By Charles Hall | Auditing
In this post, we look at how to audit accounts receivable and sales. We’ll answer questions such as, “should I confirm receivables or examine subsequent receipts?” and “why assume an overstatement of revenues?”
Picture from AdobeStock.com
Auditing Receivable and Sales — An Overview
In this post, we will cover the following:
- Primary accounts receivable and sales assertions
- Accounts receivable and sales walkthrough
- Directional risk for accounts receivable and sales
- Primary risks for accounts receivable and sales
- Common accounts receivable and sales control deficiencies
- Risk of material misstatement for accounts receivable and sales
- Substantive procedures for accounts receivable and sales
- Common accounts receivable and sales work papers
1. Primary Accounts Receivable and Sales Assertions
First, let’s look at assertions. The primary relevant accounts receivable and sales assertions are:
- Existence and occurrence
Of these assertions, I believe—in general—existence and occurrence and valuation are most important. So, the client is asserting that the accounts receivable exist and sales balances occurred and that they are valued properly.
Accuracy comes into play if the customer has complex receivable transactions. Additionally, the cutoff assertion is often seen as relevant, especially if the client has increased incentives to inflate the receivables balance (e.g., bonuses triggered by certain income levels).
2. Accounts Receivable and Sales Walkthrough
Second, think about performing your risk assessment work in lights of the relevant assertions.
As we perform walkthroughs of accounts receivable and sales, we are looking for ways that accounts receivable and sales are overstated (though they can also be understated as well). We are asking, “What can go wrong—whether intentionally or by mistake?”
In performing accounts receivable and sales walkthroughs, ask questions such as:
- Are receivables subsidiary ledgers reconciled to the general ledger?
- Is a consistent allowance methodology used?
- What method is used to compute the allowance and is it reasonable?
- Who records and approves the allowance?
- Who reviews aged receivables?
- What controls ensure sales are recorded in the right period?
- Is there adequate segregation of duties between persons recording, billing, and collecting payments?
- What software is used to track billings and collections?
- Are there any decentralized collection locations?
- When are sales recognized and is the recognition in accordance with the reporting framework?
- What receivables and sales reports are provided to the owners or governing body?
As we ask questions, we also inspect documents (e.g., aged receivable reports) and make observations (who is doing what?).
If controls weaknesses exist, we create audit procedures to respond to them. For example, if—during the walkthrough—we see inconsistent allowance methods, we will perform more substantive work to prove the allowance balances.
3. Directional Risk for Accounts Receivable and Sales
Third, consider the directional risk of accounts receivable and sales.
The directional risk for accounts receivable and sales is an overstatement. So, in performing your audit procedures, perform procedures to ensure that accounts receivables and sales are not overstated. For example, review the cutoff procedures at period-end. Be sure that no subsequent period sales are recorded in the current fiscal year.
Audit standards require that auditors review estimates for management bias. So, consider the current year allowance and bad debt write-offs in light of the prior year allowance. This retrospective review allows the auditor to see if the current estimate is fair. The threat is that management might reduce allowances to inflate earnings.
Moreover, the audit standards state there is a presumption (unless rebutted) that revenues are overstated. Again, the threat is an overstatement of income.
4. Primary Risks for Accounts Receivable and Sales
Fourth, think about the risks related to receivables and sales.
The main risks are:
- The company overstates accounts receivable and sales
- Company employees steal collections
- Without proper cutoff, an overstatement of accounts receivables and sales occurs
- Allowances are understated
Look for risks specific to the entity you are auditing. Risk vary from company to company.
Picture is from AdobeStock.com
5. Common Accounts Receivable and Sales Control Deficiencies
Fifth, think about the control deficiencies noted during your walkthroughs and other risk assessment work.
In smaller entities, the following control deficiencies are common:
- One person performs one or more of the following:
- billing customers,
- receipts monies,
- makes deposits,
- records those payments in the general ledger
- reconciles the related bank account
- The person computing allowances doesn’t possess sufficient knowledge to do so correctly
- No surprise audits of receivables and sales
- Multiple people work from one cash drawer
- Receipts are not appropriately issued
- Receipts are not reconciled to daily collections
- Daily receipts are not reviewed by a second person
- No one reconciles subsidiary receivable ledgers to the general ledger
- Individuals with the ability to adjust customer receivable accounts also collect cash (with no second-person approval or review of the adjustments)
- Inconsistent bad debt recognition with no approval process
- The revenue recognition policy is not clear and may not be in accordance with the reporting framework
6. Risk of Material Misstatement for Accounts Receivable and Sales
Sixth, now it’s time to assess your risks.
In smaller engagements, I usually assess control risk at high for each assertion. Controls must be tested to support the lower control risk assessments. Assessing risks at high is often more efficient than testing controls.
When control risk is assessed at high, inherent risk becomes the driver of the risk of material misstatement (controls risk X inherent risk = risk of material misstatement). The assertions that concern me the most are existence, occurrence, and valuation. So my RMM for these assertions is usually moderate to high.
My response to higher risk assessments is to perform certain substantive procedures: namely, receivable confirmations and tests of subsequent collections. As RMM increases I send more confirmations and examine more subsequent collections.
Additionally, I thoroughly test management’s allowance computation. I pay particular attention to uncollected amounts beyond 90 days. Uncollected amounts beyond 90 days should usually be heavily reserved. And amounts beyond 120 days should–generally–be fully reserved.
7. Substantive Procedures for Accounts Receivable and Sales
And finally, it’s time to determine your substantive procedures in light of your identified risks.
My customary audit procedures are as follows:
- Confirm accounts receivable balances (especially larger amounts)
- Vouch subsequent period collections, making sure the subsequent collections relate to the period-end balances (sampling can be used)
- Thoroughly review allowance computations to see if they are consistent with prior years, agree to supporting documentation, and are appropriately computed
- Create comparative summaries of all significant revenue accounts, comparing the current year amounts with at least three years of historical data
- Create summaries of average customer income and compare with prior years
- Compute average profit margins by sales categories and compare with previous years
8. Common Accounts Receivable and Sales Work Papers
My accounts receivable and sales work papers frequently include the following:
- An understanding of accounts receivable and sales-related internal controls
- Risk assessment of accounts receivable and sales at the assertion level
- Documentation of any control deficiencies
- Accounts receivable and sales audit program
- A detail of receivables comprising amounts on the general ledger
- Copies of confirmations sent
- A summary of confirmations received
- Subsequent collections work papers
- Allowance work paper
In conclusion, today we looked at how to perform accounts receivable and sales risk assessment procedures, the relevant accounts receivable and sales assertions, the accounts receivable and sales risk assessments, and substantive accounts receivable and sales procedures.
If you audit accounts receivable and sales differently, please share your ideas below.
Continuing Audit Series
This post is a part of my series titled the Why and How of Auditing. If you’ve missed the previous series articles, click here.
Next week, we’ll look at how to audit plant, property, and equipment.