Large Business Audit Program

Corporate Audit and Evaluation Branch
October 2006

Table of Contents

Executive Summary

The mandate of the Large Business Audit Program is to encourage, assist and verify compliance of the largest and most complex corporate organizations with the Acts administered by the Canada Revenue Agency (CRA). This mandate is advanced through a program of enforcement measures, legislative review, and taxpayer consultation and education. These businesses have annual revenue greater than $250 million and include all related entities within a corporate group. All returns of these large corporations are reviewed; the largest and most complex are reviewed annually.

The Large Business Audit Program represents relatively few corporate files but a significant amount of corporate tax collected. The salary budget for the Large Business program for the fiscal year 2005-2006 was $51,255,000, which represents approximately 613 auditors. The estimated additional federal tax assessed through the Large Business Audit Program was $1.4 billion in 2005-2006.

At the time of the audit, the program's objectives were to:

Large Business Audit has developed several program initiatives including Protocols with taxpayers and the Specialized Audit Approach to better advance program goals and objectives.

The Office of the Auditor General (OAG) issued a report on the Large Business Audit Program in 1996.

In January 2006, Compliance Programs Branch (CPB) announced a new structure that places responsibility for Large Business Audit, International Tax and Aggressive Tax Planning under a single directorate. In establishing this directorate, CPB recognized the interrelationship between these three programs.

Objective:

The objective of the audit was to determine if the Large Business Audit Program was being effectively managed and supported. The scope included examining the implementation, acceptance and monitoring of the program initiatives, as well as the following issues identified in the1996 OAG report:

The examination phase was conducted from January to December 2005.

The audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.

Findings and Conclusion:

The Large Business Audit Program is supported by a sound approach; all returns of large corporations are reviewed, a complete and clear set of communiqués provide direction for auditors, and the Headquarters Large Business Audit Program developed initiatives (as detailed on page 6) which provide further support to the program.

However, after reviewing the program, Internal Audit concluded that significant gaps exist in the implementation and monitoring of policies and procedures as detailed below. Recommendations were also made to enhance communication. Several key concerns raised in the 1996 OAG report have not been fully addressed, in particular those relating to an OAG recommendation to train case managers to do more strategic analyses, implement a challenge review of issues selected for audit and ensuring that the rationale underlying the selection of the issues is adequately documented.

Weaknesses remain in the planning of the Large Business audits; the internal audit found that Large Business auditors have not been documenting complete audit plans in accordance to policy. Also, a systematic risk assessment approach for identifying and selecting audit issues was not documented in some cases and not adequately performed in others.

The Large Business Audit Program was not meeting its internal timeliness [Footnote 1] targets. Audit files are often completed just before statute barred dates, and in many cases waivers are obtained from taxpayers to allow for extra time to finalize certain issues.

Large File Case Managers (LFCMs) were not always utilizing the Specialized Audit Team approach when planning an audit. The goal of this approach is to engage the speciality audit areas, including International Tax and Tax Avoidance, as advisors or team members, to increase the efficiency of large file audits. Audit plans often did not identify team members from the Specialized Audit Areas.

Action Plan:

Compliance Programs Branch has agreed to changes that address Internal Audit's findings. The action plans include:

Introduction

The mandate of the Large Business Audit Program is to encourage, assist and verify compliance of the largest and most complex corporate organizations with the Acts administered by the Canada Revenue Agency (CRA). This mandate is advanced through a program of enforcement measures, legislative review, and taxpayer consultation and education. These businesses have annual revenue greater than $250 million and include all related entities within a corporate group. All returns of these large corporations are reviewed; the largest and most complex are reviewed annually.

The Large Business Audit Program represents relatively few corporate files but a significant amount of corporate tax collected. The salary budget for the Large Business program for the fiscal year 2005-2006 was $51,255,000, which represents approximately 613 auditors. The estimated additional federal tax assessed through the Large Business Audit Program was $1.4 billion in 2005-2006.

At the time of the audit, the program's objectives were to:

In January 2006, Compliance Programs Branch (CPB) announced a new structure that would see Large Business Audit, International Tax and Aggressive Tax Planning under one directorate. In establishing this directorate, CPB is recognizing the close ties between these three areas.

Over the past several years, Large Business Audit developed several program initiatives to improve program management:

Communiqués are a key tool to outline the program's policies and procedures and guide the Tax Services Offices (TSOs) in carrying out the Large Business Audit Program.

The Large File Audit population includes the largest corporate clients and all the entities within their control group. As of August 31, 2006, this consisted of slightly more than 9,400 corporations (about 830 primary and 8,570 controlled). The GST/HST component is comprised of 870 registrants, excluding the Quebec population, which is under the responsibility of Revenu Quebec. Approximately 950 audits were completed in the year ending March 31, 2004.

