Service Organisations

If a service organisation is used by the SMSF, the auditor cannot merely rely on the type 2 report on controls as evidence of the SMSF’s compliance with the SISA and SISR (refer paragraph 25). The auditor performs additional procedures necessary to conclude on the SMSF’s compliance with the SISA and SISR, for example, reviewing cash transaction accounts to conclude on compliance with the borrowing requirements of the SISA. To address the other compliance requirements, the auditor requests the service organisation to confirm that the compliance obligations have been met, for example, confirmation that:

1. the assets are held by the fund trustee, in trust for the fund;
2. none of the investments were acquired from a related party or, if acquired from a related party, that the acquisition was completed at market value and is a permitted acquisition; or
3. to the knowledge of the service provider, none of the investments held is pledged as security.

It may be impossible or impractical to obtain sufficient appropriate audit evidence of compliance with respect to the services provided, in which case either the auditor qualifies their opinion on the basis of a limitation of scope or issues a disclaimer of opinion.

Subsequent Events

The auditor considers the effect of subsequent events on the auditor’s compliance report occurring up to the date the report is signed. If a material compliance breach has occurred after year end and the breach indicates a systemic issue with potential to impact the reporting period, it may result in modifications to the compliance report.