Consultancy – Audit MFA RDPP Project

Oxfam – Iraq

RDPP-Building a Pathway for Durable Solutions for Syrian Refugees and IDPs Iraq

Terms of Reference

Ref No: RO-IQEBL-22-0011-IQEBL

About Oxfam:

Oxfam first started working in northern and southern Iraq in the early 1990s following the first Gulf War and in 2003 Oxfam provided emergency assistance to internally displaced people in central and southern Iraq. During this time, Oxfam also worked on conflict resolution and strengthening the capacity of Iraqi NGOs. Oxfam then completely phased out its humanitarian presence from Iraq in 2008 while it continued to support women’s rights through its Regional Gender Justice Hub. Following the 2014 ISIS offensives, Oxfam resumed programming in Iraq in underserved and politically contested areas in the governorates of Kirkuk, Diyala, and Salahaddin and later expanded its programming to target a much larger geographical area affected by the ongoing conflict with ISIS, in total Oxfam is reaching over 1 million people.

Oxfam program focus on provision of humanitarian assistant strengthening resilience in conflict-affected areas of the country through rehabilitating existing basic services and providing longer-term interventions in the areas of water, sanitation and hygiene (WASH) and emergency food security and vulnerable livelihoods (EFSVL), Protection and Gender in coordination with local authorities and partners.

Introduction

These Terms of reference cover the audit of the financial statements for the project [RDPP]. The audit includes both the financial audit as well as the compliance and performance audit of the project.

The audit will cover financial statements for the period [01/07/2021 to 31/07/2022] for an amount of 5.2M DKK, approximately 1700 Transactions.

Background

Advocacy and influencing efforts aim to support vulnerable Syrian refugees, IDPs and host communities in KRI (Erbil, Dahuk and Sulimaniah) and Federal Iraq. Oxfam will target refugees and IDPs in and out of camp settings, activities will focus on three local NGOs. Through a transparent and public application process, Oxfam will allow all interested local organizations to apply to be partners on this project. Partners will need to demonstrate a thematic focus on Syrian refugee and IDP rights and be assessed by Oxfam’s partnership team. Oxfam will work through existing CSO networks and channels to identify refugee-led, IDP-led, youth-led, and women-led organistations and encourage them to apply.

Objective

Based on the financial information and other information provided by [IMPLEMENTING PARTNER], the MFA will determine whether all legislative and regulatory requirements linked to the funds granted have been complied with.

The overall objective of the audit is to provide the MFA with confidence in financial information provided to the MFA by [IMPLEMENTING PARTNER]. By providing an opinion on the financial statements, and by reporting findings and observations, the audit company provides part of the basis on which the MFA will assess the compliance of relevant legislative and regulatory requirements.

The objective of the financial audit is to obtain reasonable assurance whether the funds granted through the MFA are free from material misstatement. Based on the audit evidence obtained, the objective is thereby to express an opinion on whether the financial statements are free from material misstatement.

The overall objective of the compliance audit is to obtain reasonable assurance whether transactions covered by the financial statements comply with the appropriations granted, statutes, other regulations, agreements, and usual practice. Similarly, the objective of the performance audit is to make an assessment to obtain reasonable assurance whether the systems, processes, or transactions examined support the exercise of sound financial management in the administration of the funds granted through the MFA.

The audit will also aim to provide [IMPLEMENTING PARTNER] with an external assessment of the financial capacity and established business processes. This includes providing observations and recommendations as part of the audit.

Scope

The scope of the audit includes a financial audit as well as a compliance and performance audit.

The financial audit must be carried out in accordance with International Standards on Auditing (ISAs). Other frameworks of auditing than ISAs are accepted as a basis for the audit, provided these frameworks result in an audit equivalent to an audit planned and performed according to the ISAs and ISSAIs. This will require the audit company to plan and perform procedures based on risk assessment and materiality.

Therefore, the audit company must:

• Identify and assess risks of material misstatement of the financial statements, whether due to fraud or error. Based on the risks identified, the auditor must design and perform relevant audit procedures to obtain sufficient and appropriate audit evidence to serve as the basis for the auditor’s opinion
• Obtain an understanding of the internal controls relevant to the audit in order to design appropriate audit procedures. The purpose is not to express an opinion on the effectiveness of the internal controls. In relation to funds granted through the MFA, these controls pertain in particular to costs, including costs related to activities funded by the MFA, recognised in the financial statements.
• Evaluate the appropriateness of the accounting policies used in the financial statements, including the reasonableness of estimates and related disclosures. In relation to funds granted through the MFA, this is particularly relevant for accounting policies regarding project costs.

The specific audit procedures that may be relevant for the financial audit are specified further below.

The performance and compliance audit must be carried out in accordance with relevant International Standards of Supreme Audit Institutions (ISSAIs).

Therefore, the audit company must:

• Examine and evaluate the functioning of management systems and business processes with special consideration to compliance and the principle of economy.
• Gain an understanding of the audited entity and its environment to identify relevant regulation and legislation.
• Consider the necessity and relevance to perform test of details regarding compliance and the principle of economy, effectiveness, efficiency.
• Evaluate and conclude on audit findings and prepare communication.

