Search results

This paper aims to investigate the effect of voluntary non-financial reporting on the evaluation of audit risk from the auditors’ viewpoint in a post-crisis period. Furthermore, this paper analyses whether auditors perceive that voluntary non-financial reporting impacts audit risk differently for old clients as compared with new clients.

This study is conducted on a sample of Italian audit firms through a paper-based questionnaire. Both Big4 and non-Big4 audit firms have been included in the sample.

Results show that integrated reporting is perceived to be the most relevant reporting method and intellectual capital statement the least relevant. Surprisingly, empirical findings over the sample period show that auditors do not perceive statistically significant differences between old and new clients.

Auditors can identify opportunities to adapt their assessment model to include voluntary non-financial report information. Moreover, they can use different assessment models regarding the research variables in the case of new and old clients.

Empirical findings highlight the growing role of voluntary non-financial reporting in the auditors’ perception of their client’s audit risk. All the observed voluntary non-financial reporting forms, except for intellectual capital, are considered as relevant by auditors in the evaluation of their client’s audit risk when compared to an indifference point. In addition, findings reveal that female auditors perceive a reduced gap in the relevance between integrated reports and intellectual capital reports compared to their counterparts.

This rich descriptive study examines auditors' client risk assessment (i.e. “key audit matters”/critical audit matters) disclosures in expanded audit reports of 328 Financial Times Stock Exchange (FTSE) 350 companies. The study compares auditor-identified client risks with corporate risk disclosures identified in audit committee reports, in terms of number and type of risks. The research also compares variation in auditor-identified client risks between individual Big 4 audit firms. In addition, the study examines auditor ranking of their client risks disclosed.

The study manually content analyses disclosures in audit reports and audit committee reports of a sample of 328 FTSE-350 companies with 2015 year-ends.

Audit committees identify more risks than auditors (23% more risks). However, auditor-identified client risks and audit-committee-identified risks are similar (80% similar), as are auditor-identified client risks between the individual Big 4 audit firms. Only ten (3%) audit reports rank the importance of auditor-identified client risks.

Sample is restricted to one year, one jurisdiction, large-listed companies and companies audited by Big 4 auditors.

The study provides important insights for regulators, auditors and users of financial statements by identifying influences on disclosure of auditor-identified client risks.

The paper mobilises institutional theory to interpret the findings. The findings suggest that auditor-identified client risks in expanded audit reports may demonstrate mimetic behaviour in terms of similarity with audit-committee-identified risks and similarity between individual Big 4 audit firms. The study provides important insights for regulators, auditors and users of financial statements by identifying influences on disclosure of auditor-identified client risks.

This study investigates the association between interim audits and final audits. The authors focus on whether interim audits affect the audit time lag and the risk of restatement associated with final audits.

Two regression models are established to empirically test if an interim audit helps to reduce the audit time lag and the restatement risk on annual reports based on a sample of Chinese listed firms.

The authors find that performing interim audits helps to reduce the audit time lag. This result suggests that final audits can be completed more efficiently when interim audits are performed during the same period. The authors also find that the decision to audit interim reports is associated with a lower risk of restating annual reports. The lower risk of restatement in turn suggests more effective final audit results.

Together, the results from this study demonstrate that interim audits could benefit final audits, which highlight the value and importance of the continuous auditing.

The objective of this study is to present a theoretical framework, which helps ascertain the meanings of the Sharīʿah audit quality and identify the factors that affect it.

The current literature of conventional and Islamic finance on audit quality is critically reviewed to propose the theoretical framework for the quality of Sharīʿah audit.

The paper suggests that for a better Sharīʿah compliance at Islamic banking institutions (IBIs), the role of audit practitioners is very much indispensable. The competency of the practitioner is one of the important factors that affect the quality of the Sharīʿah audit. Assessment and identification of Sharīʿah risk in different financial arrangements, contracts and transactions require a unique competency on the part of the auditor, that is, gripping Sharīʿah law besides traditional assurance skills and techniques.

The Sharīʿah compliance is one of the primary objectives of IBIs, which works at the conceptual level, product development and implementation level, various business models and governance level. Sharīʿah audit function, internal or external, is an important component of Sharīʿah governance framework and provides an independent assessment of IBIs’ compliance with the Sharīʿah rules and principles and helps in managing the Sharīʿah non-compliance risk and ensuring sound internal Sharīʿah control system.

The paper proposes a theoretical framework for defining the Sharīʿah audit quality and determining the factors that are significant in affecting the Sharīʿah audit quality in the IBIs of Pakistan.

This study reviews and discusses the accounting literature that analyzes the role of auditors and enforcers in the context of fraud.

This literature review includes both qualitative and quantitative studies, based on the idea that the findings from different research paradigms can shed light on the complex interactions between different financial reporting controls. The authors use a mixed-methods research synthesis and select 64 accounting journal articles to analyze the main proxies for fraud, the stages of the fraud process under investigation and the roles played by auditors and enforcers.

The study highlights heterogeneity with respect to the terms and concepts used to capture the fraud phenomenon, a fragmentation in terms of the measures used in quantitative studies and a low level of detail in the fraud analysis. The review also shows a limited number of case studies and a lack of focus on the interaction and interplay between enforcers and auditors.

This study outlines directions for future accounting research on fraud.

The analysis underscores the need for the academic community, policymakers and practitioners to work together to prevent the destructive economic and social consequences of fraud in an increasingly complex and interconnected environment.

This study differs from previous literature reviews that focus on a single monitoring mechanism or deal with fraud in a broadly manner by discussing how the accounting literature addresses the roles and the complex interplay between enforcers and auditors in the context of accounting fraud.

