The Auditor’s Consideration of Compliance with Laws and Regulations
- As part of obtaining an understanding of the entity and its environment in accordance with ISA 315 the auditor shall obtain a general understanding of:
a. The legal and regulatory framework applicable to the entity and the industry or sector in which the entity operates; and
b. How the entity is complying with that framework.
- The auditor shall obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations generally recognized to have a direct effect on the determination of material amounts and disclosures in the financial statements.
- The auditor shall perform the following audit procedures to help identify instances of non- compliance with other laws and regulations that may have a material effect on the financial statements:
a. Inquiring of management and, where appropriate, those charged with governance, as to whether the entity is in compliance with such laws and regulations; and
b. Inspecting correspondence, if any, with the relevant licensing or regulatory authorities.
- During the audit, the auditor shall remain alert to the possibility that other audit procedures applied may bring instances of non-compliance or suspected non-compliance with laws and regulations to the auditor’s attention.
- The auditor shall request management and, where appropriate, those charged with governance, to provide written representations that all known instances of non-compliance or suspected non-compliance with laws and regulations whose effects should be considered when preparing financial statements have been disclosed to the auditor.
- In the absence of identified or suspected non-compliance, the auditor is not required to perform audit procedures regarding the entity’s compliance with laws and regulations, other than those set out in paragraphs 12–16.
Audit Procedures When Non-Compliance Is Identified or Suspected:
- If the auditor becomes aware of information concerning an instance of noncompliance or suspected non-compliance with laws and regulations, the auditor shall obtain:
a. An understanding of the nature of the act and the circumstances in which it has occurred; and
b. Further information to evaluate the possible effect on the financial statements.
- If the auditor suspects there may be non-compliance, the auditor shall discuss the matter with management and, where appropriate, those charged with governance. If management or, as appropriate, those charged with governance do not provide sufficient information that supports that the entity is in compliance with laws and regulations and, in the auditor’s judgment, the effect of the suspected non-compliance may be material to the financial statements, the auditor shall consider the need to obtain legal advice.
- If sufficient information about suspected non-compliance cannot be obtained, the auditor shall evaluate the effect of the lack of sufficient appropriate audit evidence on the auditor’s opinion.
- The auditor shall evaluate the implications of non-compliance in relation to other aspects of the audit, including the auditor’s risk assessment and the reliability of written representations, and take appropriate action.