July 2020

How the new SAS-142 audit evidence standard embraces technology and automation

September 28, 2021July 29, 2020 by Stefano Colaiacovo, CPA, CA

A new audit evidence standard has been released by the American Institute of Certified Public Accountants (AICPA) that includes significant updates around how technology and automation can be leveraged throughout the audit process. Here, we’ll examine this standard and some of the most significant examples of how the AICPA has explicitly considered the applicability of analytics and automation to how audit evidence is gathered and concluded upon.

The Statement on Auditing Standards (SAS) No. 142 Audit Evidence is relevant for private company audits and takes effect for periods ending on or after December 15, 2022.

While the effective date of the guidance allows for lead time for the appropriate methodology changes and technology investment to be contemplated and implemented by firms ahead of calendar 2022 audits, the updates reflect the massive tailwinds of how data analytics and automated tools and techniques are well-positioned as catalysts for the reimagining of the audit life cycle. Furthermore, the potential afforded by these technologies to drive monumental improvements in both quality and effectiveness is only amplified further in today’s remote work environment.

Key concepts around audit evidence

It’s worth revisiting some of the basic principles around audit evidence and the responsibilities of the auditor before discussing how data analytics and automation can be transformative to how evidence is collected and generated.

The new standard clearly defines the auditor’s objective around audit evidence as follows:

“The objective of the auditor is to evaluate information to be used as audit evidence, including the results of audit procedures, to inform the auditor’s overall conclusion about whether sufficient appropriate audit evidence has been obtained.” (SAS No. 142, par 5)

The term audit evidence may conjure up images of stacks of source documents (invoices, purchase orders, cheque stubs, etc.) and detailed documentation of ticking and tying them all together in an Excel spreadsheet. But audit evidence isn’t just the outcome of detailed transaction-level testing, it’s more broad and includes the results of your risk assessment procedures and inquiry, any testing of controls, and the results of both detailed and analytical-based substantive testing (SAS-142, par A44).

In other words, the auditor, in exercising their professional judgement as to whether identified risks are properly responded to, has a wide net of support to consider on balance and weighed together to make that conclusion effectively.

So what type of things influence whether evidence is sufficient and appropriate? This comes down to how much evidence is required to respond to the identified risks of material misstatement, and how relevant and reliable that evidence is. The appendix to the standard specifically includes a number of examples and contemplation of what these key terms mean in practice and some of our takeaways (not exhaustive) include:

What types of factors impact the reliability of audit evidence?
- Source
  - Is the information from an external source, and therefore less susceptible to management bias (SAS-142, par A22)?
- Nature
  - Is the evidence “documentary” vs. provided orally through inquiry?
- The controls over the information and how it’s produced
  - How automated is the process by which data is generated and what is the relative strength of controls that the entity has in place? How is the accuracy and completeness of the information ensured?
- Authenticity
  - Has a specialist been involved in validating certain assumptions?

What types of factors impact the relevance of audit evidence?
- The accounts and assertions it relates to
  - Does the evidence tie directly to identified risks at the assertion level of an account? For example, purchase documents matched to payable transactions right before balance sheet date provides evidence against an early-cutoff risk but not a late-cutoff risk.
- The time period it pertains to
  - Does the evidence relate to the period under audit or specific subsets of that period where risk is relevant?
- Susceptibility to bias
  - How much influence over the information does management have?

These concepts are critical to keep top of mind as we consider the role of data analytics and automation because introducing technology to the audit process doesn’t diminish the auditor’s overall objective and requirement to obtain sufficient and appropriate evidence to support their opinion. Rather, the tests and techniques that we’ll review enable the auditor to more efficiently gather, interpret, and perhaps even generate the evidence that satisfy these criteria.

Facilitating high-quality and data-rich analytical procedures and risk assessment

Let’s consider the following excerpt from the new standard:

A59. Analytical procedures consist of evaluations of financial information through analysis of plausible relationships among both financial and nonfinancial data. Analytical procedures also encompass investigation as necessary of identified fluctuations or relationships that are inconsistent with other relevant information or that differ from expected values by a significant amount. Audit data analytics are techniques that the auditor may use to perform risk assessment procedures…

A60. Use of audit data analytics may enable auditors to identify areas that might represent specific risks relevant to the audit, including the existence of unusual transactions and events, and amounts, ratios, and trends that warrant investigation. An analytical procedure performed using audit data analytics may be used to produce a visualization of transactional detail to assist the auditor in performing risk assessment procedures….