The Office of the Auditor General (OAG) previously audited the Large Business Audit Program. Their conclusion was that management was devoting considerable attention to the program and relied on a coordinated approach, and that despite inherent challenges, CRA auditors were raising many reassessments with significant dollar returns. The opportunities for improvement included:

Focus of the Audit

The objective of the audit was to determine if the Large Business Audit Program was being effectively managed and supported. The scope included examining the implementation, acceptance and monitoring of the program initiatives and the OAG issues mentioned above.

The examination phase was conducted from January to December 2005. In the examination stage, file reviews were conducted on audits completed in the 2003-2004 fiscal period. To perform an effective review of large business audits files, the internal audit team included a technical advisor experienced in both large business audits and quality assurance. The audit files selected were from Vancouver, Calgary, Toronto Centre and Montreal where the majority of Large Business taxpayers are located. The file sample was chosen to represent a cross section of industry sectors. Interviews were also conducted with taxpayers, Specialized Audit Areas and the LFCMs who completed the audits.

The audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.

Initiatives

Headquarters has developed a number of initiatives in support of the program.

Compliance Programs Systems Redesign (CPSR)

CPSR is a major Compliance Programs Branch business transformation initiative designed to enable management and staff to better target resources, improve coverage, increase revenues, and make more informed decisions. Projects targeted for implementation by the end of 2009-2010 will enhance automated risk assessment and file selection tools, as well as provide analysis tools and a standardized set of automated working papers.

Protocols

Protocols are agreements between CRA and large corporations to establish a clearer framework for the audit process. The initiative was designed to enhance CRA's relationship with the taxpayer by increasing efficiency and creating a more co-operative, open and transparent association.

Experience has indicated that there seems to be a jointly beneficial outcome with compliant, cooperative taxpayers with a good working relationship that are more comfortable working under the guidelines of a protocol. However, protocols are not effective in improving Currency, improving compliance or enhancing relationships for many taxpayers. Protocols are therefore now established with those taxpayers who would prefer to operate with a protocol and where the CRA determines that having a protocol would be mutually beneficial.

Single Window Focus/Account Manager

The Single Window Focus/Account Manager is an initiative that gives the LFCM responsibility for the overall compliance relationship for all business lines, so that large corporations will have a focal point of contact for all audit activities and taxpayer queries. During interviews, taxpayers expressed satisfaction with the service provided under this initiative. The Account Manager concept is being tested in a series of 25 pilots across the country.

Specialized Audit Area Team Audits/ Concurrent Audits/Real Time Audits

HQ developed a number of audit approaches aimed at lessening the burden on the taxpayer. One approach is the participation of appropriate Specialized Audit Areas (SAA) in a team audit approach that includes International Tax, Tax Avoidance, Scientific Research and Experimental Development and Employer Compliance.

A policy has been developed to facilitate concurrent audits that include the participation of provincial auditors and customs duties auditors. During the internal audit, we were not aware of any concurrent audits that had taken place.

Real time audits occur when CRA conducts an audit of specific issues before the taxpayer files the corporate tax return. This is done at the request of the corporation. Very few real time audits have been performed and the unique nature of this audit would be beneficial only under certain situations where a corporation wants an advance ruling.

Audit Information Database (AID)

Large Business Audit Program, with the assistance of the National Risk Management Working Group, developed the Audit Information Database (AID), a risk management model for the Large Business and Basic File Audit Programs. AID is being developed and evaluated in stages. The 2004/2005 fiscal period was the first year that auditors were required to submit audit results on the AID templates.

Findings, Recommendations and Action Plans

Documentation of Audit Plans

The Large Business Audit Program within Headquarters (HQ) developed Communiqués to provide guidance to the field staff on the policies and procedures for this program. There are three main Communiqués that deal with audit plans:

There are two main types of documentation related to an audit file, working papers that are used to substantiate the reassessment of tax and management control documentation used to manage efficiency and effectiveness of audit work.

The Communiqués relating to audit plans are comprehensive and clear, however, auditors in the field are not always adhering to the documentation guidelines and review procedures. Of the 32 audits that were reviewed, 7 audit files (22%) did not have documented audit plans. Of the 25 audit files (78%) that contained an audit plan, the following guidelines were not consistently followed:

The purpose of audit plans is to have a more efficient and effective audit approach. Documentation of issues and manager reviews provide assurance that the most appropriate audit issues are selected and effectively disposed of during the audit process.

