Audit ethics: What to watch for in smaller auditsby
Even though audits are not mandatory for entities falling into the small company category, those that choose to be audited are subject to the prevailing standards.
The audit exemption limits in the UK mean that many small entities don’t have an audit. However, some entities require an audit even though they are quite small, such as charities and others will choose to have an audit.
It is important to remember however, that all audits must comply with International Standards on Audits (ISAs) and the FRC Ethical Standard (ES). So let’s take a look at some of the key areas for consideration and the variations in the ES for small entities.
Step 1: Preconditions
Are the preconditions for an audit met? The language here might seem odd, but it is what ISA (UK) 210 requires. In order to accept an audit appointment you must be confident that the audited entity will use an acceptable financial reporting framework and will allow you access to all the books, records and people from which or whom you might need information.
A framework is acceptable if it is permitted for the entity type, so a non-small company insisting on using FRS 102 Section 1A disclosures is not acceptable and so you shouldn’t accept such an appointment.
Similarly, you cannot accept any restriction on the work that you will do and enquiries you will make. Your engagement letter provides the means for the client to formally accept these conditions and so it essential that this is present and up to date.
Step 2: Ethical issues
Whilst there is, of course, much more detail in the ES and ISAs, in essence your next step is to consider whether you are able to audit the client. This includes considering compliance with all aspects of the ES. For instance:
- Are you independent?
- Do you have the necessary competence?
- Do you have the time and other resources that are needed (including considering when the audit must be performed)?
- Does the client have the appropriate level of integrity such that you are happy to act for them?
- Do you need to take advantage of the ES provisions available for audits of small entities?
Let’s look at some of these questions in a bit more detail.
Given that an audit is an independent examination and expression of opinion on the financial statements, it is clearly vital that the auditor is independent. However, the ES is complex and has changed substantially over the years, so it is important that you review your independence each year.
In order to determine whether you are independent, you will need to understand the definition of a “covered person”. This means a person covered by the ES requirements and therefore required to be independent of a client. In summary the following are all covered persons:
- All members of the engagement team, including those directing and supervising the work and any EQCR (Engagement Quality Control Review) reviewer
- Any external expert of the firm or similar individual who is involved in the audit and under control of the firm
- Any person in the firm with supervisory, management or other oversight responsibility over
- The engagement or engagement partner(s)
- The conduct of the audit including:
- Those with management responsibilities
- Those with a direct role in the preparation or approval of the performance appraisal of the staff and partners involved in audits
- Any other person in a position to influence the outcome of an audit.
This means that even non-audit partners or staff can be caught by the requirements if they are in managerial positions within the firm. If an individual is a covered person, then all of the prohibitions on family or financial relationships come into play.
Various other issues might affect your independence including, but not limited to, fees and long association.
If fees are regularly expected to exceed 15% of the annual fee income of the firm then the auditor must resign/not accept appointment. For non-small entities an EQCR is required if fees regularly exceed 10%, but not 15%. If the client is listed/public interest, then the limit on fees is 10% and an EQCR is required at 5%.
Long involvement with an audit can dull your objectivity and therefore the length of tenure must be recorded. Once the engagement partner has been in the role for 10 years careful consideration is required to ensure independence is maintained and safeguards, such as an engagement quality control review, will be required.
Provisions available for audits of small entities (PAASE)
The ES contains, in Section 6, some relaxations of the normal rules available to small entities as defined in the standard (broadly equivalent to small companies, but with more detail). These are divided into alternative provisions and exemptions.
The use of alternative provisions require that the entity has informed management and the firm extends its cycle of cold reviews. The provisions cover:
- economic dependence (no need for EQCR when fees are between 10-15%)
- the self-review threat when undertaking non-audit services
- the management threat arising from non-audit services.
Exemptions are available in respect of:
- the advocacy threat in relation to tax and restructuring work; and
- partners joining an audit client.
The use and nature of these exemptions must be disclosed in the audit report.
Make sure you fully understand the relevant ethical requirements and document your decisions carefully. Hopefully your audit programme might have an ethics checklist to help with this, but don’t be afraid to revert to the current ethical standard for audit.
You might also be interested in
Julia Penny is the principal of JS Penny Ltd which provides technical and training consulting on anti-money laundering procedures, auditing and financial reporting. Julia is a member of ICAEW Board and Council, chair of the ICAEW Ethics Advisory Committee and past chair of the ICAEW...