(c) Institute of Chartered Accountants of Scotland. Contact ICAS for permission to reproduce this article., Audit and Assurance

Change ahead for auditing

Robert Outram assesses proposals aimed at increasing public trust in auditing.

One of the most famous names in the travel industry, Thomas Cook, went into liquidation on 23 September. The very next day, the Financial Reporting Council – lead regulator for audit and accounting in the UK – released a statement: “In light of recent developments at Thomas Cook we are considering whether there is any case for investigation and enforcement action as a matter of urgency and in co-operation with the Insolvency Service.”

The speed of the FRC’s response speaks volumes about the attention now focused on audit and accounting issues when major businesses fail. Following high-profile collapses such as Thomas Cook, BHS and Carillion, it is not long before someone asks: “Where were the auditors?”

Business failure is not the result of audit failure; the question is how much audit should be expected to warn of potential problems. In the case of Thomas Cook, its auditors, EY, had highlighted accounting practices which may have flattered profits, and had flagged up “going concern” risks at the business.

With the auditing profession under increased scrutiny from politicians, the media and the public, audit reform is back on the agenda. The Competition and Markets Authority (CMA) has brought out proposals for reform of the market for large listed company audits, while the FRC is set to be replaced by a new regulator, the Audit, Reporting and Governance Authority.

The third element of this programme is the review of “the quality and effectiveness of audit” under Sir Donald Brydon. Following the publication of a consultation paper earlier this year, which set out some fundamental questions regarding the purpose (and fitness for purpose) of audit, Brydon is expected to report to the Secretary of State for Business, Energy and Industrial Strategy by the end of this year.

The ICAS view

ICAS has welcomed the Brydon review and underlying the ICAS response were two important premises:

  • First, any review of audit only makes sense in the wider context of a more holistic review of corporate governance and reporting; and
  • As well as defining the responsibilities of the auditor, it is important that the role and responsibilities of the directors are clearly underlined, and that they are held responsible for their actions.

On the second point, the ICAS response states: “What appears to be missing from the current debate is recognition that the responsibility for running an entity and for preparing its financial statements rests with the directors of that entity, in particular, the executive directors.”

ICAS also called for two innovations for governance and reporting for larger companies. One is a requirement to publish an “assurance map” explaining how the company sees its own risks and how the directors have obtained assurance regarding those risks. This includes internal and external audit and may also include non-financial forms of assurance, such as an engineer reporting on oilfield reserves or health and safety risks. Many larger companies already publish information in this format.

Another proposal set out by ICAS is the introduction of a proportionate version of the US Sarbanes-Oxley regime on internal controls. “Sarbox” was introduced after the Enron and WorldCom scandals in the early 2000s, and it includes requirements for companies to maintain and report on internal controls and measures to prevent fraud, as well as specifying the responsibilities and liability of directors.

James Barbour CA, Director, Policy Leadership, ICAS, says: “Of the people we’ve spoken to in the US, most say that Sarbox has been of benefit. The directors are responsible for running the business and for setting the business model and there is a need for clear accountability.”

He adds: “There is a need for a holistic approach. We cannot escape the fact that some businesses will fail – that’s capitalism – but we would want to see any concerns flagged as early as possible.”

ICAS would also like to see greater use of “graduated” audit opinions, rather than the auditor’s report being seen as a binary statement. So, for example, auditors would rate specific assumptions on the part of management on a range from “very optimistic” to “very pessimistic”.

This, James stresses, would not remove the auditor’s duty to state whether the financial accounts represent a “true and fair view”.

Liability regime

One proposal from ICAS that might prove controversial is that the auditor liability regime needs to be revisited. The ICAS response says: “If more is required of auditors without appropriate reform of the auditor liability regime then this could lead to large firms re-evaluating the risks and rewards of being in the UK PIE [public interest entity] audit market. It could also serve as a barrier to entry for some of the challenger firms.”

ICAS argues that penalties should fall on those who are to blame, in contrast to the “joint and several liability” regime, under which an auditor might end up paying the penalty for the failings of executive directors.

James Barbour explains: “We’ve long been advocates of proportionate liability, and this will be particularly important if joint audits are made mandatory for certain entities.”

ICAS is also suggesting that, whatever reforms are introduced, the system of governance, reporting and assurance should be assessed holistically, and the new regime should be reviewed after five years to see how it is working in practice.

James adds: “Audit is not ‘broken’ however audit has to evolve and we need to take it to the next level.”

Three pillars for better audit

The Institute of Chartered Accountants in England and Wales (ICAEW), meanwhile, is promoting a three-pillar approach to what it calls “user-driven assurance”. The three elements are:

  • An improved version of the statutory audit product.
  • A range of other assurance engagements.
  • “Significant empowerment” of shareholders with regard to commissioning audit and other assurance.

To improve the effectiveness of statutory audit, ICAEW is calling for an improved version of the statutory audit product for shareholders, with a renewed focus on avoiding disorderly failure, fresh thinking on fraud, better audit reporting and championing proportionality to address the delivery gap – in other words, ensuring that PIEs have an appropriate level of regulation, while smaller businesses can benefit from a lighter touch and the opportunity to seek the advice and support they need from professional firms.

Like ICAS, ICAEW sees robust internal controls as crucial. It recommends consideration of the development of a robust UK framework based on the current duty under the Companies Act for companies to maintain adequate accounting records, and the current framework used by companies floating on markets such as the London Stock Exchange to fulfil their regulatory obligation to establish procedures that “provide a reasonable basis for them to make proper judgements on an ongoing basis about the company’s financial position and prospects”.

The response also calls for better risk reporting and “a better indication that companies are looking at the long term,” as well as stressing the important role of the professional bodies in accountancy.

Views on the audit market

Proposed reform of the audit market for FTSE 350 entities, as proposed by the CMA, would potentially have a major impact on the bigger audit firms. Reform ideas being floated by the CMA include mandatory joint audits for FTSE 350 entities and an operational separation of firms into audit and non-audit arms.

The proposed changes have met with mixed reactions. Deloitte, for example, has mooted the idea of temporary market share caps, adopted on a voluntary basis. In contrast Bob Moritz, PwC’s Global Chairman, said of market caps: “We don’t believe it’s the right thing to do. It’s anti-competitive.”

The Big Four firms and the professional bodies have been wary of the proposal for mandatory joint audits, but some support the idea. Phil Verity, Mazars UK Senior Partner, says: “We believe that substantial reform to the audit market is critical to the sustainable success of our largest companies and the wider economy.”

In its response to the proposed CMA reforms, Mazars says: “We strongly support the proposals for joint audit across the FTSE 350 with each audit involving at least one challenger firm, subject to limited exemptions to be agreed with the regulator, some of which will be temporary in nature… adopting joint audit is the only means by which to build resilience in the audit market for Public Interest Entities and to provide sufficient incentive for challenger firms to make the significant investments necessary to build the necessary market share in the FTSE 350 and other Public Interest markets.”

Mazars originated in France, where joint audits are mandated for certain entities, and it is seen by many as a potential challenger to the Big Four.

Meanwhile, PwC’s paper The Future of Audit: Perspectives on how the audit could evolve sets out priorities for reform based on extensive research into the views of businesses, investors and other stakeholders.

The Future of Audit lists as priorities:

  • Strengthen the clarity and relevance of corporate reporting.
  • Enhance the reporting and auditing of a company’s internal controls.
  • Develop better engagement between the audit profession, company management, shareholders and other stakeholders.
  • Create a single, coherent piece of company reporting that provides more insight into the future prospects of the company – including the scenarios in which the business model could fail.
  • Provide more insight about the material uncertainties facing a company.
  • Consider the need to provide assurance over other forms of risk.
  • Reporting and assurance need to expand to cover critical performance measures.
  • Provide additional assurance over the companies that need it, without expanding the statutory audit.
  • Continue to develop and roll out new technologies to improve the effectiveness of audits.
  • Continue to invest in the training, technology and people required to conduct consistently high-quality audit.
  • Help stakeholders better understand the risks of fraud.
  • Strengthen the culture of challenge.

Hemione Hudson, PwC UK Head of Audit, says: “Improving quality alone will not restore trust in the audit. The audit needs to evolve and a more fundamental review of the entire corporate reporting system is required to ensure stakeholders can have confidence in the information they need for decision making.”

Evolution or revolution?

At the end of last year, accounting academic Professor Prem Sikka of the University of Sheffield published Reforming the Auditing Industry, a report commissioned by the Labour Party. A long-time critic of the status quo in audit, Sikka suggests a set of reforms considerably more radical than anything likely to come from Brydon or the CMA.

These include a statutory state-backed body to take over the audit of financial services businesses such as banks, building societies and investment institutions; an independent body to appoint and remunerate the auditors of other PIEs; mandatory joint audits; a total ban on auditors providing non-audit services; a duty of care placed on auditors with regard to individual stakeholders who have “a reasonable justification” for relaying on the audit; and the creation of a Companies Commission to oversee all aspects of UK company law, including accounting and auditing.

Given that this report was commissioned by Shadow Chancellor John McDonnell, it is not inconceivable, given the UK’s volatile politics at present, that all or some of this could feed into policy for a future government.

Whether it comes in the form of evolution or revolution, change is on the way. Speaking in London last month, Sir Donald Brydon was cagey about what his conclusions will be, but he did say he has asked many stakeholders what they believe could be dropped from the remit of the statutory audit. So far, it appears, no one has made any suggestions.

This article was originally published by ICAS.