AG-3

The Approach to Issues Arising from section 16(1) of the Public Audit Act 2001

Introduction

Scope of this Standard

This Auditor-General’s Auditing Standard establishes the Auditor-General’s requirements for Appointed Auditors, when carrying out an annual audit of a public entity, to be alert for, and report to the OAG, any issues or risks that might trigger concerns for the Auditor-General under section 16(1) of the Public Audit Act 2001, even if those issues and risks might not have a direct effect on the entity’s financial statements or reported performance information. This Auditing Standard also requires Appointed Auditors, when carrying out an annual audit of a public entity, to carry out specific audit procedures in relation to sensitive expenditure.

Background

Under section 16(1) of the Public Audit Act 2001, the Auditor-General may at any time examine:
1. the extent to which a public entity is carrying out its activities effectively and efficiently;¹
2. a public entity’s compliance with its statutory obligations;²
3. any act or omission of a public entity, in order to determine whether waste has resulted or may have resulted or may result; or
4. any act or omission showing or appearing to show a lack of probity or financial prudence by a public entity, or one or more of its members, office holders, and employees.
Because the Auditor-General has a particular interest, under section 16(1)(d), in ensuring that public entities have proper policies and processes in place to manage and control sensitive expenditure and expenditure incurred by certain personnel in senior management or governance roles, this Standard also requires Appointed Auditors, when carrying out an annual audit of a public entity, to:
1. carry out specific audit procedures in relation to sensitive expenditure;
2. examine the expenditure of the chairperson and chief executive each year; and
3. examine the expenditure of other members of key management personnel on a rotational basis.
In meeting the requirements of this Standard, Appointed Auditors are expected to be aware of, and sensitive to:
1. the fact that annual audits carried out on behalf of the Auditor-General are broader engagements than audits that are carried out only under international auditing standards;
2. the Auditor-General’s constitutional position as an officer of Parliament; and
3. the expectations Parliament has of the Auditor-General as expressed through the Public Audit Act 2001 – in particular, section 16 of that Act.

Application

Compliance with this Standard is mandatory for Appointed Auditors who carry out annual audits on behalf of the Auditor-General.
This Statement applies to audits of financial statements and/or performance information that have been prepared for reporting periods beginning on or after 1 April 2023, although earlier application is encouraged.

Objectives

The objectives of the Appointed Auditor, in carrying out the annual audit, are to:
1. be aware of the provisions of section 16(1) of the Public Audit Act 2001;
2. remain alert for any issues and risks that might trigger concerns for the Auditor-General under section 16(1) of the Public Audit Act 2001;
3. plan for, and audit, sensitive expenditure, including examining the expenditure of the chairperson and chief executive of each public entity each year, and other members of key management personnel on a rotational basis; and
4. report in an appropriate manner on any matters identified in (a) to (c) above.

Definitions

For the purpose of this Auditor-General’s Auditing Statement, the defined terms listed below have the following meanings:

Appointed Auditor: means the person or persons appointed by the Auditor-General to carry out the annual audit or other engagement on behalf of the Auditor-General, and who are supported by other members of the audit team. Where an Auditor-General’s Statement or Standard expressly intends that a requirement be fulfilled by the Appointed Auditor personally, the requirement will indicate that the Appointed Auditor shall personally satisfy the requirement.
Section 16(1) issues: means the issues the Auditor-General may examine under section 16(1) of the Public Audit Act 2001.
Sensitive expenditure: means expenditure by a public entity that provides, has the potential to provide, or has the perceived potential to provide a private benefit to an individual staff member of a public entity that is additional to the business benefit to the entity of the expenditure. It includes expenditure by a public entity that could be considered unusual for the entity’s purpose and/or functions.