The internal audit found that LFCMs that utilized audit plan templates developed by TSOs, in accordance to the Communiqués, had audit files of higher quality.

Additional measures are required to help ensure auditors in the regions adhere to the communiqués. Some Communiqués posted on the Large Business Audit Section's intranet website were incomplete. In other cases, the entire Communiqué was missing. HQ monitoring reviews of TSO practises had not been performed for several years. These reviews were reinstated in early 2004 and Quality Assurance reviews were started in 2005/06.

Recommendations

HQ Large Business Audit should design an audit plan template in accordance with the guidelines contained in the Communiqués. Mandatory use of this template will aid in ensuring that field auditors comply with Large Business Audit's policies and procedures.

The Large Business Audit function should develop a separate audit manual or add a chapter to the existing audit manual to provide guidance regarding the unique characteristics of a Large Business Audit and its initiatives.

HQ Monitoring Reviews and Quality Assurance should be performed on a continual basis.

Action Plans

The Compliance Programs Systems Redesign will automate audit plans, pre-load working papers, validate audit results upon data capture, and provide technical advice and on-line help. These tools are scheduled for implementation across all compliance programs between 2008-2009 and 2009-2010.

In the interim, in 2006, CPB will design an audit plan template, incorporating the guidelines set out in the relevant Communiqués, for use in the TSOs. The template is to be implemented as part of the Planning Guidelines in 2007-2008 and will be mandatory for all audits.

CPB is developing a separate audit manual for Large Business Audit. We will prioritize which chapters will be developed and distributed first. Completion of the Large Business Audit manual is expected in 2006/2007. (no change)

CPB is committed to conducting Monitoring Reviews and Quality Assurance Reviews on a continual basis. Since December 2003, HQ has conducted 12 monitoring reviews in the following tax services offices: Winnipeg, Vancouver, Ottawa, Hamilton, Halifax, Quebec City, Burnaby-Fraser, Regina, Saskatoon, Edmonton, Calgary, and Toronto West. Five of these were joint Quality Assurance/monitoring reviews.

Risk Assessment of Audit Issues

In the planning phase of a Large Business audit, LFCMs and SAAs identify issues for potential non-compliance and assign a level of risk to each issue. This approach helps to prioritize the workload and ensure that resources are utilized efficiently. The audit found that systematic risk assessment of issues was not documented in many cases and not adequately performed in others.

When assessing risk for the identified issues, there are many variables that should be considered and documented such as internal control procedures in place, commitment to accurate self-assessment, nature of the business, changes in legislation, and ratio analysis. When examining the process of identifying, risk ranking and rationalizing issues within the files, the audit found no documented evidence of risk assessment for 10 of the 32 files reviewed. Though the LFCMS and auditors may have utilized these factors in their risk decisions, documentation was not present.

Of the 22 files where some risk assessment was documented, it was not evident in 11 of the files that appropriate or adequate risk assessment techniques were utilized. It is unclear whether the audit issues that represent the highest risk were selected and properly addressed during the audit process. A thorough risk assessment is required to provide assurance to management that audits are conducted efficiently or that audit resources are effectively used. The lack of “know-how” regarding risk assessment was part of a discussion at the 2000 national Large Business Audit workshop. It was concluded at this workshop that a risk assessment training package had to be developed and provided to staff as soon as possible. However, no evidence was found that this package was developed.

Generally accepted audit practice uses materiality as one consideration in assigning the level of risk to an issue. Materiality factors were not documented in any of the audit plans reviewed. Auditors stated that using materiality could prohibit them from pursuing what they may deem a valid issue and making some adjustments. Not utilizing materiality in risk assessment can lead to insignificant issues being incorrectly considered as high or medium risk issues. Guidance to ensure a consistent documented approach in determining materiality, specific to Large File, is absent.

Mid-point reviews, as outlined in the Communiqués, require an overall independent review of the outstanding issues and the determination and justification of the merit of continuing to pursue these issues. The concept and purpose of the mid-point review is not fully understood and embraced by the Large Business Audit field staff. LFCMs are self-assessing the outstanding issues instead of having an independent mid-point review conducted.

HQ Quality Assurance reviews, which help ensure adequate risk assessment techniques and procedures are followed, had not been performed for several years. These reviews have been assigned to the Quality Assurance Division beginning with the 2005-2006 fiscal year. The monitoring reviews, which examine more of the procedural aspects of a file rather than the technical issues, were re-initiated in January 2004.

Recommendations

A risk assessment training package should be developed by the function and provided to all LFCMs.

HQ and TSOs should ensure that the risk assessment guidelines outlined in Communiqué AD00-05 are adhered to by appropriately addressing concerns made by Quality Assurance.

