The process of administering and auditing SMSFs in Australia is in the midst of an automation revolution, and practitioners who don't get on board will risk losing their competitive edge.
No longer do SMSF auditors need a paper-based approach. Now, the audit process is all about using technology to enhance the performance of routine tasks which were previously done manually.
What technology is available?
Essentially, automation of processes has replaced the traditional manual entering of data, its reporting and validation.
To begin with, cloud-based servers are gaining recognition as an alternative to the traditional in-house computer server. Portals are almost essential to receive and send data securely, rather than transmitting sensitive data via emails.
Also, most modern SMSF administration software programmes can now receive data feeds. A data feed is a mechanism for users to electronically receive structured data from data sources into a software program.
This alleviates the need for manual data entry of bank accounts from financial institutions, managed funds and listed securities from share registries and authorised share broker sponsors.
Document management software now allows us to quickly access and view relevant supporting documents. Connectivity to accountants and administrators systems in sharing information creates immense time savings for auditors.
Also, although the uptake in Australia has lagged, digital signatures are now replacing the traditional signing processes.
Superstream, electronic actuarial reports, automated property valuations and title searches are also changing the game. These advances now result in real time data analysis rather than the traditional in arrears annual reporting.
Have SMSFs embraced the technology?
For years, SMSF auditors have adopted a paper-based audit approach that is now becoming redundant.
A modern SMSF audit practice should have a fully-integrated system, beginning with a seamless transmission of data to and from accountants/administrators to the auditor and a purpose-built platform to perform the audit.
It should end in an audit process that ensures quality, efficiency and value for money. The audit process must be consistently applied and, of course, it must definitely be scalable.
What are the risks?
While data feeds are replacing manual data entry, certification of the veracity of the data feed by a suitably qualified reviewer is paramount.
This means that the systems and controls which exist inside either the provider of the data feeder, or the SMSF administration software provider need to be certified annually to ensure that the provider meets with the provisions of Guidance Statement GS 007 issued by AUASB.
Without such certifications, and without performing additional sample testing using other means, auditors put themselves at risk of being sued.
Cloud-based server providers also need thorough investigation to determine issues such as data privacy, security, retrieval upon moving to another provider, back-up procedures etc.
Security of access to client’s data via a website or portal should ideally be regularly tested by employing professionals to assess the likelihood of its penetration by the unwanted.
Security of portable devices used to access systems must also be prioritised.
While technology will never replace the professional skill and judgement of an experienced auditor, the efficiencies which automation can produce will shift the auditor's focus from a financial-based audit, to a SIS/compliance-based audit review process.
The commoditisation of the audit process will indeed result in audit fee reductions where efficiencies via technology uptake can be fully embraced.
The traditional audit practices that continue to use traditional audit methods will struggle to compete on pricing and scalability unless they embrace these technology changes.
Ron Phipps-Ellis, managing director, Evolv