In summary, IAASA’s risk-based approach to the selection of financial reports for examination considers the:
- risk of material misstatement in issuers’ financial reports; and
- potential impact of such a misstatement on the users of financial reports.
IAASA is committed to the application of ESMA standards and guidelines on enforcement of financial reporting. ESMA standards and guidelines require that selection methodologies must include risk-based methodologies. It is not, for example, permitted under ESMA standards and guidelines to adopt selection methodologies based purely on cycles or random selections.
IAASA has adopted a mixed model, whereby selections of issuers’ financial reports for examination is based on risk assessments, supplemented by cyclical and/or random selections (thereby ensuring that issuers that might not be selected as a consequence of a risk-based approach nevertheless stand to be selected for examination).
IAASA has determined that there are many risk factors, or combinations thereof, that should be considered in assessing the relative risk of an incidence of material misstatement in an issuer’s financial reports. These include, amongst others:
- financial structure and business/economic trends;
- financial position and ratios;
- industry specific issues;
- audit qualifications and related issues;
- corporate governance and control environment issues;
- incidence of related party transactions;
- incidence of business combinations and/or disposals;
- administrative, court and/or regulatory actions; and
- third party signals (e.g. complaints received by IAASA, media commentary, etc).
In assessing the potential impact of a material misstatement on the users of financial reports, the following are among the factors that are considered:
- share trading activity and volatility in stock price;
- market capitalisation;
- number and nature of investors;
- nature of securities traded; and
- public profile.
Where instances of non-compliance are identified in an issuer’s periodic financial report, the potential for that issuer’s subsequent periodic financial reports to be the subject of examination increases.
IAASA has entered into Moemoranda of Understanding (MoUs) with the Central Bank of Ireland and the Office of the Director of Corporate Enforcement (ODCE). From time to time, IAASA receives referrals from these and other parties. The receipt of a referral from another statutory body is treated as a risk factor and is, therefore, incorporated into IAASA’s risk assessment and selection processes.