IN PRACTICE
The Importance of Auditing Related Party Transactions by Phyllis Willoughby
The Importance of
Auditing Related Party Transactions
by Phyllis Willoughby
Business transactions with related parties may sometimes happen with other entities/individuals such as with family members, parent companies, subsidiaries or affiliated entities. It is important to disclose such arrangements within the Company’s financial statements otherwise if not disclosed the Company’s true financial results could be misleading.
Most Companies whether large or small will most likely have related parties therefore as 2022 audit year ends commence, careful planning in accordance with ISA (Ireland) 550 is essential whilst also considering the requirements per ISA (Ireland) 315, ISA (Ireland) 330 and ISA (Ireland) 240 in identifying risks of material misstatement associated with related party relationships and transactions.
Definition of a Related Party
A person or other entity that has control or significant influence, directly or indirectly through one or more intermediaries, over the reporting entity;

Another entity over which the reporting entity has control or significant influence, directly or indirectly through one or more intermediaries; or

Another entity that is under common control with the reporting entity through having:

  • Common controlling ownership
  • Owners who are close family members; or
  • Common key management

Key steps statutory auditors need to consider in identifying related party relationships and transactions.

As 2022 audits commence it is recommended to follow the suggested steps in identification of related party relationships and transactions. These steps can be incorporated into the audit plan whilst at the same time amalgamating other ISA requirements within ISA (Ireland) 315, 330 and 240 in identification and disclosure of related parties:

Step 1 – Discussion with engagement team of the susceptibility of the financial statements to material misstatement due to fraud or error that could result from the entity’s related party relationships and transactions.

Step 2 – Inspect managements comprehensive list of related parties and any changes from prior period.

Step 3 – obtain an understanding as part of risk assessment procedures controls in place to:

  1. Identify, account for, and disclose related party relationships and transactions in accordance with the applicable financial reporting framework.
  2. Ascertain whom authorizes and approves significant transactions and arrangements with related parties including transactions outside the normal course of business.

Step 4 – Inspection of records and documents that will assist in identifying information about related party relationships and transactions, such as:

  • Information supplied to regulatory authorities.
  • Shareholder registers.
  • Records of the entity’s investments, pension plans and life insurance policies.
  • Contracts, re-negotiated contracts and agreements with key management/those charged with governance including those that are not part of the entity’s normal course of business.
  • Internal audit reports.
  • Specific invoices and correspondence from the entity’s professional advisors.
  • Complex equity transactions, such as corporate restructurings or acquisitions.
  • Offshore transactions within jurisdictions with weak corporate laws.
  • Leasing of premises or the rendering of management services by the entity to another party if no consideration is exchanged.
  • Sales transactions with unusually large discounts or returns.
  • Transactions with circular arrangements, e.g. sales with a commitment to repurchase.
  • Transactions under contracts whose terms are changed before expiry.
  • Participation in unincorporated partnerships with other parties.

When assessing related parties for Small and Medium Sized Entities (SMEs) or undisclosed related-party transactions documents to review include:

  • The company’s current related parties and associated transactions register.
  • Minutes of directors’ meetings.
  • Current and new business transactions.
  • Debtors and Creditors ledgers within the accounting system.
  • Bank statements at year end and post year end.
  • Manual journal adjustments at year end and post year end.
  • Google search of the company.
  • Registrar of Beneficial Ownership (RBO).
  • Anti -Money Laundering documentation particularly Customer Due Diligence (CDD) records.
  • Meetings with management and those charged with governance.
Audit work in identifying related parties.
From a review of the international standards on auditing the main sections applicable for identification of related parties include understanding the entity’s organizational structure and ownership in accordance with ISA (Ireland) 315, this will allow the statutory auditor to determine whether related party transactions have been appropriately identified, accounted for, and adequately disclosed within the financial statements. Automated tools and techniques can be applied also to identify related party transactions with whom the entity conducts business.
two people on laptops at a small coffee table
The statutory auditor in accordance with ISA (Ireland) 330 shall then design and implement overall responses to address the assessed risks of material misstatement at the financial statement level, this will include incorporation of additional elements of unpredictability in the selection of further audit procedures to be performed regarding identification of related parties.