Automated techniques such as the ones described in the guidance can be a very powerful and efficient method to assess relationships across the financial ledger. Having this type of analysis “out-of-the-box” at your fingertips, without detailed scripting or manual data wrangling, promotes efficiencies as well.

Here are a few examples of how the capabilities of MindBridge Ai Auditor align with a technology and data-driven analytical review and risk assessment that the standard explains.

Trend analysis

Our Trending analysis allows you to visually compare how one or more accounts moves over time. This allows you to assess how accounts or financial statement areas that you expect to be correlated (accounts receivable and revenue, revenue and costs of sales, etc.) are indeed tracking consistently. It’s important to note that this analysis is available on a monthly basis and is not just a simple year-over-year comparison. This empowers you to have a more nuanced view of what these relationships look like seasonally and more broadly.

You are also able to layer in filtering of the trends you are seeing, across additional operational dimensions of the financial ledger. For example, if an organization manages it’s P&L by department or region, you can examine how revenue breaks down across one or more of these dimensions with one click.

Ratios

Over 30 critical ratios are automatically calculated by Ai Auditor and the results are visualized on a monthly basis throughout the audit period. How each ratio trends in the current period against prior periods is readily apparent and points of deviation can be flagged for further investigation with your client.

With an appropriate amount of prior period data available, Ai Auditor performs a regression analysis called seasonal autoregressive integrated moving average (SARIMA) to graphically visualize the expected ranges for the ratio in the current period in addition to the trend lines. This is extremely valuable in identifying algorithmic outliers for further audit procedures and input to risk assessment.

Transaction-level analysis

The new standard specifically contemplates how unusual transactions or events in the financial ledger impact risk assessment and this aligns perfectly with Ai Auditor’s core competency of an ensemble-based AI algorithm that runs against every transaction and tags it with a single risk score:

A61. Analytical procedures involve the auditor’s exercise of professional judgment and may be performed manually or by using automated tools and techniques. For example, the auditor may manually scan data to identify significant or unusual items to test, which may include the identification of unusual individual items within account balances or other data through the reading or analysis of entries in transaction listings, subsidiary ledgers, general ledger control accounts, adjusting entries, suspense accounts, reconciliations, and other detailed reports for indications of misstatements that have occurred. The auditor also might use automated tools and techniques to scan an entire population of transactions and identify those transactions meeting the auditor’s criteria for a transaction being unusual…

In Ai Auditor, the ensemble-based algorithm includes over 30 different tests, termed Control Points, which range across rules-based, statistical methods, and machine learning-based techniques. The ensemble specifically includes tests for Unusual Amounts posted to an account, Rare Flows of money between accounts that don’t normally interact, and Outlier Anomalies.

With Ai Auditor, you can visualize the results of these tests in aggregate via dashboarding and drill down to the most granular level of a particular entry to see which Control Points are contributing to a certain score.

Techniques that facilitate highly efficient “dual-purpose” procedures

The new standard includes an illustrative example where a series of audit data analytical techniques are used as both a risk assessment procedure and a substantive procedure:

A46. An auditor may use automated tools and techniques to perform both a risk assessment procedure and a substantive procedure concurrently. As illustrated by the concepts in exhibit A, a properly designed audit data analytic may be used to perform risk assessment procedures and may also provide sufficient appropriate audit evidence to address a risk of material misstatement.

The exhibit being referred to in the passage above is quite compelling and certainly worth a detailed review (beginning at page 42 here). As an extension of the previous discussion around transaction-level risk scoring, assuming that additional considerations are satisfied, such as the effectiveness of controls over how the information is produced and the auditor’s confidence as to the accuracy and completeness of the information, the ability to “profile” transactions into relative risk buckets using an audit data analytic (ADA) routine is explicitly contemplated here.

