As the United States, along with every major capital market, moves toward International Financial Reporting Standards (IFRS), it is important for internal audit to sort out its role as a participant in the process.

Canada and Mexico expect to achieve convergence with the standards by 2011, and while Japan has a 2015 deadline, Japanese companies can adopt IFRS early – and immediately. Though the United States has no formal, approved timeline, based on the latest communications from the Securities and Exchange Commission (SEC), the earliest U.S. public companies might convert from U.S. GAAP (Generally Accepted Accounting Principles) to IFRS is 2015.

A Memorandum of Understanding (MOU) between the two standard setters – the International Accounting Standards Board (IASB) and the Financial Accounting Standards Board (FASB) – covers the convergence of major areas such as revenue recognition, leases, income taxes and consolidations. The SEC added – to their earlier conditions for IFRS considerations – a consideration on how IFRS might affect contracts, debt agreements and other regulations, as well as a monitoring progress on the MOU. In other words, while there could be a need to convert in 2015, it is not clear, based on the convergence calendar, what differences will remain between IFRS and GAAP at that time. Convergence may pre-empt conversion. 
 
Consequently, companies should get ready and be positioned with a project plan to deal with what might have to change – either all at once upon conversion or in different time lines as convergence unfolds. If it’s convergence, it will happen sooner but not all at once; companies will have a steady drumbeat of change with which to contend. If it is conversion and the SEC acts as many expect toward the end of 2011 and requires conversion by 2015, calendar year-end companies will only have about a year to get the January 1, 2013 opening balance sheet ready in order to provide three years of comparative financial information in 2015 – and they will still need to provide transitional reporting under GAAP for 2013 and 2014 prior to conversion.

No matter what the SEC does, convergence seems likely to continue and companies, public or private, should prepare for that eventuality. If the FASB changes GAAP as part of the memorandum of understanding (MOU) progress, every company – public or private – is impacted.

Internal audit can and should play a key role in assessing organizational readiness by:

1. Identifying project risks (e.g. operational, financial reporting, resources) in the planning stages
2. Focusing on control over the change management process and the impact on internal control over financial reporting and disclosure controls and procedures
3. Informing the company’s board and senior management (and soliciting feedback from the same) on the status and progress of IFRS readiness and implementation

As internal auditors know – and must communicate to their entire organization – internal audit should not be considered merely as the “after-the-fact” auditor of changes in accounting policy but as a participant early on in what essentially will be viewed as a high-risk transformation project affecting people, process and technology. Key scoping decisions can affect both the audit plan and Sarbanes-Oxley testing. The internal auditor, in the role as audit committee liaison, will want to keep the audit committee in the loop.
 
Internal audit should focus on what is best for the transition: involving the audit committee up front in deciding whether the company will change everything they can or only what they have to,  and also whether they are going to do so centrally – from the top down – or in a more collaborative way – from the bottom up.

How an enterprise tackles IFRS will depend on its structure. A heavily centralized enterprise might take a top-down approach and work with a set of policies and procedures that spell it out: “If XYZ applies, follow XYZ everywhere.” Meanwhile, a bottom-up approach would require more time and resources. Here, a company already using IFRS in its various ways at overseas subsidiaries might choose the best practice, come to a consensus and then push that out to the entire organization. 
 
All of that affects both time and effort. It is not just a management decision; audit committees should weigh in because they are responsible for overseeing the selection and application of accounting polices – and some of the scoping decisions made early on will set a “tone at the top” on how IFRS will be implemented throughout an organization. The corporate board should be involved, with internal audit serving as liaison between senior management and the audit committee.
 
Any internal auditor engaged in assessing or auditing an IFRS conversion or convergence project should not just audit whether the accounting policies were correctly written and then audit them against that standard, but also getting involved with the conversion or convergence effort more broadly as a project. Internal auditors also need to be concerned  about whether the project is on time and on budget, that it is well managed and meeting the audit committee’s expectations (which means being conversant with them). They should be involved throughout the project life cycle – not just auditing at the end.
 
The conversion from GAAP to IFRS will also have an overall impact on six elements of infrastructure:

1. Strategies and policies – A critical first step is the determination of accounting policies under IFRS, but keep in mind that conversion impacts more than accounting policies alone. Changes to accounting policies will affect business activities.
2. Processes and workflows – Internal auditors will need to develop and execute a plan that takes into account the time and effort for the business units to update documentation and then revise their own test plans responsive to the changes in policies, procedures and controls.
3. People and capabilities – Internal audit departments will need to access or “borrow” people with requisite skills in order to execute their plans.  From a management perspective, it is possible that more senior financial personnel will be exercising judgment than before, and there are attendant risks on the segregation of duties front.
4. Communications, awareness and training – Internal audit should plan and execute in a way that enables timely communication of issues with an IFRS conversion for internal and external timelines.
5. Data, information and reporting – Internal audit will need to build plans that respond to changes in the design and testing needs, which come from changing sources of data and information flows.
6. Systems and technology enablement – For many companies, IT may pose the most significant conversion issues. Internal audit groups will need to be able to react to changes in which data passes through systems or human hands and pay special attention to IT change management protocols in the year or years of conversion.

