Managerial accounting uses the term inherent risk to define the possibility of incorrect or misleading information in accounting statements caused by a different influence than the failure of controls. Most commonly, accounts with a larger amount of judgment and approximation or the ones involving complex financial instruments are a place where incidents of inherent risk happen. Also, forward-looking financial statements presented by companies are connected with inherent risk, too.
While taking a look at inherent risk, we should not overlook audit risk as a whole. Audit risk features possible mistakes made while performing an audit. Inherent risk can be understood better when placed in the context of audit risk analysis.
Audit risk types
Typically audit risk is divided into three types.
- Control risk
This type of risk takes place due to insufficient accounting controls in the company and usually has a form of fraud or lazy accounting practices.
- Detection risk
An easy-to-notice error in the financial accounts that was still possibly missed by auditors is known as detection risk. Detection risks are fought with a higher number of sampled transactions while performing testing.
- Inherent risk
Among other audit risk types inherent risk is considered to be the most harmful. The reason being that it cannot be avoided by simply increasing auditor training and adding controls to the auditing process. Risk auditors and analysts should pay close attention to inherent risk while performing controls on financial statements and also take into account control risk and detection risk.
Inherent risk examples
The financial services sector is a common area of occurrence for inherent risk incidents. This is resulted by:
- the complexity of financial institution regulation – the rules are countless and they change all the time;
- the big networks of related companies;
- the development of derivative products and other complicated instruments – these demand difficult calculations.
It is typical for financial institutions to have long-term and complex relationships with multiple parties. To illustrate, let’s take a holding company: it can be connected to several different entities at the same time, while each of them controls special-purpose vehicles or other entities absent from the balance sheet. In addition, every level of the organizational hierarchy has many relationships with investors and customers. Moreover, related parties tend to be less transparent than separate entities.
Among others, relationships with auditors belong to business connections. Inherent risk is created due to initial and repeated engagements with auditors. To explain this, the complexity and a large number of new topics can overwhelm an initial auditor. On the other side, personal relationships can affect the repeat engagement negatively due to the presence of overconfidence and laxity. Also, inherent risk can be caused by non-routine accounts and transactions.
All in all, accounts that require a lot of approximations, guesstimates, value judgments are connected with inherent risk incidents. The fact is: it is extremely difficult to value accounting estimation fairly. In order to reduce error possibilities, auditors investigate and interview the decision-making employees of the company about estimation techniques. No matter whether inherent risk happens for the first time or infrequently, it still grows.
Are you working on risk management in your company and need advice from specialists? Contact COREDO, and it will be our pleasure to assist.