External Audit of Cruz Vermelha de Timor-Leste (CVTL)

Terms of Reference

For External Audit of

Cruz Vermelha de Timor-Leste (CVTL)

  

Terms of Reference for External Audit of Cruz Vermelha de Timor-Leste (CVTL)

 

I. BACKGROUND

Timor-Leste Red Cross (locally known as Cruz Vermelha de Timor-Leste, hereinafter called “CVTL”) is country’s leading humanitarian organisation and works as an auxiliary to the Government of Timor-Leste in emergency response and for vulnerable communities. It has branches in all 13 districts and operates programmes nationally.

CVTL is delivering programmes on emergency response, water and sanitation, health promotion, disaster preparedness and risk reduction, livelihoods, first aid and community based health and first aid, blood donor mobilisation, dissemination, Restoring Family Link, Safer Access Framework  and youth development in line with its vision to Save lives and improve the quality of life of the most vulnerable people.

CVTL was established in 2000 and recognised by the Timor-Leste Government in 2005. It also gained official recognition by the International Committee of the Red Cross, and admitted to the International Federation of Red Cross and Red Crescent Societies as the 183rd national society in 2005.

CVTL’s work is guided by the Fundamental Principles of the International Red Cross Red Crescent Movement; Humanity, Impartiality, Neutrality, Independence, Voluntary Service, Unity, Universality.

CVTL is working on building a decentralized management structure including financial matters which aims to have stronger initiative of branch governance and management, however general branch income including membership revenue is still low which hinders branches’ financial independency. As of now, despite continuous effort, the CVTL’s management structure is still centralized with a leading role of NHQ.

 

II. TITLE

The Audit of the Financial Statements (Balance Sheet, Statement of Income and Expenditure and Statement of Cash Flow) of the CVTL National Headquarters (NHQ) and five (5) Branch’s offices, for financial year covering period 01.01.2021 to 31.12.2021.

 

III. OBJECTIVES

A. To conduct a financial audit of the CVTL NHQ and Baucau, Ainaro, Bobonaro, Aileu and Dili   Branch office, that includes an audit of the CVTL's Balance Sheets (Funds Statement) as at 31.12.2021, Income and Expenditure Statement, and the Cash Flow Statement for the year ended on 31.12.2021.

B. To obtain an opinion of the independent auditors whether these financial statements present fairly, in all material respects, the CVTL's financial position at year-end, the results of its operations and cash flow for the year then ended, in conformity with generally accepted accounting principles and the international financial reporting standards (IFRS).

C. To seek assurance that the internal controls over the financial transactions is adequate and commensurate with the size of the CVTL.

 

IV. AUDIT SCOPE

The audit must be performed in accordance with generally accepted auditing standards promulgated by the International Organization of Supreme Audit Institutions or International Auditing Practices Committee of the International Federation of Accountants.

The auditor should use the following steps as the basis for preparing audit programs.  They are not considered all-inclusive or restrictive in nature and do not relieve the auditor from exercising due professional care and judgment.  The steps should be modified to fit local conditions and specific program design, implementation procedures, and agreement provisions which may vary from program to program. 

In the course of the audit, the auditor is expected to conduct six (6) days Branch visit in Baucau, Ainaro, Bobonaro, Aileu and Dili  , and the branch audit shall be carried out within the scope of Internal Controls which is defined in IV.A, below.

 

A. Internal Controls (NHQ , Baucau, Ainaro, Bobonaro, Aileu and Dili  )

The auditors must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures. The internal control must be described in the audit documentation.

The auditors must prepare the report identifying any significant deficiencies or material weaknesses in the design or operation of internal control.  A material weakness is a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented or detected and corrected on a timely basis.  A significant deficiency is a deficiency, or combination of deficiencies, in internal control that is less severe than a material weakness that is important enough to merit attention by those charged with governance.  Any significant deficiencies or material weaknesses must be set forth in the report as "findings".  Any other matters related to internal control – such as suggestions for improving operational or administrative efficiency or internal control, or control deficiencies that are not significant deficiencies or material weaknesses – may be reported in a separate management letter to the CVTL and referred to in the report on internal control.