Because U.S. GAAP is based upon specific rules, accounting policies can reference U.S. GAAP and be more like “checklists”.  Policies under GAAP can more readily reference a specific situation and thus be less descriptive.  IFRS is less prescriptive and generally does not contain industry-specific examples. Policies under IFRS will need to be more robust and include examples to show greater clarity so they are in a position to facilitate consistency, a hallmark of IFRS.
 
As a consequence, internal auditors will potentially need to change how they audit from a scoping perspective. Rather than perhaps going from location to location, they may want to audit an area across the organization so that they are in a position to evaluate the consistent exercise of judgment in a given, high risk area.

Planning Project Audits
Since a transition to IFRS is a significant effort, internal audit needs to understand scoping and timelines, be flexible and recognize that phases to conversions may wind up having to shift effort between manual and automated processes from an audit perspective.
 
For example, a company may have completed a diagnostic and is planning to implement SAP or Oracle as an ERP. The focus on configurable controls, segregation of duties and other ERP-related issues will need to be part of the audit plan.  It is possible that internal audit may need to add or “borrow” staff with the requisite skills for that project audit. Approximately 10 to 20 percent of the internal audit budget and plan should be kept flexible enough to respond to changing circumstances (e.g., changing project scopes) and new issues that did not exist during the planning process. 
 
A systematic approach to IFRS readiness involves financial reporting considerations such as assessing a company’s overall technical accounting capabilities and requirements and the impact on disclosure requirements. Meanwhile, one non-financial reporting consideration is whether a company has written its accounting policies correctly. Responsibilities will likely shift down the road. Auditing the application of “judgment,” as opposed to verifying the adherence to rules, will change the focus of internal audit’s planning and execution process.
 
What benefits does Internal Audit provide for IFRS readiness?

Deliverable/Assessment

1. Project Approach
   1. Report on overall project plan adequacy
   2. Gap analysis for the project plan (not accounting)
2. Governance and Oversight
   1. Assess initial critical decision making process
   2. Assess adequacy of governance and oversight
   3. Review initial financial statement impact
3. Operational Implications
   1. Assess current technical capabilities
   2. Assess operational impacts on systems and internal processes
   3. Assess financial reporting process changes
   4. Review plan to address disclosure considerations

Value Proposition

1. Highlight significant project risks if not addressed in the plan
2. Provide management with time to react
3. Provide partner in addressing project gaps
4. Ensure adequate oversight of project
5. Establish budget expectations
6. Opportunities to streamline costs (e.g. pilot conversion, internal vs. external resources)
7. Highlight technical skills gaps
8. Highlight significant risks to operations
   

Review Considerations, Step by Step
The first step for internal audit to take in the process of reviewing a company’s IFRS readiness is to engage the audit committee and senior management in a discussion around the scoping decisions. Do not do anything else until you have a clear direction of where you want to head (proceeding without that direction can lead to either (a) over-spending or (b) under-delivering). After that is accomplished, there should be an assessment of financial reporting capabilities and what might change or might have to change.
 
Next, develop a project plan to address the changes based on the decisions made during the scoping process. If you have a situation where revenue recognition rules could change as opposed to where they must change (in the former, you do not have a choice, whereas in the latter, you have to make the choice and get ready for the outcome).  Build a project plan with the understanding that it is going to affect accounting policy, processes and controls. When you change a policy you probably change a process and control.
 
Finally, prepare to report regularly on progress to senior management, the audit committee and other interested stakeholders, and to react to changes along the way.
 
How implementation occurs can vary by using a phased or parallel approach. For example, in a phased approach with data collected from the years 2013 or 2014 you can run parallel books or alternatively collect the necessary data, process it the way you normally have in the past and then go through a process of converting it in 2015 for all three years. Neither approach is wrong – but both approaches require a thoughtful plan and periodic testing along the way to ensure data integrity.
 
Summing it Up
As the horizon for transitioning from U.S. GAAP to IFRS narrows, internal audit can ill afford to be left behind. It is not too soon to focus on the process and the role internal audit can best play. Nor is it premature to plan how the company will deal with changes after the IFRS convergence or conversion occurs.