This paper aims at improving audit practices, at least, for our national audit practitioners. Such possibilities are discussed as case study regarding an audit of a public entity as a related party (relationship & transactions) with a private company. This reveals a fraud risk by periodical re-negotiating of significant contracts combined with internal controls deficiency. In order to avoid and remove such bad practices, the Romanian financial auditors, fraud examiners, taxation consultants and even legal advisers, need rigorous learning and professional development and adequate evaluation frameworks, combining in a competent responsible manner quantitative and qualitative evaluation made by a peer-review schema. Exclusive quantitative approaches are not adequate for a correct evaluation. An efficient evaluation must involve human specialists, including financial auditor’s colleagues. The results for entire professional body may result in higher quality judgments and a good assimilation; not only good practice international standards, but even entire experience of practitioners in this field was recommended. Emphasizing of professional skepticism arises with enough experience.
We shall begin with a general encouragement about Romania: IMF officials made a brief characterization1: Romania is both undeniably unique, yet also profoundly European. As part of the European family, as part of the global community, Romania can go from strength to strength. Hence, after twenty five years of intense economic reforms in Romania and after last financial downturn,
we still find ourselves in a world of a relative uncertainty. In accounting and audit field, we are still looking for the form and the way of international accounting convergence impact on the systems of Romanian corporate governance (Elena Dobre, 2012) [
This case study represents in fact a forensic accounting personal work of first author. This case study reflects the image of delegated management in a public entity charged with central heating public service, turned in private company and delegated management became a kind of partnership. A key document was the contract of management in central heating supply which provides in fact, adjusting the price or tariff to cost of Gcal (gigacalory), that adjustment resources to requirements and demands not correlation the requirements and demands with resources according specific regulation2. Also, public utilities services are defined by aggregate utility and general public interest3, carried to the villages, towns, cities or counties under the direction, coordination and responsibility of local governments, in order to meet requirements of local communities. In our case study, implementation and enforcement of management delegation contract ought to consider the specific provisions of the specific regulations4 which establishes the legal framework for the establishment, organization, management, regulation, financing, monitoring and controlling the functioning of public services supply thermal/heating energy produced centrally, to the communes, towns and municipalities. These kind of services are established, organized and operated under several principles, including: local autonomy; decentralization of public services; responsibility towards users; ensure the quality and continuity of services; efficient management of public property or private administrative-territorial units, related; promoting public-private partnership; correlation requirements on resources; environmental protection and sustainable development; ensuring public health and quality of life.
All these principles are focusing on permanently growth of standards regarding health and quality of life population in local communities. The right of health protection represents one of the primary tasks of modern state5.
The risks context of the relationship & transactions between the two entities is done by the public requests: for local heating suppliers is mandatory to setting safety fuel stocks for the winter season. In this case this mandatory condition was not accomplished cause periodical re-negotiating of significant contracts with single fuel supplier which was in the same time affiliate party. There are two simultaneous and linked economic advantages: one is about price of specific fuel named calor and other hand is about receiving dividend from the same source. This is the picture of risky nature of relationship & transactions.
- Municipality Public Administration;
- SC CT SA―central heating supplier established under public utilities services rules and under a delegated management contract;
- SC RR SA―oil fuel supplier established under Romanian Companies Act6;
- SC R SRL―related party 1 with oil fuel supplier;
- C&C WM―related party 2 with oil fuel supplier.
Questions raised by the legal authorities in this case were about: a) legal objects activity; b) public services delegated management regime; d) kind and nature of relationship existing between involved parties.
Forensic accounting work ordered revealed the risks of defection management and certain indications of fraud. Periodical re-negotiating of significant contracts with related parties and internal controls deficiency designed risk profile. Minimal auditing procedures like general inherent risk identification and materiality threshold would be minimal weapons to prevent rising of public funds from a public entity towards a private company.
The moral of the case study is economics considerations over legal considerations prevalence (substance over form) by applying principle of correlating demands with resources, not upside-down. In this case, a vicious circle was created: fuel price increase involved heating agent tariff of Gcal and this growth was transferred on municipality budget and population expenses with heating in
winter season. In order to avoid and remove such bad practices, the Romanian local public administration need develop good practices of public acquisition of delegated management contracts. On the other hand, internal auditing and external auditing would do mitigate risks if auditors use not only formal procedures instead holistic approach and professional skepticism.
Speaking about need prevention we can reveal after the role of internal audit, the role of external auditors in public entities. For external audit mission is relevant the framework7 prescribed by International Standards Audit about risk assessment procedures and related activities. Before this endeavor we need remember that a business means an integrated set of organized and managed activities and assets aimed to obtain profits with lower costs or other benefits for investors, owners or other participants. In fact, public entities are business entities. An entity needed inputs, processes, and outputs to qualify as a business but an entity no longer needs to have outputs or to be self-sustaining to qualify as a busines8. The business combinations provide potential risks and in the same time equal opportunities.