The major internal control components to be studied and evaluated include, but are not limited to, the controls related to each revenue and expense account, on the Balance Sheet and Cash Flow statements. The auditors must:

1. Obtain an understanding of the design of the internal control related to programs and determine whether they have been placed in operation. 

2. Assess inherent risk and control risk, and determine detection risk. 

3. Summarize the risk assessments for each assertion in a single document included in the audit documentation.  The risk assessments should consider the following broad categories under which each assertion should be classified:  (a) classes of transactions and events for the period under audit (occurrence, completeness, accuracy, cut off, and classification), (b) account balances at the period end (existence, rights, obligations, completeness, valuation, and allocation), and (c) presentation and disclosure (occurrence, rights, obligations, completeness, classification, understand ability, accuracy, and valuation).  At a minimum, the audit documentation should identify the name of the account or assertion, the account balance or the amount represented by the assertion, the assessed level of inherent risk (high, moderate, or low), the assessed level of control risk (high, moderate, or low), the combined risk (high, moderate, or low), and a description of the nature, extent, and timing of the tests performed based on the combined risk. 

4. Evaluate the control environment, the adequacy of the accounting systems, and control procedures.  Emphasize the policies and procedures that pertain to the CVTL’s ability to record, process, summarize, and report financial data consistent with the assertions embodied in each account of the fund accountability statement.  This should include, but not be limited to, the control systems for:

a. ensuring that charges to the program are proper and supported; 

b. managing cash on hand and in bank accounts;  

c. procuring goods and services;  

d. managing inventory and receiving functions; 

e. managing personnel functions such as salaries, and benefits; 

f. managing and disposing of commodities (such as supplies, materials, vehicles, equipment, food products, tools, etc.) purchased either by the CVTL or donated in kind to the CVTL. 

g. ensuring compliance with agreement terms and applicable laws and regulations that collectively have a material impact on the Financial Statements.

 

 B. Compliance with Agreement Terms and Applicable Laws and Regulations (NHQ)

The auditor's report on compliance must set forth as findings all material instances of noncompliance, defined as instances that could have a direct and material effect on the fund accountability statement.  Non-material instances of non-compliance should be included in a separate management letter to the CVTL and referred to in the report on compliance.

The auditor's report should include all conclusions that a fraud or illegal act either has occurred or is likely to have occurred.  In reporting material fraud, illegal acts, or other non-compliance, the auditors should place their findings in proper perspective.  To give the reader a basis for judging the prevalence and consequences of these conditions, the instances identified should be related to the universe or the number of cases examined and is quantified, if appropriate.  In presenting material fraud, illegal acts, or other noncompliance, auditors must follow the International Financial reporting standards.

In planning and conducting the tests of compliance the auditors must:

1. Identify the agreement terms and pertinent laws and regulations and determine which of those, if not observed, could have a direct and material effect on the fund accountability statement.  The auditors must:

a. list all standard and program-specific provisions contained in the agreements that cumulatively, if not observed, could have a direct and material effect on the fund statement (Balance Sheet);

b. assesses the inherent and control risk that material noncompliance could occur for each of the compliance requirements listed in 1.a. above;

c. determine the nature, timing and extent of audit steps and procedures to test for errors, fraud, and illegal acts that provide reasonable assurance of detecting both intentional and unintentional instances of noncompliance with agreement terms and applicable laws and regulations that could have a material effect on the fund accountability statement.  This must be based on the risk assessment in 1.b. above.

d. prepare a single summary in the audit documentation that identifies each of the specific compliance requirements included in the review, the results of the inherent, control and (detection) risk assessments for each compliance requirement, the audit steps used to test for compliance with each of the requirements based on the risk assessment, and the results of the compliance testing for each requirement.  The summary document should be cross-indexed to detailed audit documentation that adequately supports the facts and conclusions contained in the summary document.

2. Determine if payments have been made in accordance with agreement terms and applicable laws and regulations.

3. Determine if funds have been expended for purposes not authorized or not in accordance with applicable agreement terms.

