Audit data analytics: The regulatory position
The two previous articles in this series focused on the challenges and opportunities that the use of audit data analytics (ADA) presents for the audit profession.
In this, the third and final article, I will summarise the response of the regulators/standard-setters to the increased use of technology and the challenges they face.
The use of ADA
The Financial Reporting Council (FRC) recently published a thematic study on the use by the largest six audit firms of ADA on the audits of financial statements. The study related to audits of financial statements with a 2015 year-end, so the FRC recognises that the use of data analytics may have changed in the interim period.
The paper provides a brief history of the use of data analytics dating back to the use of computer-assisted audit techniques in early 2005 with the introduction of the specific requirement to test the appropriateness of journal entries as part of the auditor’s responsibilities in relation to fraud in International Standard on Auditing (ISA) 240 ‘The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements’.
The development of ADA
Audit firms used this as an opportunity to introduce more standardised tools to facilitate the audit of journals.
Recent and ongoing technological advancements mean it is now easier for an auditor to capture, transform, store and analyse entire datasets potentially enabling the interrogation of all transactions within an entire population.
Whilst audit teams continue to develop ADA in relation to specific audit issues, a key characteristic of the current increase in the use of ADA is the roll out of standard ADA tools and techniques, coded and tested by specialist staff and deployed with central support. This means that the use of ADA becomes more efficient, consistent and reliable and, used effectively, can enhance audit quality.
The International Auditing and Assurance Standards Board (IAASB) has also established a Data Analytics Working Group which recently issued a request for input on the growing use of technology in the audit with a focus on data analytics.
Surprisingly, the use of ADA is not as prevalent as the market might expect. The FRC highlights that audit firms and teams are under pressure to promote the use of ADA techniques on audits to meet audit committee expectations, to achieve efficiencies and to win competitive tenders. There is a danger, therefore, of the development and usage of ADA techniques being overemphasised.
Audit regulators therefore also need to consider how they assess the integrity of ADA tools used by audit teams and whether they are functioning as intended.
Finally, ADA does not remove the need for auditors to understand the objective and purpose of the audit procedure or audit test that they are performing. Audit teams will still need to have a clear understanding of the purpose of the ADA technique within the audit methodology to ensure that they obtain sufficient and appropriate audit evidence to meet the specified objective.