Auditing the Compliance Plan
Who May Audit the Compliance Plan?
In accordance with section 601HG(1) of the Act, the responsible entity of a registered scheme is required to ensure that at all times a registered company auditor, an audit firm or an authorised audit company is engaged to audit compliance with the scheme’s compliance plan. Section 601HG(2) inter alia prohibits the auditor of the responsible entity’s financial report from also acting as the auditor of the compliance plan. However, section 601HG(2A) allows another auditor from the same firm or company to undertake the compliance plan audit of a scheme managed by the responsible entity. Furthermore, there is no prohibition on the compliance plan auditor from also performing the statutory audit of the scheme’s financial report.
Agreeing on the Terms of the Audit Engagement with the Responsible Entity
ASAE 3100 requires the auditor of the compliance plan to agree on the terms of the compliance plan audit engagement with the responsible entity, which are required to be recorded in writing by the auditor and forwarded to the responsible entity. Such terms may be outlined in an audit engagement letter. The auditor has regard to the requirements of ASAE 3100 relevant on agreeing the terms of the assurance engagement and applies those requirements when agreeing on the terms of a compliance plan audit engagement.
Or other suitable form of audit contract.
The procedures for agreeing the terms of an engagement relevant to a financial report audit engagement are contained in ASA 210 Terms of Audit Engagements, and may be helpful in determining procedures for agreeing the terms of an engagement applicable to a compliance plan audit engagement.
Other than matters covered by ASAE 3100, the engagement letter may also outline arrangements for liaison with the responsible entity’s compliance committee (if applicable), other compliance advisors, and other auditors, including the auditor of the responsible entity’s financial report and the auditor of the scheme’s financial report.
The compliance plan auditor may also use the engagement letter to clarify the respective roles of the responsible entity’s directors and the auditor, by contrasting the respective statutory responsibilities of the responsible entity and the compliance plan auditor under Part 5C.4 of the Act. In particular, it is important to highlight in the engagement letter the responsible entity’s obligation to establish and maintain an adequate compliance plan and have in place adequate measures and structures to ensure compliance with the Act and the scheme’s constitution. The auditor obtains acknowledgment of this obligation from the directors of the responsible entity when obtaining agreement on the terms of the compliance plan audit engagement. An example engagement letter illustrating such agreement is provided in Appendix 1 to this Guidance Statement.