The CPA Journal

AUDITING

March 2002

Auditing Nonstandard and Nonrecurring Entries

By Bruce H. Nearon, CPA, J.H. Cohn LLP

Nonrecurring and nonstandard entries and their relationship to financial misstatements have come to the profession’s attention. The Auditing Standards Board (ASB), Public Oversight Board (POB), SEC, and the U.K. Auditing Principles Board have all recently expressed their concern with these entries.
In order to get an understanding of current practice for nonstandard and nonrecurring entries, the author interviewed a small sample of audit managers and audit partners at middle-market regional CPA firms. From their comments it appears that audit practice is inconsistent, auditors could use guidance on what to look for, current practice may be relying on evidence that lacks credibility, and conclusions drawn from such evidence may be erroneous. The author presents a list of recommended audit procedures and calls on the ASB to develop an audit practice release (APR) for nonstandard and nonrecurring entries. The APR could help improve the reliability of audit practice and reduce fraudulent misstatements and audit failures.

Oversight and Standards Setting Bodies

The POB’s Panel on Audit Effectiveness Report (2000) noted that entities often used information technology to facilitate material fraud, such as making large numbers of small nonstandard entries, rather than a few large ones.

In SAS 94, the Auditing Standards Board states:

An entity’s financial reporting process also includes the use of nonstandard journal entries to record nonrecurring or unusual transactions or adjustments such as business combinations or disposal, or a nonrecurring estimate such as an asset impairment.

However, when IT is used to maintain the general ledger and prepare financial statements, such entries may exist only in electronic form and may be more difficult to identify through physical inspection of printed documents.

The SEC Chief Accountant’s 2000 Audit Risk Alert letter to the AICPA (October 13, 2000), referred to the Panel on Audit Effectiveness Report:
Financial statement misstatements are often perpetrated using nonstandard entries to record fictitious transactions or other events and circumstances, particularly near the end of the reporting period. The Panel’s quasi–peer review disclosed that in about 15% of the engagements reviewed, auditors did not have an adequate understanding of the client’s system for preparing, processing, and approving nonstandard entries. Furthermore, the Panel found that auditors did not perform procedures to identify and review nonstandard entries in about 31% of the engagements reviewed. Given the Panel’s findings, the staff believes auditors should review nonstandard journal entries to identify those that should be subject to further detail testing.

Great Britain’s Audit Principles Board also mentions these type of entries in “Aggressive Earnings Management” (September 2001): “Circumstances that could be indicative of aggressive earnings management may include nonstandard journal entries made close to the end of the year.”

Current Practice for Middle-Market Regional Audit Firms

In order to understand current audit practices for nonstandard and nonrecurring entries, five audit partners and audit managers from different large middle-market regional firms, each with over 10 years audit experience, were interviewed. Their comments follow:

Audit manager 1: An example of an unusual entry would be debiting a fixed asset account and crediting sales. It would be even more unusual if the entry was made several times during the year so that individually the transaction is not material, but in aggregate it would be.

Assuming that we didn’t use CAAT [to search for unusual transactions], we would scan the general ledger; however, this wouldn’t be efficient or effective for large clients with lots of transactions.

Auditors need guidance on what to look for and the type and extent of acceptable workpaper documentation.

Audit manager 2: We look for unusual entries in accounts receivable or inventory during year-end cut-off work. When scanning the year-end month, we look for non-cash accounts receivable credits and non–accounts payable inventory debits. Any of these that were reversed in the beginning of the subsequent period would be scrutinized more carefully. We also look for unusual adjustments to the accounts receivable allowance or other unusual entries that affect revenues.

If a client has loan covenant ratios that depend on earnings, and net income is close to causing covenant violations, then we would look deeper. We would also extend our procedures when executive compensation is tied to earnings thresholds and earnings are close to the threshold. The extent of our procedures for identifying fictitious nonstandard and nonrecurring transactions depends on management’s incentives to manage earnings.

Audit partner 1: Our audit procedures include scanning the journals and ledgers at year-end for unusual entries. Examples of these are if monthly depreciation entries changed from $100,000 to $1,000 in a single month, or charges to retained earnings or the building account during the year. We also look at both sides of the entry. For example, if the credit side of an interest expense was charged to an officer payable rather than a financial institution.
The issue of nonstandard and nonrecurring has to do with materiality, so immaterial transactions, even if unusual, would come under our radar. This whole issue has to do with detecting fraud, and current audit standards do not require us to perform special fraud detection procedures.

Audit partner 2: We scan the general ledger to identify unusual entries. Suppose we know that an audit client needs to increase income. The type of unusual entries we would look for, for example, would be debiting liabilities and crediting revenue, or debiting inventory and crediting cost of sales.
We try to determine the risk of misstatement for a particular audit. A nonprofit may want to look poor and understate assets and overstate liabilities. For larger clients we develop a more detailed understanding of internal control. We gain an understanding of how recurring entries are made and identify these. Then we filter out the recurring entries, and the remaining ones, which are nonrecurring, fall out.

However, this whole issue is really an issue for the larger firms.

Audit partner 3: Our firm does not have firm-wide audit policies and procedures for nonstandard and nonrecurring entries. The extent of our procedures varies from partner to partner. The Big Five have a different audit approach than the middle market firms.

Most of our audits focus on the balance sheet, and nonstandard and nonrecurring entries relate to transactions that affect the income statement; however, we still have audit steps to identify and review these type of entries. We gain an understanding of the closing process and how nonstandard and nonrecurring entries can get into the system. We use a client-by-client approach and we would tailor our audit procedures based on the particular client, not on a firm-wide policy.

The Problems with Current Practice

There are at least two problems with current practice for nonstandard and nonrecurring entries. First, there doesn’t appear to be much consensus on exactly what to look for. What is an unusual entry? Second, of the current approaches identified above, all but one relies on “scanning” journals and ledgers. Yet most companies maintain and prepare financial statements electronically. Once the client prints out the journals that are hundreds or thousands of pages long, how many auditors actually foot the journals to verify that the detail ties to the total? How many auditors know which controls prevent management and the IT department from deleting or altering transactions that are in the journals they are scanning? What evidence does the auditor have that the journals haven’t been “sanitized” and the fictitious entries removed? If the auditor’s workpapers do not document the answers to these questions, then any evidence from scanning journals is not credible. Relying on evidence that lacks credibility may lead to erroneous conclusions and, worse, audit failures.

Recommended Practices

The above comments by audit managers and audit partners are not a statistically valid sample of audit practices; however, they do provide a starting place. A starter list of possible audit procedures includes the following: