IESBA working group issues report covering ethical implications of AI, big data and data analytics
The International Ethics Standards Board for Accountants (IESBA) Technology Working Group (TWG) has published its Phase 1 Report on its activities which focused on artificial intelligence (AI) and the related areas of big data and data analytics. In addition to undertaking desk-based research, the TWG met with various stakeholder groups to inform its work.
The TWG concluded that, generally, the IESBA Code of Ethics, on which the ICAS Code of Ethics is substantively based, currently provides high level, principles-based content for most technology-related ethics issues that professional accountants (PAs) and firms might encounter. Additionally, however, the report cites various findings and sets out several recommendations in five key areas where content in the Code could be enhanced. These recommendations are summarised below.
1. Building trust – the critical role of ethics and professional judgement
New application material should be added to Part 1 of the Code (Complying with the Code, Fundamental Principles and Conceptual Framework) to more clearly highlight a broader societal role for PAs in promoting ethical behaviour as a critical, consistent foundation for businesses, firms and other organisations, particularly when developing and using technology. This is very much in line with the messaging in the ICAS Power of One initiative.
2. Complexity of the professional environment
To more effectively deal with the threats created by the ever-increasing complexity of the professional environment in which PAs perform their professional activities, the Code should be revised to give due consideration to options such as those described in the Complexities of the Professional Environment subsection of the report. This includes potentially revising the wording in section 120 of the Code (conceptual framework) to make it less definitive that there are only five types of threats that the PA may encounter.
3. Suitability of the fundamental principles for the digital age
(i) The fundamental principle of Professional Competence and Due Care (Subsection 113 of the Code) should be expanded to include a PA’s responsibility to be transparent, which is not currently expressly stated in the Code. The report recognises that there will be circumstances that will impact on the extent of transparency that may be appropriate (e.g. in an audit, the type and timing of audit procedures, and in business, proprietary commercial information).
(ii) Strengthen the concept of accountability in the Code by:
- Including new material in Subsection 111 (Integrity) on a PA’s willingness to accept responsibility. This would need to take into account whether this aspect of accountability is already covered sufficiently in the proposed new material in Subsection 111 under IESBA’s Role and Mindset Expected of Professional Accountants project.
- More clearly explaining the concept of accountability in Subsection 113 in light of the increasing use of external experts and intelligent agents.
- Including appropriate references to technology in the provisions relating to relying on the work of others in Section 220 (Preparation and Presentation of Information).
Further consideration should also be given to how best to progress these changes in light of IESBA’s Role and Mindset project which is due to be finalised later this year.
(iii) Revise Subsection 114 (Confidentiality) in light of the increased availability and use of personal and other sensitive data to give appropriate consideration to privacy-related matters and the need to actively protect information.
4. Enabling competencies and skills
Add new application material to Subsection 113 on Professional Competence and Due Care to highlight the importance of professional or “soft” skills and provide examples of the emergent technical skills needed in the digital age.
5. Auditor independence
(i) With a view to strengthening the provisions in Part 4A of the Code (Independence for Audit and Review Engagements) relating to auditor independence:
- Consider whether Section 520(Business Relationships) or other provisions in Part 4A should be revised to address the threats to independence created by the sale or licensing of technology applications to audit clients and the use of an audit client’s technology tool in the delivery of non-assurance services (NAS) to another entity.
- Revise Section 600 (Provision of Non-assurance Services to an Audit Client), particularly Subsection 606 (Information Technology Systems Services), with respect to the provision of technology-related NAS, taking into account the proposals under IESBA’s NAS project that were released for exposure in January 2020.
- In relation to the concept of an “office,” consider whether Section 510 (Financial Interests) should be revised to better capture the threats to independence created by the use of modern communication technologies by firms. Such technologies potentially challenge the notion of an engagement partner’s physical office location being a determining factor in whether that engagement partner or the audit engagement can be unduly influenced by another partner in that same office.
Next steps
IESBA will establish a project to action these Phase 1 recommendations, which largely aim to modernise the Code and enhance the contextual relevance of some of its sections, and thereby support the Code’s effective application in an evolving digital age.
In response to stakeholder requests, IESBA will also explore the development of non-authoritative guidance on several of the topic areas of the findings under Phase 2 of the Technology initiative.