Internal controls reporting represents significant work, significant risk, and a significant challenge for corporate finance professionals. A core portion of the job responsibility for controllers and those throughout the department, many leaders find themselves behind the curve according to a new report.
As reported by Accounting Today, financial executives are feeling the pressure, feeling that the requirements for documenting their organization’s internal controls are getting to be too much and many of them are behind the curve when it comes to applying technology for internal control over financial reporting.
Citing a report from Financial Executives International, respondents have been facing a wide range of challenges in the past few years, specifically pertaining to auditor documentation requirements, inconsistency between audit firms, and more.
Companies Happy with Auditors, but Wondering if Auditors Require More than Necessary
Though the survey found that executives were happy with the amount of support they received from their audit firms, it also found that too many requirements may be disrupting business flow.
Excessive Documentation?
One of the biggest concerns cited by respondents was the significant amount of reporting required for non-routine transactions. Accounting Today notes that,
“Some […] believe that auditors are asking for an excessive amount of documentation for the controls surrounding routine estimates, income tax provision, processing of data, and disclosures.”
With companies and their auditors remaining incredibly diverse in technological maturity and reporting availability, respondents found three primary areas in which documentation requirements are becoming disruptive—routine estimates, data processing and disclosures.
Who’s Protecting Whom?
However, many are worried that this extensive reporting is being driven by auditors looking to reduce their own risk with the Public Company Accounting Oversight Board, with the report finding that auditors with negative PCAOB reviews will require more information from all clients to protect themselves.
“One executive told the researchers, “I really think it comes down to the PCAOB here. We find ourselves often challenging back if [our auditors] need the documentation they’re asking for because they [really] need it. . . . What we typically find is that if we push a little bit, it’s more of their fear of not having their documentation in check, if they would get picked for a PCAOB review.”
Knowing this, many are left asking if the PCAOB is moving the goalposts based on the inspections it has completed in the past year.
“One interviewee pointed to the impact of PCAOB inspection results, surmising that the impact flows from the PCAOB to the audit firm, and then to the preparer, as they’re often required to do more detailed work and provide more detailed documentation just to help the auditors feel more comfortable.”
Primary Challenges in Reporting
Driven by a lack of real-world examples, many have found three primary areas especially challenging. Non-routine transactions, mentioned above led the list of concerns with income tax provisioning and access to data coming in closely behind.
“For guidance, most financial executives rely on the COSCO framework followed by internal and external auditors. The top areas where the respondents indicated they want additional guidance and real-world examples are: justifying a position on the classification on an ICFR deficiency; monitoring controls, including testing for effectiveness; designing control activities; and identifying and analyzing risk.”
A Technological Divide
As the technology behind the audit continues to improve, both on the auditor and client side, many companies are still hesitant to adopt or apply technologies—even if they see the benefits.
Despite finding themselves behind the technological curve, many are looking forward to the impact that this technology may have, seeing positive impact on failure to prevent material misstatements; unauthorized alteration of accounting information; failure to detect material misstatements by the external auditors; and failure to detect material misstatements internally.
This may be driven by a talent gap. Something we’ve noted in the past few months, accountants have been finding problems finding the right kind of talent with the right skills—accounting-focused people often lack the technological understanding and technological people aren’t accounting wizards.
“One of the surprising results of this study is that some of the largest companies in the market are hesitant to adopt emerging technologies to improve ICFR because of the lack of qualified personnel to use the technology and the additional control risks that technology would introduce,” said study co-author Jeff Wilks, a professor at Brigham Young University’s School of Accountancy, in a statement. Finance execs with both accounting knowledge and IT talent are in huge demand and thus difficult to find in the current labor market.”
In fact, we’ve discussed the role of technology in handling the increasing complexity and needed flexibility in the audit process, noting that technology will help make audits more proactive and easier to work if you let them.
Setting Your Business on the Right Trajectory
The audit process is something that many companies need to make easier. From taking steps to improve relationships with the audit committee to balancing ease of use with assurance, your path to smarter audits can get you where you need to be.
Looking for advice on the steps that other companies are taking to improve the audit? Join the Controllers Council! Our exclusive forum provides members with a location to discuss strategies and tactics built to improve the business. Learn more about the benefits of membership and join today!
Additional Audit Resources
Audit Readiness: Six Ways to Approach Assurance without Breaking the Bank