This paper aims to update the cybersecurity-related accounting literature by synthesizing 39 recent theoretical and empirical studies on the topic. Furthermore, the paper provides a set of categories into which the studies fit.

This is a synthesis paper that summarizes the research literature on cybersecurity, introducing knowledge from the extant research and revealing areas requiring further examination.

This synthesis identifies a research framework that consists of the following research themes: cybersecurity and information sharing, cybersecurity investments, internal auditing and controls related to cybersecurity, disclosure of cybersecurity activities and security threats and security breaches.

Academics, practitioners and the public would benefit from a research framework that categorizes the research topics related to cybersecurity in the accounting field. This type of analysis is vital to enhance the understanding of the academic research on cybersecurity and can be used to support the identification of new lines for future research.

This is the first literature analysis of cybersecurity in the accounting field, and it has significant implications for research and practice by detailing, for example, the benefits of and obstacles to information sharing. This synthesis also highlights the importance of the model for cybersecurity investments. Further, the review emphasizes the role of internal auditing and controls to improve cybersecurity.

The existence of internal control for Sharīʿah-compliance promotes reasonable assurance that the Islamic financial institution’s (IFI’s) objectives are achieved in the following categories, namely, the effectiveness and efficiency of operations, the reliability of financial reporting and the level of compliance with applicable laws and regulations, as well as accounting and auditing standards. Sharīʿah non-compliant income (SNCI) is an important issue in IFIs’ operations. Thus, the purpose of this paper is to identify issues related to governance and internal control of SNCI in selected IFIs in Malaysia.

This research uses a case study approach to gather data on the measures of governance and risk management in relation to the internal control for SNCI in IFIs. Interviews were conducted with officers of the Sharīʿah and internal audit departments on internal control practices regarding SNCI.

Regulator’s guidelines on SNCI are simple and brief, lacking rigour in terms of governance, risk management and audit procedures. The section on SNCI is only a brief statement within the Bank Negara Malaysia’s Guidelines on Financial Reporting for Islamic Banking Institutions and also in the Operational Risk Integrated Online Network system operated by IFIs. Most of the respondents in the interviews suggested that there should be a proper guideline in determining the classification of SNCI. Second, although IFIs have established the purification account to manage SNCI, the real practice varies from one IFI to another. Third, although there are supposedly documented procedures established in relation to management and administration of SNCI, the following events still occur in practice, namely, no authorisation from the Sharīʿah Committee (SC) on various types of income channelled to the SNCI account; unauthorised use of SNCI for other purposes; SNCI not being reported in the annual financial reports; and distribution of SNCI prior to obtaining the SC’s consent. Fourth, there is an absence of Sharīʿah risk assessment conducted on operational risk by IFIs to identify any potential Sharīʿah non-compliant event.

This research contributes to the importance of Islamic corporate governance theory and Sharīʿah risk management, as well as strengthening the case for reporting SNCI to shareholders. It also contributes to the body of knowledge on the capability of the management in managing the internal control system of IFIs’ SNCI.

A new internal control assessment matrix is proposed for Sharīʿah-compliance in IFIs.

While the three lines model (TLM) provides an organizational structure to execute risk and control duties, research and practice show limitations in the model's implementation. These limitations result in governance issues. Such issues, together with control weaknesses, could be addressed by leveraging properties of distribution, transparency, and immutability of blockchain technology. To this end, in this paper the authors propose a conceptual control framework based on blockchain technology to augment control practice.

The design of the resulting blockchain-based control framework (BBCF) and its prototype, based on the design science research methodology (DSRM), is presented and discussed in terms of the potential impact in the context of the identified problems within the TLM.

One potential outcome of BBCF could be to redefine the scope and boundaries of some of the activities in audit and control practices from a more static to a more dynamic and prospective role. In a larger context of improving governance practices, the BBCF could set the path for a more inclusive and participatory interaction between the different governance actors of an organization.

However, this assumes that blockchain is more widely adopted despite its complexity and rigidity.

BBCF covering both a conceptual model design and a reference implementation provides an innovation in audit and control. BBCF could include all relevant stakeholders who have an interest in corporate governance and control activities, including the regulators.

The contribution intends to serve both as a starting point for discussing the evolution of audit and control practice based on blockchain technology, as well as an initial actionable prototype for experimentation and further development.

This study aims to understand independence in internal auditing by investigating how internal auditor independence is constructed when analysed in its corporate governance context.

A critical discourse analysis (CDA) of the corporate governance reports of Swedish large stock market listed non-financial companies, for three consecutive years, is undertaken, using a theoretical lens of organisational embeddedness and operational coupling to understand independence as a situated practice.

The study develops four archetypes of internal auditor independence – autarchic, instrumental, symbiotic and subservient – and discusses each archetype's implications for independence, related to tripartite relations with management and the audit committee, regarding who has the mandate to direct work and how the work is done. It finds that internal auditors always have a capacity to be independent. Although they are not independent in relation to agents in the subservient archetype, they are independent of those down the organisational chain of command, suggesting independence is both situational and relational.

The analysis contributes a novel approach to the literature and develops a conception of independence using the dimensions of embeddedness and coupling. The archetypes offer an analytical framework for future studies on independence.

Internal auditors may understand their practice differently through the archetypes that result from this study.

Internal auditors' power relations within corporate governance further an understanding of the pressures on internal auditors and their role.

This study contributes new knowledge on the situatedness of independence by showing how internal auditors are embedded and coupled helps build their independence.