4. Determine whether commodities, were used for their intended purposes in accordance with the terms of the agreements.  If not, the cost of such commodities must be questioned.

5. Determine whether any technical assistance and services procured by the CVTL were used for their intended purposes in accordance with the agreements.  If not, the cost of such technical assistance and services must be questioned. 

6. Determine whether those who received services and benefits were eligible to receive them.

 

C. Follow-Up on Prior Audit Recommendations (NHQ)

The auditors must review the status of actions taken on findings and recommendations reported in prior audits. Auditors should use this information in assessing risk and determining the nature, timing, and extent of current audit work, including determining the extent to which testing the implementation of the corrective actions is applicable to the current audit objectives.

The auditors must describe the scope of their work on prior audit recommendations in the summary section of the audit report.  The auditors should refer to the most recent CVTL contracted audit report.  When corrective action has not been taken and the deficiency remains unresolved for the current audit period the auditors need to briefly describe the prior finding and status and show the page reference to where it is included in the current report.  If there were no prior findings and recommendations, the auditors must include a note to that effect in this section of the audit report.

 

D. Other Audit Responsibilities

The auditors must perform the following steps:

1. Make an audit the auditor must come to CVTL National Headquarter office, hold briefing and debriefing conferences with the CVTL. 

2. During the planning stages of an audit, communicate information to the auditee regarding the nature and extent of planned testing and reporting on compliance with laws and regulations and internal control over financial reporting.

3. Institute quality control procedures to ensure that sufficient appropriate evidence is obtained through inspection, observation, inquiries, and confirmations to afford a reasonable basis for an opinion regarding the financial statements under audit.  While auditors may use their standard procedures for ensuring quality control, those procedures must, at a minimum, ensure that:

• Audit reports and audit documentation are reviewed by an auditor, preferably at the partner level, who was not involved in the audit.  This review must be documented;
• All quantities and monetary amounts involving calculations are footed and cross-footed; and
• All factual statements, numbers, conclusions and monetary amounts are cross-indexed to supporting audit documentation.

 

V. AUDIT REPORTS

Audit Reports and management letter must be prepared separately for NHQ, Baucau, Ainaro, Bobonaro, Aileu and Dili   branch office. Language to be used for the Reports and letters shall be English.

The Reports and letters contain following aspects:

A. A title page, table of contents, transmittal letter, and summary which includes:

 (1) A background section with a general description of the programs audited, the period covered, the program objectives, a clear identification of all entities mentioned in the report, a section on the follow-up of prior audit recommendations

(2) The objectives and scope of the financial audit, and a clear explanation of the procedures performed and the scope limitations, if any;

(3) A brief summary of the audit results on the Financial Statements (Balance Sheet, Income Statement and Cash Flow statement) internal control, compliance with agreement terms and applicable laws and regulations, status of prior audit recommendations.

(4) A brief summary of the CVTL's management comments regarding its views on the audit and review results and findings.

B. The auditor's report on the financial statements. This must include the auditor's opinion on whether the financial statements presents fairly, in all material respects, program revenues, costs incurred, for the year then ended in accordance with the terms of the agreements and in conformity with generally accepted accounting principles or other basis of accounting.  This opinion must clearly state that the audit was performed in accordance with International Audit standards. Any deviations from these standards must be disclosed.

C. The auditor's report on internal control.  The auditor's report must include as a minimum: (1) the scope of the auditor's work in obtaining an understanding of the internal control and in assessing the control risk, and; (2) the significant deficiencies, including the identification of material weaknesses in the CVTL's internal controls. Any other matters related to internal control may be communicated through a separate management letter that should be referred to in the report on internal controls and sent with the audit report.

D. The auditor's report on the CVTL's compliance with agreement terms and applicable laws and regulations related to programs.

E. The auditor's report must include all conclusions, based on evidence obtained, that a fraud or illegal act either has occurred or is likely to have occurred.  This report must include an identification of all questioned costs, if any, as a result of fraud or illegal acts, without regard to whether the conditions giving rise to the questioned costs have been corrected and whether the CVTL does or does not agree with the findings and questioned costs.  Abuse that is material, either quantitatively or qualitatively must also be reported.