The statutory auditor shall then consider as part of fraud risk per ISA (Ireland) 240 transactions involving previously unidentified related parties or parties that do not have the substance or the financial strength to support the transaction without assistance from the entity under audit.

For example, a specific response to the auditor’s assessment of the risks of material misstatement due to fraud would be reviewing unusual transactions particularly those occurring at or near year-end, investigating the possibility of related parties and the sources of financial resources supporting the transactions.

Evaluation and disclosure of related party relationships and transactions within the financial statements.
The statutory auditor when forming an audit opinion in accordance with ISA (Ireland) 700 takes into consideration the size and nature of a misstatement, and the particular circumstances of its occurrence, when evaluating whether the misstatement is material in accordance with ISA (Ireland) 450. The significance of the transaction to the financial statement users may not solely depend on the recorded amount of the transaction but also on other specific relevant factors, such as the nature of the related party relationship.

The auditor shall evaluate:

  1. whether the identified related party relationships and transactions have been appropriately accounted for and disclosed in accordance with the applicable financial reporting framework, and
  2. Whether the effects of the related party relationships and transactions prevent the financial statements from achieving fair presentation or cause them to be misleading.
Written representations.
The statutory auditor shall obtain written representation of related parties from management and where appropriate those charged with governance confirming they have disclosed to the auditor the identity of the entity’s related parties and all related party relationships and transactions of which they are aware and that they have appropriately accounted for and disclosed such relationships and transactions in accordance with the framework requirements. An illustrative example of a representation letter can be found at Appendix 2 ISA (Ireland) 580.
man and woman on laptop together
Communication with those charged with governance.
Matters arising during the audit should be communicated with those charged with governance, these include:

  • Non-disclosure by management to the auditor of related parties or significant related party transactions, which may alert those charged with governance to significant related party relationships and transactions of which they may not have been previously aware.
  • The identification of significant related party transactions that have not been appropriately authorized and approved, which may give rise to suspected fraud.
  • Disagreement with management regarding the accounting for and disclosure of significant related party transactions in accordance with the applicable financial reporting framework.
  • Non-Compliance with applicable law or regulations prohibiting or restricting specific types of related party transactions.
  • Difficulties in identifying the party that ultimately controls the entity.
Documentation the financial controller of a Company provides to the Statutory Auditor regarding Related Parties.
The financial controller should be pro-active and provide the following information to the statutory auditor regarding related parties:

  • Copy of draft financial statements.
  • Information supplied to regulatory authorities.
  • Related party risk register.
  • Details of new loan agreements, re-financing agreements.
  • Manual journals at year end and post year end.
  • Minutes of Director meetings.
  • Registrar of Beneficial Ownership (RBO).
  • Directors Income tax returns filed with Revenue.
  • Governance Structure of the Company, including Parent and Subsidiary.
Conclusion
We recommend integrating the four key steps outlined above into planning and conclusion stages of the audit as this will strengthen audit work required for identification and disclosure of related parties. In accordance with the requirements of ISA (Ireland) 230 the statutory auditor shall prepare audit documentation on a timely basis including verifying names and nature of related party relationships. It is considered best practice to develop a related party register.

In relation to disclosure of related parties within the financial statements it is worth reviewing the Financial Reporting news section of Accountancy Plus.

IAASA published 23rd December 2022 key messages for auditors when auditing related party transactions, these included risk assessments performed for related parties, completeness, accuracy and reliability of the information received from management and whether it is sufficiently precise and detailed for the auditor’s purpose.

https://iaasa.ie/wp-content/uploads/2023/01/Related-parties-Factsheet.pdf

Phyllis Willoughby headshot
Phyllis Willoughby
Learning & Development Accountant
Member Services
CPA Ireland