The specific audit procedures that may be relevant for the performance and compliance audit are specified further below.

The audit must be planned in order to facilitate the timely submission of audited financial statements in accordance with [relevant guidelines]. This means that the audit is expected to take place in the period [15/09/2022 to 28/9/2022]. Including Final Audit Report & Signed Management Letter.

Specific procedures

The audit company must plan the audit in accordance with their risk assessment. The extent and nature of planned procedures will therefore be subject to the professional judgement of the audit company. It is the audit company’s responsibility to plan the necessary procedures to obtain sufficient and appropriate audit evidence to form the opinion of the audit. However, the procedures listed below are considered to be a minimum in order to form an opinion for the audit.

As a result, the audit company is expected to perform the listed procedures as well as plan and perform further procedures, if this is deemed necessary according to professional judgement.

General procedures to be performed in regard to the audit process

The audit company must (THE LIST SHOULD BE ADAPTED AS RELEVANT):

1. On a timely basis, submit a complete schedule for the audit process, including dates for interim audit, year-end audit, on-site visits, field visit and reporting.

2. Submit detailed specified requirements for the audit [2 days] ahead of the audit to ensure the timely preparation of accounting material necessary for the audit

3. Based on the knowledge obtained in the planning phase, determine a materiality level in accordance with ISA 320.

4. Perform interviews, observations, inspections of documents, and walk-throughs of processes to assess the internal control capacity, including:

   1. Control environment
   2. Design and implementation of key controls
   3. Operational effectiveness of key controls, if tested

5. Perform walk-through of processes and routines as well as interviews to assess accounting and financial capacity, including:

   1. Employed accounting system
   2. Use of manual spreadsheets to record entries
   3. Mapping the applied chart of accounts to the approved budgets
   4. Underlying documentation to support recorded entries

6. Identify, evaluate and report on all material observations and findings using management letter. Please refer to the Deliverables sections of these Terms of Reference.

Specific procedures to be performed in regard to financial audit

The audit company must (THE LIST SHOULD BE ADAPTED AS RELEVANT):

1. Request bank confirmation letter mailed directly to the implementing partner required to open a separate bank account

2. Confirm and reconcile amounts received from the MFA

3. Perform substantive testing on a sample basis of expenditure to verify proper allocation to the appropriate budget lines against the approved budget

4. Perform substantive testing on a sample basis to verify the existence of valid third party supporting documents relating to reported expenditure.

   1. The sample size shall be based on the audit company’s professional judgement and should be stated in the methodology description related to the audit.
   2. All instances of any missing supporting documents must be reported, including the amounts in question.

5. Perform substantive testing on a sample basis of the fixed asset list included in the financial statements as part of the reporting requirements to verify the existence and valuation of assets.

6. Perform procedures to verify the occurrence of transactions related to:

   1. Any interest earned during the financial period
   2. Any exchange gain/losses recorded in the accounts.

Specific procedures to be performed in regard to performance audit

The audit company must (THE LIST SHOULD BE ADAPTED AS RELEVANT):

1. Test of controls related to performance audit
   1. Perform interviews and walk-throughs to gain an understanding of the business processes
   2. Identify key controls related to performance. These controls may include:
      1. Authorisation in connection with the procurement of goods and services.
      2. Budget reviews and follow up on costs

• Managements review of finalised procurement processes

1. Monitoring reviews including evaluation of progress compared to activity description

2. Managements review of benchmarks for completion or equivalent

3. Perform test of design and implementation of identified key controls

4. Depending on audit strategy, perform test of the operational effectiveness of controls.

5. Substantive testing on a sample basis

   1. Determine relevant audit criteria for the audit in relation to economy, effectiveness or efficiency. The audit criteria can be qualitative or quantitative, focusing on what is expected or best practice. These may include:
      1. The quality in which the activity is delivered or completed compared to the description of the activity
      2. The quantity of items completed or delivered compared to the description of the activity

• Cost of procured goods or services compared to expected prices

1. Compliance with established procedures for procurement of goods and services, for instance the number of quotations received

2. The level of entertainment costs and travel costs compared to expected levels or levels with peers

3. Proper handling of assets, including liquid assets and fixed assets.

4. Perform tests on selected audit criteria and evaluate on findings and conclusion.

5. To ensure economy in salary levels, perform test on a sample basis of established policies and procedures for compliance, specifically regarding allowances, advances, staff recruitment/salary scales, and other accounting routines.

6. Analytical procedures

   1. Identify relevant ratios as indicators for economy, effectiveness or efficiency. These ratios may include:
      1. Ratios between direct costs and output
      2. Ratios between administrative costs and output

• Ratios between scarce resources and output

1. Perform analytical reviews of the development of ratios over time.

Specific procedures to be performed in regard to compliance audit

The audit company must (THE LIST SHOULD BE ADAPTED AS RELEVANT):

1. Examine, assess, and report on compliance with the terms and conditions of the Partnership agreement or equivalent with the MFA and other donors, if relevant

2. Gain an understanding of the legislative and regulative environment in which the entity exist.

   1. Assess compliance with applicable laws and regulation with special attention to legislation regarding accounting and taxes

3. Gain an understanding of the processes established to ensure compliance with applicable laws and regulations regarding employment of staff. This includes relevant labour legislation as well as regulation regarding social fees, pension, holiday, sick leave, and maternity leave.

