Today we take a look at auditing receivables and revenues.
Revenues are the lifeblood of any organization. Without cash inflows, the entity may cease to exist. So, it’s important that each business generate sales or some type of revenue. For you, the auditor, it’s important to verify the revenue.
Along with revenues, auditors need to prove receivables. Why? Some companies manipulate their earnings by inflating their period-end receivables. When trade receivables increase, revenues increase. So, a company can increase its net income by recording nonexistent receivables.
In this post, we’ll answer questions such as, “should I confirm receivables or examine subsequent receipts?” and “why should I assume that revenues are overstated?"
Auditing Receivable and Revenues — An Overview
In this post, we will cover the following:
- Primary accounts receivable and revenue assertions
- Accounts receivable and revenue walkthrough
- Directional risk for accounts receivable and revenues
- Primary risks for accounts receivable and revenues
- Common accounts receivable and revenue control deficiencies
- Risk of material misstatement for accounts receivable and revenues
- Substantive procedures for accounts receivable and revenues
- Common accounts receivable and revenue work papers
Primary Accounts Receivable and Revenue Assertions
First, let’s look at assertions. The primary relevant accounts receivable and revenue assertions are:
- Existence and occurrence
Of these assertions, I believe—in general—existence (of receivables), occurrence (of revenues) and valuation (of receivables) are most important. So, clients assert that:
- Receivables exist
- Receivables are properly valued, and
- Revenues occurred
Accuracy comes into play if the customer has complex receivable transactions. Additionally, the cutoff assertion is often relevant, especially if the client has incentives to inflate the receivables balance (e.g., bonuses triggered at certain income levels).
Accounts Receivable and Revenue Walkthrough
Second, think about performing your risk assessment work in light of the relevant assertions.
As we perform walkthroughs of accounts receivable and revenue, we are looking for ways they are overstated (though they can also be understated as well). We are asking, “What can go wrong, whether intentionally or by mistake?”
In performing accounts receivable and revenue walkthroughs, ask questions such as:
- Are receivables subsidiary ledgers reconciled to the general ledger?
- Is a consistent allowance methodology used?
- What method is used to compute the allowance and is it reasonable?
- Who records and approves the allowance?
- Who reviews aged receivables?
- What controls ensure that revenues are recorded in the right period?
- Is there adequate segregation of duties between persons recording, billing, and collecting payments? Who reconciles the related records?
- What software is used to track billings and collections?
- Are there any decentralized collection locations?
- When are revenues recognized and is the recognition in accordance with the reporting framework?
- What receivables and revenue reports are provided to the owners or the governing body?
As we ask questions, we also inspect documents (e.g., aged receivable reports) and make observations (e.g., who collects the payments?).
If controls weaknesses exist, we create audit procedures to respond to them. For example, if—during the walkthrough—we see inconsistent allowance methods, we will perform more substantive work to prove the allowance balances.
Directional Risk for Accounts Receivable and Revenues
Third, consider the directional risk of accounts receivable and revenues.
The directional risk for accounts receivable and revenue is an overstatement. So, in performing your audit procedures, perform procedures to ensure that accounts receivables and revenues are not overstated. For example, review the cutoff procedures at period-end. Be sure that no subsequent period revenues are recorded in the current fiscal year.
Audit standards require that auditors review estimates for management bias. So, consider the current year allowance and bad debt write-offs in light of the prior year allowance. This retrospective review allows the auditor to see if the current estimate is fair. The threat is that management might reduce allowances to inflate earnings.
Moreover, the audit standards state there is a presumption (unless rebutted) that revenues are overstated. Therefore, we are to assume revenues are overstated, unless we can explain why they are not.
Primary Risks for Accounts Receivable and Revenues
Fourth, think about the risks related to receivables and revenues.
The main risks are:
- The company intentionally overstates accounts receivable and revenue
- Company employees steal collections
- Without proper cutoff, an overstatement of accounts receivables and revenue occurs
- Allowances are understated
- Revenue recognition
Risks related to revenue also vary from company to company. For example, one telecommunications company might sell bundled services while another may not. Revenue recognition is more complex (risky) for the company selling bundled services.
Also, revenue risks vary from industry to industry. For example, the allowance for uncollectible is normally a high risk area for healthcare entities, but may not be so for other industries.
Common Accounts Receivable and Revenue Control Deficiencies
Fifth, think about the control deficiencies noted during your walkthroughs and other risk assessment work.
In smaller entities, the following control deficiencies are common:
- One person performs one or more of the following:
- bills customers
- receipts monies
- makes deposits
- records those payments in the general ledger
- reconciles the related bank account
- The person computing allowances doesn’t possess sufficient knowledge to do so correctly
- No surprise audits of receivables and revenues
- Multiple people work from one cash drawer
- Receipts are not appropriately issued
- Receipts are not reconciled to daily collections
- Daily receipts are not reviewed by a second person
- No one reconciles subsidiary receivable ledgers to the general ledger
- Individuals with the ability to adjust customer receivable accounts (with no second-person approval or review) also collect cash
- Inconsistent bad debt recognition with no second-person review process
- The revenue recognition policy may not be clear and may not be in accordance with the reporting framework
Risk of Material Misstatement for Accounts Receivable and Revenues
Sixth, now it’s time to assess your risks.
In smaller engagements, I usually assess control risk at high for each assertion. Controls must be tested to support any lower control risk assessments. Assessing risks at high is often more efficient than testing controls.
When control risk is assessed at high, inherent risk becomes the driver of the risk of material misstatement (inherent risk X control risk = risk of material misstatement). The assertions that concern me the most (those with higher inherent risks) are existence, occurrence, and valuation. So my RMM for these assertions is usually moderate to high.
My response to higher risk assessments is to perform certain substantive procedures: namely, receivable confirmations and tests of subsequent collections. As RMM increases, I send more confirmations and examine more subsequent collections.
Additionally, I thoroughly test management’s allowance computation. I pay particular attention to uncollected amounts beyond 90 days. Uncollected amounts beyond 90 days should usually be heavily reserved. And amounts beyond 120 days should—generally—be fully reserved.
Substantive Procedures for Accounts Receivable and Revenues
And finally, it’s time to determine your substantive procedures in light of your identified risks.
My customary audit procedures are as follows:
- Confirm accounts receivable balances (especially larger amounts)
- Vouch subsequent period collections, making sure the subsequent collections relate to the period-end balances (sampling can be used)
- Thoroughly review allowance computations to see if they are consistent with prior years; compare allowance percentages to industry averages; agree to supporting documentation (e.g., histories of uncollectible amounts); recompute the related numbers
- Create comparative summaries of all significant revenue accounts, comparing the current year amounts with historical data (three or more years if possible)
- Create summaries of average per customer income and compare with prior years (you may want to do this by specific revenue categories)
- Compute average profit margins by sales categories and compare with previous years
Common Accounts Receivable and Revenue Work Papers
My accounts receivable and revenue work papers frequently include the following:
- An understanding of accounts receivable and revenue-related internal controls
- Risk assessment of accounts receivable and revenue at the assertion level
- Documentation of any control deficiencies
- Accounts receivable and revenue audit program
- A detail of receivables comprising amounts on the general ledger
- Copies of confirmations sent
- A summary of confirmations received
- Subsequent collections work papers
- Allowance work paper
- Revenue comparison work papers
In this chapter, we’ve looked at the following for receivables and revenues:
- How to perform risk assessment procedures,
- Relevant assertions,
- Risk assessments (as a result of the risk assessment procedures), and
- Substantive procedures
Next, we’ll see how to audit plant, property, and equipment.