There is an increasing need for communications amongst four components of CG; there are board of directors, management, internal audit and external audit. A soundness corporate governance (CG) assist effective, efficient and entrepreneurial management that can deliver shareholder value in the long run (The Financial Reporting Council Limited, 2012).
Contribution of Internal Auditing towards Corporate Governance
The role of IA of the company, considering the influences of the control of management, assumes a first importance in the CG sphere. // The IA's role, given its influences over the management control, assumes a front importance within the corporate governance. // The IA activity have to evaluate and contribute to the improvement of governance, risk management and control processes using a systematic and disciplined approach. The more an organisation is regulated, the more focus is expected on governance. IA must consider how it has incorporated governance into its audit plans, the priority it assigns to various governance elements, and the appropriate framework, approach and measures to auditing governance elements (Carmen Rossiter, 2011).
Mihret and Admassu (2011) stated that organisations can increase CG effectiveness by fostering both coordination of IAs and EAs while DeZoort et al. (2002) support that both IA and EA helping as a resource to BODs could improve effectiveness of audit committee (AC). The reliance of EAs on IA work lead to the contribution of IA adds value through reduced audit fees (Krisbnamoortby, 2001, 2002; Morrill and Morrill, 2003; Mibret 2010; Mibret, James and Mula 2010; Mihret and Admassu, 2011) and it is also represent that has an opportunity for cost saving for the organisation audited through reduction of EA time. Thus, organisations achieve cost reductions from IAs' contribution.
Jenny Stewart and Nava Subramaniam (2010) found that the IAs' position in providing both assurance services and consulting activities, enhancing risk assessment, outsourcing of IA activities, and employ as a training ground for managers. Although the IIA stated that IAs must accountable with management, but Fraser and Henry (2007) opposite their view that IAs should involve in ERM practices such as embedding of risk.
Felix et al., (2001) and Mohamed, et al. (2012) stated that IA work as assistants under the direct supervision of EAs or independently performing various audits and reviewing work throughout the audit year on which the EAs may rely. Elliott and Korpi (1978) suggest that such assistances contribute by IA result in EA fee reduction. Simultaneous, the EAs assess the risk of material misstatement in the client's FS, reviewing their ICS in order to understanding the nature of client's organisation is likely to save EA's time and work during audit engagement (Zain, Subramaniam, and Stewart, 2006).
The 'substitution theory' proposes that a dynamic IAF would encourage EAs' reliance on such a function, reduction in audit effort could lead to cost savings and lower EA fees. Therefore, there is an opportunity for savings from issues identified. In contrast, 'complementary perspective' propounds that greater investment in IA is likely to be associated with higher audit fees. Although there is a distinction between the roles of internal and external audit but both functions' coordination and cooperation may generate synergistic outcomes such as higher quality audits and economic benefits.
Furthermore, with sessions on topics from Internal Auditing as an Effective Tool for Corporate Governance (IJEB International Conference on Economic and Business Issues, 2009) signify that IA's contribution towards a high quality of CG. As they perceived that an effective CG leads organisations access to capital markets more easily to boost their capitals. The contribution of IA to CG is represented through demarcating the association between IA and key elements of CG. In fact, BODs is responsible to accomplish the organisation's objectives; meanwhile the IAs'contribution is to providing management a wide range of information sources such as organisation's financial, operational and compliance activities to improve effectiveness, efficiency, and economy of management performance and activities (Colbert, 2002).
IAs provides an independent view on the organisation's governance, risk management and control processes, provides support to an organisation's anti-fraud controls and provides recommendations on how to improve in these areas. They review the adequacy of control design to ensure that risks are effectively managed, and then test operation of key controls to ensure they are operating as intended and therefore are effective in managing the organisation's risk.
The Coso Report classified that the existence of an effective ICS can help the management reaching the objectives, protect all shareholders' and stakeholders' interests as a whole (Bostan and Grosu, 2010). Moreover, IA would add value to the entire organisation's activity, easing the identification and evaluation of the existing risks on all levels. In addition, IA provides information about any fraudulent activities or irregularities (Rezaee and Lander, 1993). Encouraging AC to conduct periodic reviews of its activities and practices compared with current best practices to ensure that its activities are constituent with leading practices (Sawyer, 2003)."
Contribution of External Auditing towards Corporate Governance
The role of EAs is inevitable for good CG. While EAs will not solve every problem, it will provide a robust structure for matters to be identified and resolved before the scale of operations and associated business risk increase significantly. For instance, where an SME is importing or exporting for the first time and does not have appropriate procedures in place to recognise and mitigate foreign exchange risk. Characteristically in SMEs, owners are involved in the daily management of the business. Accordingly, there is opportunity for frequent and open communication between the auditors and the owner or managers during the course of an audit. Therefore, IA develops and manages relationships with its key shareholders.
In particular, EAs' responsible to conduct their tasks in the most independent and reliable manner in preventing and detecting the fraud and errors in FS in order to attract investing public with the level of assurance to make their decisions based on the FS (Davidson, Goodwin-Stewart and Kent, 2005). This was supported by Boţa-Avram (2012) that the EAs' social role and responsibilities is to enhance investors' confidence in the financial markets through audits the management report to review whether it's consistent with the FS and evaluates the management's internal control system (ICS) (Boţa-Avram, 2012).
While the IAs act as risk monitors for the management, board and the AC, whereby EAs is contributing as an agent for shareholders and stakeholders diminish the agency problem through controlling the company directly in order to enforce control of board and management. With appropriate accounting policies, the EA could help management accountable to shareholders for its stewardship function.
