In Rwanda there is a common expectation that each engagement performed by an auditor in the public sector has a fraud detection focus.
Very often, however, fraud detection will not be included as part of the assignment, and so the auditor won’t necessarily know whether fraud has been committed at the end of the process.
To guard against disappointment, it’s important to understand the various types of engagements conducted by auditors in the public sector.
Public sector audits might cover central and local government and development projects, for example. There are three main kinds of public sector audits: a financial statement audit, an agreed-upon procedures engagement and a non-audit assurance engagement. There are also value-for-money audits and forensic audits.
The first and most common type of engagement is a financial statement audit guided by International Standards on Auditing (ISAs). The purpose of this audit is to enhance the degree of confidence in financial statements among intended users. This is achieved by the expression of an opinion by the auditor on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework.
It’s important to remember with a financial statement audit that the auditor’s responsibilities may be affected by the audit mandate or by obligations on public sector entities arising from law, regulation or other authority (such as ministerial directives, government policy requirements or resolutions of the legislature). These may encompass a broader scope than an audit of financial statements in accordance with the ISAs.
Auditors may also be engaged to perform agreed-upon procedures regarding financial information.
Many times, this engagement is mistaken for a financial statement audit but the two are very different. In an agreed-upon procedures engagement, the auditor provides a report on the factual findings of agreed-upon procedures and no assurance is expressed.
The objective of an agreed-upon procedures engagement is for the auditor to carry out procedures of an audit nature to which the auditor and the entity and any appropriate third parties have agreed and to report on factual findings. This engagement is guided by International Standard on Related Services (ISRS).
Auditors can also perform non-audit assurance engagements (NAAE) which are not audits or reviews of historical financial information. Instead, the auditor expresses a conclusion (reasonable or limited assurance) on an appropriate subject matter using suitable criteria through a written assurance report based on sufficient appropriate evidence. The objective of NAAE is to enhance the degree of confidence among intended users (other than the responsible party) about the subject matter information.
Value for money audits (also known as performance audits) are in-depth special examinations of different areas. They may be initiated following the findings of a financial audit which require a full review of a particular area such as procurement and store management processes. Value for money audits cover economy, efficiency and effectiveness and hence may have a greater impact on the cost and quality of public sector services and projects than traditional financial audits.
Forensic audits are detailed investigations of allegations of fraud and are focused on specific transactions or processes. Their approach and scope is different from financial audits and the report provides a factual listing of the findings, including the evidence gathered.
Forensic audits may also be initiated, following the findings of a financial audit or if there are indications or suspicions that fraud has occurred.
Auditors may also perform other special assignments, including procurement reviews, financial process reviews, internal control reviews and other tailored assignments in line with the requirements of the institution.
In the public sector, it’s important to commission assignments so that they clearly define the objectives, requirements, scope, expected deliverables and outcomes (deliverables). That way, expectations are managed from the start so that stakeholders get what they want from an auditor engagement.
Florence Gatome is a Senior Manager with PwC Rwanda Limited.