Audits
August-October 2018
Audits and Constitutions
There are a lot of misconceptions out there about who does and doesn’t require an audit. The only not-for-profits that require an audit (or review) by law are registered charities with annual expenditure of more than $500,000 (with the exception of a very small number of organisations that have a statutory audit requirement through a different piece of legislation).
Some funders require audited accounts, but this is becoming less and less common, as funders are aware of the cost of auditing.
Many organisations commit themselves to an annual audit through a clause in their constitution or trust deed. In this case the requirement has legal force – an organisation has to comply with all of its constitution at all times.
The words ‘audit’ or ‘review’ have no legal meaning by themselves, so it is important to take note about what exactly it is the constitution requires:
- Some constitutions require certain qualifications from the auditor, or membership in a specific professional accounting body. Sometimes it says what the auditor cannot be, such as a member of the organisation being audited. Often the professional body that is specified no longer exists (such as Society of Accountants or Institute of Chartered Accountants), or it is unclear what level of membership in that body is required.
- Some constitutions specify the subject of audit. They may specifically talk about certain financial statements, but sometimes the subject of audit is specified as the organisation’s ‘receipts or vouchers’, or as payments to other parties. In such cases the organisation can enter into a ‘special purpose’ audit engagement which may be much more economical than a full audit, and could exclude the Statement of Service Performance, for example, that is required to be produced by charities.
Where financial statements are specified, these statements may no longer be compliant with rules for a registered charity, which can be problematic.
- Some constitutions specify a process for the audit. This is usually around a timeline, i.e. when the auditor is appointed, when it has to be done by, when it is presented etc. These timelines are rarely complied with in our experience, and often they are unrealistic.
- Some constitutions define the powers of an auditor. An auditor will not usually enter into an audit engagement with an organisation that restricts the auditor’s access to documents or people, and sometimes this is specifically enforced through the constitution as well.
An organisation is free to ask an auditor to provide assurance on certain aspects of the financial information only, as long as this complies with their own constitution. In such cases an auditor will specify what the scope of the audit was in their audit report.
April-May 2017
Do You Really Need That Audit?
Many charities are under the impression that for them an audit is mandatory. Unfortunately, we are coming across many cases where organisations have received incorrect advice about this from places who really should know the law.
There is no legal obligation to have an audit or any other form of assurance for any not-for-profits with three exceptions:
- You are a Registered Charity with operating expenditure of more than $500,000 in both the previous two years (the expenditure in the present year does not matter); or
- Your entity is publicly accountable within the definition of the Financial Reporting Act 2013. This applies to only a small handful of not-for-profits; or
- Your own constitution, Trust Deed or other Rules say you must have an audit.
Only if one of three situations applies to you is there a legal obligation to get assurance. The majority of not-for-profits does not.
There is a further misconception that funders require audited Financial Statements, or that they prefer them, or that your application is looked on more favourably if they are supported by audited accounts.
Christchurch’s three major funders, Rata Foundation, Department of Internal Affairs (Lottery/COGS) and the Christchurch City Council all say that they do not require audited accounts where you have no legal obligation to have one done. It is CCA’s experience that these three funders do not in practice favour organisations with audited Statements. Outside Christchurch we know this is true of most Community Trusts that arose from the sale of Trust Bank and the Savings banks to overseas interests in the 1990s (such as our Rata Foundation), with the notable exception of Foundation North.
The majority of gaming machine trusts or societies also do not require audited accounts.
Government Funding sometimes comes with the requirement to have Financial Statements audited. This is true notably for the Ministry of Education. However, the Ministry of Social Welfare and Ministry of Health tend to do their own (usually non-financial) audits with the organisations they fund. If you receive government funding, you will need to check your funding agreement.
Audit of Service Performance – You Can Opt Out!
If you are a registered Charity, your financial statements have to include a statement about your activities and achievements, usually called Statement of Service Performance.
By default, this is included in any audit done on those financial statements, which means we are trying to verify that any numbers you put here are at least in the right ballpark. However, unless your audit is mandated by law (because your operating expenditure is over $500,000), you can have this statement excluded from the audit. This is called a ‘limited scope’ audit, where the scope is limited to the financial parts of the report.
If you opt for a review, your activity statement is not included. This is because the New Zealand review standard, issued by the External Reporting Board (XRB) makes no mention of this statement, and therefore there is no guidance on what kind of testing should be performed for review purposes.
We are unsure if or how the Statement of Service Performance is used by readers of your financial statements, for example funders. People interested n your organisation for whatever reason are more likely to go to your web site or your facebook, or they may subscribe to your newsletter if there is one. That means the Statement of Service Performance really only makes sense if you have specific people interested in specific numbers that are reported on an ongoing basis, that are not captured anywhere else. For example, government funders have their own reporting requirements for your outputs, depending on what they fund, and would not rely on your Statement of Service Performance.
Is there anybody reading your financial statements, for whom the numbers you report in Service Performance are important enough that they would want an independent person to verify them? If the answer to this is yes, then having Service Performance included in an audit makes sense.
You Probably Don’t Have to Have a Review/Audit!
We can’t say this often enough: There is no legal requirement for most charities and other not-for-profits to have an independent audit or review. Many organisations have clauses in their constitutions that require an audit or review, and while a constitution is legally binding on the organisation, the organisation is free to change this clause.
Sometimes organisations are concerned that their funders will want to see an audit or review. This is generally not the case, but can be clarified with the funders directly.
We are concerned about the number of very small organisations requesting audits, which are of very little benefit to them and drain money away from service provision. While an auditor may find some issues with your accounting or presentation of financial reports, these are not usually important enough to make any difference. You might be better off to ask a reasonably knowledgeable person for a sanity check, rather than an ‘audit’.
Audits and reviews are poor tools for the needs of community organisations, because they were developed for completely different situations, namely to prevent companies from deceiving investors. Contrary to what people believe, audit processes are not designed to find fraud occurring within an organisation.
It is generally more useful (and economical) for a community organisation to have some advice on protecting themselves from fraud, and implement some basic procedures, than to have annual reviews or audits. CCA’s organisation-specific workshop covers a lot of this, for example (see here.) Talk to us about your needs.