ICAS ICAS logo

Quicklinks

  1. About Us

    Find out about who we are and what we do here at ICAS.

  2. Find a CA

    Search our directory of individual CAs and Member organisations by name, location and professional criteria.

  3. CA Magazine

    View the latest issues of the dedicated magazine for ICAS Chartered Accountants.

  4. Contact Us

    Get in touch with ICAS by phone, email or post, with dedicated contacts for Members, Students and firms.

Login
  • Annual renewal
  • About us
  • Contact us
  • Find a CA
  1. About us
    1. Governance
  2. Members
    1. Become a member
    2. Newly qualified
    3. Manage my membership
    4. Benefits of membership
    5. Careers support
    6. Mentoring
    7. CA Wellbeing
    8. More for Members
    9. Area networks
    10. International communities
    11. Get involved
    12. Top Young CAs
    13. Career breaks
    14. ICAS podcast
    15. Newly admitted members 2022
    16. Newly admitted members 2023
  3. CA Students
    1. Student information
    2. Student resources
    3. Learning requirements
    4. Learning updates
    5. Learning blog
    6. Totum Pro | Student discount card
    7. CA Student wellbeing
  4. Become a CA
    1. How to become a CA
    2. Routes to becoming a CA
    3. CA Stories
    4. Find a training agreement
    5. Why become a CA
    6. Qualification information
    7. University exemptions
  5. Employers
    1. Become an Authorised Training Office
    2. Resources for Authorised Training Offices
    3. Professional entry
    4. Apprenticeships
  6. Find a CA
  7. ICAS events
    1. CA Summit
  8. CA magazine
  9. Insight
    1. Finance + Trust
    2. Finance + Technology
    3. Finance + EDI
    4. Finance + Mental Fitness
    5. Finance + Leadership
    6. Finance + Sustainability
  10. Professional resources
    1. Anti-money laundering
    2. Audit and assurance
    3. Brexit
    4. Business and governance
    5. Charities
    6. Coronavirus
    7. Corporate and financial reporting
    8. Cyber security
    9. Ethics
    10. Insolvency
    11. ICAS Research
    12. Pensions
    13. Practice
    14. Public sector
    15. Sustainability
    16. Tax
  11. CPD - professional development
    1. CPD courses and qualifications
    2. CPD news and updates
    3. CPD support and advice
  12. Regulation
    1. Complaints and sanctions
    2. Regulatory authorisations
    3. Guidance and help sheets
    4. Regulatory monitoring
  13. CA jobs
    1. CA jobs partner: Rutherford Cross
    2. Resources for your job search
    3. Advertise with CA jobs
    4. Hays | A Trusted ICAS CA Jobs Partner
    5. Azets | What's your ambition?
  14. Work at ICAS
    1. Business centres
    2. Meet our team
    3. Benefits
    4. Vacancies
    5. Imagine your career at ICAS
  15. Contact us
    1. Technical and regulation queries
    2. ICAS logo request

Brydon recommendations: Suggestions to inform the work of BEIS on internal controls

  • LinkedIn (opens new window)
  • Twitter (opens new window)
James Barbour By James Barbour, Director, Policy Leadership

19 December 2019

Main points:

  • Sir Donald Brydon has recommended significant changes to the UK Internal Control requirements on corporates.
  • Sir Donald sets out how out how he envisages a proportionate version of the US Sarbox approach could be introduced in the UK.
  • Sir Donald recognises that ISA (UK) 610 (Revised) Using the work of internal auditors should be reviewed with a view to encouraging external auditors to make greater use of internal audit.

Following the publication of Sir Donald Brydon’s final report on his Independent Review into the Quality and Effectiveness of Audit, this article summarises the recommendation for introducing a UK version of Sarbox and his proposals on internal audit.

Scope of recommendation

Sir Donald Brydon has recommended significant changes to the UK internal control requirements on corporates.

He states at the start of his report that the recommendations are collectively aimed at improving audit and assurance in relation to public interest entities (PIEs) as per the focus of the review’s terms of reference. He recognises that the government is in the process of addressing Sir John Kingman’s recommendation that the existing definition of PIEs be revisited but in principle sees no reason why the recommendations in his report should not apply to any expanded group of PIEs, except for recommendations that are aimed specifically at listed companies.

He does add, however, that: “the Government, in determining the implementation of each recommendation should consider the case for certain recommendations applying initially to the audit of PIEs in the FTSE 350 index, or in some instances, a subset thereof, and the extent to which they may be applied to PIEs outside the FTSE 350 index.” Therefore, further clarity will be required on those companies that would be within the scope of his proposals on an enhanced internal control regime from the outset.

UK version of sarbox

Sir Donald notes that Sir John Kingman recommended in his report of his review of the Financial Reporting Council (2018) that serious consideration should be given to the case for a strengthened framework around internal controls within UK companies, learning relevant lessons from the United States experience of implementing and operating the 2002 Sarbanes-Oxley Act (SOX).

