Independent audits are valuable decision-making tools. But only if you follow through.
We explore how independent audits mitigate risk and build confidence. 7-minute read.
It’s become cliché to say, “the pandemic changed everything.” But bear with us. Because, when it comes to accounting, it really did.
In the early weeks of the pandemic, many businesses and nonprofits sent their employees home to work remotely.
Unfortunately, they couldn’t always send the software with them.
At the time, some organizations (particularly in the nonprofit sector) didn’t have cloud-based accounting software or online payment-processing platforms, even though the technology’s been available for years. They were doing everything locally, at the office.
And that worked well enough, in normal times. But, when COVID-19 hit, these organizations suddenly found themselves unable to perform basic financial functions – like paying bills and uploading invoices – on their home computers.
This led to makeshift solutions. Lacking proper digital platforms, many employees were actually driving across town or relying on snail mail to deliver important financial documents.
Obviously, that’s inefficient, inconvenient, unsecure, and seriously outdated. But it’s more than that. For nonprofits and many businesses, maintaining secure, detailed financial controls is critical—both for complying with state and federal regulations and for building confidence among stakeholders. If an organization doesn’t have the right controls and processes in place – and hand-delivering financial documents is not the right process – they could fall on the wrong side of stakeholders and government officials alike.
Outdated technology and vulnerable processes posed a serious risk to these organizations. And it was entirely avoidable.
Risk Management 101
The pandemic was a harsh lesson in risk management: By revealing fault lines in nearly every industry, it reminded us that today’s shortcuts, outmoded systems and poor processes become tomorrow’s problems.
In hindsight, organizations should have been using cloud-based financial software long before the pandemic. But hindsight is 20/20. It’s easy to ignore risk when it’s part of your day-to-day operations. Sometimes, it takes an emergency to reveal issues that could have been fixed long ago.
But are emergencies the only way to identify vulnerabilities?
Of course not. Even before the pandemic, many industries were beginning to place a greater emphasis on risk management. COVID-19 simply accelerated the process, reminding us that managing risk is more than just a sound business strategy—it’s essential to an organization’s survival.
So, how do we approach risk responsibly? How do we identify weaknesses in our organizations before they become threats? And, once we have this information, what should we do with it?
Let’s take a look at one tool that begins to answer those questions: the independent audit.
The audit itself isn’t anything new. In the past, it’s sometimes been overlooked as a chore—something that organizations only do when it’s required.
But, in the aftermath of COVID-19, as businesses and nonprofits focus on mitigating risk, the independent audit has emerged as a valuable decision-making tool to create stronger processes and controls, reduce risk, and build stakeholder confidence.
Let’s unpack that.
What is an independent audit?
In an independent audit, an auditor examines the financial side of your organization, including transactions, accounts, accounting practices, financial records, and internal controls.
Then, they create a report that includes recommendations for mitigating risk and improving your business’ processes and controls.
What happens during one?
Five things happen during (most) independent audits:
- The auditor thoroughly reviews financial and accounting records, checking for accuracy and completeness. They also determine whether records have been prepared in accordance with generally accepted principles, and whether your financial statements accurately represent your company’s finances.
- Not only does the auditor review your records; they also re-perform certain transactions and develop expectations to determine if they were made correctly.
- The auditor compares your organization to industry peers. By matching up your records with those of comparable organizations, they can pinpoint irregularities, which may be a sign of reporting issues.
- Once the audit is complete, your leadership team will have the opportunity to review the draft audit report, ask questions, and respond to the auditor’s recommendations. The final report will include the audit’s findings, including compliance issues and financial reporting discrepancies.
- Finally, many auditors prepare a letter for the organization’s management. This letter identifies recommended areas of improvement for the organization’s operations and procedures. At Dugan & Lopatka, our auditors leverage years of industry-specific experience to include best practices and benchmarking data in letters to management.
What are the benefits of an audit?
Some financial audits are required by law. However, many organizations receive independent audits anyway. Why? Because the results of an audit are an effective decision-making tool. An audit is a source of unbiased information about your company, revealing its strengths and weaknesses through the eyes of a financial expert.
Of course, the data you receive from an audit is only valuable if you use it. Here are four things you should do after your audit is performed:
- Improve your internal processes and controls. During the audit, an independent auditor will take a close look at your controls, processes, and procedures, identifying potential weaknesses and making recommendations. When you receive the results, work with your staff to implement the changes. (That may sound intuitive, but some organizations fail to follow-up. That’s a big missed opportunity.)
- Improve your risk-management strategies. Most people are familiar with the processes and controls side of auditing, but a major part of an auditor’s work is to identify financial and operational risks (both internal and external) and provide recommendations for mitigating them. At the end of your audit, you will receive a framework for implementing risk-mitigation strategies. It’s critical that you follow through with it, especially in today’s environment, where there’s a heavy emphasis on risk management.
- Use the audit to inspire and maintain trust. One of the greatest benefits of an audit is intangible; it’s the trust you build with your donors, board of directors, and other stakeholders. Think about it: Wouldn’t you rather do business with an organization that demonstrates their commitment to financial transparency and accountability?
- Thoroughly review your audit with your board and management. Obviously, donors don’t need to know every detail of your independent audit, but you should take the time to review the audit in-depth with your board and management. During the conversation, focus on follow-through: Discuss what needs to be improved and create a plan to implement the auditor’s recommendations.
Final thought: choosing the right auditor
We’ll leave you with one last tip: When you’re ready for an independent audit, find an auditor who understands your specific industry.
Not all independent audits are equal. For example, an expert with deep experience in nonprofits can produce better, more-informed recommendations because they understand the industry’s benchmarks and best practices. Knowledge is powerful.
At Dugan & Lopatka, our team has decades of experience in a variety of industries, from nonprofits to manufacturing. During audits, we bring our expertise to the table, producing insights that will help you not only fix problems, but improve your operations, mitigate risk, and help your organization prepare for the future.
Want to learn more about independent auditing from Dugan & Lopatka? Contact our team today.