In recent years, data feeds have completely changed the way auditors work. The days of manually entering transactions via journal entries have been replaced with a new process – matching transactions on an exceptions basis for those which cannot be automatically allocated.
Data feeds are now the linchpin of any cloud-based accounting platform, automating processes like data entry and reconciliation of transactions. This saves time, reduces the risk of errors and improves productivity in self-managed super fund (SMSF) accounting and auditing.
Further, the July 2018 introduction of an event-based reporting (EBR) framework for SMSFs by the Australian Tax Office (ATO) makes us wonder how accountants not using cloud-based software and data feeds are able to meet their real-time reporting obligations. It is safe to say that data feeds have become the driving force in efficient SMSF administration.
How is the audit data accessed?
The customer owns their own audit data, so they must consent in writing for information to be transferred from the source provider to a third party. This is still a manual form filling process. SMSF software providers normally go straight to the source of the data houses, but there are data aggregators which can also provide access to SMSF data feeds.
Who is responsible for audit data security?
Service providers are responsible for the safe electronic storage and transmission of customer data. The Privacy Amendment Act 2012 deals with the security of personal information and requires organisations (individuals, bodies corporate and partnerships) to abide by certain rules when managing individuals' data.
To better protect data security, you should implement a cybersecurity plan that addresses:
- Risk mitigation and response policies.
- Breach identification frameworks.
- Strategies for reporting thresholds and informing clients of issues.
A cyber-incident response plan needs to be tested against industry best-practice and your own internal business objectives. A cyber insurance policy provides further peace of mind for your operations.
How reliable is a data feed?
Once you have received data from your software provider, you need to check how reliable the recorded transactions really are. Data quality defined by completeness and accuracy should be the number one goal for any end-user.
A common term used by data aggregators for direct data feeds is 'accounting-grade data'. This means users can rely on data without needing to check paper-based statements issued from the source. ASAE 3402 is an Auditing and Assurance Standards Board regulation that provides users of data-fed transactions and balances with reasonable assurance that the necessary controls are in place to provide quality data feeds.
What do data feeds mean for SMSF auditors?
Cloud-based SMSF audit software is an intermediary to receiving data feeds from the SMSF accounting software packages. Further, not all SMSF audit software providers ingest the whole accounting software data file, which means that they don't capture every transaction record. However, it's crucial to gain an audit sample from a full set of data-fed transactions, making this an issue to address with your SMSF audit software provider.
Many auditors have moved away from using hybrid checklists and now embrace varying degrees of automation offered by the major SMSF audit software platforms. In doing so, they are becoming over-reliant on data-fed transactions being entirely accurate without the appropriate checks.
With an ASAE 3402 type 2 report, SMSF auditors should be able to substantially reduce the amount of manual testing required for balances and transactions. Ultimately though, with or without this document, accountants and auditors need to decide on their own method for checking data reliability and ensure that there are systems in place to verify that reliability.
Automation in SMSF audit software is the key to making the super audit process more efficient. Because of that, further automation is coming. As more exceptions reporting is developed, SMSF auditors will use this information to move away from doing full-scale audits to simply reviewing results and proving value-added insights. This change will fundamentally shift how our industry works.
However, it will be many years before any SMSF audit software can fully replace human skill and judgement, making specialist insight pivotal to current audits. The proof of this is in the new risk landscape that has arisen from the recent litigation against super auditors. These changes have had an alarming effect on how we approach each audit individually.
Evolv: Your audit partners
Now is the time for SMSF auditors to review their software, their audit approach and their business model. Failing to continuously improve means failing to remain competitive. Evolv Super has developed custom-built solutions for SMSF auditors, matching the needs of any audit or operational requirements. By working together, we can solve your resourcing and software needs. Get in touch with the Evolv team today to start a discussion about planning how you can future-proof yourself as an SMSF auditor.