by John McCarthy Consulting Ltd. | Sep 20, 2023 | Blog, News
The Protected Disclosures (Amendment) Act 2022 (the Act) requires certain entities to have in place procedures to establish internal reporting channels and procedures to enable workers make protected disclosures (defined as a ‘relevant wrongdoing’). From 17 December 2023 its scope will be expanded to employers with over 50 employees.
The Act already applies to certain entities from 1 January 2023 including entities employing over 250 employees and certain financial services (regardless of employee numbers) entities like AIFMs, MiFID firms, Irish UCITS management companies and other Irish financial service providers, as well as Irish domiciled corporate funds.
The 2022 Act expands the scope of the Protected Disclosures Act, 2014 to include areas such as:
- public procurement;
- financial services;
- anti-money laundering (AML);
- product safety and compliance;
- transport safety;
- environmental protection;
- radiation and nuclear safety;
- food and animal health and welfare;
- public health;
- consumer protection; and
- the protection of privacy and personal data.
Its scope is being enhanced from 17 December 2023 when employers with over 50 employees will need to have such a policy in place. The basic steps for employers are:
- the establishment, maintenance and operation of a secure and confidential internal reporting channel for workers who wish to make a protected disclosure, whether in writing, orally or both;
- the designation of an impartial and competent person who may be internal/external; and
- an obligation to provide workers with information on the internal/external protected disclosure reporting process.
The Act also creates a newly established Office of the Protected Disclosures Commissioner (www.opdc.ie) which will forward reports of work-related wrongdoing to the most appropriate body for initial assessment and follow-up.
Employees are given protection from dismissal from employment (among other protections) when they report a ‘relevant wrongdoing’ (defined which are defined to include:
- Where an offence has been or is likely to be committed;
- Non-compliance with a legal obligation – the 2014 Act excludes obligations arising under the worker’s contract of employment;
- A miscarriage of justice;
- Danger to the health and safety of any individual;
- Damage to the environment;
- An unlawful or otherwise improper use of funds or resources of a public body;
- Oppression, gross neglect or gross mismanagement by a public body; and
- Other breaches related to the financial interests of the EU the internal market, EU competition and state aid rules and internal market rules on corporate tax.
The legislation is complex and we cannot cover all its aspects in the space of a blog. We urge our readers to seek independent professional and legal advice where necessary.
IT Controls Assessment
Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying And Assessing The Risks Of Material Misstatement for accounting periods commencing 15 December 2021, which in practical terms means, accounting periods Ended 21 December 2022 and later.
Auditors dealing with the audits of entities with such accounting periods affected by these change will need, to adopt new audit programmes and, in additional to the normal audit tests, to also assess the entity’s IT controls (no ,matter what the size of that entity).
This is a significant new development for auditors of SMEs, in particular, and will be a game changer ion the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.
For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.
Please go to our website to see our:
- letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
- ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.
We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
by John McCarthy Consulting Ltd. | Sep 17, 2023 | News
Readers of our regular blog will be interested to hear that following an investigation lasting five years the UK Serious Fraud Office (SFO) (broadly equivalent to our Corporate Enforcement Authority – the CEA) has just, two weeks ago, brought fraud charges against four individuals, including a former director, who oversaw the financial failure of Patisserie Valerie – a chain of almost 200 high street bakeries.
Charges have been levied against:
● Former director and Chief Financial Officer of Patisserie Holdings Plc for 12 years, Christopher Marsh;
● His wife, accountant Louise Marsh;
● Financial Controller Pritesh Mistry and
● Financial consultant Nileshkumar Lad.
The SFO started their investigations, codenamed ‘Operation Venom’, in October 2018 just two days after the company abruptly suspended trading, closing 70 stores and causing the loss of over 900 jobs across the country when its debts were revealed. The company was rescued by Irish private equity firm Causeway Capital Partners, based in Dublin 2.
The SFO has charged all four suspects with conspiring to inflate the cash in Patisserie Holdings’ balance sheets and annual reports from 2015 to 2018, including by providing false documentation to the company’s auditors. During this time, the company also reported holding £28 million in bank accounts, yet concealed £10 million in debts from its investors and creditors.
The defendants are summoned to appear at Westminster Magistrates’ Court on 10th October 2023 to hear the charges against them.
It may be difficult to say for sure, but it can be argued that this collapse, along with that of Carillion in January 2018, triggered the Financial Reporting Council’s significant revisions to ISA 240 on fraud (entitled The Auditors Responsibilities Relating to Fraud in an Audit of Financial Statements) and ISA 315 (Identifying and Assessing the Risks of Material Misstatement).
One of the critical areas that all audits must now focus on is an assessment of the entity’s IT controls.
IT Controls Assessment
Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying And Assessing The Risks Of Material Misstatement for accounting periods commencing 15 December 2021, which in practical terms means, accounting periods Ended 21 December 2022 and later.
Auditors dealing with the audits of entities with such accounting periods affected by these change will need, to adopt new audit programmes and, in additional to the normal audit tests, to also assess the entity’s IT controls (no ,matter what the size of that entity).