If the results of that “profiling” can be used to not only to inform risk but also the nature, timing, and extent of further substantive audit procedures, the investment into building and integrating these types of techniques into your methodology could provide significant ROI in terms of execution efficiencies.

Take the first step towards a modern, data-driven technological approach to audit, contact sales@mindbridge.ai.

Assessing audit risk during engagements

May 26, 2022July 22, 2020 by Michael Bottala, CPA

Man using MindBridge to access financial risk

Three ways Ai Auditor strengthens your audit planning

The determination of where audit risks of material misstatement lie is a critical output of the audit planning process. Usually, identifying those risks is based on the auditors understanding of their client and the client’s operating environment. Auditors can now rely on a data-driven approach to better understand that environment. And this will positively impact the nature, timing, and extent of the audit procedures which respond to the identified risks.

Below, we’re exploring three ways that our Ai Auditor solution helps you streamline your audit planning, from start to finish.

How to enhance your audit planning using Ai Auditor:

1. Conduct thorough assessments for better audit planning

Just looking at a balance sheet or income statement at one point in time isn’t enough. Analyzing more financial data during the planning phase allows for a deeper understanding of the client’s operations.

Auditors have long used analytics to help assess a client’s operations. These tools help them gain insights and identify aspects of the entity that were either unknown or unfamiliar to the auditors. These data analytics essentially help them to better assess the risk of material misstatement, as well as provide a basis for designing and implementing responses to the assessed risk.

Working with Ai Auditor, the auditor can select a view of the ending balance or monthly activity. They can also analyze different transactional relationships within the general ledger to ask better questions and make more precise judgement calls.

For example, let’s say an auditor finds out the accounts receivable (AR) has a 10% change from the prior year to this year. The auditor can explore the AR activity and find out if this change was a normal increase or if there was any unusual activity that could indicate a new large customer or purchase at year end.

Another example would be if there was an account that had no significant change from the prior year ending numbers, but the activity was much different. Having more data would provide the auditor with better insight into the client’s operations.

Using Ai Auditor, an audit team can also look at relationships between accounts to identify if there are any unusual patterns. For example, perhaps they’ll notice that the cost of goods sold (COGS) and inventory trends appear to not follow consistent patterns. The auditor can then include a very specific and strategic task in the audit plan — to pinpoint the time when the trend does not follow expectations and investigate further.

2. Quickly identify unusual transactions across all data

The MindBridge Ai auditor solution automatically scores the risk of each transaction using Control Points. These Control Points include tests based on business rules, statistical models, and machine learning to identify the most uncommon and unusual items in the data set.

The machine learning engine in Ai Auditor looks at each unique data set and analyzes the frequency and amounts of the transaction. The engine also explores relationships between the account’s transactions that are being recorded.

Ai Auditor helps automate the analysis by flagging items that just don’t fit typical transaction patterns. It’s then up to the accountant to focus on the most uncommon and unusual items and dig deeper.

For example, Ai Auditor might flag the write-off of inventory because insurance-related payments seem uncommon or unusual. During the audit, the auditor might learn that this was due to a warehouse fire.

Essentially, the platform gives auditors better visibility on these unique circumstances right from the start of the audit. The auditor can then focus on these higher risk transactions, consider the ramifications of the transactions, and understand how those riskier items might impact the financial statements.

3. Retrieve and view transactional breakdown by audit area

Using Ai Auditor, an accountant can filter risks by category. This allows them to breakdown risk by account, branch, program, type of transaction, time, monetary value and more.

With this breakdown, the auditor will gain a better understanding of where relative risk lies across operations. They will also be able to see which control points are being triggered within a specific area and consider how that impacts the overall audit risk.

For example, let’s assume an auditor notices that the accounts payable (AP) entries are triggering a significant amount of risky transactions at year end, specifically in the Southwest branch of the operations. This might indicate cutoff issues. Or, if the sequence gap control point is triggered, perhaps the auditor will assume there are completeness issues.

During audit planning, auditors who think critically about how these control points might factor into the assertions for the various accounts will drive stronger results.