4. Reconcile budget amounts included in the financial statements against the approved budget

5. Test on a sample basis that activity funded by grants through the MFA is not funded from other sources as well.

The audit report

Conclusions on the compliance and performance audit must be presented in the audit report. The audit report should be prepared in accordance with applicable ISSAIs and must refer to these terms of reference for the audit. The audit report shall include the following elements:

• Conclusions in relevance to specific audit questions or procedures
• Identification of the financial statements audited, including title of the activity and the financial period
• Description of scope of the audit (and possible limitations), including key procedures performed.

Depending on the chosen report method, the audit company can choose to include management letter content in the audit report or issue a separate management letter. If the former is chosen, the audit report shall contain the following elements as well:

• Findings and observations made from the audit with indication of severity or risk level
• Description of the effect or risk derived from the finding or observation
• Recommendations to address the findings or observations and management’s comments to findings and observations.

Management letter

Findings or observations that are not material to financial statements as a whole but considered to be of relevance to either management or the MFA, must be reported in a management letter. Such findings or observations may include, but are not limited to:

• Deficiencies or weaknesses in internal control or business processes
• Lack of compliance with applicable laws or regulation
• Lack in financial capacity or financial systems
• Identified reconciliation items
• Budget overruns
• [other]

The management letter must be prepared in English as part of the audit and submitted together with the audited financial statements.

The management letter shall, for each finding or observation, include:

• A description of the finding or observation with indication of severity or risk level
• Description of the effect or risk derived from the finding or observation
• Recommendations to address the finding or observation
• Management’s comments to the effect or risk as well as the recommendations.

Audit methodology

• Summary of the audit approach and applied audit strategy
  • This includes the considerations made to the control environment
• Significant risks identified
• Description of tested controls
• Materiality level
• Issues related to fraud (if applicable)
• Sample sizes relative to population (% of tested expenditure (Expenditure Coverage Ratio))
• Distribution of samples on different sites, activities, offices, or other locations
• Conclusions from interim and other visits
• Identified bias or accounting estimates

Closing meeting

As a conclusion of the on-site visit, the audit company must participate in a closing meeting with the implementing partner and a representative from the MFA and other donors, if relevant. The objective of the meeting is to discuss any relevant findings and observations with management and donors to settle details or open items. The closing meeting must be recorded in minutes drafted and signed by all participants.

The audit company must also participate in a final closing meeting with donors before the submission of the final versions of the conclusions of the audit. The objective of the meeting is to discuss the final reporting, conclusions, and recommendations of the audit, which must be presented by the audit company.

Time table for the audit

Time

Activity

DD-MM-YYYY

Acceptance of Terms of Reference for the audit

DD-MM-YYYY

Submission of planning memorandum

DD-MM-YYYY

Performance of interim audit including on-site visits

DD-MM-YYYY

Performance of year-end audit

Closing meeting, on-site

DD-MM-YYYY

Submission of draft versions of: Opinion, audit report, ML, ASM

Closing meeting, MFA

DD-MM-YYYY

Submission of final versions of: Opinion, audit report, ML, ASM

Fee and conditions

[Follow the MFA Budget template for consultancy contracts]

Audit company’s profile

[CV and company file]

The independent Auditor’s opinion

Conclusions of the financial audit must be presented in the independent auditor’s opinion. The independent auditor’s opinion should be prepared in English in accordance with ISA 800 and must refer to these terms of reference for the audit. The auditor’s opinion shall include the following elements:

• The auditor’s opinion on the financial statements and whether these are prepared in all material respect in accordance with financial provisions applicable
• Identification of the financial statements audited, including title of the activity and the financial period
• Reference to the applied accounting policies used in preparing the financial statements
• Reference to these terms of reference for the audit
• Sections and paragraphs in accordance with ISA 800

Any qualifications should be clear and stated with correct headlines in accordance with relevant ISAs.

How to apply

Interested individuals or consultancy firms, with relevant experience and skills based on the ToR, can submit their Expression of Interest (EOI), including the following:

1. Cover letter of no more than 1 page introducing the consultant/company and intention to deliver the assignment. The cover letter should also indicate the consultants’ availability for the proposed period.
2. The technical proposal should provide details on the capacity in line with the competencies required for the assignment, including experience with similar assignments and explanation about the achievements obtained through facilitation conducted by the consultant, CVs of the consulting team directly involved in the assignment, and their specific roles. A work plan detailing the anticipated timeline to undertake the assignment and finalize the deliverables, clearly indicating the dates of delivery. The technical proposal should not be longer than 10 pages, including all annexes.
3. Financial proposal consisting in a one-page budget of the offer, covering all major anticipated costs.

Please submit the EOI and other documents by 11:59 PM Iraq time by 07th of September 2022 to [email protected] with Audit MFA RDPP Project in the subject line. No EOIs will be accepted after the deadline

TOR Link: https://jobs.oxfam.org.uk/vacancy/17949/description