The generally accepted auditing practices (GAAP) are those set-out Internationally which enable comparison of financial statements post audit across the world to be uniform except of local carve-outs. The ICAI formulates the Standards of Auditing (SAs) and auditors are to draw attention in case of non-compliance or material departures. GST audits are of various types such as a compliance audit, ITC audit, Review audit and the GST audit under section 35(5).
This is being conducted by many professionals which is an attest function with higher responsibility due to the phrase used “true and correct” disclosure of the information submitted therein coupled with the fact that this being the new law and many errors/ omissions etc. which may have crept in. An idea and possible applicability of the standards is explained in brief in this article to the extent understood for all types of audits ( which be in the nature of a management need but would include due compliance of GST law and procedures) more specifically for the mandatory audit.
1. SA 200 – Overall Objectives of Independent Auditor: Audit to be performed with integrity, objectivity, professional competence/ due care while keeping confidentiality. The audit process should be such that it can verify the accuracy of the GST figures disclosed. Items that are outside of the financial statements liable to GST would also need to be captured. The turnover as per the financial statements would have to be reconciled to the taxable turnover in GST. One of the overall objective of an auditor must be to obtain a reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework. This becomes important more so, when the GST auditor places reliance on the State level financial statements/ trial balance for the conduct of Audit.
Further, in performance of the GST audit, the auditor must consider the professional skepticism, professional judgment and evaluate the overall audit risk & the audit evidences available therein before and at the time of undertaking the GST audit.
2. SA 210 - Agreeing the terms of audit engagement: The detailed scope, coverage and limitations to the GST audit, the sharing of responsibility between the management and the auditor with reference to the present form (some changes expected in the final forms) should be clear and unambiguous. Further, apart from the above various other aspects such as professional fee, its billing pattern, audit schedule, team composition, expectation that the management would provide the written representation must be clearly carved out and most importantly it must be signed off and duly documented in the audit file.
3. SA 220 – Quality Control: The audit process should ensure that the professional standards as well as the GST requirements are complied with. Essentially this may involve ensuring the competence / capability of the audit team and that the work is reviewed by seniors/ qualified staff. A strong system of regular monitoring, direction and supervision must be exercised by the engagement manager/ partner. Further, a proper audit programme, approach and a detailed checklist can be shared with team as guidance for smooth conduct of audit in a timely manner.
4. SA 230 - Audit Documentation: Over time this aspect has assumed much importance to enable the working papers (including the soft copies) to prove that adequate procedures have been followed, provide the back up for the observations and conclusion reached. The possible working papers could be Engagement letter, minutes of the meetings, audit program, internal control questionnaires, audit checklists, query and resolution papers, significant correspondences, important agreements/ documents of entity. The above list is only illustrative, auditor needs to apply his professional judgment as to the nature and extent of documentation that needs to be obtained and maintained based on the various factors involved such as size, complexity, risk etc. involved in the audit.
5. SA 265 – Internal Control Deficiencies: It is a distinct possibility that many enterprises have very good internal control system. However, auditor needs to assess whether the existing controls in place ensures that the proper classification, capturing of non-financial supply transactions, valuation at other than invoice values, charging SGST+ CGST instead of IGST and vice versa (identification of proper place of supply) etc exists as an important assertion. Controls can be preventive, detective or corrective in nature, auditor needs to test the controls for its effective operation.
6. SA 299 – Responsibility of the Joint Auditors: The roles, responsibilities, disclosure requirements as well as reporting of Joint auditors as done in normal audits would have equal applicability in GST. This holds importance more so in the GST scenario where separate GST auditor is appointed by the entity for each of its registrations. The role, responsibility of each GST auditor must be clearly divided. Further, where a joint auditor comes across any matter relating to GST which would have an impact at the entire entity level for all of the GST registrations then or the matter relating to the areas of responsibility of other joint auditors and which deserve their attention then he should communicate the same to all the other joint auditors in writing. This should be done by the submission of a report or note prior to the finalisation of the audit.
7. SA 402 – Service organisation doing significant functions: The materiality of the services provided by the third party, the extent of interaction and nature of understanding could need that entity to be audited. The nature and extent of work to be performed by the user auditor regarding the services provided by a service organisation depend on the nature and significance of those services to the user entity and the relevance of those services to the audit. For example, in case outsourced accounting, auditor need to understand the nature and extent of the work performed by the entity and that which is performed by the third party and depending upon which the GST auditor can formulate the audit plan and the nature, extent and the timing of the coverage.
8. SA 530- Audit Sampling: The fact that GST needs a true and correct certificate means that the sampling to be such that it covers random as well as substantial value (may be 70+% of value of transactions whether of tax or credit to be covered) which is also evident from the depth of information being asked in the forms and the transactional level recommendations to be made by the auditor for the taxes to be paid by the entity. Mere random sampling may not be an efficient technique. Auditor may instead prefer a more judgmental sampling with a guiding principle that the sample must fully represent the population. The methodology of the sample selection and its adequacy must be clearly documented.
9. SA 580 - Written Representation: Management representation is an important safeguard for the auditors. Other than this there could be interpretational issues which the auditor may not be able to decide. Also, the limitation on the responsibilities of the client duly communicated and understood.
10. SA 600 – Using work of another Auditor: In GST audit done by another can be relied on specifically which conducting GST audit.
Example- in case the GST auditor is not the statutory auditor of the entity, then the GST auditor can obtain and use the working papers, computation sheets etc. prepared by the statutory auditors which can be helpful in the process of reconciliation with the annual returns. However, this cannot be done blindly. It may be ensured that due care has been exercised by the other. The other SAs which are applicable are as under:
a. 240 – Responsibility of frauds and material errors noticed in GST
b. 260 – Communication with those charged with governance of significant observations
c. 300 – Planning of GST audit after understanding the business by way of a GST audit program
d. 315- Risk of material misstatement
e. 320- Concept of Materiality in performing GST audit
f. 330-Proper response the assessed risk in terms of professional skepticism, supervision and increasing sample.
g. 450 – Evaluation of misstatement especially in GST as the understanding in the initial years may be low.
h. 510- Initial audit engagement to ensure that the carry forward of credits or claim on the stocks as on 30th June 2017 and filing of the transitional forms in time.
i. Analytical procedures including average tax paid, ITC claimed, ITC vs Turnover and other ratios (520 - maybe challenges in 1st year)
j. 550- Related party in GST could have valuation issues as also
k. 560- Subsequent events could also impact GST in case of sale on approval, goods rejected on quality control, debit notes delayed, non-payment in 180 days etc.
l. 610- Using work of internal auditors where available could support in planning the GST audit as the weaknesses of the systems would be known.
m. 620 – Using the work of expert can be a useful method where the GST audit is done in collaboration with an expert in GST.
n. 700- Forming of opinion on the “true and correct” state of affairs in Form 9C.
o. There could be a few other standards relevant which have not been identified as on date. GST Audit assists clients in identifying the various material and deficiencies on a timely basis and remit the appropriate taxes which if later identified by the department during scrutiny, assessments, audits can involve high costs of interests, penalties and most importantly puts up a big question on the audit performed earlier by the GST auditor.
Therefore, adherence to the auditing standards not only ensures quality in the performance of the work but it also acts as a safeguard for an auditor from the various risks involved in the GST audit. The article is based on the Chapter on Relevant Auditing Standards from the book - A practical Guide to GST Audits and Certification published by Bloomsbury updated earlier this month. Readers may refer for further details.
The authors can also be reached at firstname.lastname@example.org or email@example.com