Company for Business logo

When is a mandatory audit of an Estonian company required, and what exactly happens during such an audit?

Key Points:

Mandatory audit in Estonia depends on the company’s turnover, total assets, and number of employees, not on the business activity or industry sector.

The purpose of a statutory audit is to verify the accuracy and reliability of the financial statements and accounting records, not to detect violations or impose penalties.

 

An audit process in Estonia is always time-consuming and requires significantly more time than the standard preparation and filing of an annual report.

For most entrepreneurs in Estonia, an audit isn’t part of the initial business setup process. They typically encounter it later, when preparing the annual report. Until then, accounting is routine, and reports are submitted annually without any additional audits.

The next step is for the report to be reviewed by an auditor before submission. The first thought that comes to mind is usually the same: does this mean the company has problems or has come to the attention of the tax authorities?

In reality, an audit isn’t limited to identifying violations or conducting an investigation. It’s a regular procedure that confirms the accuracy of the financial statements of companies that have reached a certain level of development and scale of operations.

In other words, an audit confirms that the business has reached a scale where its financial statements should be accessible and reliable to the state and other stakeholders.

What is the purpose of an audit?

A company’s annual report is a publicly available document. It is applied to:

  • Owners and investors
  • Financial institutions and payment systems
  • Partners
  • Suppliers
  • Government agencies

In small companies, risks are generally considered limited, and management’s responsibility for the accuracy of financial statements is quite high. However, as a business grows, its impact on external partners and the market as a whole increases. Loans, prepayments, and liabilities to customers and employees arise, expanding the range of potential risks.

This necessitates independent verification: a third party must confirm the accuracy of the financial statements.

The auditor does not evaluate the business’s performance, but rather verifies the accuracy and reliability of the financial data presented.

When does an audit become mandatory?

In Estonia, auditing depends on the size of the company, not the industry or nationality of the owners. There are thresholds: turnover, balance sheet, and number of employees.

Once certain indicators are met, the company is subject to independent verification.

This approach implements two levels of control:

The first stage involves a review. This is a brief procedure during which the auditor examines the financial statements and asks questions, but the number of verification procedures is limited.

As indicators continue to improve, a full-scale audit is conducted, which involves a thorough review of key financial statements and obtaining independent confirmation.

The type of audit is determined automatically based on the financial year results.

What are the auditor’s responsibilities?

A common misconception is that the auditor will scrutinize every transaction and every invoice. In reality, an audit is based on the principles of materiality and risk assessment.

The auditor verifies whether the financial statements reflect:

  • actual revenue
  • the presence of existing assets
  • reasonable expenses
  • current liabilities
  • optimal capital

Instead of recalculating the entire financial statements, they verify their accuracy. Therefore, special attention is paid to major transactions and operations that are not typical of normal business.

How is an audit conducted in practice

At the end of the financial year, a draft annual report is prepared, after which the auditor begins his work. First, it’s necessary to study the company’s activities: its industry, sources of income, and the specific risks it faces. Only then can one anticipate potential distortions.

Next, confirmation requests are made:

  • bank statements
  • large-scale contracts
  • supporting documents for customer debts
  • loan information
  • information on owners
  • capital calculations

The auditor may obtain some information from independent sources, such as banks or partners. This significantly strengthens the independence of the audit.

Based on the analysis, a report is prepared, which is an integral part of the annual report and is submitted to the register along with it.

How long does an audit take?

It’s impossible to conduct an audit in a short period of time, even for a small company. It takes weeks, as it’s performed independently and requires corroboration from various sources.

Accounting work is usually done in advance, and the auditor is involved well before the report submission date. Starting the process immediately before the deadline virtually guarantees a delay in reporting.

What are the consequences if an audit is required but has not been conducted?

In this situation, the company is not entitled to submit an annual report. The lack of reporting entails a number of practical limitations:

Dividend distribution is not possible.

  • Banks impose restrictions on transactions.
  • Changes to the register are not permitted.
  • Penalties are possible.

The company has essentially failed to fulfill its financial disclosure obligations.

Should an audit be a concern?

Under normal circumstances, an audit proceeds without incident. Its purpose is not to find violations for the purpose of imposing sanctions, and it is not analogous to a tax audit. When accounting is regularly maintained and transactions make sound economic sense, the auditor’s questions are more clarifying than controlling. For many companies, an audit is a boon, enhancing their reputation with banks and partners, who begin to view the business as more transparent and reliable.

FREQUENTLY ASKED QUESTIONS

Not all companies in Estonia are required to undergo a mandatory audit. Small businesses may submit reports without an audit. An audit becomes mandatory only after a company exceeds established limits on turnover, balance sheet size, or number of employees.

What is the practical difference between a review and an audit? A review is a more superficial analysis based on analysis and discussions with management, but does not include an in-depth review of all data. An audit, on the other hand, is a more comprehensive procedure that includes detailed research, external confirmations, and carries greater responsibility for the reliability of the auditor’s conclusions.

A preliminary report prior to an audit is not possible. The auditor’s opinion is an integral part of the financial statements. A report without an opinion will be considered incomplete and will not be registered.

The auditor does not review tax returns for violations. Their primary goal is to ensure the accuracy of the financial statements. Responsibility for tax auditing lies with the tax authorities.

 

It is not possible to select an auditor from abroad. Audit reports must be issued by a licensed professional authorized to practice auditing in Estonia.

 

If the auditor discovers an error, the accounting records are adjusted, and the report is then re-approved. This approach is a normal step in the process and should not be considered a sanction.

 

An annual audit is only required as long as the company demonstrates results above the established indicators. If indicators fall below the thresholds, the audit may no longer be necessary.

 

The director’s participation in the audit process is mandatory. By confirming to the auditor that all necessary information has been provided, management assumes responsibility for the reliability of the financial statements. This is a key stage of the audit process.