Materiality guidelines and procedures should be developed to provide direction to field audit staff.

Action Plans

A workshop on risk assessment, targeting LFCMs, will be held at the November 2006 Large Business Conference. Training material will be developed and provided to LFCMs by the end of 2006-2007.

The Compliance Programs Systems Redesign (CPSR) will provide enhanced risk assessment scoring, screening and selection for the more timely identification and management of high-risk issues.

Adherence to risk assessment guidelines outlined in communiqués AD00-05 and AD01-01 is, and will continue to be, part of our Monitoring Program. This will include following up on any issues identified to ensure that action is underway or completed.

Our training programs dictate that auditors should follow the guidelines established by the Canadian Institute of Chartered Accountants (CICA). Auditors may not all be aware of these guidelines and we will therefore ensure that the materiality policy is highlighted in the large business Infozone site. We will also review materiality during monitoring reviews.

Timeliness of Audit Files

The Large Business Audit Program recognizes the importance of auditing files on a timely basis. In 1994, CRA management set an internal timeliness [Footnote 1] standard and defined a current audit file. An example of a current file would be an entity with a taxation year ending in 2002 and filed according to legislation, in which the audit was completed by March 31, 2006.

The Large Business Audit program has not met its internal timeliness commitments. Only 3.75% of the total primary files (27 of 719 files) completed during the 1999 to 2003 fiscal periods met the timeliness standard. When both primary and controlled files are included, 22% met the standard.

Improving timeliness was one of the main objectives of the protocol initiative. Approximately 32% of the total primary files (231 files) completed during the 1999 to 2003 fiscal periods had a signed protocol with the taxpayer, but only 7% of these files (16 files) were considered to be current when the audits were completed. Some protocols had agreements to become current within a specific period of time. In order to achieve timeliness in some files, however, auditors had to be shifted to the audit team of a taxpayer who desired to be current. This resulted in fewer auditors to work on other non-current files.

Auditors identified obtaining information from taxpayers as a reason why files are not current. Timelines for taxpayers' responses were specified in the audit plans in 80% of the applicable files reviewed (20 files), but in 11 of these files they were not respected. However, requirements, which are legislated enforcement tools to obtain books and records, were not considered or issued for these files.

Although LFCMs are confident that senior management would support their decisions to issue requirements, many believe that the procedures for issuing a demand are onerous. In addition, they believe that issuing requirements can erode any taxpayer co-operation being received. If the Agency is perceived by the taxpayer to be reluctant to use legislated enforcement tools, the goal of timeliness of audit files may be more difficult to achieve.

The Large Business audit environment has evolved since the standard was set in 1994. The original standard may not be an appropriate measure for evaluating timeliness due to changes that have occurred which are outside the program's control.

Recommendations

HQ Large Business Audit Program should perform an analysis to ensure the standard used to measure timeliness reflects only those variables under the control of the program. This analysis should identify all probable causes of the timeliness problem, ways of addressing the identified causes and setting a standard that would achieve the programs objectives.

Action Plans

Large Business Audit Section will perform an analysis and use the results to establish an appropriate CRA approach for currency that reflects only those variables under the control of the Large Business Audit Section. A strategy is being developed in the 2006-2007 fiscal year. Implementation of the strategy and any relevant standards is dependent on the extent and complexity of changes required to establish currency. We anticipate that, once the strategy is implemented, it may take a number of years to achieve the desired results.

Specialized Audit Team Approach

Communiqué 98-07 outlines the relationship between LFCMs and the Specialized Audit Areas (SAAs). Two of the main objectives of this initiative are to ensure a coordinated approach to audit activities thereby minimizing disruptions to large corporations and to ensure quality audits of large corporations by using SAAs as advisors or team members on the audit teams. Audit issues have the potential to be overlooked if the risk assessment of a file does not involve the specialist from all areas.

During our file review, we found weaknesses that would hinder the success of this initiative:

Since monitoring reviews were not performed for several years, HQ did not identify the weaknesses. A cause may lie in that the SAA team initiative was not fully embraced by some TSOs.

The budgets prepared by HQ in the initial years did not provide for direct SAA resources in the TSOs to support this initiative. However, starting in the 2005-2006 fiscal year, International Tax and Tax Avoidance restructured their budget allocation to encourage TSOs to assess the risk potential in large case files: Sixty hours were allocated to each of the files rated with a higher risk of International Tax issues and 150 hours were allocated to each large case audit to pursue Tax Avoidance risks. At the time of the audit, the ECA budget allocated no specific hours towards the large case files; ECA in TSOs used their own discretion on what resources were attributed to the team audit initiative. The 2006-07 ECA budget recognizes the added complexity of large files and allows for 200 hours for large audit file instead of the standard 50 hours that is budgeted for regular audit files.

