AAF AUDIT: Identifying and Resolving Non-Compliances

AAF audit: Identifying and Resolving Non-Compliances

AAF audit: Identifying and Resolving Non-Compliances – The AAF  audit and Assurance Faculty is pleased to offer the latest technical updates on developments in auditing and assurance, financial reporting, and ethics. Please note that only members of the AAF audit and Assurance Faculty and Faculties Online subscribers have access to these updates.

AAF audit
AAF audit, audit & assurance faculty services

1. Most Frequent Types of AAF Audits-

There are many different types of audit and assurance services, and each one is designed to meet a specific need. The most common types of audit and assurance services are financial statement audits, internal audits, operational audits, and compliance audits.

Financial statement audits are the most common type of audit, and they are performed to provide assurance that a company’s financial statements are accurate and free from material misstatement. Internal audits are performed to assess a company’s internal controls and to identify potential areas of improvement. Operational audits are performed to assess a company’s operational effectiveness and to identify potential areas of improvement. Compliance audits are performed to assess a company’s compliance with laws and regulations.

2. Process for Identifying Non-Compliances AAF audit

As part of our audit and assurance process, we identify any non-compliances that may exist within an organization. This includes looking for any areas where the organization is not following the relevant laws, regulations, or standards.

Once we have identified any potential non-compliances, we assess the risk associated with each one. This helps us determine the mix of activities that need to be undertaken to mitigate the risks. We then develop a plan to address the non-compliances, which is tailored to the specific needs of the organization.

The goal of this process is to help organizations improve their compliance posture and reduce the risk of non-compliance. We work closely with our clients to ensure that they understand the requirements and can meet them.

3. Resolving Non-Compliances-

All non-compliances must be resolved in a timely and effective manner to maintain the quality of the audit and assurance process. Below is a step-by-step guide on how to resolve non-compliances:

1. Review the non-compliance with the relevant parties involved.

2. Determine the root cause of the non-compliance.

3. Implement corrective action to prevent non-compliance from happening again.

4. Follow up after implementing corrective action to ensure the non-compliance has been resolved.

4. Why AAF audits are important?

An AAF audit is an important step in ensuring that an organization’s financial statements are reliable. The audit also helps to ensure that the organization is in compliance with laws and regulations. AAF audits are conducted by independent auditors who examine an organization’s financial statements and other records.

The audit provides senior management with assurance that the financial statements are accurate and reliable. It also provides assurance that the organization is in compliance with laws and regulations. The audit also helps service auditors to assess the quality of the organization’s internal controls.

5. Tips for Avoiding AAF Audit Findings in the Future

As an audit and assurance faculty, it is our job to provide findings for our clients. However, no one wants to be on the receiving end of a finding. So what can you do to avoid audit and assurance faculty findings in the future?

Here are a few tips:

1. Understand the requirements of the Standards.

2. Make sure you have adequate documentation to support your work.

3. Pay attention to detail and don’t let anything slip through the cracks.

4. Be proactive in identifying and addressing risks.

5. Communicate openly and candidly with your audit and assurance faculty.

By following these tips, you can help reduce the chances of getting audit and assurance faculty findings in the future.
visit for more blogs – Accorp  Partners

The New AAF 01/20: How It Replaces The AAF 01/06

Introduction: –

The updated version of AAF 01/06 is now available as of January 2020. This new version includes Control Objectives for administrators, investment managers, and other data recording industry workers. Technical release AAF 01/20 replaces the old AAF 01/06 reporting for periods beginning on or after 1 July 2020. It is encouraged that people adopt this new version early.

What is the AAF 01/20?

The AAF 01/20 (Audit and Assurance Faculty) provides guidance on the auditor’s consideration of internal control in an audit of financial statements to the financial institution . This document applies to all audits of financial statements performed in accordance with generally accepted auditing standards (GAAS).

How does the AAF 01/20 differ from the AAF 01/06?

The revised Control Objectives can be found in Appendix 1. These objectives are for businesses using custody, fiduciary management, fund accounting, investment management, investment administration, pension administration, private equity, property investment management, property investment administration, transfer agency and information technology. The term “Reporting Accountant” has been revised to “Service Auditor” and “control procedures” are now called “control activities” to be more in line with international standards.

