The External Audit
An external audit, often referred to as a statutory audit, is required by law in many countries for all but the smallest of companies. In the US and the EU it will be carried out by a Registered Auditor (normally a third party accounting firm that is independent of the auditee organisation) who provides a report to the owners of the company, printed as part of the company's annual financial statements showing the auditor's opinion on whether those financial statements are broadly “true and fair”. The external audit is therefore an essential governance control. As we saw in Chapter 5, it is a central component of good corporate governance.
Set out below are some of the key features of the external audit.
When I was working for Touche Ross in the audit department in London in the 1980s, my accountancy institute (the Institute of Chartered Accountants in England and Wales) had a very simple definition of an external audit as follows:
The independent examination of, and expression of an opinion on, the financial statements of an enterprise.
There have been many changes in the auditing world since then. The Auditing Practices Board now sets standards and best practices in the UK. It gives the following statement, very relevant to the fraud question, as part of its overview of the Scope of an Audit of Financial Statements of Private Sector Entities issued in December 2010:
An audit involves obtaining evidence about the amounts and disclosures ...