By Taurai Mangudhla
ON several occasions, the audit profession has come under the spotlight after giving companies a clean bill of health, before the same firms collapse within a few months or weeks after being audited.
In many markets, companies and governments have ended up with the same verdict, relying on the information and expertise of auditors, even the highly regarded one that have a global footprint, can be a risk.
In some instances, like the global banking crisis a decade ago, economies ended up suffering after excessive risk taking by banks which triggered the US housing bubble.
Zimbabwe has not been spared from the shortcomings of the audit profession after suffering a banking sector crisis that saw many players collapsing between 2004 and 2013, immediately after auditors had just left the same financial institutions with positive reviews about their financial status.
When these bank failures hit the markets, depositors lost millions as banks later liquidated under extensive malpractices, brazen corruption and outright embezzlement of funds by executives.
These malpractices were then compounded by high levels of non-performing loan books that were dominated by insider loans.
While there has been some remedy to depositors, who queue with other creditors to recover their money from judicial managers or liquidators, in most cases they have gotten peanuts.
Banks which failed during the period included Barbican, Genesis, Time Bank, Zimbabwe Allied Banking Group, Trust Bank, Interfin, Kingdom Bank, Renaissance Merchant Bank and Royal Bank, among many others.
Many of these closed after being given clean bills by auditors, only for the Reserve Bank of Zimbabwe to detect serious weaknesses and poor governance.
Market confidence was affected.
According to PricewaterhouseCoopers (PwC) Middle East, in simple terms, the prime purpose of audits is to form an opinion on the information in a financial report as a whole and not to identify all possible irregularities.
This means, although auditors are on the lookout for signs of material fraud for instance, it is not possible to be certain that fraud will be identified and they do not look at every transaction.
PwC said auditors are certainly not able to predict the future as audits relate to a past period and so cannot judge what may happen in the future and or provide assurance the organisation will continue in business indefinitely.
The Institute of Chartered Accountants of Zimbabwe (Icaz) said auditors generally use sampling techniques to conduct their audits as auditing of 100% of the transactions is not practical, inadvertently implying that every audit is subject to “detection risk” which is defined as the risk that an auditor will fail to find material misstatements due to fraud and or error that exist in an entity’s financial statements.
Icaz said some of the factors that contribute to a high detection risk in a particular audit include tight audit deadlines, new engagements, past relations with the audit client, for example provision of non-assurance services resulting in compromised independence as well as poor quality control in the audit process.
“As a profession we continuously learn from the cases which happen over time across the world and we actively put in place measures to lower detection risk to acceptable levels, but even then, there is no guarantee of elimination of the risk especially in cases where there are deliberate actions by the organisations to keep pertinent information away from the audit process,” Icaz technical manager Owen Mavengere said.
Interestingly, in Zimbabwe a significant number of firms that have failed after being given clean bills were under the tutelage of chartered accountants, the highly respected qualification.
The bulk of auditors hold the same qualification. This has brought several questions about the reliability of this qualification, with some questioning if the chartered accountant (CA) certificate has been over-hyped.
Is Zimbabwe placing too much confidence on a qualification that has loopholes?
CAs are now running everything from State assets to ZSE-listed behemoth, and the wealth under their stewardship is huge.
Mavengere said some of the measures put in place to lower detection risk include enforcement of ethical requirements that deal with the risk of independence of the auditors.
He said auditors also insist on management representation letters, which would be a commitment from management that all material information on an audit has been disclosed. This, he said, aids in the disclosure of pertinent information in the audit process.
Apart from that, there is also a directors responsibility statement on the audited financials where directors confirm their responsibility for the internal control environment under which the financials under audit were produced.
This adoption of responsibilities ensures that the organisation fully embraces its role in ensuring the integrity of the reporting process.
He said enforcing compliance to international standards on auditing and ethical requirements was done by regulating bodies like PAAB in Zimbabwe.
“Professional accountancy organisations such as Icaz also monitor their members and have strict codes of conduct adopted from the International Federation of Accountants,” Mavengere said.
“Integrated sustainability reporting (value reporting/impact reporting) is taking root and auditors focus on providing assurance on integrated information which is non-financial, will have a positive impact as this gives the auditor information beyond just figures. This will assist the auditor, and indeed the user of the information to gain better insight into the operations and future of the company under review.
“There are also new international quality management standards which will be effective from December 15 2021 and these will aid in improving the overall quality of the audit process and aid in the lowering of detection risk.”
Economist Chenayimoyo Mutambasere said for an audit to be successful, the devil is always in the detail and the quality of the detail determines whether one finds the devil in it.
“That banks collapse shortly after copleting audits, both internal and external, is something that should be keeping all of us awake at night,” Mutambasere said. “Data’s accessibility and everything determines the accuracy of any audit whether internal or external. There are a lot of information gaps in Zimbabwe and with increased automation or use of technology, we start to have automated processes which are easier to trace and make the audit process much easier.
She said compliance requirements in Zimbabwe’s banking sector are not risk-based and there is a need for an upgrade and improvement of monitoring standards.
“The audit process should not be related to compliance only but look at risks. Looking at the RBZ audit requirements, it emphasises compliance and we should be focused on widening the audits to risk factors more.”