In reporting material fraud, illegal acts, or other noncompliance, the auditors must place their findings in proper perspective.  To give the reader a basis for judging the extent and seriousness of these conditions, the instances identified must be related to the universe or the number of cases examined and monetary value is quantified. Auditors may provide less extensive disclosure of fraud and illegal acts that are not material in either a quantitative or qualitative sense. 

F. Audit Firms are expected to exercise independent judgment throughout the audit engagement. Findings which involve monetary effect must:

1. Be quantified and reported.
2. Be reported without regard to whether the conditions giving rise to them were corrected.
3. Be reported whether the CVTL does or does not agree with the findings or questioned costs. 
4. Contain enough relevant information to expedite the audit resolution process (e.g., number of items tested, size of the universe, error rate, corresponding U.S. dollar amounts, etc.).

The reports must also contain, after each recommendation, pertinent views of responsible CVTL officials concerning the auditor's findings and actions taken by the CVTL to implement the recommendations.  If possible, the auditor should obtain written comments.  When the auditors disagree with management comments opposing the findings, conclusions or recommendations, they should explain their reasons following the comments.  Conversely, the auditors should modify their report if they find the comments valid.

 

VI. RELATIONSHIPS AND RESPONSIBILITIES

1. CVTL’s responsibility

 

CVTL National Governing Board (CVTL NGB) is responsible for the safeguarding of the CVTL’s assets, for prevention of fraud, error and non-compliance with relevant Timor-Leste legislations and applicable International Red Cross Movement regulations. As Management, CVTL NGB is responsible for ensuring that the CVTL maintains proper accounting records and for preparing the financial statements. CVTL NGB is also responsible for making available to the auditor, as and when required, all accounting record and all other relevant records and related information.

 

This is open to both National and International Consultants. If the consultant does not live in Timor-Leste, CVTL shall make necessary logistic arrangements and bear the cost for one (1) person for local transportation and accommodation in Timor-Leste. The consultant will be responsible for their own visas.

 

2. Auditor’s responsibility

 

The auditor shall be responsible to report to the President of the CVTL whether the CVTL’s accounts (and financial statements prepared thereof) present a true and fair view and whether CVTL has been prepared in accordance with relevant Timor-Leste legislations and applicable International Red Cross Movement regulations.

 

In arriving at their opinion, the auditor should consider the following matters and report any issue with which they are not satisfied:

               

• whether proper accounting record have been kept by the CVTL and proper supporting documentation have been received from branches not visited by the auditors,
• whether the CVTL balance sheet and profit and loss account are in agreement with the accounting record and supporting documentation,
• Whether the auditor has obtained all the information and explanations that they consider necessary for the purpose of the audit.

 

The audit should be conducted in accordance with generally accepted accounting principles and the international financial reporting standards (IFRS), in particular, the auditor shall obtain an understanding of the preparation of the financial statements and to establish whether proper accounting record have been maintained by the CVTL.

 

VII. TERMS OF PERFORMANCE

The effective date of this contract and statement of work will be the date of the Contracting Officer's signature.

The audit should begin as soon as possible after the signing of the audit contract and the audit report along with audited financial statements, audit findings and the management letter be forwarded to the President of the CVTL within 60 days of signing the contract which may be extended for such period as may be necessary and as agreed mutually in writing between the contracted audit firm and the contracting officer.

 

VIII. Terms of Payment

Payment will be as follows:

• 20 percent on the date of the briefing meeting  in the CVTL National Headquarter office,
• 80 percent on the date of the submission of the final report.

 7th July 2022

Please email your proposal and quotation to Luis Pedro, CVTLSecretary General lpedro_cvtl@redcross.t> and  Vidiana Xareal  External Relations Coordinator - vidianaxareal_cvtl@redcross.tl by 2pm (Timor-Leste time) Wednesday 15th July, 2022.