Sir Donald expands on this by setting out how he envisages that such an approach could be introduced in the UK, being careful to ensure that any such proposals are proportionate.

He refers to the current provisions in the UK Corporate Governance Code and related guidance and notes that there is a lack of consistency in how these are applied. Whilst recognising that focusing accountability on the CEO and CFO when the UK has a unitary board model may cause some issues, he believes that: “there is sufficient evidence to suggest that such attestations have improved relevant internal controls and may have helped to lower the cost of capital”.

He then sets out, in terms of a company’s internal controls over financial reporting, that:

  • The government gives serious consideration to mandating a UK Internal Controls Statement consisting of a signed attestation by the CEO and CFO to the Board that an evaluation of the effectiveness of the company’s internal controls over financial reporting has been completed and whether or not they were effective, as in SOX 302(c) and (d).
  • This attestation should be received by the Board no later than 28 days before the accounts of the company for the relevant financial period are signed. The Board should then report to shareholders that it has received such an attestation.

Taking account of proportionality, Sir Donald is not minded to mandate having the auditor opine on the attestation. This of course will spark considerable debate but is like the approach applied in Canada. He does, however, suggest that where there is a failure of relevant controls in the twelve months prior to the attestation or in the twelve months following it. This should result in a requirement for future statements to be audited for a period of three years following the failure. The directors should be required to state if such a failure has occurred. He of course highlights that companies could voluntarily choose to have the attestation audited.

He further recommends that the Audit Committee Chairs Independent Forum (ACCIF) should develop principles that should be followed by CEOs and CFOs in making an internal controls effectiveness attestation with final endorsement of these principles being made by the new audit regulator, the Audit, Reporting and Governance Authority (when in existence).

He further proposes that where weaknesses (and/or failures) in controls have been reported it should

become an obligation on directors to report on what remedial action has been taken and on its effectiveness. If the same or any other material weakness persists over two reporting periods, boards should be obliged to have their attestations audited until the controls can be pronounced effective.

Sir Donald also highlights that he believes it would be a step too far to extend the proposed UK Internal Controls beyond those relating to financial reporting.

Internal audit

Sir Donald also recognises that ISA (UK) 610 (Revised) Using the work of internal auditors should be reviewed with a view to encouraging external auditors to make greater use of internal audit. This was a point ICAS raised in its submission to Sir Donald. He also recommends that external and internal auditors should meet to share all relevant information at the start of setting the audit plan and assessing the environment in which an audit is to take place. He also hopes that the publication by the Chartered Institute of Internal Auditors (CIIA) of its Internal Audit Code of Practice (for non-financial services entities) will help to enhance the role of the internal audit profession, ought to assist audit committees in their work and there will be more transparency around the role and activity of the internal audit function. ICAS, as it has previously stated, would welcome this increased transparency.

Brydon review on quality and effectiveness of audit published

By James Barbour, Director, Policy Leadership

18 December 2019

Shaping the future of audit

17 March 2019

2-23-marsh 2-23-marsh
ICAS logo

Footer links

  • Contact us
  • Terms and conditions
  • Modern slavery statement
  • Privacy notice
  • CA magazine

Connect with ICAS

  • Facebook (opens new window) Facebook Icon
  • Twitter (opens new window) Twitter Icon
  • LinkedIn (opens new window) LinkedIn Icon
  • Instagram (opens new window) Instagram Icon

ICAS is a member of the following bodies

  • Consultative Committee of Accountancy Bodies (opens new window) Consultative Committee of Accountancy Bodies logo
  • Chartered Accountants Worldwide (opens new window) Chartered Accountants Worldwide logo
  • Global Accounting Alliance (opens new window) Global Accounting Alliance
  • International Federation of Accountants (opens new window) IFAC
  • Access Accountancy (opens new window) Access Acountancy

Charities

  • ICAS Foundation (opens new window) ICAS Foundation
  • SCABA (opens new window) scaba

Accreditations

  • ISO 9001 - RGB (opens new window)
© ICAS 2022

The mark and designation “CA” is a registered trade mark of The Institute of Chartered Accountants of Scotland (ICAS), and is available for use in the UK and EU only to members of ICAS. If you are not a member of ICAS, you should not use the “CA” mark and designation in the UK or EU in relation to accountancy, tax or insolvency services. The mark and designation “Chartered Accountant” is a registered trade mark of ICAS, the Institute of Chartered Accountants of England and Wales and Chartered Accountants Ireland. If you are not a member of one of these organisations, you should not use the “Chartered Accountant” mark and designation in the UK or EU in relation to these services. Further restrictions on the use of these marks also apply where you are a member.

ICAS logo

Our cookie policy

ICAS.com uses cookies which are essential for our website to work. We would also like to use analytical cookies to help us improve our website and your user experience. Any data collected is anonymised. Please have a look at the further information in our cookie policy and confirm if you are happy for us to use analytical cookies: