ISA 550 (Revised) DEALS with the auditor’s responsibilities RELATING to related party relationships and transactions in an ‘Audit‘ of Financial Statements.
Skip to main contentSection 01 — Introduction
What Is ISA 550?
ISA 550 (Related Parties) is the International Standard on Auditing that governs an auditor’s responsibilities regarding related party relationships and transactions when performing an audit of financial statements.
Issued by the International Auditing and Assurance Standards Board (IAASB) the standard-setting arm of the International Federation of Accountants (IFAC), ISA 550 was comprehensively revised and redrafted in March 2008. The revision aligned the standard with the modern risk-based audit model and tightened its integration with ISA 240 on fraud.
Related party transactions are a perennially challenging area of financial reporting. Because they can be structured and priced outside normal market conditions, they carry elevated risk of material misstatement whether through unintentional oversight or deliberate concealment by management. ISA 550 provides auditors with a structured framework to navigate this complexity.
Effective Date: ISA 550 (Revised and Redrafted) is effective for audits of financial statements for periods beginning on or after 15 December 2009.
Why Related Parties Matter
Many related party transactions occur in the normal course of business and carry no greater risk than equivalent arm’s-length transactions. However, the nature of related party relationships; characterised by control, significant influence, or common management means that transactions may not be negotiated on terms representative of independent market dealings. This creates two principal concerns:
- Transactions may be priced, structured, or disclosed in ways that obscure their economic substance
- Management may intentionally fail to disclose related parties to avoid scrutiny
- Controls over related party transactions may be weak or intentionally bypassed
- Financial statements may not fairly present the entity’s true financial position
Section 02 — Definitions
Key Definitions Under ISA 550
ISA 550 provides precise definitions that align closely with the financial reporting framework, in particular with IAS 24 (Related Party Disclosures) under IFRS.
Definition · Related Party
A party that is either: (a) a person or entity with control or significant influence, directly or indirectly, over the reporting entity; (b) another entity over which the reporting entity has control or significant influence, directly or indirectly; or (c) another entity that is under common control with the reporting entity.
Definition · Related Party Transaction
A transfer of resources, services, or obligations between a reporting entity and a related party, regardless of whether a price is charged.
Who Qualifies as a Related Party?
| Category | Examples | Basis |
|---|---|---|
| Control / Ownership | Parent companies, subsidiaries, fellow subsidiaries | Direct or indirect control |
| Significant Influence | Associates (IAS 28); joint ventures (IAS 31) | Ownership or board representation |
| Key Management Personnel | Directors, CFO, CEO and their close family members | Authority over planning/directing/controlling |
| Common Key Management | Entities sharing the same leadership team | Practical ability to influence decisions |
| Post-Employment Benefits | Defined-benefit pension funds for entity employees | Entity relationship with fund trustees |
Note: Entities under common control by a state (national, regional, or local government) are generally not considered related parties unless they engage in significant transactions or share resources to a significant extent.
Section 03 — Objectives
Auditor’s Objectives Under ISA 550
ISA 550 establishes outcome-based objectives for the auditor. The auditor’s goal is to obtain sufficient appropriate audit evidence about whether related party relationships and transactions have been:
Identified all related parties and significant related party transactions are brought to the auditor’s attention
Appropriately accounted for transactions are recognised and measured in accordance with the applicable financial reporting framework
Adequately disclosed disclosures in the financial statements achieve fair presentation (or, under compliance frameworks, are not misleading)
Fraud risk factors recognised indicators of material misstatement due to fraud arising from related party relationships are identified and assessed
ISA 550 · Paragraph 9 — Objective
“The objective of the auditor is to obtain an understanding of related party relationships and transactions sufficient to be able to: (a) recognise fraud risk factors, if any, arising from related party relationships and transactions that are relevant to the identification and assessment of the risks of material misstatement due to fraud; and (b) conclude, based on the audit evidence obtained, whether the financial statements, insofar as they are affected by those relationships and transactions: (i) achieve fair presentation (for fair presentation frameworks); or (ii) are not misleading (for compliance frameworks).”
Section 04 — Risk Assessment
Risk Assessment Procedures for Related Parties
ISA 550 mandates a risk-based approach, fully integrated with the broader audit risk assessment framework of ISA 315 and ISA 240.
Engagement Team Discussion
Before fieldwork begins, the engagement team must specifically discuss the susceptibility of the financial statements to material misstatement arising from related party relationships. This discussion, required by ISA 315, should consider:
- Organisational structure & ownership
- Off-balance sheet arrangements
- Special-purpose entities
- Management incentive structures
- Prior-period related party issues
- Dominant party indicators
Inquiries of Management
The auditor is required to inquire of management regarding:
- The identity of all related parties, including any changes from the prior period
- The nature of relationships between the entity and its related parties
- Whether the entity entered into transactions with those related parties during the period, and if so, the type and purpose of those transactions
Understanding Controls Over Related Party Transactions
The auditor must obtain an understanding of the controls management has established over related party relationships and transactions. ISA 550 identifies several reasons why such controls may be deficient:
Risk Factor
Low Priority Controls
Management may not regard related party disclosures as important, leading to weak control design.
Risk Factor
Governance Failures
Lack of adequate oversight by those charged with governance, especially in owner-managed entities.
Risk Factor
Intentional Circumvention
Management intentionally disregards framework requirements to conceal related party dealings.
Risk Factor
Framework Gaps
Where the financial reporting framework establishes minimal related party requirements, entities may lack adequate information systems.
Identifying Significant Transactions Outside the Normal Course of Business
When the auditor identifies significant transactions outside the entity’s normal course of business, ISA 550 requires the auditor to inquire whether related parties could be involved. Indicators include unusual terms, transactions lacking clear commercial rationale, and arrangements with unfamiliar counterparties.
Section 05 — Audit Procedures
Audit Procedures for Related Parties
Sources of Evidence
Audit evidence about related parties can be gathered from a wide range of sources. The following table summarises key evidence sources aligned to ISA 550 application guidance:
| Evidence Source | Purpose | Relevant to |
|---|---|---|
| Bank and legal confirmations | Identify undisclosed related parties or guarantees | Completeness & existence |
| Minutes of board & shareholder meetings | Identify approved related party transactions | Authorization & completeness |
| Shareholder registers & investment records | Identify ownership relationships | Completeness of related parties |
| Tax returns | May disclose related party transactions not in books | Completeness |
| Significant contracts & agreements | Evaluate terms; identify unusual conditions | Valuation & disclosure |
| Internal audit reports | Review of related party control effectiveness | Control environment |
| Correspondence with legal advisers | Identify contingent liabilities involving related parties | Completeness & obligations |
| Third-party confirmations | Corroborate management representations | Existence & valuation |
Evaluating Significant RPTs Outside Normal Business
For identified significant related party transactions outside the entity’s normal course of business, ISA 550 requires the auditor to:
Inspect the underlying contracts and agreements and evaluate whether the transaction’s business rationale suggests it may have been entered into to commit fraudulent financial reporting or to conceal a misappropriation of assets
Obtain evidence that the transaction has been appropriately authorised and approved
Verify that the transaction has been properly accounted for and disclosed in accordance with the applicable financial reporting framework
Business Rationale Test: When evaluating business rationale, the auditor considers whether the transaction appears overly complex, lacks an apparent economic purpose, or involves terms significantly different from those that would apply in an arm’s-length transaction.
Discovery of Previously Undisclosed Related Parties
When the auditor identifies previously unidentified or undisclosed related parties or significant related party transactions, ISA 550 requires specific additional procedures:
- Promptly communicate the relevant information to the engagement team
- Request management to identify all transactions with the newly identified related parties
- Inquire why internal controls failed to detect or disclose the related party relationship
- Perform appropriate substantive procedures on the identified transactions
- Reassess the risk that other undisclosed related parties or transactions may exist
- Consider whether the non-disclosure indicates a significant deficiency in internal control
Section 06 — Fraud & Professional Scepticism
Fraud Risk and Professional Scepticism
ISA 550 places particular emphasis on professional scepticism as a critical quality in auditing related parties. The standard is tightly integrated with ISA 240 (The Auditor’s Responsibilities Relating to Fraud).
Related Parties as a Fraud Risk Indicator
Fraudulent financial reporting often involves the deliberate exploitation of related party relationships. Management override of controls is heightened where management has control or significant influence over related parties, precisely because the normal discipline of arm’s-length market transactions does not apply.
Dominant Influence: A Specific Risk Factor
ISA 550 specifically addresses the risk of a dominant party an individual or group that, through a controlling position, can override normal governance and approval processes. Indicators of dominant influence include:
Indicator
Veto Power
One individual can block any significant business decision regardless of formal governance structures.
Indicator
Unilateral Approvals
Transactions are approved by a single individual without independent review or challenge.
Indicator
Unquestioned Authority
Management decisions are never openly challenged by board members or governance structures.
