What is a Self-Review Threat in Auditing?
When auditors have to assess work performed by themselves, the self-review threat occurs. Most audit firms usually offer accounting, tax, valuation, and internal audit services. An audit firm may have to offer the services required to cross check or verify its own work in some cases. For example, an audit firm helps a company finalize its accounts and then must audit the financial statements.
There is nothing illegal in doing so. Still, there is a risk that the auditors will not find or report any flaws in their work as they are afraid of being penalized either monetarily or facing a reputational risk.
Types of Self-Review Threats in Auditing
Most self-review threats occur when auditing firms offer a broader range of services that include non-audit services, like making management or year-end accounts for their audit clients.
Other areas where a self-review threat occurs are:
- Finalization of accounting records and financial statements
- Taxation and valuation services
- Internal audits
- General audits
- Corporate finance audits
- Management audit services
Ultimately financial statements can face an impact when auditors do any of these services for a client. Since there is always the chance of human and operational errors, misstatements can occur.
The self-review threat arises when the person reviewing the work is the person who did the work in the first place.
Occurrences of Self-Review Threat:
Since auditors usually offer a range of services to their clients, this is usually done on a team basis.
Each assignment is segregated between departments, as an audit team will not be performing account verification or taxation services.
Audit firms usually have exclusions in place between their different service departments. For instance, the auditing team will be excluded from the team that goes for accounting or taxation deputations.
Sometimes segregation will not be possible. For example, an auditing firm offers its clients auditing and accounting services.
The accounting team has three members that visit clients for their accounting work. But since account finalization is seasonal in nature, most of their time is spent on audit assignments.
In one assignment, an accounting team member is part of the audit team deputised for the financial audit of the same client for which they prepared accounts. Since the firm is short of staff, the accounting team member is overlooked and allowed to go on audit.
During the audit, a serious error is discovered. The accounting team member discovers the error and realizes that the responsibility for the error lies with the accounting team.
If the error is reported, their work will be liable for scrutiny, and they may face the consequences. Not reporting the error compromises the audit and affects all stakeholders negatively.
Impact of the Self-Review Threat in auditing
From the example above, not revealing the error affects stakeholders and makes the audit dubious. This is the real threat of self-review.
The auditor or the reviewer is the one that made the error in the first place, and that means that the impartiality and objectivity that auditors should have is compromised.
Aside from the situation in the example, there are a few more circumstances where the self-review threat can happen.
For instance, a new hire in an audit team is assigned to the new hire's former employers, where the new member will be auditing their work.
For a significant threat of self-review to exist, the person must have significant influence over the financial statements.
How to Guard Against Self-Review Threats
Auditors need to assess threats and challenges to their independence and objectivity. There are some steps that they can take to safeguard against such threats. These steps are dependent on the ground conditions.
The most successful protection against self-review threats is to separate the teams.
This means that non-audit services offered by audit firms need to be handled by different members for every assignment. Doing this means that members will not have to evaluate their work even though every team member is in an engagement, regardless of their position in the hierarchy.
As long as non-audit projects do not impact financial statements directly, they can be performed with common team members.
Audit firms are also free to perform tasks with common team members for non-listed clients.
There are no regulatory or statutory restrictions on them. However, they do need to make sure that their impartiality and objectivity are not threatened
The possible precautions for limiting the threat of self-review can be:
- Make sure that a member of an audit team does not provide any accounting services.
- Engaging a second person that doesn't go on deputations to examine the work or advice as needed.
- Document the independence concerns with the audit committee or board of directors. This will involve listing the services provided and the amount of fees collected.
- The services provided and the fees collected can be made a part of the letter of engagement.