header banner
Default

The definition, examples, and three categories of audit risks of inherent risk are provided


What Is Inherent Risk?

Inherent risk is a form of raw risk. This type of risk is any that occurs naturally due to a factor other than a failure of internal control. In a financial audit, inherent risk is most likely to occur when transactions are complex or in situations that require a high degree of judgment in regard to financial estimates. This type of risk represents a worst-case scenario because all internal controls in place have nonetheless failed. Examples of inherent risks include disruptions in supply chains, unaudited financial statements, or even unedited social media posts for businesses.

Key Takeaways

  • Inherent risk is the risk posed by an error or omission in a financial statement due to a factor other than a failure of internal control.
  • In a financial audit, inherent risk is most likely to occur when transactions are complex, or in situations that require a high degree of judgment in regard to financial estimates.
  • Inherent risk is one of the risks auditors and analysts must look for when reviewing financial statements, along with control risk and detection risk.
  • Inherent risk is common in the financial services sector due to complex regulations and the use of difficult-to-assess financial instruments.

Investopedia / Jake Shi

Understanding Inherent Risk

The simple definition of risk is the potential for a bad outcome. In the world of finance, risk refers to the chance that a venture's end result will be negative or in a loss. Some of the types of risk include operational risk, market risk, liquidity risk, and inherent risk. Inherent risk is the natural risk that occurs without any risk management controls.

When conducting an audit or analyzing a business, the auditor or analyst tries to gain an understanding of the nature of the business while examining control risks and inherent risks. If inherent and control risks are considered to be high, an auditor can set the detection risk to an acceptably low level to keep the overall audit risk at a reasonable level. To lower detection risk, an auditor will take steps to improve audit procedures through targeted audit selections or increased sample sizes.

Companies operating in highly regulated sectors, such as the financial sector, are more likely to have higher inherent risk, especially if the company does not have an internal audit department or has an audit department without an oversight committee with a financial background. The ultimate risk posed to the company also depends on the financial exposure created by the inherent risk if the process of accounting for the exposure fails.

Inherent risk is highest when management has to use a substantial amount of judgment and approximation in recording a transaction, or where complex financial instruments are involved.

Special Considerations

Complex financial transactions, such as those during the lead-up to the financial crisis, can be difficult for even the most intelligent financial professionals to understand. Asset-backed securities, such as collateralized debt obligations (CDOs), became difficult to account for as tranches of varying qualities were repackaged again and again. This complexity may make it difficult for an auditor to make the correct opinion, which in turn can lead investors to consider a company to be more financially stable than in actuality.

Inherent Risk vs. Other Audit Risks

Inherent risk is one of the risks auditors and analysts must look for when reviewing financial statements. But, there are other audit risks that auditors must look out for on a regular basis. We've highlighted some of them below.

Control Risk

Control risk is a type of risk that occurs when a financial misstatement results from a lack of proper accounting controls in the firm. This means that there aren't enough internal controls or management in place to avoid risk. Put simply, control risk occurs when there is a failure to review financial statements. In other cases, these precautions may be in place but don't function properly. This type of risk can lead to increased losses

Detection Risk

Detection risk occurs when auditors simply fail to detect an easy-to-notice error. This may be a result of fraud or other errors. Detection risk may occur unintentionally in that an auditor may miss an error accidentally. In other cases, an auditor may misinterpret the figures on the financial statements they're charged with reviewing that it results in one or more errors.

When an estimation is made, it should be disclosed to financial statement users for clarity.

Examples of Inherent Risk

Inherent risk is often present when a company releases forward-looking financial statements, either to internal investors or the public as a whole. Forward-looking financials by nature rely on management's estimates and value judgments, which pose an inherent risk.

The same applies to accounts that require approximations or value judgments by management. Fair value accounting estimates are tricky to make and can be highly subjective.

What Are the 3 Types of Audit Risk?

VIDEO: The Audit Risk Model
Edspira

There are three main types of audit risk: Inherent risk, control risk, and detection risk.

What Is the Difference Between Inherent Risk and Control Risk?

VIDEO: Audit Risk: Inherent Risk Basics
Accounting Study Advice

Inherent risk is an error or omission in a financial statement due to a factor other than a failure of internal control. Control risk, on the other hand, refers to the misstatement of financial statements due to sloppy accounting practices.

Can Auditors Reduce Inherent Risk?

VIDEO: Auditing Basics: Audit Risk, Control Risk, and Detection Risk for SOC 1 and SOC 2 Compliance
KirkpatrickPrice

If inherent and control risks are considered high, an auditor can keep the overall audit risk at a reasonable level by lowering the detection risk. This can be achieved by targeted audit selections or increased sample sizes.

What Factors Can Increase Inherent Risk?

VIDEO: Auditing 101 | Part 2: Risk Assessment, Assertions, and Materiality
Maxwell CPA Review

Factors that can increase inherent risk include subjective estimates, non-routine transactions, and the use of complex financial instruments. Generally, the more complicated a company’s business model and transactions are, the higher the inherent risk is.

The Bottom Line

Inherent risk is not always easy to spot, particularly compared to the other main two audit risks, and increases substantially in business sectors where transactions are open to a substantial amount of judgment and approximation. These risks are important to take into account as they can drastically mislead investors and are generally best combatted by getting several qualified auditors to go over the books.

Sources


Article information

Author: Matthew Holden

Last Updated: 1704112562

Views: 1130

Rating: 4.1 / 5 (45 voted)

Reviews: 96% of readers found this page helpful

Author information

Name: Matthew Holden

Birthday: 1909-04-17

Address: 0758 Elizabeth Cliff, Fryeburgh, NJ 72361

Phone: +4868796395001009

Job: Article Writer

Hobby: Juggling, Bowling, Painting, Sailing, Swimming, Bird Watching, Dancing

Introduction: My name is Matthew Holden, I am a Colorful, unwavering, ingenious, spirited, Adventurous, persistent, dear person who loves writing and wants to share my knowledge and understanding with you.