ICAS response to Brydon Review ‘Call for Views’ on the quality and effectiveness of audit
By James Barbour, Director, Policy Leadership
12 June 2019
A summary of the key points made in the ICAS response is included below. The response focuses specifically on the audit of public interest entities (PIEs).
Key points in submission
It is only by giving due consideration to the role and purpose of statutory audit in the context of the broader corporate governance and corporate reporting environment that significant changes can be identified for consideration and, if supported, implemented.
Roles and responsibilities
The core issues that ICAS believes the public and government want to see addressed are how to improve the quality of audit and, by doing so, help to ensure fewer surprise corporate failures. What appears to be missing from the current debate is recognition that the responsibility for running an entity and for preparing its financial statements rests with the directors of that entity, in particular, the executive directors. The inclusion of a broader responsibilities chart at the front of the annual report, and/or on a company website, may help to better convey to stakeholders the respective responsibilities of the key players, including the directors and auditors.
Accountability of directors
ICAS welcomes the recommendations in the Kingman Review that the new regulator should be tasked with developing proposals for an effective enforcement regime for directors of PIEs. However, ICAS believes that the scope of this regime should cover all directors, and that these reforms should be progressed as soon as possible.
Internal controls
Given the importance of internal controls and experience of the US regime, consideration should be given to introducing a proportionate UK version of the Sarbanes Oxley framework. This will help to better promote the responsibilities of directors and auditors.
Increased transparency
Greater transparency over the assurance gained by boards of directors over many different aspects of the business would be a positive step. Consideration could be given by the new regulator in publishing what it sees as the generic accountability and assurance model for corporate UK, then requiring each company to present their own version of this as part of the description of their business model in the annual report.
Given the level of judgement found in the financial statements, the audit committee should set out the key assumptions and the acceptable range that they considered when assessing key judgements made by management. This will help users form their own assessments as to whether a company is being aggressive or conservative in its judgements. Whilst extended audit reports have been viewed as useful with the inclusion of key audit findings, more graduated audit reports would further increase their usefulness. Requiring auditors to provide this detail in their audit reports (including what was said in the prior year) would further help inform users on the judgements made by management and where they sit on a range that varies from aggressive to conservative.
The primary responsibility for assessing whether an entity is a going concern rests with the directors. More detailed and considered disclosures should be required from the directors to explain why they believe an entity is a going concern. This would then facilitate requiring more from the auditor. The key is to provide greater transparency to avoid “surprise failures” rather than failures.
The discipline introduced by, and the current disclosures on, viability are important and should remain. However, these disclosures by directors should provide greater transparency and specificity (e.g. quantified sensitivity testing information/minimum cash requirements/liquidity statements etc).
Greater shareholder engagement
It is incumbent upon shareholders to engage with audit committees of their investee companies. While investors engage on matters relevant to the remuneration committee, there is little or no engagement on the matters addressed by the audit committee which arguably go to the heart of the quality of their investments. Before the shareholders focus on the auditors, they should address their communications through the audit committee.
Broader assurance
Key performance indicators (KPIs) have increasingly become a measure by which corporates communicate their performance. ICAS believes that auditors should be asked to provide assurance over KPIs. This would not question whether the KPIs are the right ones to assess the performance of an entity but rather if they have been compiled appropriately.
There would be benefit in getting directors to explain why they believe the annual report is fair, balanced and understandable (FBU). The current role of the auditor is to report by exception where they do not believe that to be the case. It is not clear, however, what level of assurance, if any, the auditor is providing over the directors’ FBU assertion. A direct statement clearly articulating the level of assurance obtained by the auditors would provide increased transparency and clarity over this matter. The same approach could also be applied to other matters where the auditor is required to report by exception.
Mandating electronic annual reports
In order to aide transparency, consideration could be given to mandating searchable online annual reports. A fully electronic model would provide many considerable benefits to users including making it easier to highlight matters such as which parts of the annual report had been subject to assurance and the level thereof. There are of course issues that would need to be addressed but such a move would certainly help to reduce the expectation gap.