Requirements

Issues arising from Section 16(1) of the Public Audit Act 2001

General requirements

When carrying out the annual audit of the financial statements and performance information of a public entity, the Appointed Auditor shall:
1. be aware of the provisions of section 16(1) of the Public Audit Act 2001;³ and
2. remain alert for any issues that might trigger concerns for the Auditor-General in relation to those provisions, even if those issues would not necessarily have any direct effect on the public entity’s financial statements or performance information (Ref: Paras. A1-A4 ).⁴
In determining the type of issues Appointed Auditors might need to be alert to under section 16(1) and whether those issues are significant enough to warrant the attention of the Auditor-General, the Appointed Auditor shall:
1. have regard to any guidance provided by the OAG in this Standard and the relevant audit brief;
2. comply with any specific requirements imposed by the OAG in the relevant audit brief; and
3. use their knowledge of the public entity and sector, and their own professional judgement.

Development of audit strategy and audit plan

The Appointed Auditor shall outline how they are going to meet the requirements contained in paragraphs 9 and 10 above in their overall audit strategy and audit plan in accordance with AG ISA (NZ) 300 (Ref: Paras. A1-A3 ).

Reporting potential issues arising under section 16(1)

The Appointed Auditor shall immediately advise the OAG if they identify any issues arising under section 16(1) during the annual audit, in meeting the general requirements of paragraph 9 in this standard, even if the Appointed Auditor may not have specific evidence of wrongdoing. The Appointed Auditor shall then decide, in consultation with the OAG, what further steps shall be taken, if any, to address the issue (ref: para. A5-A6).
As part of advising the OAG in paragraph 12 above, the Appointed Auditor, in consultation with the OAG, shall determine the appropriate external reporting action to be taken. External reporting actions may include:
1. reporting in the audit report;
2. reporting to management or those charged with governance in the management letter; and/or
3. reporting to another party (Ref: Paras. A5-A6 ).
In addition to the requirement in paragraph 12 above, the Appointed Auditor shall formally report to the OAG on all issues arising under section 16(1) identified during the annual audit, as part of reporting the results of the annual audit.

Sensitive expenditure

General requirements

The Appointed Auditor shall follow any directions that are issued by the OAG in the relevant audit brief or other guidance documents to audit specific areas or types of sensitive expenditure.
Where no specific directions have been issued in relation to a particular public entity or sector, the Appointed Auditor shall apply their judgement in determining what sensitive expenditure is to be examined, having regard to:
1. any relevant good practice guides or similar material published by the Auditor-General; and
2. the Appointed Auditor’s own knowledge and understanding of the public entity and its legal and operating environment, including its internal controls.
In meeting the requirements of paragraph 15 and 16 above, the Appointed Auditor shall obtain an understanding of:
1. whether senior management and those charged with governance are aware of any relevant good practice guides or similar material published by the Auditor-General;
2. the attitude of senior management and those charged with governance towards incurring and accounting for sensitive expenditure;
3. whether steps have been taken to educate relevant staff about the risks and concerns that sensitive expenditure might give rise to and the policies and controls that apply to it;
4. the systems and processes used for initiating, authorising, recording, and reporting sensitive expenditure; and
5. how senior management and those charged with governance maintain oversight of sensitive expenditure that is incurred.
In meeting the requirements of paragraphs 15 and 16 above, the Appointed Auditor shall assess the public entity’s policies against current good practice and evaluate whether the public entity has complied with its policies, and whether the expenditure:
1. has a justifiable business purpose;
2. preserves impartiality;
3. has been made with integrity;
4. is moderate and conservative, having regard to the circumstances;
5. has been made transparently; and
6. is appropriate in all respects. (Ref: Paras. A7-A8 )
The Appointed Auditor shall take into account the results of any external reviews, such as those carried out by a central government agency, or a consideration of any risk factors notified by the OAG.

Audit procedures

The Appointed Auditor shall ensure that their overall audit strategy and audit plan clearly document the types of sensitive expenditure to be examined and the nature, timing, and extent of the audit testing to be carried out (Ref: Paras. A7-A8 ).
In determining the extent of audit testing to be carried out, in order to meet the requirements of paragraphs 15 and 16 above, the Appointed Auditor shall ensure they review the nature, scale, and type of sensitive expenditure that is incurred by senior management. At a minimum this testing should be completed for the Chairperson and Chief Executive of the entity each year, and for other members of key management personnel on a rotational basis based on the Appointed Auditors assessment of the risk that this expenditure could be being misused or incurred for personal benefit.
In meeting the requirements of paragraphs 15 to 21 of this Standard, the Appointed Auditor shall carry out substantive testing of a sample of sensitive expenditure that is appropriate to the risks they have identified and proportionate to:
1. the purpose and nature of the public entity, and
2. the types and extent of sensitive expenditure that has been incurred.

