Watch video above for full run through (no sound).
Small charities required to be audited will tend to fall within the Tier 3 Public Benefit entity reporting framework.
These entities will have expenses under $ 2 million. If expenditure is over $1.1m per annum in each of its two preceding financial years must be audited, but charities with expenses between $550,000 and $1.1m may opt for a Review Engagement rather than an Audit.
Most will have a Statement of Service Performance included in the content to be audited, although those that are opting into audit (under $ 1.1 million expenditure) may choose to not include an SSP in the scope of the audit if their expenditure is under the $550k limit, but to treat it as "other information."
Features of small charitable entities:
- Lack of division of duties
- “Off the shelf” software
- Potential cash handling risks (cash donations, fundraising etc)
- Income in many cases fairly easy to audit (e.g.grants)
- Related parties’ issues/volunteers
- Blurred lines over payments to volunteers
- Low volume of transactions
- Reliance on approval of transactions by committee
Steps to performing an audit of such an entity:
- Select appropriate audit template – Tier 3 PBE (2016 updates)
- Check that the entity is actually able to use Tier 3 PBE (page A2)
- Identify key personnel (1.7) – these will be reused later (edit from sidebar)
- Complete regular checks for independence, continuance, and assigning of staff
- A governance checklist may be useful
- Create an engagement letter and attach a draft example audit report
- Request items required for audit (A10) – this page may be shared with the client – (suggested that the auditor go through and n/a out anything that is not relevant for the client to address)
- Plan testing of Statement of Service Performance and Entity Information (A11)
Statement of Service Performance and Entity Information (A11):
- This is based on EG Au9 - Guidance on the Audit or Review of the Performance Report of Tier 3 Not-For-Profit Public Benefit Entities (a full standard is being released shortly)
- Seek to understand the entity at a deeper level than the numbers – what does the entity actual try to do? What does it exist for? (Qualitative rather than quantitative information)
- This is also helpful for the whole audit – a wider angle view
- How does the entity measure its achievement of its own goals (service performance)?
- What controls are there around this to ensure that this information is accurate?
- How do the decision makers determine that they are getting accurate information on these results?
- How can we create materiality that is qualitative rather than quantitative (The yardstick is “Will the misstatement be relevant to an assessment of the activities of the entity by a user of the performance report?”)
- Identify the risks that the SSP information may be materially misstated – flag like other risks
- Remember outcomes are what the entity seeks to achieve, outputs are what it has achieved
- Outcomes are relatively easy as they will usually be stated in the trust deed or founding document, outputs will be hardest to measure and to audit
- A range of tests of outputs is provided:
- Other tests may be added as appropriate
- A table is then created, outputs are added, and the tests above are applied
- The auditor is also asked to assess whether these outputs actually describe what the entity did i.e. is the list of outputs complete?
- The SSP work is essentially all done on this page, although there are further mentions later in terms of presentation and overall disclosure.
Can the SSP and Entity Information be excluded from the scope of work?
This is common practice for instances where there is no statutory requirement for an audit (where expenditure is under the $550k threshhold). See the Charities Services website. So they can choose to just audit the financial information and not the SSP. This is not in an audit or accounting standard but just the cutoff level for audits.
In these cases, the EI and SSP will be treated as "Other Infomation." In most of our templates, there is a question early in the job that asks whether or not service performance information is to be included in scope.
These notes are taken from a series of training sessions currently being developed looking at using Audit Assistant for different kinds of entities.