Considerations of law and regulations in audit (ISA 250):

There are various laws and regulations that govern the entity being audited and entity is expected to
follow those laws and regulations. Some entities operate in heavily regulated industries like banks and
chemical companies. Non-compliance of such laws and regulations results in financial consequences to
the entities like fines, penalties. So the auditor is required to perform audit procedures to evaluate and
report the result of non-compliance.
Responsibility of management:
This is managements responsibility to operate the entity according to laws and regulations and prevent
and detect the non-compliance. Management should do followings:

Procedures should be designed to ensure compliance.

Appropriate internal control system should be established.

Training of employees.

A code of conduct should be designed.

Monitoring compliance with code of conduct.

Engaging legal advisor.

Auditors consideration of compliance with laws and regulations :

Auditor is not responsible for prevention and detection of non-compliance with laws and regulations.
Following factors increase the risk of material misstatements due to non-compliance not being detected
by auditors:

There are many regulations and laws and may not materially affect the financial statements.

Inherent limitation of ac

counting and internal control system.

Misrepresentation made to auditor, deliberately not recording transactions of non compliance,

collusion, forgery etc.

Audit procedures:

Obtain understanding of laws and regulations affecting the entity being audited while planning the audit.
The understanding may be obtained by:

Knowledge of industry.

Inquires from the management about laws and regulations.

Managements policies and procedures for compliance of laws and regulations.

Discussion with auditors of subsidiary companies.

Written representation from the management that all known non-compliance with laws and
regulations have been considered in preparation of accounts and have been disclosed to the
auditor.

Audit procedures when non-compliance is discovered:

Auditor should evaluate the possible effect on financial statements like fines, penalties, including
discontinuation of operations and litigation.

Whether disclosure of penalties is required.

Whether financial consequences are too serious as to call into question the true and fair view
given by financial statements.

Reporting of non-compliance:

To management.

To user of auditors report.

To regulatory and enforcement agencies.

Indication that non-compliance may be occurred:

1. Investigation by govt. agencies.
2. Payment of fines and penalties.
3. Abnormal sales or agents commission.
4. Purchasing at prices significantly above or below market prices.
5. Unauthorized transactions or improperly recorded transactions.
6. Media comments.
7. Payments for goods and services made other than to countries from where goods and services
originated.
2