Auditing Of Shared Services

CA Amrita Chattopadhyaypro badge , Last updated: 01 July 2023  
  Share


The term "Shared Services" refers to a particular function / service which is generally used by various operating units in an organization. For example, if an organization has various verticals which are considered as profit centers or if they are spread across various geographical areas, the HR service or the IT services may be used by various verticals in an organization. Sharing of services is method to reduce cost because they are centralized back-office operations which may be used by multiple verticals/ divisions of the organization resulting in reduction of redundancy.

Shared services generally have characteristics, they are centralized, they generally promote automation, they have standardized process and they provide the services as they would provide to any other business. The article tries to explore the review of Shared Services of an organization or providing assurance of the operations of Shared Services.

Before commencing of review or providing assurance of the shared services, it is imperative to have a proper understanding of the Shared Service Centers and its environment. The procedures involved for understanding the shared services would include:

  • The way the shared services are structured and the ownership of the shared services provided.
  • The process and the activities of the shared services
  • Internal controls and the risks associated with the shared services
  • The applicability of concept of related parties in the shared services
  • The operating model of the shared services (generally cost plus model is followed for shared services)
  • Background verification of the promoter group
  • Any corporate announcement made by the shared services
Auditing Of Shared Services

After having proper understanding of the Shared Services, it is imperative for the auditor to test the Entity level controls to ensure that they are designed and operating effectively. Few entity level risks for the shared services could be:

  • Non approval of the business plans and budgets
  • Absence of process to review the budgets and the reliability of budgeting
  • Certain activities which require expert knowledge may be performed by person who does not have relevant expertise
  • Lack of segregation of duties
  • Lack of control with respect to sharing of data between various unit of the organization.

Understanding of Revenue Model

The revenue model of shared services typically depends on the nature of services and arrangement with customers. However, a typical billing model would include the following:

  • Time and material: Under this model are billing is done based on the time spent by the resource involved in the project / time spent for a particular unit. The time model could be weekly, daily, or hourly basis as per the agreement between various units.
  • Based on volume or transaction: The arrangement could be based on the final output irrespective of the resources used or the time spent by the resources.
  • Based on outcome: Generally, in case of any maintenance or trouble shooting as shared services, the revenue model can be based on the outcome irrespective of the time spent or volume / transaction.
  • Cost plus mark-up: The billing is done as cost and mark-up where certain cost like personnel cost, operating expenses are charged from customer by adding a fixed mark up.

Some of the risk and auditor’s response to the risk

Area: Payroll

The shared services are generally employee centric operations where the expertise of the employees is used across the organization. The payroll forms part of the prominent cost of the shared services.

Risks

Audit Procedures

Proper segregation of employee’s duties and allocation of time cost on various projects/assignments

Review the client contract and the SOW (Statement of Work) describing the work to be done and the resources to be allocated for the assignment.

The salary sheet may not be accurate and possibility of excess payment given to the employees

  1. The access right of the salary sheet should be restricted within few individuals.
  2. Review of the salary by a senior management

Lack of training and risk of attrition due to lack of professional growth

  1. Presence of a strong performance review process
  2. Appropriate training at regular interval

The increment and the leave of the employees may not be authorized

  1. Approval of increments by the senior authorities
  2. Developing a proper leave approval process
 

Area: Expenses

Since most of the shared services the billing is done based on cost plus markup model, the expenses play a pivotal role. Proper regulation of expenses is critical to arrive at the cost.

Risks

Audit Procedures

Unauthorized expenses

Proper accrual is taken before any expenses are incurred which will form part of the shared services cost

Material procured are not as per the defined approval level

Quotation of purchase is received from suppliers and the quotations are compared before placing the order.

Necessary approval of travel is not available / approval is taken post the travel by the employees

On the sample basis ensure that travel reimbursements are as per the policy of the company

 
Join CCI Pro

Published by

CA Amrita Chattopadhyay
(Audit & Assurance)
Category Audit   Report

1 Likes   5079 Views

Comments


Related Articles


Loading