Indicator
Control of Information
One individual controls the flow of financial information to those charged with governance.
When dominant influence indicators are identified, the auditor should treat this as a fraud risk factor and respond in accordance with ISA 240; which may involve assigning more experienced staff, applying additional unpredictability, and subjecting management representations to heightened scrutiny.
Intentional Non-Disclosure
Where management appears to have deliberately concealed related parties or significant transactions, ISA 550 directs the auditor to consider whether the non-disclosure constitutes evidence of material misstatement due to fraud. The auditor must re-evaluate the reliability of management’s responses to audit inquiries and representations, and consider whether the matter should be communicated to those charged with governance.
Section 07 — Disclosure & Reporting
Evaluating Related Party Disclosures
Assessment of Adequacy
ISA 550 requires the auditor to evaluate whether related party disclosures in the financial statements are consistent with the auditor’s understanding of the entity and comply with the applicable financial reporting framework. Under IAS 24, for example, the entity must disclose the nature of the related party relationship, the amount of transactions, outstanding balances, and any commitments.
Materiality of Non-Financial Factors: ISA 450 requires the auditor to consider both the size and nature of a misstatement. The significance of a related party transaction may depend not only on its recorded amount but also on the nature of the relationship and the information’s relevance to financial statement users.
A Notable Disclosure Scenario
Consider an entity that derives a very substantial portion of its revenue from transactions with a single related party. Even if the transactions are correctly priced and accounted for, the failure to disclose this economic dependency renders the financial statements misleading, even if the applicable framework technically does not mandate such disclosure.
Written Representations
ISA 550 requires the auditor to obtain written representations from management that they have disclosed all related parties and related party transactions of which they are aware, and that such transactions have been appropriately accounted for and disclosed. This representation provides additional evidence but does not substitute for other audit procedures.
Communication with Those Charged with Governance
Matters the auditor may be required to communicate under ISA 260 include:
- Non-disclosure (whether intentional or not) of related parties or significant transactions by management
- Disagreement with management over the accounting or disclosure of related party transactions
- Difficulties in identifying the party that ultimately controls the entity
- Significant related party transactions identified outside the normal course of business
Section 09 — Frequently Asked Questions
ISA 550 – FAQs
What is the primary objective of ISA 550?
The primary objective is to ensure the auditor obtains sufficient appropriate audit evidence about whether related party relationships and transactions have been properly identified, accounted for, and disclosed in the financial statements, and to recognise any fraud risk factors arising from such relationships.
How does ISA 550 define a “related party”?
A related party is either a person or entity with control or significant influence over the reporting entity, or another entity over which the reporting entity has control or significant influence, or another entity under common control with the reporting entity. The definition aligns closely with IAS 24.
What is the difference between a fair presentation framework and a compliance framework in the context of ISA 550?
Under a fair presentation framework (such as IFRS), the auditor must conclude whether the financial statements achieve a true and fair view. Under a compliance framework, the auditor must conclude whether the financial statements are not misleading. ISA 550 applies in both contexts, though the specific requirements for disclosure evaluation differ.
What should an auditor do if management refuses to provide information about related parties?
A refusal to provide information is a significant red flag. The auditor should consider whether this represents a limitation on the scope of the audit, escalate the matter to those charged with governance, evaluate whether a modification to the audit opinion is required under ISA 705, and consider whether the refusal indicates a fraud risk under ISA 240.
Is ISA 550 applicable to public sector audits?
Yes, though the public sector auditor’s responsibilities may extend beyond those in ISA 550. Public sector auditors may have additional obligations arising from legislation, regulation, or ministerial directives governing related party dealings including a broader mandate to assess compliance with public sector-specific requirements.
Does ISA 550 require the auditor to detect all related party transactions?
No. Due to inherent limitations of audit, the auditor cannot guarantee detection of all related party transactions particularly where management is concealing them. ISA 550 acknowledges these limitations but requires the auditor to maintain professional scepticism and perform sufficient risk-responsive procedures to provide reasonable assurance.
How does ISA 550 interact with ISA 240 (Fraud)?
ISA 550 and ISA 240 are closely integrated. Related party relationships, especially those involving dominant individuals are recognised fraud risk factors. Intentional non-disclosure of related parties is treated as potential evidence of fraudulent financial reporting. The auditor must re-evaluate management representations and increase professional scepticism whenever such indicators arise.
(Qualified) Chartered Accountant – ICAP
Master of Commerce – HEC, Pakistan
Bachelor of Accounting (Honours) – AeU, Malaysia