A stronger audit plan leads to stronger audits

A deeper level of critical thinking in the audit planning stage ensures a more efficient and effective audit. Auditors can leverage our MindBridge Ai Auditor solution as a feedback loop to further their understanding of the client’s operations.

Using the AI auditing platform, accountants can then uncover valuable insights to supplement their discussions with management and existing knowledge of the client. Those insights might include uncommon patterns in transactions, abnormal stratifications, unusual relationships between accounts, and breakdowns of trends or ratios. With this information at hand, auditors can ensure a well-planned and successful audit.

Do you think audit analytics make auditors even more relevant? We do. Read this next blog to find out more.

Don’t get left behind: A case for adopting accounting software

December 18, 2020July 14, 2020 by Shaye Thyer, CA

Accounting software trends have impacted the accounting profession in big ways. And in my view, one of the greatest analogies of this impact, and even of the way our team at MindBridge delivers value to our clients, comes from Sam Daish, Head of AI and Data Science at Qrious.

A story of three types of businesses

In his previous role as General Manager of Data Innovation at Xero, Sam addressed a room full of very traditional big-firm accounting partners. During this talk, he described the evolution of manufacturing in the time when electricity was new. He summarized the journeys of three business types:

Those who thought electricity was some strange wizardry and continued on as they always had
Those who tried to adapt their processes around electricity to make things work
Brand new businesses that sprung up native to electricity

Sam continued to tell the story of how manufacturing evolved in the 1880s. Businesses in the first category simply could not compete. They buried their heads in the sand. Their refusal to adapt was largely due to long-held pride in traditional expertise. The second group worked really hard to re-invent efficient processes—to make electricity bend and work around the way they’d always done things. The third set of businesses built operations with electricity at the heart. What happened to them?

The ‘ostriches’ were completely obliterated by the rest of the market
The ‘adapters’ really tried, but many businesses did not survive
The ‘electricity natives’ absolutely consumed the market. They shifted customer expectations and quickly devoured customer relationships that were long-held by large, big-brand traditional businesses that once dominated the industry

The parallels with the accounting industry’s state of flux surrounding technology adoption are profound.

First comes cloud accounting software, then AI accounting software

At one point, there was so much fear, worry, and apprehension about cloud accounting software. Many believed the accounting software would steal jobs from bookkeepers, graduates, and accountants in general. Yet the only ones who have experienced any negative outcome have been those who failed to adopt and adapt. Accounting firms who have embraced cloud accounting software and the client-centricity of the single ledger, and who have assisted their clients in doing the same, are dominating the market. It is not accounting technology replacing accountants – it’s accountants adopting technology that are replacing those accountants who are not.

So what about AI now?

Most would agree that diversification into advisory services is the key to modernizing accounting firms and aligning with client expectations. During Covid-19 times, we have seen a reversion back to the bread-and-butter of compliance for many accountants. What we will see moving forward is the evolution of compliance; it will feel less like putting numbers in a box and filling out forms (as this becomes more and more automated over time) and more like compliance risk mitigation, or ‘compliance advisory’. So for the future-fit compliance and advisory firm, AI accounting software comes to the fore when we ask ourselves: “So you have access to all this real-time data via cloud—what are you doing with it?”

When we look at accounting software trends, the message to support the adoption of AI is like that of cloud: “AI—it’s about task replacement, not human replacement”. The automation and ‘task replacement’ we now enjoy with cloud accounting software is similar to AI accounting software—these technologies are just doing parts of the job which no one likes anyway. For example, we love presenting insights to clients, showcasing our deep expertise of industry, and offering fancy visualizations that break down the complex into a simple picture. But we don’t like entering or churning through the data to get to the insights. So for this, we have AI. In a recent Accounting Today article titled ‘What AI does for accountants’, the author describes three areas in which accountants can leverage AI accounting technology right now:

Invisible accounting to automate reconciliations for clean, timely data
Active insight to drive better decisions
Continuous audit to build trust through better financial protection and control

Stepping towards success with AI

No matter where accounting firms are in their journey towards adopting new accounting software, one thing is clear—businesses need to, at the very least, start looking at the latest advancements in AI and all the advantages it offers, or risk being left behind. Some may be just jumping onto the cloud accounting software train. Others may begin courageously diving into AI. Regardless, there is a necessity for our established industry of accounting professionals to be deliberate about their re-learning journeys when it comes to accounting software. Those who seek to not only survive, but thrive, must ensure that data literacy and conceptual knowledge of what both cloud and AI accounting software can deliver are key to their business strategy moving forward.