Reporting issues of sensitive expenditure

If the Appointed Auditor identifies concerns over sensitive expenditure, including examples of unusual expenditure, they shall immediately advise the OAG, even if the Appointed Auditor does not, or may not have specific evidence of wrongdoing. As part of advising the OAG, the Appointed Auditor shall specifically consider whether the sensitive expenditure should be publicly reported in the audit report.
If the issue raises the possibility that a fraud has been committed, the Appointed Auditor shall follow the specific requirements and guidance in AG ISA (NZ) 240: The auditor’s responsibilities relating to fraud in an annual audit.
The Appointed Auditor shall report separately on sensitive expenditure issues, including any assessments made as to the appropriateness of the public entity’s policies and where deficiencies were noted in those policies that were identified during the annual audit:
1. to the OAG, normally as part of reporting the results of the annual audit; and
2. to management or those charged with governance in the management letter (Ref: Para A9).

Separate engagements on section 16(1) issues

A public entity or another party may request an Audit Service Provider to carry out a separate engagement on section 16(1) issues. Where there is possible media or political interest in the engagement subject matter or the matter is generally of a sensitive nature, the Audit Service Provider shall consult with the relevant OAG sector manager before accepting the engagement or finalising the terms of reference. Audit Service Providers should refer to the Auditor-General’s Code of Ethics for further guidance on the acceptance and reporting of engagements of this nature.

Application and other explanatory material

Issues arising from Section 16(1) of the Public Audit Act 2001

General requirements (Ref: Para. 9)

A1	When applying this Standard, Appointed Auditors should note any guidance and comply with any specific requirements in the relevant audit brief in relation to section 16(1) issues.
A2	In the absence of guidance or specific instructions, Appointed Auditors will need to use their own judgement and knowledge of the entity and sector in determining which areas they might need to focus on and which issues and risks are serious enough to warrant referral to the OAG. By way of general guidance, the Auditor-General has an interest in ensuring public entities meet legal and good practice in the following areas, even if non-compliance would not have a direct impact on a public entity’s financial statements or reported performance information: any restrictions on the scope of a public entity’s powers or functions, such as limitations on the type of activities the public entity is permitted to undertake; any requirements relating to the control or management of public money, such as controls with respect to borrowing, lending, investing, or banking; any restrictions on a public entity’s power to give a guarantee or indemnity; any requirements or restrictions with regard to raising revenue; any requirements or restrictions with regard to charging fees for goods or services; any requirements with respect to the management of conflicts of interests, such as those found in the Crown Entities Act 2004, Companies Act 1993, or Local Authorities (Members’ Interests) Act 1968; any requirements with regards to the payment of fees or expenses to an officer or employee; any requirements with regards to the disclosure of payments to an officer or employee; any requirements on a public entity to meet a reporting deadline; any requirements for a public entity to maintain proper records; and any requirements with regard to good procurement practice.
A3	In assessing whether an entity has complied with good practice requirements in relation to the matters identified in paragraph A2, Appointed Auditors should be aware of, and familiar with, any “good practice guides” that may be issued by the Auditor-General and use these to guide their judgement as to the issues and risks the OAG needs to be alerted to.
A4	In addition to the Auditor-General’s good practice guidance, other standards of conduct that have substantive authority in New Zealand for various aspects of public entity behaviour could include: State Services Commission publications, including codes of conduct or board appointment and induction guidelines; the ethical standards and guidelines of professional bodies, as relevant; any government policy statements on behaviour, such as the Cabinet Manual or Cabinet Office Circulars; or The Government Rules of Sourcing and any associated good practice guides issued by MBIE with regard to procurement.

