Insight 2005 archives

The newsletter for professional accountants in business

Other pages in this section

What new APB standards mean for CIMA members and students

By Martin Nimmo, head of policy and plans, CIMA Professional Standards.

At the end of last year the Auditing Practices Board (APB), now part of the Financial Reporting Council's structure, issued new ethical standards for auditors, effective from 15 December 2004. Auditing bodies in particular were extremely critical of some of the rules and safeguards and there are still several areas that they hope the APB will revisit.

Although the auditing institutes have had to adopt these standards, because of the regulatory requirements on chartered and chartered certified accountants working in the area, CIMA - whose members do not work as registered auditors - has not been required to adopt them. However, as some of the burden of the new rules will fall on CIMA members who are users of auditors, we therefore took part in discussions with the Consultative Committee of Accounting Bodies (CCAB).

The most debated points arise from the requirement that no single client should regularly account for more than 10 per cent of an audit firm's annual audit fee (for non-listed entities, 15 per cent). Paragraph 26 of Standard 4 discusses the effect of exceeding these percentages irregularly and identifies certain factors for consideration, including type of engagement and safeguards.

Provisions available to small businesses

There are special provisions for small entities. These include companies that are not UK or Irish listed companies or an affiliate thereof that meet two or more of the following requirements:

• not more than £5.6 million turnover
• not more than £2.8 million balance sheet total
• not more than 50 employees.

These requirements apply to both the current and previous financial year.

The full list of definitions of a smaller entity can be found in paragraph 4 of the standard. It includes small pension funds, credit unions, small charities and clubs.

The provisions available for smaller entities relax the rules relating to external, independent quality control review, and the audit firm is not, under specified circumstances, required to apply safeguards to address a self-review threat (paragraph 7), a management threat (paragraph 12), or an advocacy threat (paragraph 15), but must disclose the fact in the auditor's report.

For more information see the article Simplified Ethical Standards in this edition of Insight.

The public interest

The APB believes that determining what is in the public interest in this area is challenging. It involves balancing the development of standards necessary to underpin the integrity of the audit of the financial statements, while not unreasonably inhibiting the business activities of the companies subject to audit and not jeopardising the ability of audit firms to perform high quality audits.

Users of financial statements

Having been given responsibility for issuing standards on auditor independence, objectivity and integrity, the APB recognises the close relationship that exists in all professional activities between operational standards and ethical considerations. APB has been aware since its inception of how important auditor independence is to users of financial statements and of their concerns that the commercial activities of audit firms and their partners, including the provision of non-audit services, may impair auditor objectivity (Chairman's report, APB annual report 2004).

Rules-based or principles-based?

Unlike most recently exposed ethical codes, the APB standards have been described by the CCAB as rules-based rather than principles-based - in other words, there are clear prohibitions or requirements. By contrast, the forthcoming IFAC Code of Ethics (now due to be agreed in June 2005) will be principles-based: by covering the spirit of the intention, they will prevent the possibility of a person or firm attempting to avoid conformity.

Examples of rules-based standards are being exposed by the Public Company Accounting Oversight Board (PCAOB) in the US. They have been the subject of concerned debate by several accountancy bodies, including some outside the US such as the Federation Europeen des Experts-Comptables (FEE), of which CIMA is a member.

Possible repercussions for CIMA members

The APB's new standards have been devised in the aftermath of a series of auditing scandals, mostly outside the UK, and the emphasis is clearly on the prevention of any substantial future threats. The standards impose a number of distinct duties on auditors which will have repercussions for CIMA members in the UK and Ireland in terms of the burden of bureaucracy and possible extra costs. This is chiefly because of the elimination of any possibility of cross-subsidisation of audit work, the need to ensure safeguards, and possibly the need to engage either new auditors or firms to perform non-audit work.

Although the duty of following the new standards falls squarely on the auditor, the audit user ought to be aware of the requirements, partly so they can understand the reasoning behind decisions and actions and partly so they can understand their role in achieving a successful audit outcome.

Integrity, objectivity and independence

APB Ethical Standard 1 deals with the identification and assessment of both threats and safeguards. The financial statements of an entity are the responsibility of its board of directors. The primary objective of an audit of the financial statements is for the auditors to provide independent assurance to the shareholders that the directors have prepared the statements properly.

Under "objectivity", paragraph 10 is a reminder that the directors can have a decisive effect on the outcome of an audit. If the directors, whether deliberately or inadvertently, make a biased judgement or an otherwise inappropriate decision, the financial statements may be misleading. They must have regard to the applicable financial reporting framework.