EAs make use of IAs as assistant for substantive testing when IA is provided in-house. Overall, EAs use IA more for control evaluation risk.
Barriers to the contributions of both IAs and EAs and its implications.
Auditor's Independence
Issues raise on to what extent the auditors can provide an independent opinion on the FS after the case of both audit and non-audit services (NAS) provided by Anderson (ie: HH Insurance). Both IFAC (2010) and Cadbury Report (1992) have same point of views that the financial interest gain from clients, having close relationship with clients or provide NAS to clients constitutes the threats to the EAs' independence and adversely influence their role.
Cadbury Report (1992) propound that to ensure EAs are truly independent, they should be rotated annually and have a gap of 5 years prior to the same auditors are appointed by the organisation and disclosure must be make in order to shun their conflict of interest with shareholders. Otherwise, they should be prohibition to the provision of NAS to clients as they are act as auditors. Establish an AC and develop effective accounting standards could ensure EAs will work among organisation's management. The ability of IAs as employees of the organisation to exercise true objectivity is questionable. This is reported (Financial Times (London, England), 9 September 2012) that to increase the independence of IAs should not report directly to the chief executive, but to the chairman of the AC.
Quality and Competency of IA
IA contribution is influenced by IA quality. The competency of IA staff professional certifications in accounting and experience in auditing attributes to the organisations is questionable (Mohamed et al, 2012). Rick Julien and Larry Rieger (2011) found that the roles of IAs expected by organisations are inconsistent with the definition of 'IA' defined by The Institute of Internal Auditors (IIA) in reality. As existing staffs can be transfer to the IAF and transfer back to line functions few years later. However, there is no guidance on what circumstances the employees possibly transferred to the activities IAs are currently auditing and outcry the social pressure give rise to them (Jenny Stewart and Nava Subramaniam, 2010). It may be compromised by outsourcing the IA where the experience obtains from outside specialists and improve the independence of IA work as well.
Ethical code and Bear from excessive regulations
Due to the CG reforms in many jurisdictions, the implementation of the ethical code issued by profession bodies is not followed by the auditors in their professional conduct. The code deters the principle of utilitarianism that is doing what is right and acceptable to majority where it simply concerns ethical or unethical actions of auditors. Bernam and McGrath (2007) critiqued that "implicit and explicit costs of the excessive regulations" might not outweigh the benefits accruing to the public (Bernam and McGrath, 2007). IFAC (2010) suggested that accountancy bodies such as Financial Reporting Council (FRC) should assess their professional ethical code to emphasise more on action that is morality and right.
Difficulty in fulfilling their responsibilities
IAs had been outcry that they are in an abnormal position. For instance, they're requiring reporting to senior management in the organisation, meanwhile, they are expected to objectively assess management's conduct as well. KPMG (2003) pointed out the solution to this dilemma is for IA to report directly to the board and its AC rather than to senior management as an effective IAF performs activities are "listening, asking questions, assessing and challenging answers" (KPMG, 2003, pp.4). Consequently, the board and AC benefit from the information they receive on the internal controls and risk assessment which reflects a true depiction and filtered by organisation in advance. However, IA may not be informed to all sources of information throughout the organisation as it is appear as outside the management structure (KPMG, 2003).
Audit expectation gap
Bankruptcy examiner claims that auditor Ernst & Young was condemn as their negligent in not detecting the problems in Lehman Brothers (AccountancyAge, 2010). There is always a gap between the understanding of what an audit will do by public and what auditors do in practice. Generally, it's usual to ask who will be condemned when things go wrong. AccountancyAge (2010) argued that "public expectations of what auditors do is way out of kilter with the actual work undertaken when checking whether the accounts deliver a true and fair view" (AccountancyAge,2010). To eliminate these barriers, auditors must perceive what other consequent issues that will be raise. As there is a different in nature of vast financial institutions, thus, auditors altogether require a different approach in auditing.
Informal communication and language used
However, EAF's unwillingness to utilise data gathered by IAF at the planning stage resulted from the limited cooperation and coordination amongst IAs and EAs. Sharon Zammit and Peter Baldacchino (2012) propound that professional judgement and effective communication between them should be strengthen through meeting with senior management periodically which discussions would be helpful in identifies the general issues during the audits (Sharon Zammit and Peter Baldacchino, 2012). Issue rises on how far IA can communicate governance issues outsides the organisation such as regulators, EAs and other stakeholders. Rick Julien and Larry Rieger (2011) bring forward that a "common governance language" could maintain steady communication amongst them, in addition to AC and board.
Audit (client) fee
Auditors' independence would impair from the action in manipulate their audit plans in response to audit fee pressure. This was supported by Gramling, AA (1999) who indicated that the level of audit fee pressure appears to influence the audit managers' decisions to reliance on IAF's work. However, Felix et al. (2001) give an opposite opinion that there is a negative relationship between the EAs' reliance on IA work and audit fees as its assistance could decrease audit fees (Felix et al., 2001).
Insufficient resources
IAs often find themselves difficulty in limited resources such as time constraints of consulting that could take place between both IAs and EAs. Admittedly, if more human and financial resources had been giving to them, in addition to the retention of audit work performed by both IAs and EAs including audit opinion, compliance and control enable them to manage their audit risks more competently (Sharon Zammit and Peter Baldacchino, 2012).
Conclusion
Although the amount of experience and competence are the main differences between IAs and EAs but their intention is to protect investors and contribute towards an effective CG as a whole. Overall, there is a significant obstructions faced by auditors and further implications to these is needed in order to maximise their role to the on-going strong governance.
