Reserve your seat
Audit. It’s a scary word in the corporate world, yet every company has to do it. Whether it’s for your public company filing, your investors, or your board of directors, the audit is a critical time where an independent party provides assurance that your management team has presented an independent view of your company’s financial performance and position. Tax, equity, procurement, and general ledger are some of the areas that your auditors will focus on. However, the highest risk area in any audit is revenue. Revenue is the most visible number internally, externally, and to all types of investors and interested parties.
Audit. It’s a scary word in the corporate world, yet every company has to do it. Whether it’s for your public company filing, your investors, or your board of directors, the audit is a critical time where an independent party provides assurance that your management team has presented an independent view of your company’s financial performance and position. Tax, equity, procurement, and general ledger are some of the areas that your auditors will focus on. However, the highest risk area in any audit is revenue. Revenue is the most visible number internally, externally, and to all types of investors and interested parties.
Audit. It’s a scary word in the corporate world, yet every company has to do it. Whether it’s for your public company filing, your investors, or your board of directors, the audit is a critical time where an independent party provides assurance that your management team has presented an independent view of your company’s financial performance and position. Tax, equity, procurement, and general ledger are some of the areas that your auditors will focus on. However, the highest risk area in any audit is revenue. Revenue is the most visible number internally, externally, and to all types of investors and interested parties.
Once engaged, your auditors will spend a large amount of time and effort scoping out and assessing risk for all of the areas that feed into the financial statements. Once planning is complete, they will perform substantive detailed testing* and control-specific testing to ensure that your processes are tight.
Are there controls in place to ensure that the financial statements are materially correct? How did the team performing these controls ensure completeness and accuracy over the reports and spreadsheets used in the process? Is the process repeatable and documented so that anyone performing the associated controls will follow the same steps?
These are the core questions that the audit team will ask themselves when determining how to audit the process and where to (try to) poke holes.
Preventive controls are the best, but detective controls can also catch errors, so marrying the two to round out your control environment is essential.
When developing a control environment, keeping your audit in mind is critical. The audit team should feel comfortable that the control environment is robust enough to catch errors that could produce a material misstatement. Preventive controls are the best, but detective controls can also catch errors, so marrying the two to round out your control environment is essential.
Here, we will focus on pain points that come up specifically as it relates to the revenue process control environment and audit.
Industry best practices for data integrity and completeness include some automated controls such as system change management controls, but still mostly rely on the manual matching of data from multiple sources.
Your business may run on one type of transaction and source. For instance, all transactions could be invoices generated from your core accounting system. However, the reality of most businesses is that they rely on a wide range of systems. You may have credit card transactions coming from multiple sources, invoices from your accounting system, billings out of your subscription management tool, fulfillment confirmations out of a home grown system, and more.
This means that compiling and assessing your transactions on a monthly basis for review and closing of the books could be onerous and manual, and the process to identify transactions that require additional review after closing could be error-prone. Each company has their own way of mitigating these risks by focusing on data integrity and completeness.
The current industry best practice for individual contract review is to mine the data from these multiple systems as the review takes place. However, this process remains time consuming, inconsistent (especially during a time of high volume), and manual. Ideally, one could automate extraction into one record of truth.
You must validate that all of the transactions that happened on the litany of systems used by your company have flowed into your accounting system. This is often validated by pulling reports from each of these systems and comparing them to your ERP. Next, you must ensure that the transactions that flowed through to your system are accurate. Is the dollar value, currency, and revenue waterfall accurate based on the contract with the customer? Finally, when an audit comes around, you may have to prove how you validated the completeness and accuracy of your transaction population. This could be a combination of screenshots of your report parameters (that must be repeatable), reconciliations performed by the team, and other evidence that the system is accurately reporting your company’s activity.
Industry best practices for data integrity and completeness include some automated controls such as system change management controls, but still mostly rely on the manual matching of data from multiple sources. Automated matching for completeness and accuracy of your contract data would relieve much pressure and help you close the books faster.
When the audit comes around and the auditors make sample selections of your transactions, you must pull all relevant data from all of the systems involved and compile them in one place for the audit team to review. This usually happens through a file share system or on a secure site owned by the audit team. Manually adding transactional data to these files often leads to information being omitted or placed into the wrong location prompting follow-up by the audit team and delays in the testing process.
The current best practice, file sharing, is not sufficient to solve this challenge. Systematic population of a unique record for each customer contract would take manual file transfer and lack of appropriate support out of the equation.
Even the most organized companies struggle with the areas discussed above, but the best-in-class have a formalized process that is repeatable and streamlined. This leads to a consistent understanding of the process by the audit team (even new audit team members), and smoother, more consistent, and faster audits. Ensuring that these processes are as automated and streamlined as possible is the key to saving time and money!
Something that often goes unmentioned when discussing costs of an audit are the hidden costs: all of the time spent by a team member to pull relevant documentation and answer follow-up questions from the audit team could be spent on other, more critical initiatives for the team. Your company might have a policy of double checking any analysis that was performed on a transaction before sending it over to the auditors. Consistency is key. Once you can establish what the auditors are looking for, perform tasks within your accounting policy, and develop a streamlined and repeatable process, working with auditors will be a much less painful process. However, even if your process is solid, documented, and repeatable, this process is lengthy and consumes valuable time from your staff members.
Read more about automated contract review for revenue recognition purposes.
* Substantive detailed testing are those activities performed by the auditor to detect material misstatement or fraud at the assertion level.
We challenge you to beat our AI with your documents, free of charge