Performance of risk assessment procedures aims to provide a basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels. Hence, risk assessment procedures by themselves do not provide sufficient appropriate audit evidence on which to base the audit opinion the likelihood and impacts of risks are valuable for management analysis and internal controls.
Best practice in this field and practitioners’ appreciations9 show that the risk assessment procedures should include at least:
(a) Inquiries of management and of others within the entity who in the auditor’s judgment may have information that is likely to assist in identifying risks of material misstatement due to fraud or error. However, we may also obtain information, or a different perspective in identifying risks of material misstatement, through inquiries of others within the entity and other employees with different levels of authority.
(b) Analytical procedures: the analytical procedures performed as risk assessment procedures may identify aspects of the entity of which anyone was unaware and may assist in assessing the risk of material misstatement in order to provide a basis for designing and implementing responses to the assessed risks. Analytical procedures performed as risk assessment procedures may include both financial and non-financial information, for example, the relationship between related parties by equity regarding transfer price level according length- arms principle.
(c)Observation and inspection: the observation and inspection procedures may support inquiries of management and others, and may also provide information about the entity and its environment. Examples of such audit procedures include observation or inspection of the following: (i) the entity’s operations, (ii) documents (such as business plans and strategies), records, and internal control manuals, (iii) reports prepared by management (such as quarterly management reports and interim financial statements) and those charged with governance (such as minutes of board of directors’ meetings), (iv) the entity’s premises and plant facilities.
(d) Observation of changes in the control environment may affect the relevance of information obtained in the prior year. To determine whether such changes have occurred that may affect the relevance of such information the auditor may make inquiries and perform other appropriate audit procedures, such as walk-through of relevant systems.
Any previous experience with the entity and audit procedures performed in previous audits may provide information about such matters as:
(i) Past misstatements and whether they were corrected on a timely basis;
(ii) The nature of the entity and its environment, and the entity’s internal control (including deficiencies in internal control);
(iii) Significant changes that the entity or its operations may have undergone since the prior financial period, which may assist the auditor in gaining a sufficient understanding of the entity to identify and assess risks of material misstatement.
Understanding step by step the entity and its environment, including Internal Control as financial audit good practices10, may be presented as below:
・ Industry Regulatory framework as well as accounting policies
・ Nature of Entity and its Environment
・ Objectives and strategies and related business risks
・ Measurement and review of Financial performance
・ Control Environment: Governance and management ethical and communication/implementation thereof
・ Entity risks assessment process: Identifying risks procedures
・ The information system, related business processes: Record, Process, Review
・ Control Activities: General vs. applications controls; Manual vs. Automated; Performance reviews; Information processing; Physical controls; Segregation of duties; High level authorization non routine items.
・ Monitoring of controls
All these procedures may be both useful in risk insolvency and financial crisis of administrative units, recent legal normalized in Romanian economy11.
The case study reveals that internal control weaknesses and poor management gave the chance of fraud like periodical re-negotiating of fuel contract with related parties represent and the revelation of the case study is economic considerations over legal considerations prevalence by applying principle of correlating demands with resources, not upside-down. This case study reveals a fraud risk by periodical re-negotiating of significant contracts and internal controls deficiency. In order to avoid and remove such bad practices, the Romanian financial auditors, fraud examiners, taxation consultants and even legal advisers, need rigorous learning and professional development and adequate evaluation frameworks, combining in a competent responsible manner quantitative and qualitative evaluation made by a peer-review schema. Exclusive quantitative approaches are not adequate for a correct evaluation. An efficient evaluation must involve specialists, including financial auditors. The results for entire professional body could be improved professional judgment quality and a good assimilation. This results not only from good practice international standards, but most importantly from the entire experience of practitioners in this field was recommended. We believe that emphasizing of professional skepticism arises only after experiencing enough.
The internal audit profession differs significantly within Europe in terms of profile of internal auditors, characteristics of the internal audit function, staffing, compliance to the IIA Standards and internal audit activities (Maria-Mirela Dobre, 2010) [
Related parties transactions should be one of the most important objectives of auditing (internal and external). External audit is the last frontier of risks detection and there are great expectations from auditors. They should be “innovative to provide information and opinions about business pattern” (Roger Acton, 2012) [
Dobre, E. (2017) Risks of Related Parties in Transition Eco- nomy―An Audit Approach. Open Journal of Accounting, 6, 95-101. https://doi.org/10.4236/ojacct.2017.63008