What Is Inherent Risk?

Inherent risk is a form of raw risk. This type of risk is any that occurs naturally due to a factor other than a failure of internal control. In a financial audit, inherent risk is most likely to occur when transactions are complex or in situations that require a high degree of judgment in regard to financial estimates. This type of risk represents a worst-case scenario because all internal controls in place have nonetheless failed. Examples of inherent risks include disruptions in supply chains, unaudited financial statements, or even unedited social media posts for businesses.

Understanding Inherent Risk

The simple definition of risk is the potential for a bad outcome. In the world of finance, risk refers to the chance that a venture's end result will be negative or in a loss. Some of the types of risk include operational risk, market risk, liquidity risk, and inherent risk. Inherent risk is the natural risk that occurs without any risk management controls.

When conducting an audit or analyzing a business, the auditor or analyst tries to gain an understanding of the nature of the business while examining control risks and inherent risks. If inherent and control risks are considered to be high, an auditor can set the detection risk to an acceptably low level to keep the overall audit risk at a reasonable level. To lower detection risk, an auditor will take steps to improve audit procedures through targeted audit selections or increased sample sizes.

Companies operating in highly regulated sectors, such as the financial sector, are more likely to have higher inherent risk, especially if the company does not have an internal audit department or has an audit department without an oversight committee with a financial background. The ultimate risk posed to the company also depends on the financial exposure created by the inherent risk if the process of accounting for the exposure fails.

Special Considerations

Complex financial transactions, such as those during the lead-up to the financial crisis, can be difficult for even the most intelligent financial professionals to understand. Asset-backed securities, such as collateralized debt obligations (CDOs), became difficult to account for as tranches of varying qualities were repackaged again and again. This complexity may make it difficult for an auditor to make the correct opinion, which in turn can lead investors to consider a company to be more financially stable than in actuality.

Inherent Risk vs. Other Audit Risks

Inherent risk is one of the risks auditors and analysts must look for when reviewing financial statements. But, there are other audit risks that auditors must look out for on a regular basis. We've highlighted some of them below.

Control Risk

Control risk is a type of risk that occurs when a financial misstatement results from a lack of proper accounting controls in the firm. This means that there aren't enough internal controls or management in place to avoid risk. Put simply, control risk occurs when there is a failure to review financial statements. In other cases, these precautions may be in place but don't function properly. This type of risk can lead to increased losses

Detection Risk

Detection risk occurs when auditors simply fail to detect an easy-to-notice error. This may be a result of fraud or other errors. Detection risk may occur unintentionally in that an auditor may miss an error accidentally. In other cases, an auditor may misinterpret the figures on the financial statements they're charged with reviewing that it results in one or more errors.

Examples of Inherent Risk

Inherent risk is often present when a company releases forward-looking financial statements, either to internal investors or the public as a whole. Forward-looking financials by nature rely on management's estimates and value judgments, which pose an inherent risk.

The same applies to accounts that require approximations or value judgments by management. Fair value accounting estimates are tricky to make and can be highly subjective.

The Bottom Line

Inherent risk is not always easy to spot, particularly compared to the other main two audit risks, and increases substantially in business sectors where transactions are open to a substantial amount of judgment and approximation. These risks are important to take into account as they can drastically mislead investors and are generally best combatted by getting several qualified auditors to go over the books.