This is a significant new development for auditors of SMEs, in particular, and will be a game changer ion the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.
For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.
Please go to our website to see our:
- letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
- ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.
We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
by John McCarthy Consulting Ltd. | Sep 17, 2023 | News
CRO Annual Report
The Companies Registration Office (CRO) published its 2022 Annual Report in July 2023.
Some highlights of interest to accountants and auditors will be:
- Notices filed about the lack of adequate accounting records maintained by companies (Section 392. Companies Act 2014 – the Registrar received 4 notices from auditors during 2022 (None were filed in 2021 and 7 such reports were filed in 2020);
- 19 cases (14 cases in 2021) occurred where auditors notified the CRO that their auditors registration number was used to file auditors reports without permission;
- 7 auditors were removed in 2022 compared to 11 in 2021;
- 2,655 auditors resigned in 2022, which is a fall of nearly 17% compared to the 2021 level of resignations (3,188);
- Limited companies make up 89% of the total corporate population at the end of 2022.
CRO Forum
Readers may already be aware that the CRO Forum is where the CRO hosts regular meetings with representatives of its client base, including representatives of the main accountancy bodies – the CCAB-I. This is the forum where issues like the issue of PPSN requirements for Directors are thrashed out. Minutes of past meetings may be viewed here for progress in CRO matters -the last meeting being in June 2023.
The next meeting takes place on 20 September 2023.
IT Controls Assessment
Auditors are reminded that there are relatively significant changes in the requirements of ISA 315 Identifying and Assessing the Risks of Material Misstatement for accounting periods commencing 15 December 2021, which in practical terms means, accounting periods Ended 21 December 2022 and later.
Auditors dealing with the audits of entities with such accounting periods affected by these change will need, to adopt new audit programmes and, in additional to the normal audit tests, to also assess the entity’s IT controls (no matter what the size of that entity).
This is a significant new development for auditors of SMEs, in particular, and will be a game changer in the type of audit documentation and evidence of assessment of such IT controls by the auditor on audit files.
For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.
Please go to our website to see our:
- letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
- ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.
We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
by John McCarthy Consulting Ltd. | Sep 6, 2023 | News
The Charities Regulatory Authority (CRA) published its 2022 Annual Report in July 2023.
The Annual Report shows some interesting developments across the charity sector. Some headlines are:
- Almost three-quarters (73%) of registered charities declared full compliance with the Charities Governance Code.
- On the downside, only two out of every five charities filed an annual report to the CRA on time during 2022. All charities are legally required to file such a report within 10 months of their financial year-end. The contents of these reports are published on the Register of Charities and provide essential information to help inform donors and the general public.
- 41% of registered charities are legally formed as companies, followed by schools representing 32% of registered charities.
- Nearly one in five registered charities had annual income in 2022 of less than €10,000.
Auditors of charities that have accounting years ended 31 December 2022 and later will need, in additional to the normal audit tests, to also assess the charity’s IT controls.
For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.
Please go to our website to see our:
- letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
- ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.
We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
by John McCarthy Consulting Ltd. | Aug 30, 2023 | News
It is timely to draw auditor’s attention to two important developments that have taken place in the audit arena since the beginning of the year.
Updated Audit Programmes
The first of these are the updated Audit Programmes available from the various, well-known sources. Audit Programmes needed to be updated for important changes made to two audit standards in particular, ISA 315 ‘Identifying and Assessing the Risks of Material Misstatement’ and ISA 240 on ‘The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements’.
Both standards became effective for the audits of accounting periods commencing 15 December 2021 or in practical terms, years ended 31 December 2022.
The audits of these periods have already concluded in many cases, but many are still in progress. Auditors please take note that there are significant additional requirements/changes in emphasis in these standards, especially in ISA 315, which has grown to 106 pages (regardless of the size of entity involved)! Therefore, the need to implement new audit programmes for these audits is imperative. The same applies to specialist audit assignments like charities, multi-unit developments and Central Bank regulated entities, like insurance brokers.
We will be writing more blogs on these changes in the coming months.
ISA 315 IT Controls
One of the significant changes in emphasis in ISA 315 is the additional detail in documentation of IT systems and controls. All audit files, regardless of the size of the audit, need to have sufficient/appropriate evidence on file of testing their internal IT and accounting controls in action.
Where weaknesses are found the implications need to be assessed – for example, weaknesses identified could trigger additional/wider scope audit testing.
Also, management need to be informed, in writing, of significant weaknesses identified and the severity/implications of these weaknesses – see more in ISA 265.
The purpose is to identify areas where there may be a risk of misstatement due to error or fraud.
This will influence the sample sizes and tailoring of the audit programmes.
So the results of controls testing needs to be assessed before progressing to do substantive testing. This is because the results of substantive tests cannot be used, as the scope and extent of these tests cannot be determined until the risk assessment process is complete.
For an easy to implement additional (two page) IT Controls Questionnaire to help document the above process, please click on this link to download immediately for only €60 + VAT.
Please go to our website to see our:
- letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
- ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.
We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.
