Auditors must give consideration to the internal controls an SMSF has in place when carrying out their duties, regardless of the type of audit they are intending to perform, a specialist practitioner has said.
“The auditing standards and ASIC (Australian Securities and Investments Commission) say you still need comments in your audit file on controls even though you’re not doing a controls-based audit,” Super Sphere director Belinda Aisbett said.
“The way that the auditing standards and ASIC issues their competency standards, you have to consider controls before you decide you’re not going to rely on them.
“So your audit templated documents or whatever you’ve got in your audit file needs to have some comments on controls and then you can conclude that you’re going to do a substantive audit.”
Aisbett revealed her audit files contain very basic comments about the controls of the fund and explained why this is so.
“I don’t even want to know what the controls are. I don’t want to spend time asking the client how many times they change their passwords,” she said.
“We in our pre-audit rep letter talk about [whether] they have adequate controls. In my planning documents we talk about yes they have controls because they are signatories on the bank accounts and investment transactions, but we are doing a substantive audit.”
However, she stipulated, auditing considerations aside, the internal controls of an SMSF are very important with regard to the operation of the fund.
“ASIC draws attention to the fact that controls are clearly crucially important, particularly over banking and investment transactions, and so while I say controls are not relevant for us as auditors, they are absolutely relevant for the trustee of the fund,” she said.
“So don’t think I completely ignore any controls. They are really important.”