Academic journal article Journal of Accountancy

Managing Risk in Audits of Financial Institutions; How CPAs Can Identify High-Risk Areas in Savings and Loan Audits

Academic journal article Journal of Accountancy

Managing Risk in Audits of Financial Institutions; How CPAs Can Identify High-Risk Areas in Savings and Loan Audits

Article excerpt

JOHN C. COMPTON, CPA, is a partner of Cherry, Bekaert & Holland, Charlotte, North Carolina. He is a former member of the American Institute of CPAs auditing standards board, the banking committee and the technical issues committees of the private companies practice section of the AICPA division for CPA firms. MALCOLM H. LATHAN, JR., CPA, Phd, is associate professor of commerce at the McIntire School of Commerce, University of Virginia, Charlottesville. He is a member of the American Accounting Association.

ROBERT S. KEMP, CPA, DBA, is associate professor of commerce at the McIntire School of Commerce, University of Virginia.

The banking industry is facing a crisis. Between 1985 and 1988, 689 banks and 499 savings institutions were either closed or given financial subsidies and help to maintain profitable operations by federal regulators. What does the future hold? The Congressional Budget Office predicts more than 600 banks insured by the Federal Deposit Insurance Corporation will fail in the next three years; help for these ailing institutions won't come cheaply. The cost of the savings and loan bailout recently was projected to reach $500 billion, with some estimates running as high as $1 trillion over the next 30 years.

In the past two years, over 300 people have been convicted of felonies related to S&L wrongdoing. The FDIC has filed 16 lawsuits against eight CPA firms for nearly $1.4 billion in damages in connection with their work on failed thrift institutions. Given these circumstances, it's an understatement to say audits of banks and savings institutions are high-risk engagements. This article identifies the high-risk areas of financial institution audits, describes how such audits should be managed within the framework of generally accepted auditing standards and suggests ways CPAs can effectively manage risk on these engagements.

THE NATURE AND FORCES Of RISK ASSESSMENT

Designing an audit plan for a financial institution requires an understanding of the audit's objectives and of the financial institution itself. These two factors interact to create unique and sometimes troublesome challenges.

Risk assessment. Statement on Auditing Standards no. 47, Audit Risk and Materiality in Conducting an Audit, cites audit risk as the risk that the auditor "may unknowingly fail to appropriately modify his opinion on financial statements that are materially misstated." Financial statements are considered materially misstated "when they contain errors or irregularities whose effect, individually or in the aggregate, is important enough to cause them not to be presented fairly in conformity with generally accepted accounting principles." While this definition applies to material misstatements in a client's financial statements taken as a whole, in planning an engagement auditors must assess audit risk and materiality in relation to individual account balances and transaction classes as well. This entails assessments of inherent risk and control risk so detection risk can be managed at an appropriate level.

In audits of financial institutions, audit risk should be established at a low level, given the needs and expectations of those who rely on the institutions' audited financial statements. Inherent risk can be affected by (1) internal factors, such as management style, an account's susceptibility to theft or other error and whether the account balance is derived from accounting estimates and (2) external factors, such as operations in a declining industry or market forces giving rise to risk associated with changing interest rates or liquidity needs.

As financial institutions grow, the relationship between the assessed level of control risk and audit risk becomes more critical. In smaller financial institutions, it may be practicable to decrease detection risk to a sufficiently low level through tests of details. In larger institutions, control risk is normally assessed at a less-than-maximum level. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.