Auditors are seen by the public, and increasingly by charity regulators, as a group who are party to information that would be of interest to them. The recent media interest in certain charity cases has led to a decrease in public confidence in the charity sector. In order to address this, the Charity Commission is increasing the pressure on auditors to report matters they find in the course of their filed work.
Auditors have an existing statutory requirement to report on matters of material significance, although auditors are not required to do further work to find these matters, they are required to consider whether any further matters may also be reportable as a discretionary matter. In addition, they are also required to report to the regulator any serious incidents that have occurred at the charity, even if all of these have been reported by the trustees.
There may be a misperception between what the Commission believes an audit entails, and indeed what it is there to do. The aim of an audit is to determine whether the financial statements have been materially misstated. It is not the purpose of an audit to detect fraud or matters of operational non- compliance, except to the degree by which such non-compliance may have an impact on the financial statements.
Audit materiality is the degree of error in the recording of a financial transaction or balance, which can be tolerated before it could reasonably be expected to influence the opinion of a reader of the accounts. It is not an absolute measurement as it involves an assessment of risk.
The level of materiality will direct the amount of transactions and documents that are reviewed in the audit testing. It is not the case that an audit tests every transaction or reviews every document. To do so would make the operation of an audit, and its cost, completely unwieldy and impractical and it would be no more likely to detect misstatement than would a well-planned audit.
The Commission is repeating its call for auditors to consider whether there is more they could be reporting, which would be of relevance to the Commission’s compliance work. However, the auditor engages with the charity as their client and the audit engagement is with the client, not with any third party, including a regulator. Auditors have no requirement to gather information other than that which provides evidence to arrive at their audit opinion. This may mean a matter that may have been of interest to a regulator may be over-looked, but this in itself does not mean the audit was a bad audit.
Of course looking at cases such as Oxfam, there have arisen matters which may not have impacted materially on the accounts at the time but have now resulted in such a large reputational risk, which has had an impact on the charity’s income.
In Oxfam’s case, that matter arose seven years ago, which demonstrates how hard it is to predict future impact.
Furthermore, the range and breadth of what could have an impact is extremely wide. Recent examples of reputational risk have included commercial contract in a trading subsidiary, investments in certain companies not considered by the media as “ethical”, fraud and theft by staff, the behaviour of a grantee following the award of a grant and the behaviour of a fundraising team. The range of possible threats to reputation is so wide to render reporting on potential risk to reputation is almost unmanageable.
As the Commission continues to feel a funding squeeze, it seems to expect more from the audit profession to detect information relevant to its work. However, what the Commission is interested in may also not be the concern of an auditor. There seem to be high stakes of detection expected of the work of auditors and these may have very little to do with what the auditor is required to do to reach their conclusion that the accounts are not materially misstated.
Gillian McKay is the head of charities and voluntary sector at the ICAEW