce cy of operations; o and compliance ce with applicable laws and regulations Focus is on reliability of financial reporting COSO provides detailed internal control criteria and defines five components of internal control control environment risk assessment control activities information and communication monitoring 11

Control Categories Entity-level controls. These include: controls related to the control environment, including controls over management override the company s risk assessment process centralized processing and controls, including shared service environments controls to monitor results of operations controls to monitor other controls, including activities of the internal audit function, the audit committee, and self-assessment programs controls over the period-end financial reporting process, and policies that address significant business control and risk management practices. Business cycle controls controls over data entry across lines of business Application Controls IT General Controls 12

Agenda Sarbanes Oxley Key Sections COSO Framework Management Approach to ICOFR Audit Approach to ICOFR

Illustrative road map to SOX compliance 1 Plan & Scope the Evaluation Establish internal control evaluation process. Determine significant controls and locations/ business units to be included. Define project approach, milestones, timeline, and resources. Launch project. 2 Document Controls Document design of significant controls for all significant locations and business units. 3 Evaluate Design & Operating Effectiveness Evaluate design and operating effectiveness of internal control over financial reporting and document results of evaluation. 4 Identify & Correct Deficiencies Identify, accumulate and evaluate design and operating control deficiencies; communicate findings and correct deficiencies. 5 Report on Internal Control Prepare management s written assertion on the effectiveness of internal control over financial reporting. 6 Independent Audit of Internal Control Prepare for independent auditor to conduct the internal control audit. 14

Key decisions to be made by the company Will this effort focus on pure compliance or will it be viewed as a transformational initiative? Who should lead/participate? CFO/Controller Internal Audit Risk Management External resources What documentation ti standards d will be used? Format Automated tool vs. paper-based Flow Diagrams, control, matrices, narratives, other What business units/ locations need to be documented and evaluated? Who completes the documentation? Who performs the evaluation procedures? What training is needed? What major initiatives process changes, system changes, acquisitions will impact the 404 project plan? What processes, systems and functions are included within the scope of internal controls over financial reporting? Is the process sustainable? 15

Agenda Sarbanes Oxley Key Sections COSO Framework Management Approach to ICOFR Audit Approach to ICOFR

Some key definitions.. A deficiency in ICOFR exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions to prevent or detect misstatements on a timely basis. Deficiencies in a company s internal control may rise to a significant deficiency or a material weakness. A material weakness is a deficiency, or a combination of deficiencies, in ICOFR such that there is a reasonable possibility that a material misstatement of the company s annual or interim financial statements will not be prevented or detected on a timely basis. A significant deficiency is a deficiency, or a combination of deficiencies, in ICOFR that is less severe than a material weakness, yet important enough to merit attention by those responsible for oversight of the company s financial reporting. 17

Strong indicators that a material weakness exists Identification of fraud of any magnitude on the part of senior management; Significant deficiencies that have been communicated to management and the audit committee that remain uncorrected after some reasonable period of time; restatement of previously issued financial statements to reflect the correction of a material misstatement; Identification by the auditor of material misstatements in the financial statements not initially identified by the company's internal controls; Ineffective oversight of the company s external financial reporting and internal control over financial reporting by the company s audit committee 18

Audit Approach to control test work Two audit opinions Financial Statements audit and Report on Internal Controls over Financial Reporting at the year end Concept of Integrated Audit Our audit of controls is a 2 step process Evaluation of design Testing of operating effectiveness We audit using controls approach. We do not adopt 100% substantive testing approach on any area Opinion is on controls as at year end. Subsequently remediated control deficiencies still result in reporting Controls deficiencies are evaluated and classified into: Material weakness Significant deficiency Control deficiency 19

Audit Approach to control test work (continued) Steps in control testing Evaluating the design and implementation of company-wide controls. Understanding the relevant accounting And Reporting activities for each audit objective. For transactions processing, We look for significant risk points places where errors could occur Evaluating and testing any Antifraud controls you have implemented. Evaluating selected controls over the significant risk points where material misstatements may occur. Performing a walk-through test, tracing a transaction through the accounting activities and selected controls, to confirm that we understand how your accounting activities and controls work. Testing the operating effectiveness of Selected controls. 20

Thank You

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback