Analysis of Xero Ltd Report Audited by Ernst & Young
Due to several audited companies facing dilution, several independence requirements have been implemented. These requirements majorly apply to listed entities, therefore Xero Ltd., one of the ASX 300 entity has been chosen for analysis in the report. Auditor of Xero Ltd is Ernst & Young. Their meeting the relevant independence requirements has been assessed from the prospects of non-audit services and their remuneration, to reach a conclusion that they have met them. The key audit matters presented by auditor in the audit report and the measures taken by them, have been analysed. Audit committee of Xero Ltd and their responsibilities have been analysed followed by the unqualified audit opinion provided by EY. Difference between management and auditor responsibilities has been considered, along with subsequent events occurring after the balance sheet date. Material information provided by EY in the auditor report and its impact on decision of an interested third party stakeholder has been assessed. Under-reported relevant details have also been considered, along with the associated follow-up questions to the auditor. The report ends on a conclusion regarding appropriateness of audit, audit committee operations and material information.
Recent years have seen a lot of companies going down from top to drain, and major of these companies have been the ones which are audited every year. This has brought down the reputation and confidence held by people on the auditors at large. And, therefore to instil back the confidence, IAASB brought about new auditor reporting requirements. CPA also had been taking several actions to support. The report analyses the annual report of Xero Ltd, an Information Technology Sector, audited by Ernst & Young to assess auditor carrying out the relevant requirements per IAASB, in addition to ensuring their independence, while working with the client. For assessment, Auditor’s Audit Report, the Key Audit Matters described and other relevant details provided in the annual report have been considered. Also, an assessment has been done regarding Audit Committee existence and functioning in the organization.
CPA Australia provides that Auditor Independence is based upon Statement about auditor’s independence and meeting of his ethical responsibilities along with a separate declaration under Corporation Act Section 307C (CPA Australia, 2018). Paragraph 40 of ASA 700 provides that the auditor shall provide a statement to those charged with governance that the auditor has complied with all the required ethical requirements that sum up to his independence. In addition Paragraph 50 requires the auditor to make a statement about their independence in the auditor’s report. The standard not only requires them to make a statement but also identify the applicable ethical requirements (AUASB, 2015). If the annual report of Xero Ltd be analysed, in the audit report’s basis for opinion paragraph, Ernst & Young specify that they are independent of the company in accordance with the “Professional and Ethical Standard 1 (revised) Code of Ethics for Assurance Practitioners” (Annual Report, Xero Ltd, 2017). Thus, the auditor have complied with the basic independence requirement.
Non-audit services by the Auditor
ASIC provides that in case the auditor provides non-audit services it can act as a conflict of interest situation for the auditor (ASIC, 2018). It routes from the fact that if an auditor provides non-audit services to the client, they cannot provide independent opinion on the financials of that client. Campa and Donnelly highlight that there are certain auditors which provide services which have direct impact on financial statements. And then when the auditor reviews those financial statement, they have this fact in their mind that the financial statements have been prepared by them, partially if not fully (Campa and Donnelly, 2016). Therefore the auditors are allowed to take only those non-audit services from their audit client, which they believe will not result in self-review situations and will allow them to provide an independent opinion.
Xero Ltd.’s management provide that any decision regarding non-audit work by the auditor requires an authorization from ARM Committee of the organization, so that those additional works do not hinder independence requirement for the auditor (Annual Report, Xero Ltd., 2017). The auditors state in their “Independent Auditors Report” that they have provided Xero with remuneration related market data, have helped them with R&D tax credit compliances and have issued a Type II Independence report on Xero’s controls in line with requirements of ISAE 3002. Also, they state that they have made a “Cloud Controls Matrix Gap Assessment” for the entity as well, along with some assurance services associated to Callaghan grant (Annual Report, Xero Ltd., 2017). If these non-audit services be analysed they are all not directly related to the financial statements, except for the remuneration data. Also, neither the management nor the auditors in the annual report, have specified the type of remuneration related market data provided by the auditors. If it merely relates to identifying relevant information and providing it to the client, which is further analysed by the client before impacting the financial statements, the auditors are still in the safe bracket within independence. All the other services are not directly or indirectly associated to financial statements, therefore they cannot be expected to result in a self-review situation. Thus, even though there are certain non-audit services which are provided by the auditor to their audit client, they are meeting the independence requirements.