How AI and data can power an effective audit plan

September 29, 2024July 2, 2020 by Gena Song, CPA, CA

An effective audit starts with a solid audit plan. While the overall audit strategy and plan can vary between clients, an auditor will usually establish risk assessment procedures and a how-to response for the risk of material misstatement.

The challenge is that sometimes, even the most thorough and comprehensive audit plans can still have gaps. In fact, every auditor understands there will likely always be some degree of uncertainty and unidentified risks before an audit begins. It’s in the initial audit planning stages that an audit team will often ask:

How can we lessen those unknown risks?
Is there an opportunity to confirm initial assessments about the industry or company?
Are there blind spots that we haven’t considered?

This is where machine learning (ML) and artificial intelligence (AI) can help. In this blog, you’ll learn how you can use MindBridge AI to spot risks and shift resources during preliminary engagement activities through each phase of the audit planning process.

Pinpointing audit risks using a data-driven method

Identifying the inherent business risks associated with the company is an important first step in the audit planning process. An auditor must analyze key risk factors such as understanding the industry risks, the company’s business, and any recent changes within the company to determine if and how these considerations will impact the audit plan.

Using Ai Auditor, an audit team can enhance the risk assessment process by retrieving powerful risk insights. That’s because Ai Auditor examines 100% of the company’s transaction data and alerts the team to any anomalies or underlying risks associated with the entity. With detailed data at-hand, the audit team can then move forward with greater confidence in the audit engagement, trusting that the risk assessment is comprehensive and complete.

Ai Auditor can also help the team to identify new risk areas that have might not been flagged in previous audits and include them in their audit plan. Not only does this ensure a well-planned audit, but it also minimizes the potential for duplicating audit procedures later on.

Evaluating the effectiveness of the company’s internal control over financial reporting is another area where using Ai Auditor can be a benefit. Much like traditional testing, the platform automatically identifies control points to spot high-risks transaction data. The auditing team can also adjust these control points and use other capabilities within the platform to recreate traditional control testing models. This data-driven audit method saves the team time while ensuring high levels of accuracy and diligence.

Building an effective audit strategy with Ai Auditor

After initial risk assessments and tests, the auditors will be able to establish an overall audit strategy. This sets the scope, timing, and direction of the audit and guides the development of the audit plan.

For instance, the audit team will derive important conclusions after evaluating the effectiveness of internal control over financial reporting. These will help them decide whether to use control testing, substantive testing, or a combination of both in their audit plan.

When planning the timing of the audit, the team might also consider using Ai Auditor during interim analysis and take advantage of roll-forward capabilities at year-end to ensure a more effective audit.

Considering how much time and resources go into an audit, Ai Auditor can become a force-multiplier for an audit team. The platform provides insights that help them become more efficient as they move through audit planning to engagement completion.

Developing an audit plan with data at your fingertips

As an auditor begins developing and documenting the audit plan, the reporting features within Ai Auditor can help. An auditing team can export powerful graphs and data to support the audit plan regarding details such as the planned nature, timing, and extent of the risk assessment procedures; the planned nature, timing, and extent of tests of controls and substantive procedures; and other planned audit procedures.

The team can also use Ai Auditor to download a single report that details any flagged items and automatically add this report to the audit plan. This ensures the team conducts deeper investigations on those transactions or simply helps to justify why certain samples were selected.

Completing the audit engagement with success

Ai Auditor helps to simplify auditing planning. The platform offers valuable insights and data that help an auditing team streamline risk assessments, build an effective strategy, and outline a comprehensive audit plan. And since an audit team will be able to conduct investigations easier and faster through every phase of the plan’s process, they’ll have more time to offer clients valuable insights and guidance.

Looking for more? Register to access our on-demand webinar titled ‘Riding the Waves of Transformation’ with Tom Hood, CPA.