Data Analytics for Business Audit PDF

Summary

This document is a set of lecture notes on data analytics for business audit from Albert School. It covers topics such as basic definitions, key components of financial reports, the concept of risk and control, and the role of a statutory auditor.

Full Transcript

Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché 1st of December Introduction to management control 2h00 15th of December Deep dive in financial reporting 2h00 Data Analytics for audit and compliance 2h00 Python for financial analysis 3h00 Setting up a performance management dashboard in Power BI 6h00 19th of January 19th and 26th of January 2nd of February and 8th of March Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché BASIC DEFINITION It helps to assess the company's financial health and performance, facilitating informed decisions about investments, credit lending, and management strategies compensation, benefits, and job security viability and profitability of current or potential investments Investors Employees & Unions creditworthiness of the business setting goals & strategic planning Creditors & Lenders Management financial stability as a business partner compliance with financial regulations Regulatory Bodies 4 Suppliers & Customers KEY COMPONENTS OF A FINANCIAL REPORT Balance Sheet – A Snapshot of Financial Health Description: provides a snapshot of a company's financial position at a specific point in time. It lists the company's assets, liabilities, and shareholders' equity. Importance: crucial for assessing the company's financial stability and liquidity. Cash Flow Statement – Understanding Liquidity Description: tracks the flow of cash in and out of the business, categorized into operating, investing, and financing activities. Importance: essential for analyzing the company's liquidity and cash management. 5 Income Statement – Measuring Performance Description: shows the company's revenues and expenses over a specific period, culminating in the net profit or loss. Importance: vital for understanding the company's operational efficiency and profitability. Statement of Shareholders' Equity Description: outlines the changes in the equity section of the balance sheet over a period, including shares issued, dividends, and earnings or losses. Importance: important for shareholders to understand how their equity in the company has changed over time. INCOME STATEMENT 1 2 3 4 5 6 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché The concept of risk Definition of risk : Possibility, probability of a fact, of an event considered as harm or damage According to the Larousse dictionary In auditing, we associate a level with risk. The higher the probability and the impact, the higher the level of risk. Conversely, in the case where the probability is low and the impact minimal, the level of risk is low There are different types of risks: ▪ Strategic ▪ Financial ▪ Operational ▪ Picture ▪ Regulatory 10 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché The concept of control There are 3 main control functions within an organization: Internal control Internal control is a process implemented by the board of directors, management and staff of an organization, intended to provide reasonable assurance regarding the achievement of the following objectives: – carrying out and optimizing operations; – the reliability of financial information; – compliance with laws and regulations in force. Internal control is the responsibility of operational staff. Management control Management control is all of the organization's management instruments , allowing intervention at any time to ensure that objectives are achieved ; it is designed to allow reality to be compared with the objectives and to provide the elements for a decision. It involves the definition of standards, an information system capable of providing effective data, the detection of discrepancies between data and standards, and the determination of responsibilities. Compliance/compliance Compliance is an independent function which monitors and participates in ensuring that internal procedures comply with the law and regulations. It assesses the compliance of codes of conduct, instructions, procedures and organizations with the internal and external rules of the sector of activity. 12 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché The audit (1/2) Audit, advice and expertise We will distinguish below the 3 notions which are often associated in finance-related professions: Audit ▪ Generalist approach or specialist Advice ▪ Knowledge of a domain ▪ Process analysis ▪ Process analysis ▪ Fact collection ▪ Fact collection ▪ Areas for improvement ▪ Recommendations ▪ Support for implementation Obligation of means Obligation of means or result 14 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Expertise ▪ Specialist in a field ▪ Technical analysis ▪ Performance measures ▪ Solution and optimization Results The audit (2/2) Focus on audit Independent and objective activity which gives an organization assurance on the degree of control of its operations, provides it with recommendations to improve them, and contributes to creating added value. The audit helps the organization achieve its objectives by evaluating , through a systematic and methodical approach , its risk management, control and corporate governance processes, and by making proposals to strengthen their effectiveness. Source IIA / IFACI Audit and other forms of control Audit Periodic control : The audit takes place on a limited time basis. The audit is based on the work carried out by the organization's various control bodies. Internal control 15 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Management control Compliance Permanent control : These functions are carried out continuously in the organizations. Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Statutory Auditor The key elements of the Audit ▪ The key elements of the legal audit The Company The Auditor The Auditor Statue on the regularity, sincerity and faithful representation of financial statements Communicates and presents its report on the company's annual accounts 17 ▪ The Auditor is appointed by the The society Appoints the CAC for 6 financial years (during the AGM or in the statutes) Remunerates the CAC Makes available to the CAC any document which contributed to the formation of the accounts The CAC Carry out audit work with an obligation of means Identifies anomalies and reveals fraud and criminal acts Gives an opinion on the annual accounts in a report Shareholders / Third parties Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché are: shareholders for 6 financial years. ▪ The mandate is renewable. ▪ He assumes responsibility by expressing an opinion and establishing a report on the annual accounts. Shareholders Provide the funds necessary for the activity of the company Participate in company orientations during meetings The society Must put all shareholders on an equal footing (The CAC