Adeyemi and Okpala highlight that size of audit fees also impacts auditor’s independence. In case, where the audit firm is not too big and has small number of client, they usually become financially dependent upon the big audit client paying good fees (Adeyemi and Okpala, 2011). Below is an analysis of auditor remuneration derived by Ernst & Young from Xero Ltd.:
|(Amounts in '000)|
|Year ended 31 March||2018||2017||Difference||Difference %|
|Audit and review of financial statements||252||236||16||6.78%|
|Other Assurance Services||135||87||48||55.17%|
|Total Auditor's Remuneration||417||355||62||17.46%|
|Audit fee as a percentage of Revenue||0.10%||0.12%|
|Audit fee as a percentage of Total Assets||0.14%||0.12%|
The notes provide that other assurance services relate reporting on service organization controls and Callaghan Grant. The other services are remuneration provision data provided by Ernst & Young. There is no other detail related to auditor remuneration in the annual report or Independent Auditors Report. If it be assessed from the prospect of independence, auditor’s fee for audit services has increased by 6.78%. Audit Analytics provide that audit fees are usually either taken as a percentage of revenue or total assets by the big 4 companies. Ernst & Young is a Big 4 Company (Audit Analytics, 2014). If the audit fee be analysed from the prospect of revenue, there has been a decline in audit fees percentage, while if it is looked upon from the prospect of total assets, there is a two point increase (Annual Report, Xero Ltd, 2017). Since the total assets have not changed substantially it appears that the audit fee is based upon revenue. However it is not determinable as to why the audit fee of the company has decreased in percentile, when the revenue has increased.
Key Audit Matters
ASA 701 provides that the matters which were of most significant to the audit, shall be provided by the auditor along with Independent Auditors Report as Key Audit Matters (AUASB, 2015). Ernst & Young identified two key audit matters; Capitalised Development Cost and Impairment of capitalized development costs.
Capitalized Development costs are the cost incurred by the entity to develop internal software, which includes judgment. The cost is then amortized over estimated useful life. EY choose test of details to verify the nature of certain projects, applied test of control for testing the review procedures utilized by company to review rates to capitalize payroll costs and for testing effectiveness of other controls over payroll process. The auditor further used substantive test of details while assessing capitalized costs and adequacy of disclosures.
Impairment of Capitalized Development Cost relates to impairment of the same cost capitalized by the company. For assessing impairment, Ernst & Young utilized test of details for significant changes in use of software and assessment of redundancy. The auditor further took substantive test of balances approach to test the cash flows associated with capitalized software’s. Amortization periods adequacy was checked using substantive analytical procedures, by comparing them with past experiences. EY again utilized test of details to assess significant changes in market and the disclosures related to impairment (Annual Report, Xero Ltd., 2017).
These depict that though no comment can be made about identification of key audit matters, but the auditor has taken sufficient steps to ensure that identified key audit matters are addressed properly. They have applied all the relevant assertions. While assessing capitalization of costs, they have considered accuracy, existence, completeness, and presentation & disclosure, and for determining relevancy of impairment they have considered completeness, measurement and presentation & disclosure. This provides them with proper coverage of these Key audit matters.
CPA Australia highlight that audit committee is a committee which help the board in management of internal controls and corporate governance throughout the organization. It highlights that in 2003, ASX made it a mandate that the top 300 firms listed, shall have an audit committee (CPA Australia, 2018). In line with the same, Xero Ltd also has an audit committee. The annual report provides that its name is “Audit and Risk Management Committee”. Its responsibility to assist board in overseeing three areas of risk, audit and compliance. The committee consists of three members, all of which are non-executive directors (Annual Report, Xero Ltd., 2017). Audit and Risk Management Committee at Xero Ltd have a charter which specifies that the Committee shall have at least three members, who shall be non-executive and be majorly independent. Further the chair of the Committee shall not be Chair of Board, and shall be an independent non-executive director of Xero Ltd. The functioning of the Committee will be basis committee meeting, which shall be held at the least four times in a year. Committee’s basic responsibility is to assist board. They have to monitor liquidity of the company and plans to maintain it in future. Further, the Audit and Risk Committee shall support board in relation to external auditor’s appointment, removal, re-appointment, replacement, their fees and non-audit services. The audit and risk committee shall also keep an oversight of adequacy of internal controls and risk management framework in the organization. Finally their authority is restricted to the fact that they cannot take actions on their own, unless there is a mandate from Board (Xero Ltd., 2018).
