SMSF auditors transitioning their operations to be more electronically based need to be aware that verification of the data used in the audit process remains as a high priority, an industry expert has said.
This cautionary message was specifically in relation to data feeds offered from external organisations.
“You still have to comply with the audit standards and professional standards and having information fed through from a third party. If you don’t do any verification or checks on that and something goes wrong, then I would suggest there are going to be considerable problems,” Veritas Corporation director Sharlene Anderson told delegates at the 2013 Institute of Chartered Accountants in Australia National SMSF Conference in Melbourne last week.
Anderson advised auditors to confirm the compliant nature of the data feeds in writing from the service provider being used, but warned that might still not offer the required level of comfort.
“What you’ll find usually when you ask for it in writing, they’ll say to the best of their ability it’s as compliant as they are able to make it and there will be some sort of cheeky wording in there,” she said.
“It’s no replacement for audit opinion or auditor judgment, so you’re not likely to get something that is signed off as 100 per cent compliant.
“At which point you also have to consider that you also can’t blame the software and say ‘the software did that, I didn’t do it’ because it doesn’t matter as it is still not compliant at that point.”
She said auditors looking to employ more efficient technology-based techniques had to be careful they did not cut compliance corners in an effort to make the process more cost effective due to pressure from the client.
“You’re never going to get technology to replace an auditor. Your professional skills and judgment is something I’d like to think we’ve developed over a period of time. No piece of software is ever going to say this passes the smell test or this doesn’t smell right. You’ve got to make those decisions,” she said.
In addition, she pointed out auditors might have problems with their professional indemnity insurance cover if they relied on the third party’s compliance assurance.
“If you simply say ‘that data feed came from the software provider and no I didn’t do any checks or balances on it and I didn’t test anything because it was all there and they said it came from the stock exchange’, it will be problematic,” she said.
“In the event that something goes wrong, as the auditor you’re likely to find out you’re not in a defensible position.”