must ensure this) Pays dividends ▪ He is paid by the company he controls. Statutory Auditor Regulation of the profession and legal context Legal Context І Sarbanes-Oxley Act І Financial Security Law І Warsmann law of May 12, 2009 І Trade code І Monetary and Financial Code Professional Context І H3C: High Council of the Audit Office, external control body І CNCC: National Company of Auditors, representative body of the profession І PCAOB: Public Company Accounting Oversight Board, company created by the American Sarbanes-Oxley law in 2002 to supervise the audits of listed companies Audit reform (European law, transposed into French law and entered into force on June 17, 2016) The financial crisis of 2008 led the European Commission to rethink the organization of business, and in particular the role of auditors. The 4 challenges of the reform for French firms:  the rotation of firms (it is no longer possible to keep a client for more than 25 years),  the rotation of signing partners (a partner cannot sign the accounts for more than 6 years of practice),  the call for tenders (the call for tenders becomes obligatory for any designation of a CAC),  non-audit services (the reform introduces a list of prohibited services – previously, a list of authorized services). 18 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Statutory Auditor The concept of risk The company records its accounting transactions throughout the year Audit assertions: These are the criteria that financial information must meet so that it is regular and sincere The auditor's intervention is limited in time Completeness : A statement that financial statements are complete and include all items that should be included in the statement for a given accounting period. Existence and Occurrence : Assets and liabilities appearing in a company's financial statements actually exist as stated at the end of the accounting period. Accuracy The auditor's approach is therefore: ІA risk-based approach , i.e. targeted, ІAnd which is based on a level of meaning. Audit risk is the risk that the auditor issues a report expressing an unqualified opinion on financial statements containing undetected material errors or fraud. 19 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché : All figures presented in a financial statement are accurate and based on an appropriate valuation of assets, liabilities and equity balances. Obligation and Rights : All assets and liabilities included in a financial statement belong to the company issuing the statement. Presentation and Disclosure : All disclosures regarding the financial statement of the business are included in the statement and all information presented in the statement is presented fairly and clearly to facilitate understanding of the information contained in the statement. Statutory Auditor The concept of risk Risks linked to the audit approach: Risk of issuing an inappropriate audit opinion Audit risk Risk that the financial statements contain a material misstatement Inherent risk in the account (before internal control) 20 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Inherent risk Risk of material misstatement Risk of nondetection Internal control risk Risk that our audit procedures will not detect a material misstatement Risk that controls put in place by management to prevent or detect and correct anomalies do not operate as designed Statutory Auditor The concept of risk Imagine a rainy day of risks Inherent risk Anomalies Control environment Anomalies 21 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Statutory Auditor The concept of risk Inherent risk We perform audit procedures to obtain reasonable assurance that the financial statements do not contain any material misstatement. Significant inherent risk and ineffective controls = More substantive procedures (detailed tests) 23 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Anomalies Anomalies Statutory Auditor The concept of risk Inherent risk Significant inherent risk and effective controls = Testing of controls and possibly reduction of substantive procedures 24 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Anomalies Anomalies Statutory Auditor The concept of risk Inherent risk Insignificant inherent risk and effective controls = Ability to test controls and perform fewer substantive procedures Anomalies Financial state 25 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché USE CASE - Act as a Data Analyst for Audit 27 Case study: Audit of Tech & Co's accounting entries Controls to be implemented: Background: Tech & Co is a medium-sized company operating in the retail sector. Due to some inconsistencies reported in their financial statements, it was decided to carry out a detailed review of the accounting entries for the past year. 1. Check overall FEC balance Objective: The objective is to identify anomalies, inconsistencies, or signs of possible fraud through a series of automated checks using data analytics tools. 5. Identify duplicate entries Data: You have a database containing all last year's accounting entries, including date, description, amount, account debited, account credited, etc. 8. Identify entries on account 604 with a balance greater than a balance to be defined Implementation: For each of these controls, you can illustrate how to implement them using Python. For example, for the first control, you could show how to extract data from the entries, identify public holidays, and use a Python script to filter the corresponding entries. 10. Entries with generic or vague descriptions: Identify entries with generic titles such as "miscellaneous", "suspense", "other", "fraud". Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché 2. Reconciliation check between FEC and Balance sheet 3. Check balances by entry (identify only entries with a balance other than 0) 4. Identify entries out of audited period 6. Identify entries made on public holidays or weekends 7. Identify rounded amounts (at least "000", which could indicate approximate entries) 9. Analyze the most active accounts: Highlight accounts with a large number of entries to detect possible anomalies. 11. Benford's Law Benford’s law Where c is between 1 and 9 and log is a log10 Benford's Law, or the First-Digit Law, is a fascinating principle used in auditing and forensic accounting. It states that in many naturally occurring datasets, the leading digit is more likely to be small. For instance, the number 1 appears as the first digit about 30% of the time, significantly more than the expected 11.1% (if all digits were equally likely). This law becomes a powerful tool in auditing, as it helps in detecting anomalies or fraudulent activities in financial data. Auditors apply Benford's Law to assess if the numerical data in accounting records conform to its predictions, looking for deviations that could indicate manipulation or fraud. 28 Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché Albert Global Data School - Data Analytics for Business Audit - Antoine Bosché