Better understanding the financial statement audit.

[ILLUSTRATION OMITTED]

For most local governments, the annual financial statement audit is as much a part of the yearly round of public finance as the approval of the operating budget. Despite its routine character, however, the financial statement audit appears to remain something of mystery to most outside the auditing profession. This article will attempt to dispel the cloud of mystery by first briefly reviewing the nature and purpose of the financial statement audit and then examining ten specific points of misunderstanding commonly encountered in practice.

NATURE AND PURPOSE

Anyone entrusted with responsibility for managing financial resources on behalf of others should provide a full accounting of that stewardship. For state and local governments, such an accounting ideally takes the form of financial statements prepared in conformity with generally accepted accounting principles (GAAP).

It is easy, of course, to imagine circumstances where those giving an accounting of their stewardship might be tempted to be less than forthcoming, or worse, Accordingly, those who must rely on financial statements to make decisions have traditionally sought the assurance of a disinterested third party to justify that reliance. That third party, of course, is the independent auditor.

Role of Management. Since management is responsible for the stewardship of financial resources, it is also primarily responsible for preparing the financial statements that give an accounting of that stewardship. Even when management seeks outside help to prepare the financial statements, it remains responsible for their contents, just as taxpayers remain responsible for their tax returns, even if the returns are prepared by paid tax professionals. Thus, managers must take ownership of their financial reporting. Generally accepted auditing standards (GAAS) require that managers do so explicitly in the form of a management representation letter.

Role of Internal Control. It would be hard to place confidence in an approval process that amounted to little more than affixing initials to documents without first examining them. So too, it would hardly be meaningful for management to assume responsibility for the data presented in financial statements if management did not have some reasonable basis for doing so. That reasonable basis can be provided only by a comprehensive framework of internal control.

Role of the Governing Body. While management is primarily responsible for financial reporting (including the comprehensive framework of internal control used to generate the financial statements), the governing body remains ultimately responsible for ensuring that management meets its responsibilities in this regard. Typically, an audit committee, comprising members of the governing body, provides the necessary oversight.

Objective of Fair Presentation. Precision comes at a price. That price can be justified only if the resulting benefits exceed their cost. In real life, few decisions require that amounts in financial statements be exact "down to the penny." Thus, the goal of financial statements is fairness rather than absolute accuracy. That is, the objective of financial reporting is a presentation that is free from material misstatement (i.e., an error of such significance that it could affect decisions made based on it).

Concept of Reasonable Assurance. Considerations of cost benefit also affect the work of the independent auditor. It would typically be impractical for the independent auditor to examine each and every transaction. Instead, auditors seek reasonable assurance that amounts are fairly presented by testing samples of items.

TEN COMMON POINTS OF MISUNDERSTANDING

No. 1: Fair presentation is not equivalent to financial health (i.e., a good picture is not necessarily a pretty picture). People frequently criticize the independent auditors when they find out that a government currently experiencing financial difficulties received an unqualified (i.e., "clean") opinion on the fair presentation of its financial statements. Yet there is no inconsistency between a government receiving an unqualified opinion on the fairness of its financial statements and that same government experiencing financial difficulties.

The financial statement audit is designed to vouch for the reliability of the financial statements, not the soundness of the finances they portray. Just as the image of something unattractive in a photograph is no indication of a defective camera, poor financial condition is in no way inconsistent with fair financial statement presentation.

No. 2: Financial statement audits are not designed to detect all instances of fraud, abuse, and program noncompliance (i.e., smaller items may be expected to fly under the radar screen). Many people assume that the principal goal of a financial statement audit is to uncover fraud, abuse, and instances of program noncompliance. In fact, the discovery of such items is only incidental to the purpose of a financial statement audit.

As already explained, the true purpose of a financial statement audit is to achieve reasonable (rather than absolute) assurance that the financial statements are fairly (rather than accurately) presented. Accordingly, the audit is designed to detect only those instances of fraud, abuse, or program noncompliance that would be material (i.e., significant enough to affect decisions made based on the financial statements). Needless to say, many, if not most, instances of fraud, abuse, and program noncompliance fail to reach this threshold and thus "fall between the cracks" of a financial statement audit.

The independent auditors will, of course, report any instances of fraud, abuse, and program noncompliance that they do encounter while performing the audit (unless it is clearly inconsequential), regardless of materiality Still, the financial statement audit is not designed to identify immaterial instances of fraud, abuse, and program noncompliance, nor is it likely to do so.

No. 3: Size is not the sole consideration in judging materiality (i.e., big things can come in small packages). Sometimes a government's managers and its auditors will disagree as to whether a specific item should be treated as material. Such disagreements arise, as often as not, from a mistaken notion that size is the sole criterion for judging materiality. As discussed earlier, however, an item is considered to be material based on its potential for changing a decision. Clearly a relatively small amount could have just that effect in the right circumstances (e.g., the difference between a surplus and a deficit, the difference between a positive and a negative trend, a legal or contractual violation). That is, materiality has a qualitative as well as a quantitative dimension. Viewed another way, the very fact that the materiality of an item is being debated would seem to be an argument in favor of its importance (i.e., materiality) to someone.

No. 4: Quantitative materiality needs to be assessed in relation to individual major funds and to each of the government-wide activity columns (the big picture is not good enough). Private-sector business enterprises do not use fund accounting; therefore, quantitative materiality is assessed in relation to the enterprise's financial statements "taken as a whole" Conversely, in the public sector, quantitative materiality is assessed separately for each major fund (and for non major funds in the aggregate). It also is assessed separately for the governmental activities and business-type activities columns reported in the government-wide financial statements. As a result, an amount that might not have been material from the perspective of the government "taken as a whole" may be material from the narrower vantage point of an individual major fund or activity column.

No. 5: You cannot assess the reliability of data yet ignore the system that generates the data (it is risky to trust unreliable people, even when they appear to be telling the truth). There are two fundamental approaches an auditor can take to determine the reliability of data presented in financial statements. One approach is to directly test a given item (e.g., confirm the amount reported as cash on deposit with the bank). The other approach is to test the reliability of the underlying system that generates the data (e.g., validate the amount reported as vendor payables by testing the reliability of the processing of transactions in the purchasing system). Auditors describe the first approach as substantive testing and the second as the testing of controls.

[ILLUSTRATION OMITTED]

There was a time in the not-so-distant past when auditors could choose to rely on the substantive testing to the virtual exclusion of tests of controls. More recently, the audit profession has concluded that auditors can never simply bypass the testing of controls. The basic notion behind the change is that no amount of substantive testing can counterbalance the unreliability inherent in data generated by a system that is fundamentally flawed (i.e., just as it would be hard to justify relying on the assertions of an individual known to be dishonest, incompetent, or otherwise unreliable). Thus, the independent auditor must always assess the reliability of the internal controls that support financial reporting.

No. 6: Auditors must report control weaknesses even if those weaknesses had no effect on the fair presentation of the financial statements (you cannot afford to ignore cracks in a dam). It is possible, of course, to leave the front door of the house open wide upon leaving for work in the morning and still come home at night to find that nothing has been stolen. Such an outcome does not diminish the seriousness of the risk posed by leaving the door of a house wide open all day long with everyone gone. Likewise, auditors are required to disclose significant deficiencies as part of the audit even if it can be clearly established that no harm actually resulted from those deficiencies.