PKF uses cookies to enhance your browsing experience and analyse site traffic. By continuing to browse our site, you consent to the use of cookies. For more information, please refer to our Privacy Policy

PKF South Africa

Lockdown and the impact on the entity’s internal controls

Home Publications COVID-19 Lockdown and the impact on the entity’s internal controls

Lockdown and the impact on the entity’s internal controls


2020-05-22

Lockdown and the impact on the entity’s internal controls

Lockdown and the impact on the entity’s internal controls

With the country slowly getting used to the new normal, many entities are accepting the reality that business as usual may not return in the foreseeable future. As many businesses enact crisis management and business recovery plans, they are caught in deciding on whether to divert financial reporting and internal control efforts toward more operational matters. Although this might appear to be a quick fix, the consequences of a weak control environment could have a negative impact. If historical financial crises of our generation have taught us anything, it is that a breakdown of controls will only create opportunities for fraud and misappropriation of assets.

Many businesses have also been forced to embrace technology to support their remote working during the national lockdown and continue to be forced to do so. Undoubtably, whilst not intentionally, operating in this landscape would have changed the internal control environment during this period. The changes and adaptions you make to your business’s internal control environment influences the auditor’s approach and the information that you would be required to provide.

The auditing standards require the auditor to obtain an understanding of the internal control environment and assess those controls relevant to the preparation of the financial statements. All internal controls that the audit team identifies, and possibly relies on, has the end goal of providing the entity with financial information that is not materially misstated.

This means that even if the entity’s year-end was before the COVID-19 pandemic was declared a national disaster but the financial statements have not been signed by that date, the internal controls pertaining to the preparation of the financial statements, including controls over journal entries, may still have changed. In order to assist the auditor’s ability to obtain an understanding of your internal controls, as well as evaluate the controls in order to determine whether reliance will be placed on those controls or not, you will be required to:

  1. Identify all internal controls that were changed since the start of lockdown. Specifically:
    1. Any internal controls that replaced existing internal controls and the extent of those replacements.
    2. Changes or amendments to existing internal controls as a result of lockdown.
    3. Details of controls that were suspended during the initial lockdown period but have since become effective again.
    4. The process followed by the entity to identify controls that required changes or amendments as well as the persons involved in those changes or affected by those changes. It is also recommended that if there were significant changes to internal controls, a flowchart should be provided to the auditors which details the changes.
    5. List of controls that were overridden during the various stages of the lockdown period.
  1.  
  2. Details of how the entity is monitoring compliance with controls, as well as any supporting evidence, such as weekly exception reports.

In addition, the entity’s reliance on its IT environment would likely have increased since the start of lockdown. Therefore, consider the following when discussing your IT environment with your auditor:

  1. Whether the manner in which you use your software or platform(s) changed as a result of lockdown.
  2. Whether you have requested any custom changes to your software or platform(s) as well as the extent of its tailoring.
  3. Whether you have increased your IT technical support function.
  4. What costs you incurred to ensure that majority of your staff are able to work remotely (if applicable).
  5. Changes to the communication and approval channels in your software or platform(s) as a result of remote working.
  6. The manner in which supporting documentation is now stored since employees are working from home.

We are amid a global pandemic that none of us have experienced before. Whilst it may seem daunting, it also provides entities with the opportunity to rethink the way they do business as well as the control environment in which they operate. Entities now have the chance to critically review their controls and determine whether existing controls do in fact prevent and detect misstatements or errors in the financial reporting process. Ensuring early and ongoing discussions with the auditors avoids surprises later in the year.


Your PKF partner is always a phone call (or Zoom call) away to help you relook at your business and its internal controls.
Written by:

Minette van der Merwe CA(SA)
Head of Technical
PKF South Africa

If you are interested in pursuing any of these further, please contact your PKF Partner or member firm for assistance.