Recommendations

Large Business Program and SAAs should emphasize the importance of implementing the team audit initiative, as outlined in Communiqué 98-07.

Monitoring reviews should be performed, on an ongoing basis, by HQ Large Business to encourage the participation and success of this initiative.

All SAAs should budget resources specifically to the risk assessment and auditing of large business files to ensure all TSOs further strengthen the team audit initiative.

Action Plans

CPB undertook a Functional Activity Review (FAR) of our Headquarters organization. This was undertaken to ensure that the Branch is organized as effectively as possible to deliver our mandate and functional program responsibilities and to respond to evolving priorities and initiatives. The FAR will reinforce the relationships between the Large Business Section and Specialized Audit Areas, as Large Business, International Tax and Aggressive Tax Planning are all under the same Directorate.

CPB is committed to conducting Monitoring Reviews and Quality Assurance Reviews on a continual basis. Since December 2003, HQ has conducted 12 monitoring reviews in the following tax services offices: Winnipeg, Vancouver, Ottawa, Hamilton, Halifax, Quebec City, Burnaby-Fraser, Regina, Saskatoon, Edmonton, Calgary, and Toronto West.

In 2005-2006, CPB began budgeting additional hours to assess risk of International Tax and Tax Avoidance in large files. CPB will continue to review its budgeting process to ensure that the team audit approach is effectively resourced.

Monitoring programs will specifically include examination to determine if appropriate resources were allocated to risk assessment by the various large business file team members.

Audit Agreements

There are occasions where there are differences between the Agency and taxpayers in the interpretation of the facts of an audit issue. At times these disagreements are not substantial and can be settled by an audit agreement without going through the costly and time consuming objection and appeals processes. Communiqué AD05-02B (The Audit Agreement and Waiver of a Client's Right to Object) was released February 2005 to enhance available guidance. The Communiqué outlines the situations where an audit agreement is appropriate and the procedures that an auditor would be required to follow. In 2005-2006, there were 15 audit agreements.

There has been limited discussion and promotion of the Communiqué. No documented risk analysis or monitoring has been performed on audit agreements relating to Large Business Audits. Effective monitoring and analysis enhances the Agency's understanding of the application of these agreements. In the absence of monitoring and analysis, the CRA does not have a full appreciation of the risks associated with non-compliance to Communiqué AD05-02B.

Recommendations

HQ Large Business Audit Program should promote the information contained in Communiqué AD05-02B to all auditors.

CPB should enhance its efforts to monitor and analyze the use of audit agreements in order to identify potential risks of non-compliance to Communiqué AD05-02B.

Action Plans

CPB will ensure that Large Business Audit staff is made aware of the Communiqué through monitoring visits and at our first integrated (Large Business, International and Aggressive Tax Planning) national conference in November 2006.

In future, CPB review functions will monitor to ensure compliance with the policies and procedures outlined in Communiqué AD05-02B.

Conclusion

The Large Business Audit Program is supported by a sound approach; all returns of large corporations are reviewed, a complete and clear set of communiqués provide direction for auditors, and the Headquarters Large Business Audit Program developed initiatives (as detailed on page 6) which provide further support to the program.

However, after reviewing the program, Internal Audit concluded that significant gaps exist in the implementation and monitoring of policies and procedures as detailed below. Recommendations were also made to enhance communication. Several key concerns raised in the 1996 OAG report have not been fully addressed, in particular those relating to an OAG recommendation to train case managers to do more strategic analyses, implement a challenge review of issues selected for audit and ensuring that the rationale underlying the selection of the issues is adequately documented.

Weaknesses remain in the planning of the Large Business audits; the internal audit found that Large Business auditors have not been documenting complete audit plans in accordance to policy. Also, a systematic risk assessment approach for identifying and selecting audit issues was not documented in some cases and not adequately performed in others.

The Large Business Audit Program was not meeting its internal timeliness [Footnote 1] targets. Audit files are often completed just before statute barred dates, and in many cases waivers are obtained from taxpayers to allow for extra time to finalize certain issues.

Large File Case Managers (LFCMs) were not always utilizing the Specialized Audit Team approach when planning an audit. The goal of this approach is to engage the speciality audit areas, including International Tax and Tax Avoidance, as advisors or team members, to increase the efficiency of large file audits. Audit plans often did not identify team members from the Specialized Audit Areas.

Footnotes

[Footnote 1]
Referred to as Currency standard in Large Business Audit Section and the 1996 Office of the Auditor General Report

Page details

Date modified: