IESBA publishes Exposure Draft on proposed revisions to the Code relating to the definition of engagement team and the independence requirements in the context of group audits
IESBA proposes revisions to its Code of Ethics relating to the definition of engagement team and the independence requirements in the context of group audits.
The International Ethics Standards Board for Accountants (IESBA) is seeking views on proposed revisions to its Code of Ethics in its recently published Exposure Draft ‘Proposed Revisions to the Code Relating to the Definition of Engagement Team and Group Audits’. The comment deadline is 31 May 2022.
In 2020, the IESBA approved a project to review the definition of engagement team and group audit independence considerations in its Code of Ethics. The objectives were:
- To align the definition of the term “engagement team” in the Code with the revised definition of the same term in ISA 220 (Revised) while ensuring that the independence requirements in the International Independence Standards (Part 4 of the Code) are clear and appropriate and apply only to those individuals within the scope of the revised definition who must be independent in the context of the audit engagement; and
- To revise the International Independence Standards so that they are robust, comprehensive, and clear when applied in a group audit context, including with respect to independence for non-network component auditors.
The International Independence Standards (Part 4 of the Code) are set out as follows:
- Part 4A – Independence for Audit and Review Engagements (Sections 400 to 899).
- Part 4B – Independence for Assurance Engagements Other than Audit and Review Engagements (Sections 900 to 999).
Auditors undertaking an audit in the UK are required to comply with the requirements of the Financial Reporting Council's Ethical Standard. There is therefore no requirement on auditors undertaking an audit in the UK to also comply with Part 4A of the Code however the FRC closely monitors developments in the IESBA Code.
Some of the main proposals within the Exposure Draft are discussed below.
Proposed revised definition of “engagement team”, “audit team”, “assurance team” and “review team”
The IESBA is proposing changes to the definitions of “engagement team” and the related terms “audit team,” “assurance team” and “review team”.
Proposed definition of “engagement team”
In the extant Code, the definition of “engagement team” is as follows:
“All partners and staff performing the engagement, and any individuals engaged by the firm or a network firm who perform assurance procedures on the engagement. This excludes external experts engaged by the firm or by a network firm.
The term “engagement team” also excludes individuals within the client’s internal audit function who provide direct assistance on an audit engagement when the external auditor complies with the requirements of ISA 610 (Revised 2013), Using the Work of Internal Auditors.”
In considering aligning the definition of engagement team in the Code with the definition in ISA 220 (Revised), the IESBA recognised that the extant definition of engagement team in the Code applies to both audit and other assurance engagements while the definition of engagement team in ISA 220 (Revised) applies only to audit engagements. As such, the IESBA then referred to the International Auditing and Assurance Standards Board (IAASB) Quality Management standard 1 (ISQM 1) which defines “engagement team” as applying to any team performing procedures on an engagement within the scope of ISQM 1 (i.e. an audit, review, other assurance, or related services engagement). The IESBA is therefore proposing to revise the definition of “engagement team” in the Code to align with the more generic definition of engagement team in ISQM 1 as follows (including reference to explanatory guidance to clarify the nature of the various teams in relation to Parts 4A and 4B of the Code):
“All partners and staff performing the engagement, and any other individuals who perform procedures on the engagement, excluding an external expert and internal auditors who provide direct assistance on an engagement.”
In Part 4A, the term 'engagement team' refers to individuals performing audit or review procedures on the audit or review engagement, respectively. This term is further described in paragraph 400.A.
ISA 220 (Revised) provides further guidance on the definition of engagement team in the context of an audit of financial statements.
ISA 620 deals with the auditor’s responsibilities relating to the work of an individual or organization in a field of expertise other than accounting or auditing, when that work is used to assist the auditor in obtaining sufficient appropriate audit evidence.
ISA 610 (Revised 2013) deals with the auditor’s responsibilities if using the work of internal auditors, including using internal auditors to provide direct assistance on the audit engagement. In Part 4B, the term “engagement team” refers to individuals performing assurance procedures on the assurance engagement.”
The revised definition of the engagement team in ISA 220 (Revised) includes component auditors and service providers. In Part 4A, proposed paragraph 400.A aligns with ISA 220 (Revised) stating that an engagement team for an audit includes individuals from non-network component auditor firms and other service providers who perform audit procedures on the engagement:
“400.A An engagement team includes all partners and staff in the firm who perform audit procedures on the engagement, and any other individuals who perform such procedures who are from:
(a) A network firm; or
(b) A firm that is not a network firm, or another service provider.
For example, an individual from a component auditor firm who performs audit work on the financial information of a component for purposes of a group audit is a member of the engagement team for the group audit.”
Proposed definitions of “audit team,” “assurance team” and “review team”
The IESBA believes that Engagement Quality Reviewers, whose independence plays a vital role in promoting audit quality, should be subject to the same independence requirements regardless of whether they come from within or outside the firm or its network. Similarly, the IESBA believes that individuals who (a) recommend the compensation of, or who provide direct supervisory, management or other oversight of the engagement partner in connection with the performance of the audit engagement, or (b) provide consultation regarding technical or industry-specific issues, transactions or events for the engagement, should be members of the audit team, regardless of whether they come from within the firm.
As such, the IESBA proposes to amend the definitions of “audit team,” “review team,” and “assurance team” by adding the phrase “or engaged by” to subparagraph (b) of those definitions to include all such individuals.
Independence in a Group Audit context
The IESBA approached independence in a Group Audit context from two different perspectives:
(a)Independence principles for individuals involved in the group audit engagement; and
(b)Independence principles for firms, inside and outside of the network, involved in the group audit engagement.
To elaborate on these principles, the IESBA is proposing a new Section 405 (Group Audits) to the Code.
Independence principles for individuals
The change in the definition of engagement team in ISA 220 (Revised) results in a need to clarify the independence requirements for individuals at a component auditor firm outside the group auditor firm’s network and at other service providers. The IESBA is of the view that the work of the individuals from the non-network component auditor firms contributes to the audit opinion on the group financial statements just as much as the work performed by individuals from the group auditor firm and component auditor firms within the network.
Accordingly, the IESBA is proposing that the same independence provisions that apply to individuals from the group auditor firm and component auditor firms within the network should apply to individuals carrying out audit work at the component level from non-network firms.
The IESBA is therefore proposing a single requirement that all members of the audit team (which includes the engagement team) for the group audit be independent of the group audit client in accordance with the requirements of Part 4A that are applicable to the audit team.
Independence principles for firms
The IESBA notes that no new principles are required for group auditor firms or component auditor firms within the group auditor firm’s network as the extant Code already requires a firm and its network firms to be independent of the audit client. The IESBA makes this explicit by proposing two requirements in proposed Section 405.
Non-network Component Auditor Firms
When deliberating principles for component auditor firms outside the group auditor firm’s network, the IESBA considered the approach in the Code that differentiates the independence provisions applicable to PIEs from those applicable to non-PIEs.
The IESBA is proposing the following independence principles for non-network component auditor firms:
- First, the component auditor firm needs to be independent of the component audit client, consistent with the independence provisions in Part 4A that apply to a firm with respect to all its audit clients.
- When the group audit client is a PIE and the component audit client is not itself a PIE, the independence provisions that apply to the component auditor firm in relation to the component audit client are the PIE provisions.
- When the group audit client is a non-PIE, the independence provisions that apply to the component auditor firm in relation to the component audit client are the non-PIE provisions regardless of whether the component audit client is a PIE.
Financial Interest in the Group Audit Client
The IESBA noted that the extant Code specifically prohibits a firm and its network firms from holding a direct or material indirect financial interest in an entity that controls the audit client, regardless of whether the audit client is a PIE. Given that financial interests by their nature have the greatest potential to create significant threats and the fact that the work performed by non-network component firms forms an integral part of the group audit, the IESBA believes that there should be a similar prohibition for non-network component auditor firms.
Accordingly, the IESBA is proposing to introduce an explicit prohibition on non-network component auditor firms from holding a direct or material indirect financial interest in the entity on whose group financial statements the group auditor firm expresses an opinion in respect of both PIE and non-PIE group audit clients.
Loans and guarantees
The IESBA also came to the view that loans and guarantees are a further area that should be specifically addressed in the proposed Section 405 because of the financial nature of those relationships. Section 511 of the Code addresses loans and guarantees with an audit client. The IESBA considered the scope of application of the prohibitions in Section 511 to a non-network component auditor firm, specifically whether those prohibitions should apply only with respect to the group audit client or whether they should apply also with respect to related entities of the group audit client.
The IESBA considered that the public interest would be better served and the objective of setting proportionate standards better met if the prohibitions in Section 511 on loans and guarantees were to apply only with respect to the group audit client. For loans and guarantees between the non-network component auditor firm and an intermediate holding entity or any other related entities of the group audit client, the IESBA believes that the conceptual framework provides a robust, principles-based approach to identify, evaluate and address any threats that might be created in such situations.
Non-Assurance Services (NAS)
The IESBA is proposing guidance in Section 405 to highlight some important considerations for non-network component auditor firms in a group audit context when applying the NAS provisions. The IESBA is proposing to make clear that where the group audit client is a PIE, the independence requirements for NAS provided by a non-network component auditor firm to the component audit client are those applicable for PIEs even if the component audit client is a non-PIE.
Breach of Independence by a Component Auditor Firm
The extant Code sets out a process a firm should follow when it concludes that a breach of a requirement of the International Independence Standards has occurred. If a breach is identified at the group auditor firm level, the group auditor firm should follow this process. The IESBA is proposing requirements and guidance in Section 405 to deal with circumstances where a breach is identified at the component auditor firm level.