Reporting (Ref: Paras. 12-14)

One aspect of advising and/or consulting with the OAG will be about whether it is appropriate to report a section 16(1) issue in the audit report and, if so, whether to include an emphasis of matter or other matter paragraph in the audit report.

If a significant issue is identified, the following steps should be taken:

brief the Assistant Auditor-General – Parliamentary Group or the Assistant Auditor-General – Local Government Group immediately on any significant section 16(1) issues; and
agree with the Assistant Auditor-General – Parliamentary Group or the Assistant Auditor-General – Local Government Group the next steps (if any) to be taken. The next steps might involve the Appointed Auditor preparing a submission to the Auditor-General’s Opinions Review Committee.

Sensitive expenditure

General requirements (Ref: Paras. 15-19 )

As part of developing the audit strategy and audit plan, the Appointed Auditor needs to understand the purpose of the public entity and the likely extent to which sensitive expenditure may be incurred to achieve its purpose. Such an understanding will assist the Appointed Auditor in determining the nature, timing, and extent of audit procedures to be carried out. The Appointed Auditor should also consider the appropriateness of the public entity’s sensitive expenditure policies as part of sensitive expenditure testing.

There are a number of areas of spending that are likely to generate significant interest with stakeholders and other interested parties because of their sensitive nature. The Appointed Auditor is expected to have a high-level understanding of the overall expenditure of each of these areas and of the likelihood of impropriety, including the risk that senior management or those charged with governance may use their roles to approve expenditure that may benefit them personally. Sensitive expenditure may include:

board and senior management pay, travel, and expenses;
entertainment or similar costs incurred to facilitate the management of large contracts;
tendering processes used for large dollar value purchases;
payments to or from related parties; and
payments to or from other countries, particularly those with a history of different ethical standards or where bribery is more prevalent.

Reporting issues of sensitive expenditure (Ref: Para. 25)

If the sensitive expenditure issue reasonably falls within the scope of the annual audit, further action might involve:

pursuing the issue within the existing audit engagement agreement;
obtaining agreement with the public entity for both the performance and funding of a specific extension of the audit scope; or
obtaining approval from the OAG for undertaking and funding the extension of the audit scope.

1: This provision is subject to certain limitations. See paragraph 9.

2: AG ISA (NZ) 250 contains requirements to consider specific types of laws and regulations as part of the annual audit, in addition to the requirements contained in this standard in respect of a public entity’s compliance with its statutory obligations.

3: Section 16(1)(a) of the Public Audit Act 2001 limits the Auditor-General’s ability to examine matters relating to effectiveness and efficiency. Specifically, section 16(1)(a) is limited to the extent to which activities are being carried out effectively and efficiently in a manner consistent with an applicable government or local authority policy. The Auditor-General is not permitted to examine an applicable policy.

4: Except in relation to the matters identified in paragraphs 15 to 25, this Standard does not, in itself, require Appointed Auditors to carry out procedures or provide assurance in addition to the assurance they would ordinarily carry in the course of an annual audit of an entity’s financial statements and performance information. However, the Auditor-General may require Appointed Auditors to consider specific matters or carry out specific procedures in relation to section 16 for a particular public entity or sector in the relevant audit brief. This Standard must therefore be read in conjunction with the relevant audit brief.

Introduction

Scope of this Standard

Background

Application

Objectives

Definitions

Requirements

Issues arising from Section 16(1) of the Public Audit Act 2001

General requirements

Development of audit strategy and audit plan

Reporting potential issues arising under section 16(1)

Sensitive expenditure

General requirements

Audit procedures

Reporting issues of sensitive expenditure

Separate engagements on section 16(1) issues

Application and other explanatory material

Issues arising from Section 16(1) of the Public Audit Act 2001

General requirements (Ref: Para. 9)

Reporting (Ref: Paras. 12-14)

Sensitive expenditure

General requirements (Ref: Paras. 15-19)

Reporting issues of sensitive expenditure (Ref: Para. 25)

General requirements (Ref: Paras. 15-19 )