Deciphering financial statements for
non-financial professionals is a common concern
for directors and they often search for questions
they should ask to assist in discharging them of their
fiduciary duty as a director.
If you’re a director of a corporation in Canada, in
exercising your powers and discharging your duties
as a director you must, among other things, exercise
the care, diligence and skill that a reasonably prudent
person would exercise in comparable circumstances
in adherence to the requirements of the Canada
Business Corporations Act. Fiscal responsibility
plays a significant part in the role of a director and
knowledge is key in discharging one’s responsibilities.
Understanding financial statements is a foundational
skill essential to any board member. Depending on
the nature of the organization the financial statement
issues may vary widely. That said, there are a number
of commonalities across financial statements, the
understanding of which can assist you in monitoring
your organization’s ongoing financial reporting.
1. The presence of an auditor’s report does not
ensure a company is free of fraud
Fraud can take many forms including
misappropriation of assets, corruption and
financial statement fraud. An audit involves certain
considerations with respect to identifying indications
of fraud; however it is important to understand that
a standard financial statement audit is not designed
specifically to identify fraud. Should the auditor identify
fraud or indicators of fraud during their audit, they are
obligated to take appropriate action, which ranges
from informing an appropriate level of management
of their findings to resigning altogether from the
audit engagement. However, a well-orchestrated
fraud, particularly one involving collusion, may not be
identified by standard audit procedures.
The best tool to prevent and detect fraud is having
anti-fraud policies and procedures. An important
aspect of this is a well designed and executed
internal control structure. The design of such internal
controls should take into account specific fraud risks
to which the company may be exposed and the
cost vs. benefit of mitigating such risks. Proactive
companies will take such issues into consideration
when entering into new lines of business or branching
out into new geographical areas, particularly where
business practices differ from home.
If you do suspect that a fraud has occurred
within your company, it may be necessary to bring
in a specialist to assist in identifying and quantifying
the fraud and suggesting measures to prevent similar
frauds from occurring again. In addition, the specialist
can assist is dealing with recovery options (insurance,
civil or criminal), preserving evidence and employee
termination options. The involvement of a third party
is key given that there is a very high cost of fraud,
including reputational risk. A swift and professional
approach to managing a fraud investigation will
provide much-needed assurance to stakeholders.
2. Most audits do not ensure that internal controls
are well designed or carried out effectively
A standard financial statement audit does involve
an assessment of a company’s internal controls, largely
for two purposes (1) where internal controls may be
tested to improve efficiency of the audit; and (2) to
determine whether weaknesses in the internal control
structure may give rise to audit risks. Further, when the
auditor is considering internal control issues, they do so
in the context of materiality, which often leaves smaller,
yet operationally significant, weaknesses undetected.
It is important that management and the Board not rely
on a clean auditor’s report as an indication that internal
controls are functioning effectively. Management
should periodically review the company’s internal
controls to ensure they remain appropriate and
perform periodic tests of their effectiveness to ensure
they’re being carried out effectively.
An important caveat to the above is that there
are specific audits carried out to test the design
and effectiveness of internal controls, such as those
performed for the issuance of a Service Auditor
Report. Such audits are carried out only in certain
circumstances and typically only for organizations
providing third party services, such as payroll
providers. The resulting reports will clearly identify that
they were for the purpose of testing internal controls.
The key here is to read the auditor’s report and
be sure you understand what they are expressing
an opinion on.
3. An organization’s management is responsible
for the financial statements and the many
decisions that factor into their preparation
The preparation of financial statements involves
a combination of science and art - a matrix of
management judgments and estimates, selection of
accounting policies, and interpretations of accounting
standards. An auditor performs procedures to
ensure that the position management has taken is
appropriate within the relevant accounting standards,
but it is management who makes the decisions and
the picture that is presented through the financial
statements reflects their position.
Bryndon L. Kydd, CPA, CA
Partner, Assurance Services
National Leader, Mining
BDO Canada LLP
www.bdo.ca
6 Things Every Director Needs to Know About Financial Statements
By Bryndon L. Kydd