Audit Opinion in 2017
There are four types of Audit Opinions; unqualified when everything is going appropriate, qualified when there is a matter of concern, adverse when the matter is significant and disclaimer when the auditor cannot substantiate on the financial statements (Sherman, 2018). The audit opinion for Xero Ltd., by EY in unqualified. They have stated that the financial statements give a true and fair presentation of the operations of the company, as per relevant financial reporting framework (Annual Report, Xero Ltd., 2017). This means that the auditors accept that they had sufficient resources available from their own end and management’s end to carry out audit, and those audit procedures or resources resulted them in forming an opinion that the financial statements present the true operations of the company.
Difference between Director’s and Management’s responsibilities from auditor’s responsibilities
AU Section 110 provides financial statements are not the responsibility of auditor instead they are directors and management’s responsibilities, while merely providing an opinion on them is the responsibility of an auditor (PCAOB, 2018). Further, ASA 700 requires an auditor to specify their own responsibilities in the audit report as well (AUASB, 2015). Therefore EY in their audit report as well, specify that their responsibility is limited to provide an opinion on financial statements of Xero Ltd. (Annual Report, Xero Ltd., 2017). If it be analysed, this difference provides that irrespective of whether the management has knowledge of relevant accounting standards, it is their responsibility to ensure that the financial statement have been prepared according to applicable framework. In case there is any misstatement, the auditor is merely required to identify it applying due care, and assess its impact on their audit opinion. In case it is too relevant, they can list it out in their audit report as well, in form of other matters paragraph. Though they shall inform the management about every misstatement, they are not supposed to help them in making adjustments regarding them.
AASB 110 define that subsequent events are the events that happen after the reporting date of the entity and before the financial statements are issued. Standard requires the entities to disclose all such events which existed on the reporting date and have impact on financial statements (AASB, 2007). Xero Ltd. has not recognized any subsequent event in their annual report for 2017.
Effectiveness of material information reported by Auditor
As an interested third party stakeholder, the first relevant information is opinion of the auditor. The auditor has given an unqualified opinion, which in itself instils confidence in the entity. This confidence is further supported by the fact that the auditor has stated that they are independent of the entity, and entity’s audit committee is also taking sufficient steps to ensure that the external auditor is independent. Auditor identifying key audit matters also highlight that the basic risk areas are the key audit matters. However, the management has not specified the percentage of the cost that is capitalized and the basis of such percentage. But, considering that the auditor has already assessed it, third party stakeholder can still hold confidence. If the financial statement of the company be analysed, company is making losses, and its total assets balance has also declined from the past. But the auditor report still lets one believe that the company may have potential. Thus, though not much material information has been reported by the auditor, their opinion gives confidence to the third party stakeholder.
Under-reported Material Information
There are two basic under-reported material information in the annual report of Xero Ltd. The first one relates to the key audit matters. Though the auditor has considered capitalized development cost as material, the financial statements or the notes do not disclose their calculation substantially. It has been provided that a percentage of cost is capitalized, but its base, the adequacy of calculation has not been provided. Further the auditor though has specified that there are certain non-audit services that they have provided. It has been left to speculation as to what will the effect of these non-audit services on financial statement. Best example relates to remuneration data. A user of financial statement will not be able to assess if the remuneration data impacts remuneration to employees in income statement or not.
Follow-up Questions to the Auditor
The first under-reported item relates to management disclosure. Therefore the auditor can be asked about their basis of opining that the relevant disclosures associated to capitalized development cost has been made by the entity in their financials. Also the auditor can be asked to specify the impact, both direct and indirect, that they believe their non-audit services have on financial statements of the company.
The report examined annual report of Xero Ltd., and the independent auditor’s report of Ernst & Young to the group. The auditor is complying with the relevant independence requirements and the annual report highlights that the audit committee of the company is supporting auditor is maintaining it. Non-audit services of the auditor and their remuneration has been analysed. Sufficient information about these two areas have not been provided in the annual report. Key audit matters described by the auditors, their assessment have also been analysed and it is believed that the auditors took substantial measures to ensure they are appropriately dealt with. Audit committee, audit opinion, difference of management and auditor responsibilities has been discussed. Further, the material information provided by auditor has been analysed along with assessment of under-reported matter and the associated follow up questions.