The AAF 01/20 also provides helpful explanations on different types of assurance engagements (limited, Type 1, Type 2), key activities involved in preparing a report, how to identify reporting criteria/control objectives, and reporting on subservice organizations at governance and operational levels.

The AAF 01/20 is a technical release from the ICAEW Audit and Assurance Faculty. The ICAEW has regular seminars on assurance and IT, so it is worthwhile investing in joining the ICAEW Audit and Assurance Faculty and the ICAEW Tech Faculty to get access to the comprehensive and accessible packages of guidance and technical advice that they offer.

In similar fashion to AAF 01/06, the AAF 01/20 adheres to the framework for assurance engagements as set forth in the IIASB Assurance Framework and the International Standard on Assurance Engagements (ISAE 3000 (Revised) Assurance Engagements other than Audits or Reviews of Historical Financial Information, published by the IAASB). AAF 01/20 is also designed to be compatible with ISAE 3402 Assurance Reports on Controls at a Service Organization.

What are the objective of audit and assurance faculty?

The AAF control objectives have been updated to reflect current risks, as set out in the appendices of the updated guidance. Services organisations should review these closely, as they may result in significant changes to control activities.

The most amendments have been made to the IT section, with 10 footnotes providing additional guidance. Particular focus is given to documented role profiles that match system access privileges.The latest version of the policy includes sections on fiduciary management and property investment administration, with the section on hedge fund managers removed.

These sections outline the objectives for control and provide guidance for policy implementation. Additionally, new control objectives are added to the technical standards as guidance; however, these are merely suggestions and not mandatory requirements.

Sub Service provider

Approach 1

The service auditor must review the AAF report and identify any control activities that were outsourced to a sub-service provider. For any outsourced control activities not included in the report, the service entity must explain how they monitor the sub-service control activity, and outline what those activities are. The service auditor can then use this information to assess the risks associated with the outsourced control activities and determine whether any additional testing is necessary.

Method of curve out

In instances where the AAF report includes a summary of the work undertaken by a sub-service organization, but control objectives and control activities are not included and are not assessed by the service auditor, the auditor should state this in the report.

Inclusive method

When determining the appropriate approach, auditors will consider the type of assurance the user entity needs, any challenges around the inclusive method, and the degree of independence between the auditor and the sub-service provider. The availability of a type 1 or type 2 service audit report from the sub-service provider will also be a deciding factor.

Service auditor AAF reporting

The revised AAF standard includes new provisions regarding modifying the service auditor’s opinion, which can be classified as:

Unqualified: – The control activity being assessed may have no exceptions, minor exceptions, or a non-applicable rating due to limited scope.

Qualified: – In instances where there are material exceptions to the standard of control activity or where testing is limited, management must take appropriate corrective action.

Adverse opinion: – In places where there are many exceptions, it can be difficult to know what the rule is.

The ICAEW has provided a number of examples to illustrate best practices for qualification criteria. If a control has not been tested during the review period, the service auditor can include details of this in the report. The updated guidance also provides more specific reporting practices for operating effectiveness and exception reporting.

How can businesses take advantage of the AAF 01/20?

The AAF 01/20 report issued by the ICAEW will bring about significant changes for service organisations that routinely obtain such reports. The purpose of the AAF 01/20 is to establish a more consistent standard of reporting, with greater emphasis placed on management, and to enable easier comparisons between organisations providing similar services.

  1. Include or explain any omitted or modified control objectives to ensure complete understanding of the requirements.
  2. The Management Statement must be supported by evidence in order to be accepted.
  3. The “Front Half” of the document must include expanded information on the requirements for the project.
  4. Once the Service Auditor has commenced work, the scope of the report cannot be changed.
  5. The current article reflects changes in technology since 2006.
  6. Organizations that are part of this service require a management statement.

To wrap things up.

The purpose of this paper was to provide information on the new AAF 01/20 and how it replaces the AAF 01/06. As of January 2020, the updated version of AAF 01/06 is available, which includes Control Objectives for administrators, investment managers, and other data recording industry workers. Technical release AAF 01/20 replaces the old AAF 01/06 reporting for periods beginning on or after 1 July 2020.