The paragraphs under "independence" deal with the consequences of certain possible relationships between the auditors and their client. Public confidence could suffer as a result of such a perception, irrespective of whether there is any actual impairment.

While auditors must comply with these standards and establish policies and procedures, the client must facilitate adherence to ethical principles. Part of the establishment by the auditors of a control environment involves the appointment of an ethics partner who must review the adequacy of the firm's policies, procedures and compliance and must provide related guidance to individual partners. The standards recognise that, in smaller audit firms, it may not be practicable to appoint an ethics partner and provision is made. It is vital that all discussions are fully documented.

Threats and safeguards

A number of threats must either be eliminated or reduced to an acceptable level. The main threats to the auditor's objectivity and independence are:

• self-interest
• self-review
• management
• advocacy
• familiarity (or trust)
• intimidation.

Of these the management, familiarity and intimidation threats should be of greatest concern to the client. The management threat may arise when the auditor makes judgements and takes decisions which are the responsibility of management. The standard uses the example of an audit firm involved in the design, selection and implementation of financial IT systems. The auditor may become closely aligned with the views and interests of management, resulting in the impairment - or perceived impairment - of the auditor's objectivity and independence.

The familiarity threat may arise when the auditors are predisposed to accept without sufficient questioning the client's point of view, possibly where close personal relationships have developed through long association. Just as dangerous are intimidation threats, which may arise when an aggressive or domineering individual is encountered.

It is in such circumstances that safeguards come into play.

Audit committees

The standard states that those charged with governance of the audit client are informed on a timely basis of all significant facts that have a bearing on the auditor's objectivity and independence. The Audit Committee of the client has a strong interest in being informed about the auditor's ability to express an objective opinion on the financial statements. In the case of listed companies, the auditors are required to make detailed written reports to the Audit Committee, and the appropriate documentation of all consideration of the auditor's objectivity and independence is seen as vital.

Relationships

Standard 2 covers financial, business, employment and personal relationships and details the prohibitions on the auditor in his or her relationship with the client. Most of this should be common sense, but in the case of small family companies in particular, or where the audit firm has a management role in the audit client, this detail should provide the answer to most questions. Recent audit partners or members of the audit firm or the engagement team who are now employed by the client, and family members (of an employee of the auditor) who are employed by a client are both covered. The differentiation between immediate and close family is clearly defined.

Long association

The problem of long association with the audit engagement is exhaustively examined in Standard 3. In general, the standard prohibits acting as audit engagement partner for a continuous period of more than five years. There is also a required break of five years before responsibility in relation to the audit engagement may be resumed.

Long association is seen as a potential threat to the auditor's independence and objectivity. Potential safeguards include rotation, additional partner review or independent internal quality reviews.

Fees, remuneration and evaluation policies, litigation, gifts and hospitality

Ethical Standard 4 sets out the rules here. There are terms used which are not fully explained in the standards, such as an indication of what constitutes a gift of significant value. The CCAB will be publishing some frequently asked questions (FAQs) one of which covers this issue (they also will be accessible through the CIMA website). There is no particular value that can be set to differentiate between an appropriate gift and an inappropriate one but factors such as the frequency, nature and cost of the benefit must be weighed up. As the CCAB points out, the best rule in applying this guidance is to use your common sense.

Non-audit services provided to audit clients

This is another area of controversy. Standard 5 identifies a general approach to non-audit services in paragraphs 5 to 38, and then applies the general principles to specific non-audit services. These include:

• internal audit
• IT
• valuation
• tax
• recruitment and remuneration
• corporate services
• accounting.

This list is not exhaustive (the standard contains a full list). Non-audit services are defined as any engagement in which an audit firm provides professional services to an audit client other than pursuant to:

(a) the audit of the financial statements or

(b) those other roles that legislation or regulation specify can be performed by the auditors of an entity.

This is an area which could adversely affect the costs of an audit client, as an auditor may in the past have been contracted to perform certain non-audit services at what might now appear to be a preferential rate. There will be some non-audit work that may be genuinely part of the audit, but most will be caught up in the definition.

The APB's ethical standards apply to audits of financial statements in both the private and public sectors, but it reminds auditors in the public sector that they are subject to more complex requirements than their private sector counterparts - this includes, for example, compliance with legislation such as the Prevention of Corruption Act 1916 concerning gifts and hospitality and with Cabinet Office guidance.

April 2005